Spelling suggestions: "subject:"aaa"" "subject:"avaa""
31 |
Network Independent Quality of Service : The role of Authentication, Authorization, and Accouting in a roaming environmentGuitérrez Barquín, Jesús Miguel January 2006 (has links)
With the increasing shift to the Internet Protocol [3] for all networks and the desire of telecommunications service providers to offer new value to their customers, the need exists to coordinate the delivery of end-to-end quality of service so that providers may offer new services to support their customer’s applications. The key objective of the EuQoS project is to research, integrate, test, validate, and demonstrate end-to-end QoS technologies to support advanced QoS-aware applications over multiple, heterogeneous research, scientific, and industrial network domains. End-to-end quality of service support for multiple applications is a great added value and could become the next major growth spurt in the telecommunications industry. A crucial requirement for the QoS model is that it must not add significant complexity to the existing mechanisms and must be compatible with legacy applications and equipment. Proxy signaling handlers will be used to satisfy the latter constraint. This thesis analyzes possible roaming scenarios and how Authentication, Authorization, and Accounting should be tackled. I seek to provide reasonable solutions and to consider the current environment, always trying to re-use, when possible, the existing architecture and components. / De huvudsakliga målen med EuQoS projektet är att integrera, testa, utvärdera och demonstrera QoS från en ende av kommunikationen till en annan för att stödja avancerade QoS tillämpningar inom multipla nätverksdomäner industrioch forskningsverksamhet. Denna nya teknik är av stort värde och kan komma att bli nästa stora steg i utvecklingen av telekommunikation. Användandet av IPnätverk ökar och i samma takt ökar även efterfrågan av nya och bättre kommunikationstjänster. Därför finns det ett stort behov av QoS hos Internetleverantörerna som ständigt måste tillgodose kundernas önskemål. Det är viktigt att QoS modellen inte komplicerar den redan existerande tekniken. Därför måste den vara kompatibel med befintliga tekniker och utrustning. För att uppfylla dessa krav kommer Proxy signalbehandlare att användas. Den här rapporten behandlar möjliga roaming scenarier och hur AAA bör hanteras. Jag har som mål att presentera rimliga lösningar som tar hänsyn till miljön. För detta används i största möjliga mån redan existerande infrastruktur. / Con la continua evolución de las aplicaciones basadas en el protocolo IP en todas las redes, y el deseo de los proveedores de servicios de telecomunicaciones de ofrecer un valor añadido a sus clientes, cohabita la necesidad de coordinar la entrega de calidad de servicio (QoS) extremo a extremo. De esta forma los proveedores pueden aumentar la oferta de servicios mediante nuevas aplicaciones. El principal objetivo del proyecto EuQoS es investigar, desarrollar, integrar y probar una tecnología independiente de la red de acceso que garantice QoS extremo a extremo. El sistema esta pensado inicialmente para dar soporte a las aplicaciones: VoIP, VoD, video conferencia, y a una aplicación médica llamada MEDIGRAF, sobre múltiples y heterogéneas redes de acceso. Los parámetros que EuQoS tiene en cuenta para la reserva de la calidad de servicio son el ancho de banda, el retardo, la variación del retardo (jitter), y las pérdidas permitidas. Un requisito fundamental para el modelo de QoS es que debe añadir la mínima complejidad posible al existe funcionamiento del sistema y debe ser compatible con el legado de aplicaciones y equipo. Esto se solucionará mediante el uso de señalización a nivel de Proxy. Este proyecto analiza los posibles escenarios de roaming y cómo se debería afrontar la Autenticación, Autorización, y Accounting (AAA) en estas condiciones de itinerancia. En los capítulos iniciales hacen una descripción general del sistema EuQoS, para tener una visión global del proceso de reserva de recursos. Es necesario conocer la estructura completa para lograr una integración mayor y con el menor coste posible. El proyecto EuQoS propone y desarrolla un nuevo mecanismo de QoS que se construye sobre un estado del arte que incorpora los siguientes mecanismos: Monitorización y Medición, Control de Admisión, Gestión de Fallos, Señalización y Negociación de Servicio, Seguridad y AAA, Charging, Ingeniería de Tráfico y Optimización de Recursos. Con el fin de conocer lo que anteriormente otros habían hecho en este campo, antes de escribir una sola línea de este proyecto, llevé a cabo una extensa búsqueda de documentación. Parte de la información utilizada en este documento ha sido extraída de las entregas públicas del proyecto EuQoS hechas a la Comisión Europea. Además de la bibliografía mostrada en las referencias, Ericsson tiene sus propios informes técnicos e implementaciones de protocolos como el protocolo de iniciación de sesión (SIP) y DIAMETER, que se han consultado en varias ocasiones y han contribuido a lo largo de la investigación. Existe una enorme similitud entre la arquitectura del sistema y la de IMS. De esta manera, algunos de los conceptos aplicados a la hora de desarrollar una solución para el caso de roaming para EuQoS se basan en los flujos de señalización utilizados en IMS y en los anteproyectos de nuevos RFCs.
|
32 |
Deciphering the Mechanism of Action of Armeniaspirol: A Polyketide Gram-Positive AntibioticLabana, Puneet 30 June 2021 (has links)
Antibiotics are an important resource in modern medicine used to treat serious infections and enable a wide array of vital medical interventions including surgery and cancer chemotherapy. However, due to the increasing prevalence of antibiotic resistant pathogens, many clinically useful antibiotics are being rendered ineffective with too few new antibiotics in development to combat them. With highly diverse chemistry and bioactivity exquisitely shaped by evolution, natural products provide an unrivaled source of antibiotic compounds that is impossible to reproduce instinctively in the laboratory. The armeniaspirols are polyketide natural products with a unique spiro-[4.4]non-8-ene core that were isolated from Streptomyces armeniacus and were shown to be active against drug-resistant Gram-positive bacteria. Promisingly, in vitro resistant Staphylococcus aureus strains could not be readily obtained even after thirty serial passages under sub-lethal doses. Herein, we decipher the mechanism of action for this structurally unprecedented natural product antibiotic in the Gram-positive model organism Bacillus subtilis.
Through chemical proteomics with an armeniaspirol-inspired activity-based probe, quantitative proteomics, biochemical assays, and microscopy, we show that armeniaspirol is a competitive inhibitor of the AAA+ proteases ClpXP and ClpYQ. Armeniaspirol represents the first known natural product inhibitor of ClpP, a highly coveted target due to its prominent role in bacterial virulence. Using overlapping proteomic fingerprints of armeniaspirol-treatment with ΔclpQ and ΔclpP deletions in B. subtilis, inhibition or deletion of these proteases appears to dysregulate key proteins involved in cell division, including FtsZ, DivIVA, and MreB. The dual ClpXP and ClpYQ inhibition is responsible for armeniaspirol’s potent antibiotic activity and this unique pharmacology makes it a promising candidate for antibiotic development. Several armeniaspirol-inspired analogs were generated as part of a medicinal chemistry study and evaluated for antibiotic activity towards a panel of clinically relevant Gram-positive pathogens. As a result, we identify three exciting armeniaspirol analogs with improved antibiotic activity.
Lastly, the foundation for elucidating the ClpYQ degradome is developed. Our proteomic fingerprint of the B. subtilis ΔclpQ deletion strain generated some of the first insights into potential substrates of the ClpYQ protease. As a largely uncharacterized AAA+ protease implicated in the mechanism of action of armeniaspirol, we pursued a previously established acyl-intermediate covalent trapping strategy to characterize the ClpYQ-substrate complexes in B. subtilis cell lysate. Through unnatural amino acid incorporation using an evolved tRNA/aminoacyl-tRNA synthetase pair, the N-terminal active site serine of ClpQ is substituted with a photocleavable precursor that generates 2,3-diaminopropionic acid. While we were successful in synthesizing the photocleavable precursor, initial experiments to incorporate this unnatural amino acid in ClpQ expression proved unsuccessful, leading us to outline necessary control experiments for future endeavours. Ultimately, the covalently trapped substrates will be identified by LC-MS/MS, where we expect to identify key divisome and elongasome proteins in corroboration with the armeniaspirol mechanism of action study.
|
33 |
Elucidating the Priming Mechanism of ClpXP Protease by Single-Domain Response Regulator CpdR in Caulobacter crescentusBarker, Kimberly E 14 November 2023 (has links) (PDF)
In Caulobacter crescentus, progression through the cell cycle is regulated by the AAA+ protease ClpXP, and there are several classes of cell-cycle substrates that require adaptors in order to be degraded. CpdR, a single domain-response regulator, binds the N-terminal domain of ClpXP and primes the protease for degradation of downstream factors (Lau et al., 2015). The ability of CpdR to bind ClpX is regulated by its phosphorylation state. In the unphosphorylated state, CpdR binds ClpXP and guides its localization to the cell pole during the swarmer to stalked transition, where CpdR is mediates degradation of substrates such as PdeA. Phosphorylation of response regulator receiver domains requires magnesium as a cofactor to stabilize the phosphorylated aspartate and reciprocally, phosphorylated receiver domains bind magnesium more effectively. While it is understood that CpdR primers ClpX for substrate degradation, the mechanism by which it does so has remained unclear. Using CollabFold, we identified putative residues involved in CpdR-ClpX binding and validated them using a BACTH screening. In vitro, we characterized the role that magnesium plays in regulating CpdR binding to ClpX. In this work, we directly test the role of magnesium in CpdR priming of ClpXP to show that magnesium may play a regulatory role in CpdR-mediated degradation, and thus binding to ClpX. We identify residues in ClpX that seem to be important for CpdR binding, which prior to this work was not clear.
|
34 |
Determining the link between Chronic Periodontitis and Abdominal Aortic Aneurysm: A questionnaire-based studyAbdulrasak, Houda January 2020 (has links)
Syfte: Syftet med studien var att se om det fanns en correlation mellan AAA och kronisk parodontit med hjälp av en enkät.Material och metod: Män som har undergått screening hos Kärlcentrum vid Skånes Universitetssjukhus i Malmö erbjöds deltagande i studien via telefon. Enkäten som användes formulerades främst med frågor från studien i Self-reported measures for Surveillance of Periodontitis (Eke et al. 2013). Frågor om individens tobaksvanor, om den led av andra sjukdomar, och mediciner lades till som en del av denna studie. Insamlad data analyserades med IBM SPSS Statistics 25 (SPSS Inc., Chicago, IL, USA. Ingen normalfördelning antogsför analyserna. Värdena bearbetades med Mann-Whitney U test och χ2-test.P-värden < 0.05 togs som statistiskt signifikanta.Resultat: Totalt kontaktades 300 individer, varav 65 (21.7%) inkluderades i studien. Av dessa var 42 (64.6 %) individer i kontrollgruppen medans 23 (35.4%) ingick i AAA-gruppen.Bennedbrytning förekom oftare i AAA gruppen (37.9%) jämfört med kontrollgruppen (11.9%) (p=0.010)Slutsats: En svag länk mellan kronisk parodontit och AAA kan föreslås i detta skede, dock behövs fler studier med större kohort och om möjligt en kliniskt verifierad parodontal diagnos för att med säkerthet bekräfta denna potentiella länken / Aim: The aim of this study was to find if there is a correlation between AAA and chronic periodontitis in regards to their relation with the help of a questionnaire. Material and methods: Men that have undergone screening in the Vascular Centre at Skånes University Hospital in Malmö, Sweden were invited to participate in this study via telephone. The questionnaire was formulated mainly with questions from the study conducted in Self-reported measures for Surveillance of Periodontitis (Eke et al. 2013). Questions asking the respondents about tobacco habits, if they suffered other diseases, medication, and more were added as part of this study. Captured data was analysed using IBM SPSS Statistics 25 (SPSS Inc., Chicago, IL, USA). Normal distribution was not assumed for the analyses. Values were processed with Mann-Whitney U test and χ2-test. P-value < 0.05 was accepted as statistically significant Results: A total of 300 individuals were contacted, of which 65 (21.7%) were included in the study. Of these, 42 (64.6 %) were controls and 23 (35.4 %) had AAA. Bone loss was more commonly present in AAA group (37.9%) versus control (11.9%) (p= 0.010)Conclusion: A weak link between chronic periodontitis and AAA may be suggested, however more studies with larger cohorts and potentially clinically verified periodontitis diagnosis, are necessary to establish this potential link more firmly.
|
35 |
Graphical system visualization and flow display : A visual representation of an authentication, authorization, and accounting backendaf Sandeberg, Joakim January 2016 (has links)
Displaying the architecture of a software system is not a simple task. Showing all of the available information will unnecessarily complicate the view, while showing too little might render the view unhelpful. Furthermore, showing the dynamics of the operation of such a system is even more challenging. This thesis project describes the development of a graphical tool that can both display the configuration of an advanced authentication, authorization, and accounting (AAA) system and the messages passed between nodes in the system. The solution described uses force-based graph layouts coupled with adaptive filters as well as vector-based rendering to deliver a view of the status of the system. Force-based layout spreads out the nodes in an adaptive fashion. The adaptive filters starts by showing what is most often the most relevant information, but can be configured by the user. Finally, the vector based rendering offers unlimited zoom into the individual nodes in the graph in order to display additional detailed information. Unified Modeling Language (UML) sequence charts are used to display the message flow inside the system (both between nodes and inside individual nodes). To validate the results of this thesis project each iteration of the design was evaluated through meetings with the staff at Aptilo Networks. These meetings provided feedback on the direction the project was taking as well as provided input (such as ideas for features to implement). The result of this thesis project shows a way to display the status of an AAA system with multiple properties displayed at the same time. It combines this with a view of the flow of messages and application of policies in the network via a dynamically generated UML sequence diagram. As a result human operators are able to see both the system’s architecture and the dynamics of its operation using the same user interface. This integrated view should enable more effective management of the AAA system and facilitate responding to problems and attacks. / Att visualisera arkitekturen av ett mjukvarusystem är inte lätt. Visas all tillgänglig information så blir vyn för komplicerad medan ifall för lite visas så blir vyn onödig. Att samtidigt visa dynamiken som uppstår när systemet arbetar är ytterligare en utmaning. Detta examensprojektet beskriver hur utvecklingen av ett grafiskt verktyg, som både kan visa konfigurationen av ett avancerat autentisering-, tillåtelse- och bokförings-system (AAA) och meddelanden som skickas mellan noder i systemet.<p> Lösningen använder en kraftriktad graflayout tillsammans med adaptiva filter och vektorbaserad rendering för att visa en vy av systemets status. De adaptiva filtren börjar med att visa den information som oftast är mest relevant men kan ställas in av användaren. Nyttjandet av vektorbaserad grafik tillhandahåller obegränsade möjligheter för användaren att zooma in på delar av grafen för att visa mer detaljerad information. UML sekvensdiagram används för att visa medelandeflödet inuti systemet (både mellan noder och inuti noder). För att utvärdera resultatet av examensprojektet blev varje iteration av designen utvärderad vid möten med personalen på Aptilo Networks. Dessa möten gav återkoppling på vilken rikting projektet tog samt input med t. ex. id´eer på nya egenskaper att lägga till. Resultatet av detta examensarbete visar ett sätt att visa statusen för ett AAA system med många av systemets egenskaper visade samtidigt. Det kombinerar detta med en vy av flödet av meddelanden och applikationpolicies i nätverket via ett dynamiskt genererat UML sekvensdiagram. Resultatet av detta är att mänskliga operatörer kan se både systemets arkitektur och dynamiken i hur det fungerar i samma gränssnitt. Detta gränssnitt bör möjliggöra mer effektiv hantering av AAA systemet och underlätta lösningar på både problem i systemet och attacker mot systemet.
|
36 |
Rôle oncogénique du facteur à bromodomain / ATPase, ATAD2 / Oncogenic role of bromodomain/ATPase containing factor, ATAD2Jamshidikia, Mahya 18 October 2017 (has links)
ATAD2 est un facteur très conservé mais peu caractérisé qui possède différents domaines fonctionnels : un domaine AAA ATPase et un bromodomaine (BRD). Normalement, ATAD2 est exprimé fortement dans les cellules germinales males ainsi que dans les cellules souches embryonnaires (cellules ES). De plus, la surexpression de cette protéine a été détectée dans de nombreux cancers. Il a été montré qu'ATAD2 agit comme co-activateur des récepteurs aux androgènes et aux œstrogènes. Cette protéine semble aussi agir comme co-facteur de l’oncogène Myc et joue un rôle dans la voie pRb/E2F. La surexpression d’ATAD2 prédit un mauvais prognostic dans les cancers du poumon et du sein. Toutes ces caractéristiques font d'ATAD2 un candidat de choix comme biomarqueur pronostic et une cible potentielle pour des agents thérapeutiques dans le cadre de cancers agressifs.Dans ce projet de thèse, nous montrons que hATAD2 interagit avec l'histone H4 acétylée via son bromodomaine, et que le domaine ATPase est responsable de la multimérisation d’ATAD2 et permet au BRD d’interagir avec les lysines acétylées dans les cellules. Des investigations complémentaires, comprenant notamment des études structurales, montrent que le BRD d'ATAD2 est responsable de son interaction spécifique avec la forme acétylée de la lysine 5 de l'histone H4. Nous avons aussi analysé le domaine AAA ATPase et découvert des éléments qui contrôlent son rôle dans la multimérisation des protéines. De plus, nous avons étudié ATAD2 dans la lignée de cellules cancéreuses pulmonaires, H1299, ainsi que dans les cellules ES et démontré que ce facteur est essentiel pour la prolifération des cellules en l'absence des facteurs de croissance. En combinant des approches ChIP-seq, ChIP-protéomics et RNA-seq dans les cellules ES, nous avons montré qu'ATAD2 est très enrichi dans les régions à haute activité transcriptionnelle et maintient la chromatine accessible pour les facteurs impliqués dans les activités de la chromatine. Ces données indiquent qu'ATAD2, dans son contexte physiologique, assure un rôle essentiel dans les activités générales de la chromatine, telles que la transcription, en maintenant l'accessibilité de la chromatine pour les facteurs de transcription.Enfin, afin de caractériser la structure d’ATAD2 et celle de son homologue dans Schizosaccharomyces pombe, ABOI, différents fragments contenants le domaine AAA ATPase ont été produits dans des bactéries ainsi que dans des cellules d'insectes en utilisant des vecteurs d’expression de baculovirus. Les conditions de production de fragments solubles ont été établies et certains de ces fragments ont été purifiés. Néanmoins, l’obtention de la structure cristalline de l'ATAD2 nécessite des travaux supplémentaires. / ATAD2 is an evolutionarily conserved but poorly characterized factor that bears different types of func¬tional domains: an AAA ATPase domain and a bromodomain (BRD). ATAD2 is normally highly ex¬pressed in male germ cells and in embryonic stem cells (ESC), however the overexpression of this protein has been detected in a large variety of independent cancers. ATAD2 is proposed to act as a co-activator of androgen and estrogen receptors and in addition, this protein also seems to act as a co-factor for Myc oncogene and plays a role in the pRb/E2F pathway. Moreover, the overexpression of ATAD2 predicts poor prognosis in lung and breast cancers. All of these characteristics make ATAD2 a valuable prognosis biomarker and a promising therapeutic target in aggressive cancers.Herein, we show that hATAD2 binds to acetylated H4 tail through its BRD, and that its ATPase domain enables ATAD2 multimerization, affecting the ability of the BRD to bind acetylated lysine in cells. Additional investigations, including structural studies, show that ATAD2’s BRD is responsible for its specific interaction with acetylated lysine 5 of histone H4. We have also functionally analyzed the AAA ATPase domain and discovered elements that control its role in protein multimerization. In addition, we studied ATAD2 in ESC and in the H1299 lung cancer cell line, and demonstrated that this factor has crucial roles in cell proliferation in the absence of growth factors. Moreover, by using a combination of ChIP-seq, ChIP-proteomics and RNA-seq experiments in ESC, we found that ATAD2 is highly enriched in regions with high transcriptional activity and that it keeps chromatin accessible for chromatin templated factors. These data indicate that ATAD2 in its physiological context ensures a critical role in general chromatin-templated activities, such as transcription, by maintaining the accessibility of chromatin for transcription factors. Finally, in order to structurally characterize either ATAD2 or its homologue in Schizosaccharomyces pombe, ABOI, different fragments containing the AAA ATPase domain were produced in bacteria as well as in insect cells using baculovirus expression vectors. Conditions to produce soluble fragments were established and some of these fragments were purified. Nonetheless, solving the crystal structure of ATAD2 still requires further investigation.
|
37 |
Autentizace a autorizace uživatele v počítačových sítích nové generace / User Authentication and Autorization for New Generation NetworksPřibyl, Radek Unknown Date (has links)
This document describes methods of user authentication and authorisation via a trusted server. There is analysis of the system Kerberos, which is used as an inspiration for desing of a new authentication scheme. There are analysed programming layers and interfaces for specific applications ensuring user authentication and authorisation. The document contains a design and detailed description of a new authentication scheme. This scheme is implemented into the communication between email client and imap server.
|
38 |
Biophysical Characterization of SNARE Complex Disassembly Catalyzed by NSF and alphaSNAPWinter, Ulrike 03 July 2008 (has links)
No description available.
|
39 |
The Difference in Differentness: Low-Risk, High-Budget versus Innovation and Creativity : An exploratory view from a game-designer’s perspective / Skillnaden i olikhet: Lågrisk, Hög-budget versus Innovation och Kreativitet : En utforskande vy från en speldesignersperspektivStojnić, Slavko January 2019 (has links)
With what seems like decades of debate behind us, low-risk, high-budget, high exposure releases are still seen as a threat to creativity, innovation and health of the game industry as a whole. This exploratory pilot study aims to evaluate methods and create instruments which can be used to measure and compare the levels of differentness contained within the AAA and Indie releases. The case studies and surveys performed within this study are assessed as viable instruments for future, confirmatory studies, but with serious limitations outside of the chosen data sample. / Med vad som verkar som årtionden av debatt bakom oss, spel som publiceras med lågrisk, hög-budget och hög exponering fortfarande betraktas som ett hot mot kreativitet, innovation och hälsan av hela spelindustrin. Denna utforskande pilotstudie syftar till att utvärdera metoder och skapa instrument som kan användas för att mäta och jämföra skillnadsnivån (olikhet) inom AAA och Indie spel. Fallstudier och enkäter som utfördes inom denna studie bedöms som genomförbara instrument för framtida, bekräftande studier, med allvarliga begränsningar utanför den valda datamängden.
|
40 |
Services AAA dans les réseaux adhoc mobiles / AAA services in mobile ad hoc networksLarafa, Claire Sondès 21 October 2011 (has links)
La mobilité est une composante importante de la liberté des personnes. L’évolution des moyens technologiques y contribue au premier chef. Outre la question du transport, celle du maintien du lien entre les individus est en ce sens particulièrement prégnante. Elle a mis à rude épreuve la notion de réseaux de télécommunications puisqu’il s’agit de répondre, pour des individus éparpillés ou concentrés, mais mobiles, au besoin de rester reliés. De l’ère des réseaux analogiques à celle des réseaux numériques, de l’ère des réseaux filaires à celle des réseaux sans fil et mobiles, la technologie n’a cessé d’évoluer. Ces dernières décennies ont vu apparaître des réseaux numériques sans fil, où non seulement il y a mobilité des utilisateurs mais aussi mobilité de l’infrastructure du réseau à laquelle ils contribuent. Ces réseaux se constituent de façon spontanée. Ils se maintiennent de manière autonome. On les désigne par le terme réseaux ad hoc mobiles (en anglais Mobile Ad hoc Networks ou MANET) qui s’oppose naturellement à celui de réseaux à infrastructure. La sécurité est une préoccupation générale des êtres humains. Ils en ressentent aussi le besoin en matière de réseaux. Ce besoin est particulièrement criant lorsque sont échangées des données critiques, financières ou stratégiques. La confidentialité des échanges, l’authentification des sources, l’assurance d’intégrité, la prévention de la récusation sont autant d’objectifs qu’il faut alors atteindre. Diverses solutions de sécurité ont été conçues dans cette optique pour les réseaux filaires puis ont ensuite été adaptées aux réseaux sans-fil et mobiles. Les architectures AAA (Authentication, Authorization, Accounting) en font partie. Elles sont en général utilisées dans un contexte commercial. Tant par leur facilité de déploiement que par la baisse des coûts de mise en œuvre qu’ils engendrent, les réseaux ad hoc mobiles, après avoir bien servi dans le domaine militaire, semblent avoir un avenir dans les applications commerciales. C’est pourquoi, nous nous proposons dans cette thèse de concevoir une architecture AAA adaptée aux spécificités de ces réseaux. Nous étudions d’abord les réseaux ad hoc mobiles et leurs caractéristiques. Ensuite, nous présentons les solutions de sécurité qui existent dans les réseaux à infrastructure. Nous examinons, en particulier, les solutions qui permettent le contrôle d’accès et dont sont engendrées les architectures AAA. Les solutions AAA proposées pour les MANETs sont par la suite analysées et classifiées afin de déterminer les manques et les vulnérabilités. Cette étude approfondie nous amène à proposer une architecture AAA répondant aux attentes identifiées. C’est une architecture distribuée qui répond, en particulier, au besoin d’autonomie des opérations dans les MANETs et où les protocoles exécutés peuvent impliquer simultanément plus de deux parties. Un ensemble de protocoles et de mécanismes d’authentification et d’autorisation s’intégrant avec la suite des protocoles IPv6 a été proposé. Leur sécurité a été discutée. Celle, en particulier du protocole d’authentification a fait l’objet de validation formelle. Contrairement aux protocoles utilisés dans la phase d’autorisation des services AAA proposés, le mode de communication multi-parties et multi-sauts du protocole d’authentification nous a poussé à mener une analyse approfondie de ses performances. Pour cela, nous avons eu recours, dans un premier temps, à la modélisation au moyen de calculs mathématiques explicites ensuite à la simulation. Les résultats obtenus montrent que ce protocole passe à l’échelle d’un MANET comprenant au moins cent nœuds. Dans certaines conditions d’implémentation que nous avons définies, ses performances, tant celle liée à sa probabilité de terminaison avec une issue favorable que celle portant sur son temps d’exécution, atteignent des valeurs optimales. / Mobility is an important component of people’s liberty. The evolution of technological means contributes to its enhancement. In addition to the transport issue, the question of keeping people connected is, in that context, particularly significant. Technological change strained the notion of telecommunications networks in the sense that scattered or clustered but mobile individuals had to remain in touch with others electronically. From the age of analogue networks to the digital networks era, from wired networks to wireless and mobile networks, technology has never stopped evolving. The last decades have witnessed the emergence of digital and wireless networks where not only the users, but also the network infrastructure to which they contribute, are mobile. These networks are spontaneously formed and autonomously maintained. They are termed Mobile Ad hoc Networks (MANETs), in contradistinction to infrastructure networks. Security is a general concern of human beings. They feel the need for it when using a network, too. This need is particularly glaring when it comes to exchanging critical, financial or strategic data. Confidentiality of communications, source authentication, integrity assurance, prevention of repudiation, are all objectives to be achieved. Various security solutions have been devised in this context as wired networks were then adapted to wireless and mobile networks. AAA (Authentication, Authorization and Accounting) frameworks are among these solutions. They are generally used for commercial purposes, which raises financial issues — and we all know how much important they are. Due to their ease of deployment and inexpensive implementation, MANETs, first used in the military field, seem to have a future in commercial applications. That is why the present thesis proposes to design an AAA service that is adapted to the characteristics of such networks. In this perspective, the thesis examines, to begin with, mobile ad hoc networks in order to understand their characteristics and potentials. It then probes the security solutions that exist in infrastructure networks, with special emphasis on those dealing with access control and AAA services. The AAA solutions for MANETs proposed up to now are subsequently analyzed and classified in order to determine their strengths and weaknesses. This in-depth study led to the design, in the second part of the thesis, of an AAA service that meets the expectations identified. It is a distributed service intended to answer the needs of autonomous operations in MANETs when a nearby operator is absent. It features several detailed authentication and authorization mechanisms and protocols with an authentication protocol simultaneously involving one or more parties. These protocols are designed such that they can be easily integrated to the IPv6 protocols suite. Moreover, their security is discussed — in particular, that of the authentication protocol thanks to a formal validation tool. Unlike the communication mode of the authorization protocols, that of the authentication protocol is one-to-many, which led us to study more deeply its performances thanks to modeling using explicit mathematical computations and to simulations techniques. The obtained results showed that the protocol scales for a MANET including a hundred nodes. Under certain conditions that we explained, its performances, in terms of the probability of authentication success and the length of the executing time, reach optimal values.
|
Page generated in 0.0304 seconds