Caracterização de Modelos Conceituais Utilizando Ontologias de Domínio: aplicação da Ontologia IMS LD na Construção de Modelos Conceituais Para E-learning

Oliveira, Francisco Hélio de

11 1900

Submitted by Diogo Barreiros (diogo.barreiros@ufba.br) on 2017-06-02T17:24:53Z No. of bitstreams: 1 PGCOMP_MSC_FranciscoHelio_Final_Entregue.pdf: 810832 bytes, checksum: 2a46919a8a9f5355562fb7917d301da5 (MD5) / Approved for entry into archive by Uillis de Assis Santos (uillis.assis@ufba.br) on 2017-06-28T18:35:03Z (GMT) No. of bitstreams: 1 PGCOMP_MSC_FranciscoHelio_Final_Entregue.pdf: 810832 bytes, checksum: 2a46919a8a9f5355562fb7917d301da5 (MD5) / Made available in DSpace on 2017-06-28T18:35:03Z (GMT). No. of bitstreams: 1 PGCOMP_MSC_FranciscoHelio_Final_Entregue.pdf: 810832 bytes, checksum: 2a46919a8a9f5355562fb7917d301da5 (MD5) / A modelagem conceitual de software é uma atividade não trivial que se relaciona com vários desafios, como: dificuldades na elicitação de requisitos, problemas de comunicação entre o analista e o usuário, uso de documentos de requisitos que nem sempre expressam claramente as funcionalidades do sistema. Esse problema se agrava quando o trabalho está relacionado com domínios mais complexos. Na área de educação essa questão também se verifica, por exemplo, em projetos de software que devem atender aos padrões para ambientes de aprendizagem como o IMS Learning Design. Para minimizar esse problema, ontologias de domínio podem ser utilizadas. Pode-se observar na literatura evidências teóricas dos benefícios do uso de ontologia na área de desenvolvimento de software. Por outro lado, as evidências experimentais são poucas ou talvez não existam. Dado esse contexto, o objetivo deste trabalho _e mostrar evidências experimentais que ontologias de domínio ajudam na modelagem conceitual. Para atingir esse objetivo, foram desenvolvidos: um processo de modelagem com ontologia, um mapeamento sistemático e dois experimentos controlados. O primeiro experimento mostrou indícios de que o uso de ontologia pode ajudar na criação de diagramas de classe (modelo conceitual). Sua replicação mantém resultado semelhante, entretanto, mostra signficância estatística. Portanto, o resultado do primeiro experimento e da sua replicação mostram resultados convergentes. Dessa forma, esta dissertação fornece dados acerca do uso de ontologia de domínio na modelagem conceitual. De acordo com a análise dos dados apresentados, é possível afirmar, com base experimental, que o uso de ontologia de domínio ajuda na modelagem conceitual. / The conceptual modeling the software is a non-trivial activity that relates to a number of challenges, such as difficulties in requirements elicitation, communication problems between the analyst and the user, and use of requirements documents that are not always clearly express the functionality of the system. This problem is aggravated when the work is related to more complex areas. In education this issue can also be seen, for example, in software projects that must meet standards for learning environments such as IMS Learning Design (IMS-LD). In order to minimize this problem, domain ontologies can be used. It can be observed in the literature, theoretical evidence of the benefits of ontology use in software development. On the other hand, experimental evidence is few or may not exist. In this context, the objective of this study is to show experimental evidence that domain ontologies help in conceptual modeling. To achieve this goal, we developed: a modeling process with ontology, a systematic mapping and two controlled experiments.The first experiment showed evidence that the use of ontology can help in creating class diagrams (conceptual model). Their replication maintains similar result, however, shows statistical significance. Therefore, the results of the first experiment and its replication show convergent. Thus, this work provides data for the domain ontology use in conceptual modeling. According to the analysis of the data it is possible to say with the experimental basis that the use of domain ontology helps conceptual modeling.

Modelo conceitual

Ontologia

Experimento

Ontologia IMS LD

Open Source SIP Application Servers For IMS Applications: A Survey

Kumlin, Veronica

January 2007

I ett IMS-nät (IP Multimedia Subsystem) finns Applikations Servrar (AS) som tillhandahåller tjänster, dessa AS är ofta SIP-servrar (Session Initation Protocol). Målet för det här examensarbetet var att finna den SIP-server som är mest lämpad att använda när man ska lägga till en tjänst i ett IMS-nät. Först gjordes en undersökning av tillgängliga SIP AS och ett tiotal hittades. Några av dem valdes ut för att jämföras och utredas mer noggrant. Inledningsvis inspekterades deras dokumentation, sedan analyserades proceduren att installera AS och att lägga till en tjänst på dem. Till sist lades tjänsten till i ett IMS-nät. Eftersom varken deras fördelar eller nackdelar utmärkte sig på ett sådant sett att någon av dem sammantaget var bättre än den andra, kunde tyvärr inte någon av dem pekas ut som den mest lämpade. / In an IMS (IP Multimedia Subsystem) network there are Application Servers (ASs) which host and execute services. These are often SIP (Session Initiation Protocol) servers. The goal for this thesis was to evaluate a selection of open source SIP ASs to see which one was most suited for IMS service development. Ten different SIP ASs was found in an initial search. They were briefly reviewed and some of them were chosen as candidates for further investigation. The documentation of the chosen servers were thoroughly explored and evaluated; as was the installation process and how to deploy a service to them. Finally the servers were installed and a service was implemented and deployed to an IMS network. Unfortunately, I could not point out one of the ASs to be more suited than another for deploying an IMS service on. This was because they had different pros and cons and none of them were distinguishing in a way that made them superior to the other.

SIP server

IMS

Computer Sciences

Datavetenskap (datalogi)

Insights into the molecular mechanism of the mitochondrial intermembrane space sulphydryl oxidase Erv1

Ceh Pavia, Efrain

January 2014

Mitochondria are involved in numerous cellular processes such as respiration, ATP production, calcium signalling and apoptosis. About 99% of mitochondrial proteins are nuclear-encoded and need to be imported into mitochondria for their function. The MIA pathway is used by many cysteine-containing proteins for their import into the mitochondrial intermembrane space (IMS). The pathway comprises two essential proteins: the disulphide carrier and import receptor Mia40, and the FAD-dependent sulphydryl oxidase Erv1. Together these proteins form a disulphide relay system inside the IMS. Initially, substrate proteins are imported in their cysteine-reduced form, which is oxidised by Mia40 in the IMS. Then, the now reduced Mia40 is in turn re- oxidised by Erv1. Finally, reduced Erv1 can transfer the electrons to oxygen directly, or via cyt c, to the respiratory chain. The overall aim of this study is to understand the structural and functional mechanisms of Erv1, from the effect of single mutations (R182H) to its quaternary structure and thermodynamic properties. The results are described in three chapters. First, biophysical techniques were used to evaluate the oligomerisation state of Erv1. Contrary to general belief, the results show that Erv1 adopts a tetramer conformation in solution. Tetramerisation provides Erv1 with a higher thermal stability, though it does not affect its oxidase activity. The second result chapter focuses on understanding the effects of a medically relevant mutant, Erv1 R182H, on the structure and function of the protein. The results show that at the physiological temperature of 37°C the mutant is less stable and becomes completely inactive after a few enzymatic cycles. The activity defect is linked to a weaker binding of the FAD cofactor in the mutant. Lastly, the third result chapter looks at the electron transfer within Erv1 from a thermodynamic perspective. Standard reduction potentials were determined for two of the three redox centres in Erv1. The results differ from those previously published, but are consistent with the current model of electron transfer in Erv1. Taken together, the results presented here offer an insightful perspective into the molecular mechanisms regulating Erv1.

572

Tvorba real-time aplikace pro platformu IMS / Creating real-time IMS application

Novotný, Filip

January 2011

This paper presents a description of the IP Multimedia Subsystem (IMS) architecture and IMS services. IMS is a standardized next-generation networking architectural framework providing advanced services on mobile and fixed networks. The first chapter describes four-layer IMS architecture and also mentions supported services. The second chapter deals with IMS protocols and primarily focuses on the SIP signaling protocol. UDP, RTP and TLS protocols are also included in this chapter. The third chapter is dedicated to practical part of this paper. A VoIP Java application has been created based on the findings gained throughout the thesis. The main part of the created application consists of client-side application, database MySQL and Servlet application for communication between database and client-side application. The whole system was created using SDS Sony Ericsson 4.1. FD1. An OpenIC lite client has been tested during development on our system and results were compared with created client-side application. A web application based on PHP, MySQL and ActionScript then handles administration and monitoring of customers using voice services.

Facilitating the adoption and use of the IP Multimedia System

Papazafeiropoulos, Christos

January 2009

The IP Multimedia Subsystem (IMS) is still under development and not widely adopted in the market. Some companies are reluctant to deploy IMS and some telecommunications vendors believe that IMS will not achieve a desirable market share. The purpose of this thesis work is to give a boost to this technology (i.e., to accelerate its market growth) by providing the community (both developers and operators who might adopt this technology) with an evaluation of the Ericsson Java Application Programming Interfaces (APIs) called Mobile Java Communication Framework (MJCF) APIs. Developers with or even without knowledge of the IMS architecture and signaling should be able to use these interfaces in order to develop applications on top of IMS. A client-server application is designed and implemented to facilitate this evaluation and to serve as an example for others. The motivation behind this application is the every day needs of the people who search for discounts while they are shopping. Users set up their profile by specifying their preference concerning discounts for specific products; while shop owners publish discounts. When a user is near a store which offers interesting discounts (i.e., discounts that match their profile) new notifications will be sent to his/her mobile device. This application exploits the MJCF APIs and uses several of its basic functions; specifically subscriptions, messages, notifications, and publications are some of the messages that can be utilized through these interfaces.</p> Throughout the application development, bugs were found in the APIs and corrections were suggested for the documentation. Measurements were made in order to evaluate the memory utilization and delay associated with these APIs. It was observed that the delays added by the APIs are somewhat high and may negatively affect the experience of users. However memory utilization seamed to be low for client applications and quite high for the server side given the resources of today's services and cellular phones. / Systemet IP Multimedia Subsystem (IMS) är under utveckling och är inte vida etablerat än. Nogra företag tvekar inför etablering av IMS och nogra telekomföretag anser att IMS inte kommer uppnå önskad marknadsandel. Syftet med detta examensarbete är att ge denna teknologi en skjuts framåt (d.v.s. att öka marknadstillväxten) genom att tillhandahålla den gemenskap av både utvecklare och operatörer som kan tänka sig ta in denna teknologi, med en utvärdering of Ericsson’s Java Applications Programming Interfaces (APIs) kallade MJCF API. Utvecklare med eller t.o.m. utan kunskap om arkitekturen och signalleringen hos IMS ska kunna använda dessa gränssnitt till att utveckla tjänster på IMS. En klient-server applikation är designade och implementerad för att möjliggöra denna utvärdering och för att agera exempel för andra. Motiveringen bakom denna applikation är det vardagliga behovet hos människor som söker efter rabatter/erbjudanden när de handlar. Användare sätter upp sin profil genom att specificera sina önskemål angående erbjudanden för specifika produkter medan butiksinnehavare publicerar sina erbjudanaden. När en användare är nära en butik som erbjuder någonting interessant (d.v.s. produkter som matchar använadarens profil), så kommer nya notifikationer att anlända till hans/hennes mobil. Denna applikation uttnyttjar MJCF APIet och använder ett flertal av dess basala funktioner; speciellt gällande prenumerationer, meddelanden, notifieringar och publiceringar är några av de meddelanden som möjliggörs genom dessa gränssnitt.</p> Genom applikationsutvecklingen så blev flera buggar i APIerna upptäckta och förbättringar till dokumentationen föreslogs. Mätningar gjordes för att utvärdera minnesåtgången och fördröjningar associerade med dessa APIer. Det observerades att API fördröjningar är något höga och kan påverka användarupplevelsen negativt. Däremot verkade minnesåtgången vara låg på klientsidan och hög på serversidan, givet de resurser dagens tjänster och mobila telefoner förfogar över.

IMS

API

SIP

Communication Systems

Kommunikationssystem

Detection of Cocaine and its Interferents by Ion Mobility Spectrometry coupled with SIMPLSMA and ALS

Esposito, Anne Marie M.

22 June 2017

No description available.

Chemistry

cocaine

interferents

IMS

ALS

SIMPLISMA

Modeling and methodologies for the test of IMS services / Modélisation et méthodologie pour le test de services IMS

Lalanne, Felipe

03 February 2012

Le test de conformité est le processus permettant de contrôler qu'un système possède un ensemble de propriétés souhaitées et se comporte conformément à certaines exigences prédéfinies. Dans ce contexte, les techniques de test passif sont utilisées lorsque le système sous test ne peut être interrompu ou l'accès aux interfaces du système est indisponible. Le test passif s'appuie sur l'observation de l'application pendant l'exécution, et la comparaison de l'observation avec le comportement attendu, défini à travers des propriétés de conformité. L'objectif de cette thèse est la définition d'une méthodologie de validation des protocoles communicants par test passif. Les approches existantes sont issues de travaux basés sur des spécifications à états finis ou de transitions étiquetées et comme tels, ils présument l'existence d'une relation de causalité entre les évènements observés dans la trace du système. Pour le traitement des protocoles basés sur des messages, comme le protocole SIP (fondamental pour les services IMS), telle causalité n’existe pas nécessairement et en outre, elle ne peut être déterminée que par la partie données du protocole. Étant donné que les techniques existantes sont optimisées pour traiter les parties de contrôle, ils présentent des limites pour les tests basés sur des parties de données: expressibilité réduite de propriétés de conformité, entre autres. Dans ce travail nous présentons une approche sur la base des messages et données pour traiter ces problèmes. Les observations dans une trace sont sous la forme de messages. Le comportement attendu est défini de manière ascendante, à partir des critères basés sur les relations entre les champs des données des messages. Des relations temporelles sont définies entre ces critères, par exemple, une propriété peut exiger que certains critères “doit être reconnu pour tous les messages dans la trace”. Notre approche permet d’exprimer des formules sur l’avenir et le passé de la trace, permettant de définir des critères plus généraux que ceux qui utilisent uniquement des parties de contrôle. Des problèmes liés à la satisfaction des propriétés et la déclaration des verdicts de conformité sont également discutés. Bien que l'observation d'un comportement défini comme une propriété est un indice de conformité, l'absence d'observation n'est pas nécessairement indicative d'une faute. Plusieurs solutions à ce problème ont été proposées et mises en œuvre dans ce travail. Enfin, notre travail présente des perspectives intéressantes en termes d'extensibilité pour la détection en ligne ou une expressivité améliorée, mais aussi car une approche basée sur des messages fournit une vision alternative aux techniques de test traditionnelles / Conformance testing is the process of checking that a system possesses a set of desired properties and behaves in accordance with some predefined requirements. In this context, passive testing techniques are used when the system under test cannot be interrupted or access to the system's interfaces is unavailable. Passive testing relies on the observation of the implementation during runtime, and the comparison of the observation with the expected behavior, defined through conformance properties. The objective of this thesis is to define a novel methodology to validate communicating protocols by passive testing. Existing approaches are derived from works with finite-state and labelled transition specifications and as such, they presume there exists a causality relation between the events observed in the implementation (the trace). When dealing with message-based protocols, such as the Session Initiation Protocol (fundamental for IMS services), such causality does not necessarily exist and furthermore, it may only be determined through data parts. Since existing techniques are optimized for dealing with control parts, they present limitations for testing based on data parts: reduced expressibility and succinctness of conformance properties, as well as problems to deal with satisfaction of properties including future conditions. In this work we present a message-based/data-centric approach for dealing with these issues. Observations in a trace are in the form of messages. Expected behavior is defined in a bottom-up fashion, starting from expected criteria that must be fulfilled by one or more messages, defined as constraints between the message data fields. Temporal relations by quantification over the criteria, e.g. a property may require that certain criteria "must be held for all messages in the trace". Our approach allows to express formulas about the future and past of the trace, allowing to define more general criteria than through control parts alone. Issues related to satisfaction of properties and declaration of conformance verdicts are also discussed here. Although observation of a behavior defined as a property is indication of conformance, lack of observation is not necessarily indicative of a fault. Several solutions to this issue have been proposed and implemented in this work. Finally, our work presents interesting perspectives, in terms of extensibility for online detection or improved expressiveness, but also since a message-based approach provides an alternative view to traditional testing techniques

Test de conformité

Test passif

Service IMS

Protocole

Conformance testing

Passive testing

IMS service

Protocol

Assessing and Improving Interoperability of Distributed Systems

Rings, Thomas

23 January 2013

Interoperabilität von verteilten Systemen ist eine Grundlage für die Entwicklung von neuen und innovativen Geschäftslösungen. Sie erlaubt es existierende Dienste, die auf verschiedenen Systemen angeboten werden, so miteinander zu verknüpfen, dass neue oder erweiterte Dienste zur Verfügung gestellt werden können. Außerdem kann durch diese Integration die Zuverlässigkeit von Diensten erhöht werden. Das Erreichen und Bewerten von Interoperabilität stellt jedoch eine finanzielle und zeitliche Herausforderung dar. Zur Sicherstellung und Bewertung von Interoperabilität werden systematische Methoden benötigt. Um systematisch Interoperabilität von Systemen erreichen und bewerten zu können, wurde im Rahmen der vorliegenden Arbeit ein Prozess zur Verbesserung und Beurteilung von Interoperabilität (IAI) entwickelt. Der IAI-Prozess beinhaltet drei Phasen und kann die Interoperabilität von verteilten, homogenen und auch heterogenen Systemen bewerten und verbessern. Die Bewertung erfolgt dabei durch Interoperabilitätstests, die manuell oder automatisiert ausgeführt werden können. Für die Automatisierung von Interoperabilitätstests wird eine neue Methodik vorgestellt, die einen Entwicklungsprozess für automatisierte Interoperabilitätstestsysteme beinhaltet. Die vorgestellte Methodik erleichtert die formale und systematische Bewertung der Interoperabilität von verteilten Systemen. Im Vergleich zur manuellen Prüfung von Interoperabilität gewährleistet die hier vorgestellte Methodik eine höhere Testabdeckung, eine konsistente Testdurchführung und wiederholbare Interoperabilitätstests. Die praktische Anwendbarkeit des IAI-Prozesses und der Methodik für automatisierte Interoperabilitätstests wird durch drei Fallstudien belegt. In der ersten Fallstudie werden Prozess und Methodik für Internet Protocol Multimedia Subsystem (IMS) Netzwerke instanziiert. Die Interoperabilität von IMS-Netzwerken wurde bisher nur manuell getestet. In der zweiten und dritten Fallstudie wird der IAI-Prozess zur Beurteilung und Verbesserung der Interoperabilität von Grid- und Cloud-Systemen angewendet. Die Bewertung und Verbesserung dieser Interoperabilität ist eine Herausforderung, da Grid- und Cloud-Systeme im Gegensatz zu IMS-Netzwerken heterogen sind. Im Rahmen der Fallstudien werden Möglichkeiten für Integrations- und Interoperabilitätslösungen von Grid- und Infrastructure as a Service (IaaS) Cloud-Systemen sowie von Grid- und Platform as a Service (PaaS) Cloud-Systemen aufgezeigt. Die vorgestellten Lösungen sind in der Literatur bisher nicht dokumentiert worden. Sie ermöglichen die komplementäre Nutzung von Grid- und Cloud-Systemen, eine vereinfachte Migration von Grid-Anwendungen in ein Cloud-System sowie eine effiziente Ressourcennutzung. Die Interoperabilitätslösungen werden mit Hilfe des IAI-Prozesses bewertet. Die Durchführung der Tests für Grid-IaaS-Cloud-Systeme erfolgte manuell. Die Interoperabilität von Grid-PaaS-Cloud-Systemen wird mit Hilfe der Methodik für automatisierte Interoperabilitätstests bewertet. Interoperabilitätstests und deren Beurteilung wurden bisher in der Grid- und Cloud-Community nicht diskutiert, obwohl sie eine Basis für die Entwicklung von standardisierten Schnittstellen zum Erreichen von Interoperabilität zwischen Grid- und Cloud-Systemen bieten.

510

Interoperabilität

Testen

Cloud

Grid

IMS

Bewertung

Interoperability

Testing

Cloud

Grid

IMS

Assessment

Informatik (PPN619939052)

Δίκτυα νέας γενιάς / Next generation networks

Χατζηνάκης, Μιχαήλ, Βορδώνης, Δημήτριος

16 June 2011

Το αντικείμενο της παρούσας διπλωματικής εργασίας είναι η μελέτη της αρχιτεκτονικής των Δικτύων Νέας Γενιάς (Next Generation Networks-NGN) με εστίαση στους μηχανισμούς του Επιπέδου Μετάδοσης και τις Λειτουργίες Τελικού Χρήστη. Συγκεκριμένα, περιγράφεται η αρχιτεκτονική IMS (IP Multimedia Subsystem) με τις αντίστοιχες λειτουργικές συνιστώσες και διεπαφές, ενώ στη συνέχεια παρατίθενται τα βήματα μετάβασης προς δίκτυα και προσβάσεις νέας γενιάς επιλεγμένων μεγάλων τηλεπικοινωνιακών Οργανισμών. Ακολούθως, γίνεται μια συνοπτική αναφορά στις λειτουργίες του επιπέδου μετάδοσης, ελέγχου μεταφοράς και διαχείρισης δικτύου και στη συνέχεια περιγράφεται λεπτομερώς η λειτουργική αρχιτεκτονική των κύριων λειτουργικών οντοτήτων του επιπέδου μετάδοσης (λειτουργίες ελέγχου προσάρτησης δικτύου-NACF, λειτουργίες ελέγχου διαχείρισης φορητότητας-MMCF, λειτουργίες ελέγχου πόρων –RACF, λειτουργίες μετάδοσης κορμού) και τα μοντέλα πληροφόρησης (ένδειξη δέσμευσης, πληροφορία απόκρισης πόρων μετάδοσης κ.α.) των επιμέρους στοιχείων των προαναφερθέντων δομικών οντοτήτων. Σε κάθε δομικό μοντέλο πληροφόρησης υπάρχει αναλυτική παρουσίαση των σημείων αναφοράς και ροών πληροφορίας που εμπλέκονται στη διαχείριση και έλεγχο φορητότητας, προσάρτησης δικτύου, διεργασίας μετάδοσης κορμού και πρόσβασης, αντιστοίχως. Στη συνέχεια, αναλύονται οι λειτουργίες τελικού χρήστη με ειδικότερη αναφορά στις λειτουργίες πύλης δικτύου (CPN) με τα επιμέρους λειτουργικά στοιχεία της, και τα δίκτυα που θα αποτελέσουν τον κορμό πάνω στον οποίο θα στηριχθεί η υλοποίηση της πρόσβασης των δικτύων νέας γενιάς. Πιο συγκεκριμένα, περιγράφονται οι τεχνολογίες πρόσβασης DSL (ADSL, ADSL2 και VDSL2) με τους υποκείμενους περιορισμούς του ρυθμού μετάδοσης (διαφωνία, εξασθένηση), Ethernet (EPON, P2P πάνω από χαλκό και οπτική ίνα), και PON (διασύνδεση P2MP με οπτικό διαμεριστή οπτικής ισχύος, GPON). Τέλος, αναλύονται οι καλωδιακές υποδομές που απαιτούνται για την ανάπτυξη των προσβάσεων νέας γενιάς (εύρος, διάρθρωση, πυκνότητα οπτικών ινών). / The theme of this particular thesis is the study of the Next Generation Networks –NGN architecture focusing on the functionalities of the Transport Stratum and the End User Functions. Specifically, it is described the IMS architecture (IP Multimedia Subsystem) and the related functional components, and then, it is listed the transition steps towards the next generation networks and access of selected Telecommunications Providers. Following, it is briefly outlined the functionalities of transport level, transport control and network management, as well, and subsequently, the functional architecture of the main entities of transport level (network attachment control functions –NACF, Mobility Management and Control Functions- MMCF, Resource and Admission Control Functions- RACF, Transport processing entities) and the information models (event registration reply, resource selection information reply etc) of the aforementioned functional components are being described, in detail. Each structural component is analytically presented with its reference points and information flows that are involved in the management as well as the control of mobility, network admission, transport core and access processing, respectively. Additionally, the end user functions are described, giving weighted reference to the customer premises gateway functions (CGF) and their individual entities, and the networks that will compose the core upon which the implementation of next generation access will be established. That is, different access types are presented such as DSL network (ADSL, ADSL2, VDSL2) with its transfer rate restrictions (i.e. attenuation), Ethernet network (EPON, P2P over copper and optical fiber) and PON (P2MP interconnection using optical power splitter ,GPON). Finally, it is analyzed the cable infrastructure needed for the development of the new generation access (optical fiber rate, structure, density).

Δίκτυα νέας γενιάς

Αρχιτεκτονική IMS

004.66

Next generation networks (NGN)

IMS architecture

Sécurité et performances des réseaux de nouvelle génération / Security and Performance for Next Generation Networks

Maachaoui, Mohamed

12 June 2015

L’IMS (IP Multimedia Subsystem) constitue l’architecture clé de contrôle pour les réseaux de nouvelle génération (NGN : Next Generation Network). IMS offre aux opérateurs réseaux la possibilité d'étendre leurs services, en intégrant la voix et des communications multimédia et de les livrer dans de nouveaux environnements avec de nouveaux objectifs. Sa sécurité totale mais à moindre coût est donc primordiale, principalement l’authentification. En IMS l’authentification est divisée en deux phases, une au niveau du domaine PS (Packet-Switch) avec le protocole 3GPP-AKA, et l’autre au niveau IMS en utilisant le protocole IMS-AKA. Dans notre première contribution, nous proposons un nouveau protocole d’authentification plus sécurisé que celui utilisé en IMS (IMS-AKA) et plus performant en termes d’utilisation de la bande passante et de temps de traitement. Notre méthode d’analyse repose sur la quantification de la signalisation induite par l’authentification IMS. La quantification est effectuée à l’aide d’expérimentations réelles. Sur la base des résultats obtenues, nous pouvons confirmer que notre protocole (1) peut économiser au moins 21,5% du trafic SIP/Cx par rapport à l’IMS-AKA, (2) permet de réduire la consommation de la bande passante de 27% par rapport à l’IMS-AKA, (3) résiste aux attaques atteignant la confidentialité et l’intégrité des données lors d’un enregistrement IMS (validé par AVISPA). Dans notre seconde contribution, nous avons présenté un nouveau modèle, nommé virtual walled-garden, de fourniture de services centré sur l'utilisateur en IMS. Ce modèle de fourniture de service permet d'offrir plus de liberté d'utiliser les services de tout fournisseur de contenu en fonction des besoins et préférences des utilisateurs. De cette manière les trois parties (utilisateur, fournisseurs de services et opérateur IMS) sont satisfaites. Les utilisateurs auront accès à un plus large éventail de services soutenus par l'IMS, les fournisseurs de services peuvent mettre en œuvre un large éventail de services IMS/SIP sans aucun investissement sur la mise en œuvre d'un réseau de cœur IMS ou de sa maintenance. Quant aux opérateurs cette façon de faire constitue une nouvelle forme de partenariat d'affaires avec les fournisseurs de services. Le modèle virtual walled-garden se base sur une fédération d'identité multi niveaux pour prendre en considération plusieurs niveaux de sécurité selon la criticité des applications sollicitées. / The IMS (IP Multimedia Subsystem) architecture is the key control for next generation networks (NGN). IMS gives network operators the opportunity to extend their services, including voice and multimedia communications and deliver them in new environments with new goals. Its security is paramount, especially authentication. In IMS, authentication is divided into two phases a PS (Packet-Switch) domain-level with the 3GPP-AKA protocol, and a second at IMS level using the IMS-AKA protocol. In our first contribution, we propose a new IMS authentication mechanism that improves the IMS-AKA in terms of security and more efficient in the use of bandwidth and processing time. Based on the results obtained, we can confirm that our protocol can save at least 21.5% of SIP/Cx traffic compared to the IMS-AKA and resists to attack reaching the confidentiality and integrity of data in an IMS registration (validated by AVISPA). In our second contribution, we propose a new Service provisioning model: Virtual Walled-Garden. This new model allows the user accessing all the applications, even the external ones transparently, simulating a walled-garden environment. This model will create a trust link between IMS domain and external services, and will reduce the burden of both end users and SPs through a Single Sign-On (SSO) feature, using identity federation. We also introduce the notion of security level to classify the SPs in a Multi-level model.

Ims

Sip

Sso

Authentification

Fourniture de service

Ims

Sip

Sso

Authentication

Service provisioning