Global ETD Search

31	A case study of Internet Protocol Telephony implementation at United States Coast Guard headquarters Patton, Mark B. 03 1900 (has links) Approved for public release, distribution is unlimited / Recent advances in information technology communications have brought about increases in bandwidth and processing speeds to encourage the growth of Internet Protocol Telephony (IPT), a method of transmitting voice conversations over data networks. Many organizations are replacing portions of their traditional phone systems to gain the benefits of cost savings and enhanced feature sets through the use of IPT. The Coast Guard has an interest in exploiting this technology, and has taken its first steps by implementing IPT at Headquarters Support Command in Washington D.C. This thesis investigates the successful implementation practices and security policies of commercial, educational, and government organizations in order to create recommendations for IPT security policies and implementation practices relevant to the Coast Guard. It includes the discussion of the public switched telephone network, an overview of IPT, IPT security issues, the safeguards available to counter security threats, the tradeoffs (e.g., voice quality, cost) required to mitigate security risks, and current IPT security policy and implementation guidance. It is supported by the study and analysis of the IPT system at Coast Guard Headquarters. The Coast Guard gains an understanding of the advantages, limitations, and security issues that it will face as it considers further implementation of IPT. / Lieutenant, United States Coast Guard Internet telephony United States Public utilities Voice over internet protocol VOIP Internet protocol telephony IP telephony Security Policy Implementation guide Coast Guard
32	Dritter Deutscher IPv6 Gipfel 2010 January 2010 (has links) Am 24. und 25. Juni 2010 fand am Hasso-Plattner-Institut für Softwaresystemtechnik GmbH in Potsdam der 3. Deutsche IPv6 Gipfel 2010 statt, dessen Dokumentation der vorliegende technische Report dient. Als nationaler Arm des weltweiten IPv6-Forums fördert der Deutsche IPv6-Rat den Übergangsprozess zur neuen Internetgeneration und brachte in diesem Rahmen nationale und internationale Experten aus Wirtschaft, Wissenschaft und öffentlicher Verwaltung zusammen, um Awareness für das Zukunftsthema IPv6 zu schaffen und um ein Resumé über die bislang erzielten Fortschritte zu ziehen. Die Grenzen des alten Internetprotokolls IPv4 sind in den vergangenen zwei Jahren deutlicher denn je zutage getreten. Waren im vergangenen Jahr anlässlich des 2. IPv6 Gipfels noch 11% aller zu vergebenden IPv4 Adressen verfügbar, ist diese Zahl mittlerweile auf nur noch 6% geschrumpft. Ehrengast war in diesem Jahr der „europäische Vater“ des Internets, Prof. Peter T. Kirstein vom University College London, dessen Hauptvortrag von weiteren Beiträgen hochrangiger Vertretern aus Politik, Wissenschaft und Wirtschaft ergänzt wurde. / This technical report is summarizing the talks and presentations of the 3rd German IPv6 Summit 2010 at the Hasso Plattner Institute for Software System Engineering in Potsdam on June 24./25 2010. The goal of this summit is to present current developments concerning the implementation of the new IPv6 technology from political and economic perspectives, as well as from a technological point of view. The limits of the old Internet Protocol IPv6 have become obvious lately. While, last year at the 2nd German IPv6 Summit 2009, 11% of the available IPv4 internet addresses had been still available, this stock has shrunk to almost only 6%. This year's guest of honor was Peter T. Kirstein, the 'European Father of the Internet', who established the very first ARPANET node outside the USA in the early 1970s. Besides him, the conference was complemented by talks and presentations of high-ranking representatives from industry, government, and research. Internet IPv6 IPv4 Internet Protocol Service Provider Infrastruktur Computernetzwerke Netzpolitik Konferenz Internet IPv6 IPv4 Internet Protocol Service Provider Infrastructure Computer Networks Network Politics conference Data processing Computer science
33	Recovery From DoS Attacks In MIPv6 : Modelling And Validation Kumar, Manish C 03 1900 (has links) Denial-of-Service (DoS) attacks form a very important category of security threats that are possible in MIPv6 (Mobile Internet Protocol version 6). This thesis proposes a scheme for participants (Mobile Node, Home Agent, and Correspondent Node) in MIPv6 to recover from DoS attacks in the event of any of them being subjected to a DoS attack. We propose a threshold based scheme for participants in MIPv6 to detect presence of DoS attacks and to recover from DoS attacks in the event of any of them being subjected to a DoS attack. This is achieved using an infrastructure for MIPv6 that makes such a solution practical even in the absence of IPsec infrastructure. We propose a protocol that uses concepts like Cryptographically Generated Addresses (CGA), short-term IP addresses using a Lamport hash like mechanism and a hierarchy based trust management infrastructure for key distribution. However, reasoning about correctness of such protocols is not trivial. In addition, new solutions to mitigate attacks may need to be deployed in the network on a frequent basis as and when attacks are detected, as it is practically impossible to anticipate all attacks and provide solutions in advance. This makes it necessary to validate solutions in a timely manner before deployment in real network. However, threshold schemes needed in group protocols make analysis complex. Model checking threshold-based group protocols that employ cryptography have been not successful so far. The testing in a real network or a test bed also will not be feasible if faster and frequent deployment of DoS mitigation solutions is needed. Hence, there is a need for an approach that lies between automated/manual verification and an actual implementation. It is evident from existing literature that not many simulations for doing security analysis of MIP/MIPv6 have been done. This research is a step in that direction. We propose a simulation based approach for validation using a tool called FRAMOGR [40] that supports executable specification of group protocols that use cryptography. FRAMOGR allows one to specify attackers and track probability distributions of values or paths. This work deals with simulation of DoS attacks and their mitigation solutions for MIP in FRAMOGR. This makes validation of solutions possible without mandating a complete deployment of the protocol to detect vulnerabilities in a solution. This does away with the need for a formal theoretical verification of a DoS mitigation solution. In the course of this work, some DoS attacks and recovery mechanisms are simulated and validated using FRAMOGR. We obtained encouraging results for the performance of the detection scheme. We believe that infrastructure such as FRAMOGR would be required in future for validating new group based threshold protocols that are needed for making MIPv6 more robust. Mobile Internet Protocol Computer Access Control Computer Security FRAMOGR Denial-of-Service (DoS) Attacks Communication Engineering
34	Policy based network management of legacy network elements in next generation networks for voice services Naidoo, Vaughn January 2002 (has links) Magister Scientiae - MSc / Telecommunication companies, service providers and large companies are now adapting converged multi-service Next Generation Networks (NGNs). Network management is shifting from managing Network Elements (NE) to managing services. This paradigm shift coincides with the rapid development of Quality of Service (QoS) protocols for IP networks. NEs and services are managed with Policy Based Network Management (PBNM) which is most concerned with managing services that require QoS using the Common Open Policy Service (COPS) Protocol. These services include Voice over IP (VoIP), video conferencing and video streaming. It follows that legacy NEs without support for QoS need to be replaced and/or excluded from the network. However, since most of these services run over IP, and legacy NEs easily supports IP, it may be unnecessary to throw away legacy NEs if it can be made to fit within a PBNM approach. Our approach enables an existing PBNM system to include legacy NEs in its management paradigm. The Proxy-Policy Enforcement Point (P-PEP) and Queuing Policy Enforcement Point (Q-PEP) can enforce some degree of traffic shaping on a gateway to the legacy portion of the network. The P-PEP utilises firewall techniques using the common legacy and contemporary NE management protocol Simple Network Management Protocol (SNMP) while the Q-PEP uses queuing techniques in the form Class Based Queuing (CBQ) and Random Early Discard (RED) for traffic control. / South Africa Common open policy service Internet protocol Legacy Network element Next generation network Policy based network management Quality of service Simple network management protocol Voice over internet protocol
35	A structural and functional specification of a SCIM for service interaction management and personalisation in the IMS Tsietsi, Mosiuoa Jeremia January 2012 (has links) The Internet Protocol Multimedia Subsystem (IMS) is a component of the 3G mobile network that has been specified by standards development organisations such as the 3GPP (3rd Generation Partnership Project) and ETSI (European Telecommunication Standards Institute). IMS seeks to guarantee that the telecommunication network of the future provides subscribers with seamless access to services across disparate networks. In order to achieve this, it defines a service architecture that hosts application servers that provide subscribers with value added services. Typically, an application server bundles all the functionality it needs to execute the services it delivers, however this view is currently being challenged. It is now thought that services should be synthesised from simple building blocks called service capabilities. This decomposition would facilitate the re-use of service capabilities across multiple services and would support the creation of new services that could not have originally been conceived. The shift from monolithic services to those built from service capabilities poses a challenge to the current service model in IMS. To accommodate this, the 3GPP has defined an entity known as a service capability interaction manager (SCIM) that would be responsible for managing the interactions between service capabilities in order to realise complex services. Some of these interactions could potentially lead to undesirable results, which the SCIM must work to avoid. As an added requirement, it is believed that the network should allow policies to be applied to network services which the SCIM should be responsible for enforcing. At the time of writing, the functional and structural architecture of the SCIM has not yet been standardised. This thesis explores the current serv ice architecture of the IMS in detail. Proposals that address the structure and functions of the SCIM are carefully compared and contrasted. This investigation leads to the presentation of key aspects of the SCIM, and provides solutions that explain how it should interact with service capabilities, manage undesirable interactions and factor user and network operator policies into its execution model. A modified design of the IMS service layer that embeds the SCIM is subsequently presented and described. The design uses existing IMS protocols and requires no change in the behaviour of the standard IMS entities. In order to develop a testbed for experimental verification of the design, the identification of suitable software platforms was required. This thesis presents some of the most popular platforms currently used by developers such as the Open IMS Core and OpenSER, as well as an open source, Java-based, multimedia communication platform called Mobicents. As a precursor to the development of the SCIM, a converged multimedia service is presented that describes how a video streaming application that is leveraged by a web portal was implemented for an IMS testbed using Mobicents components. The Mobicents SIP Servlets container was subsequently used to model an initial prototype of the SCIM, using a mUlti-component telephony service to illustrate the proposed service execution model. The design focuses on SIP-based services only, but should also work for other types of IMS application servers as well. Internet Protocol multimedia subsystem Long-Term Evolution (Telecommunications) Wireless communication systems Multimedia communications
36	LEVERAGING INTERNET PROTOCOL (IP) NETWORKS TO TRANSPORT MULTI-RATE SERIAL DATA STREAMS Heath, Doug, Polluconi, Marty, Samad, Flora 10 1900 (has links) ITC/USA 2006 Conference Proceedings / The Forty-Second Annual International Telemetering Conference and Technical Exhibition / October 23-26, 2006 / Town and Country Resort & Convention Center, San Diego, California / As the rates and numbers of serial telemetry data streams increase, the cost of timely, efficient and robust distribution of those streams increases faster. Without alternatives to traditional pointto- point serial distribution, the complexity of the infrastructure will soon overwhelm potential benefits of the increased stream counts and rates. Utilization of multiplexing algorithms in Field- Programmable Gate Arrays (FPGA), coupled with universally available Internet Protocol (IP) switching technology, provides a low-latency, time-data correlated multi-stream distribution solution. This implementation has yielded zero error IP transport and regeneration of multiple serial streams, maintaining stream to stream skew of less than 10 nsec, with end-to-end latency contribution of less than 15 msec. Adoption of this technique as a drop-in solution can greatly reduce the costs and complexities of maintaining pace with the changing serial telemetry community. Multiplexing Telemetry Field-Programmable Gate Array Internet Protocol low-latency timedata correlation
37	MPLS-based recovery Müller, Karen E 12 1900 (has links) Thesis (MSc)--Stellenbosch University, 2003. / ENGLISH ABSTRACT: MPLS-based recovery is intended to effect rapid and complete restoration of traffic affected by a fault in a Multiprotocol Label Switching (MPLS) network. Two MPLS-based recovery models have been proposed: lP re-routing which establishes recovery paths on demand, and protection switching which works with pre-established recovery paths. lP re-routing is robust and frugal since no resources are pre-committed but it is inherently slower than protection switching which is intended to offer high reliability to premium services where fault recovery takes place at the 100 ms time scale. This thesis presents an overview of various recovery techniques and addresses the problem of how to find an in some sense optimal set of pre-established traffic engineered recovery paths, given a network with link capacities and traffic demands. We present and motivate our choice of a nonlinear objective function and optimization method for finding traffic engineered working and recovery paths. A variant of the flow deviation method is used to find and capacitate a set of optimal label switched paths. We present and evaluate two simple methods for computing a set of pre-established traffic engineered recovery paths by using the flow deviation method. / AFRIKAANSE OPSOMMING: MPLS-gebaseerde herstel is daarop gemik om verkeer wat deur 'n fout in 'n Multiprotokol Etiketwisseling (Multiprotocol Label Switching) (MPLS) netwerk geaffekteer is, vinnig en volledig te herstel. Twee MPLS-gebaseerde herstelmodelle is voorgestel: Internetprotokol-herroetering (lP rerouting) wat herstelpaaie op aanvraag tot stand bring, en beskermingsoorskakeling (protection switching) wat met voorafbeplande herstelpaaie werk. IP-herroetering is robuust en voordelig aangesien geen netwerkbronne vooraf gereserveer word nie, maar dit is inherent stadiger as beskermingsoorskakeling wat veronderstel is om 'n hoë graad van betroubaarheid aan belangrike dienste te bied waar die herstel van foute in die 100 ms tydskaal plaasvind. Hierdie tesis verskaf 'n oorsig oor verskeie hersteltegnieke en ondersoek die probleem hoe om 'n optimale versameling van voorafbeplande herstelpaaie te vind, gegee 'n netwerk met skakelkapasiteite (link capacities) en verwagte netwerkverkeer. Ons stel voor en motiveer ons keuse van 'n nie-lineêre objekfunksie en optimeringsmetode om verkeersontwerpde (traffic engineered) aktiewe en herstelpaaie te vind. 'n Variant van die vloeideviasie (flow deviation)-metode word gebruik om 'n optimale versameling van etiketwisseling (label switched) paaie te vind en om 'n optimale hoeveelheid kapasiteit aan die paaie toe te ken. Ons stel voor en evalueer twee eenvoudige metodes om 'n versameling van optimale voorafbeplande herstelpaaie te bereken deur die vloeideviasie-metode toe te pas. IP recovery techniques Internet Protocol (IP) Protection switching Multiprotocol Label Switching (MPLS) IP re-routing
38	RIPCom – A REMOTE INTERNET PROTOCOL COMMUNICATION SYSTEM Lawson, Shawn, Brentzel, Kelvin, Harris, Carol, Coronado, Patrick, Pasciuto, Michael, Greenfield, Paul, Zajkowski, Thomas 10 1900 (has links) International Telemetering Conference Proceedings / October 20-23, 2003 / Riviera Hotel and Convention Center, Las Vegas, Nevada / NASA Goddard Space Flight Center (GSFC) is developing the Remote Internet Protocol Communication (RIPCom) system, which is a wireless communication system that makes an aircraft look like a network node in the sky. RIPCom provides an Ethernet to Radio Frequency (RF) connection solution for real-time data transmission, and its design allows the end points of the communication system to become nodes on a network with assigned IP addresses. RIPCom’s design is especially suitable for Unmanned Aerial Vehicle (UAV) applications, and its versatility makes it valuable for many systems that require a high speed, digital wireless network. Wireless Communication System Fire Monitoring Remote Internet Protocol Unmanned Aerial Vehicle
39	PROTOCOL LAYERING Grebe, David L. 10 1900 (has links) International Telemetering Conference Proceedings / October 21, 2002 / Town & Country Hotel and Conference Center, San Diego, California / The advent of COTS based network-centric data systems brings a whole new vocabulary into the realm of instrumentation. The Communications and computer industries have developed networks to a high level and they continue to evolve. One of the basic techniques that has proven itself useful with this technology is the use of a “layered architecture.” This paper is an attempt to discuss the basic ideas behind this concept and to give some understanding of the vocabulary that has grown up with it. Layered Protocol Protocol Stack Transmission Control Protocol (TCP) User Datagram Protocol (UDP) Internet Protocol (IP)
40	Measuring Effectiveness of Address Schemes for AS-level Graphs Zhuang, Yinfang 01 January 2012 (has links) This dissertation presents measures of efficiency and locality for Internet addressing schemes. Historically speaking, many issues, faced by the Internet, have been solved just in time, to make the Internet just work~\cite{justWork}. Consensus, however, has been reached that today's Internet routing and addressing system is facing serious scaling problems: multi-homing which causes finer granularity of routing policies and finer control to realize various traffic engineering requirements, an increased demand for provider-independent prefix allocations which injects unaggregatable prefixes into the Default Free Zone (DFZ) routing table, and ever-increasing Internet user population and mobile edge devices. As a result, the DFZ routing table is again growing at an exponential rate. Hierarchical, topology-based addressing has long been considered crucial to routing and forwarding scalability. Recently, however, a number of research efforts are considering alternatives to this traditional approach. With the goal of informing such research, we investigated the efficiency of address assignment in the existing (IPv4) Internet. In particular, we ask the question: ``how can we measure the locality of an address scheme given an input AS-level graph?'' To do so, we first define a notion of efficiency or locality based on the average number of bit-hops required to advertize all prefixes in the Internet. In order to quantify how far from ``optimal" the current Internet is, we assign prefixes to ASes ``from scratch" in a manner that preserves observed semantics, using three increasingly strict definitions of equivalence. Next we propose another metric that in some sense quantifies the ``efficiency" of the labeling and is independent of forwarding/routing mechanisms. We validate the effectiveness of the metric by applying it to a series of address schemes with increasing randomness given an input AS-level graph. After that we apply the metric to the current Internet address scheme across years and compare the results with those of compact routing schemes. Border Gateway Protocol Autonomous System Internet Protocol Entropy Compact Routing Hyperbolic Geometry Digital Communications and Networking

Search results