Managing Next Generation Networks (NGNs) based on the Service-Oriented Architechture (SOA). Design, Development and testing of a message-based Network Management platform for the integration of heterogeneous management systems.

Kotsopoulos, Konstantinos

January 2010

Next Generation Networks (NGNs) aim to provide a unified network infrastructure to offer multimedia data and telecommunication services through IP convergence. NGNs utilize multiple broadband, QoS-enabled transport technologies, creating a converged packet-switched network infrastructure, where service-related functions are separated from the transport functions. This requires significant changes in the way how networks are managed to handle the complexity and heterogeneity of NGNs. This thesis proposes a Service Oriented Architecture (SOA) based management framework that integrates heterogeneous management systems in a loose coupling manner. The key benefit of the proposed management architecture is the reduction of the complexity through service and data integration. A network management middleware layer that merges low level management functionality with higher level management operations to resolve the problem of heterogeneity was proposed. A prototype was implemented using Web Services and a testbed was developed using trouble ticket systems as the management application to demonstrate the functionality of the proposed framework. Test results show the correcting functioning of the system. It also concludes that the proposed framework fulfils the principles behind the SOA philosophy.

Next Generation Networks (NGNs)

Management framework

Service Oriented Architecture (SOA)

Middleware

Web Services

Uma proposta de integração das redes UMTS e IEEE 802.11 com suporte a mobilidade / A proposal of integration of the nets UMTS and IEEE 802,11 with support mobility

Nogueira, Antonia Diana Braga

January 2007

NOGUEIRA, Antonia Diana Braga. Uma proposta de integração das redes UMTS e IEEE 802.11 com suporte a mobilidade. 2007. 112 f. Dissertação (Mestrado em ciência da computação)- Universidade Federal do Ceará, Fortaleza-CE, 2007. / Submitted by Elineudson Ribeiro (elineudsonr@gmail.com) on 2016-07-08T18:49:42Z No. of bitstreams: 1 2007_dis_adbnogueira.pdf: 13756193 bytes, checksum: bb4a338bd2622ad6f90479ce37824ccd (MD5) / Approved for entry into archive by Rocilda Sales (rocilda@ufc.br) on 2016-07-18T13:41:19Z (GMT) No. of bitstreams: 1 2007_dis_adbnogueira.pdf: 13756193 bytes, checksum: bb4a338bd2622ad6f90479ce37824ccd (MD5) / Made available in DSpace on 2016-07-18T13:41:19Z (GMT). No. of bitstreams: 1 2007_dis_adbnogueira.pdf: 13756193 bytes, checksum: bb4a338bd2622ad6f90479ce37824ccd (MD5) Previous issue date: 2007 / Wireless Local Area Networks (WLANs) IEEE 802.11 reach relatively high data transmission rates when compared to other wireless networks, such as Bluetooth. These high data transmission rates have gained attention from the cellular networks operators, which have been considering IEEE 802.11 networks as a complement to their access networks. This interoperability between cellular systems and WLANs has been frequently discussed in the literature. For example, 3GPP (Third Generation Partnership Project) has defined six levels for the complete integration of the third generation cellular networks and WLANs. However, the mobility support has not been specified yet, which is necessary to make feasible voice and data transmission transparence for the final users. Thus, this work presents two approaches for the mobility management of the integration between UMTS and IEEE 802.11 networks: the first one is based on SIP (Session Initiation Protocol), and the other one is based on MIPv6 (Mobile IP version 6). This proposal extends the Loose Interworking architecture and uses the fourth level of the 3GPP specification. First, these approaches are modeled using sequence diagrams and, then, they are mapped to the SDL (Specification and Description Language) formal description technique. SDL, which is largely used to formally specify telecommunications systems, presents simulation and validation procedures that are applied to evaluate the specification and, consequently, the proposed approaches. / As redes locais sem fio (Wireless Local Area Networks - WLANs) IEEE 802.11 atingem taxas de transmissão de dados relativamente altas quando comparadas `a outras redes sem fio, por exemplo, Bluetooth. Essas altas taxas de transmissãao têm interessado as operadoras de redes celulares, as quais começam a ver as redes IEEE 802.11 como um complemento as suas redes de acesso. Esta interoperabilidade entre sistemas celulares e WLANs tem sido um tema bastante discutido na literatura. Por exemplo, o 3GPP (Third Generation Partnership Project) define seis n´ıveis para a total integração das redes celulares de terceira geração com as redes locais sem fio. No entanto, a integração com suporte a mobilidade ainda não foi especificada, o que é necessário para viabilizar a transparência de transmissão de voz e dados para os usuários finais. Esta dissertação apresenta então duas abordagens para o gerenciamento de mobilidade na integração do sistema 3G UMTS com as redes IEEE 802.11: uma baseada no SIP (Session Initiation Protocol ) e a outra no MIP versão 6 (Mobile IP version 6 - MIPv6). A proposta estende a arquitetura Loose Interworking e utiliza os requisitos do nível 4 do 3GPP. Para especificar a proposta, as abordagens de integração das redes UMTS e IEEE 802.11 foram modeladas em diagramas de seqüência e, em seguida, mapeadas para a técnica de descrição formal SDL (Specification and Description Language). SDL, que é bastante utilizada para especificar formalmente sistemas de telecomunicações, apresenta procedimentos de simulação e validação que são aplicados para avaliar a especificação e, em conseqüência, as abordagens propostas.

Ciência da computação

Uma proposta de integração das redes UMTS e IEEE 802.11 com suporte a mobilidade / A proposal of integration of the nets UMTS and IEEE 802,11 with support mobility

Nogueira, Antonia Diana Braga

January 2007

NOGUEIRA, Antonia Diana Braga. Uma proposta de integração das redes UMTS e IEEE 802.11 com suporte a mobilidade. 2007. 91 f. : Dissertação (mestrado) - Universidade Federal do Ceará, Centro de Ciências, Departamento de Computação, Fortaleza-CE, 2007. / Submitted by guaracy araujo (guaraa3355@gmail.com) on 2016-05-30T19:51:57Z No. of bitstreams: 1 2007_dis_adbnogueira.pdf: 13756193 bytes, checksum: bb4a338bd2622ad6f90479ce37824ccd (MD5) / Approved for entry into archive by guaracy araujo (guaraa3355@gmail.com) on 2016-05-30T19:52:27Z (GMT) No. of bitstreams: 1 2007_dis_adbnogueira.pdf: 13756193 bytes, checksum: bb4a338bd2622ad6f90479ce37824ccd (MD5) / Made available in DSpace on 2016-05-30T19:52:27Z (GMT). No. of bitstreams: 1 2007_dis_adbnogueira.pdf: 13756193 bytes, checksum: bb4a338bd2622ad6f90479ce37824ccd (MD5) Previous issue date: 2007 / Wireless Local Area Networks (WLANs) IEEE 802.11 reach relatively high data transmission rates when compared to other wireless networks, such as Bluetooth. These high data transmission rates have gained attention from the cellular networks operators, which have been considering IEEE 802.11 networks as a complement to their access networks. This interoperability between cellular systems and WLANs has been frequently discussed in the literature. For example, 3GPP (Third Generation Partnership Project) has defined six levels for the complete integration of the third generation cellular networks and WLANs. However, the mobility support has not been specified yet, which is necessary to make feasible voice and data transmission transparence for the final users. Thus, this work presents two approaches for the mobility management of the integration between UMTS and IEEE 802.11 networks: the first one is based on SIP (Session Initiation Protocol), and the other one is based on MIPv6 (Mobile IP version 6). This proposal extends the Loose Interworking architecture and uses the fourth level of the 3GPP specification. First, these approaches are modeled using sequence diagrams and, then, they are mapped to the SDL (Specification and Description Language) formal description technique. SDL, which is largely used to formally specify telecommunications systems, presents simulation and validation procedures that are applied to evaluate the specification and, consequently, the proposed approaches. / As redes locais sem fio (Wireless Local Area Networks - WLANs) IEEE 802.11 atingem taxas de transmissão de dados relativamente altas quando comparadas `a outras redes sem fio, por exemplo, Bluetooth. Essas altas taxas de transmissãao têm interessado as operadoras de redes celulares, as quais começam a ver as redes IEEE 802.11 como um complemento as suas redes de acesso. Esta interoperabilidade entre sistemas celulares e WLANs tem sido um tema bastante discutido na literatura. Por exemplo, o 3GPP (Third Generation Partnership Project) define seis n´ıveis para a total integração das redes celulares de terceira geração com as redes locais sem fio. No entanto, a integração com suporte a mobilidade ainda não foi especificada, o que é necessário para viabilizar a transparência de transmissão de voz e dados para os usuários finais. Esta dissertação apresenta então duas abordagens para o gerenciamento de mobilidade na integração do sistema 3G UMTS com as redes IEEE 802.11: uma baseada no SIP (Session Initiation Protocol ) e a outra no MIP versão 6 (Mobile IP version 6 - MIPv6). A proposta estende a arquitetura Loose Interworking e utiliza os requisitos do nível 4 do 3GPP. Para especificar a proposta, as abordagens de integração das redes UMTS e IEEE 802.11 foram modeladas em diagramas de seqüência e, em seguida, mapeadas para a técnica de descrição formal SDL (Specification and Description Language). SDL, que é bastante utilizada para especificar formalmente sistemas de telecomunicações, apresenta procedimentos de simulação e validação que são aplicados para avaliar a especificação e, em conseqüência, as abordagens propostas.

Ciência da Computação

Uma proposta de integraÃÃo das redes UMTS e IEEE 802.11 com suporte a mobilidade / A proposal of integration of the nets UMTS and IEEE 802,11 with support mobility

Antonia Diana Braga Nogueira

24 August 2007

Conselho Nacional de Desenvolvimento CientÃfico e TecnolÃgico / As redes locais sem fio (Wireless Local Area Networks - WLANs) IEEE 802.11 atingem taxas de transmissÃo de dados relativamente altas quando comparadas `a outras redes sem fio, por exemplo, Bluetooth. Essas altas taxas de transmissÃao tÃm interessado as operadoras de redes celulares, as quais comeÃam a ver as redes IEEE 802.11 como um complemento as suas redes de acesso. Esta interoperabilidade entre sistemas celulares e WLANs tem sido um tema bastante discutido na literatura. Por exemplo, o 3GPP (Third Generation Partnership Project) define seis nÂıveis para a total integraÃÃo das redes celulares de terceira geraÃÃo com as redes locais sem fio. No entanto, a integraÃÃo com suporte a mobilidade ainda nÃo foi especificada, o que à necessÃrio para viabilizar a transparÃncia de transmissÃo de voz e dados para os usuÃrios finais. Esta dissertaÃÃo apresenta entÃo duas abordagens para o gerenciamento de mobilidade na integraÃÃo do sistema 3G UMTS com as redes IEEE 802.11: uma baseada no SIP (Session Initiation Protocol ) e a outra no MIP versÃo 6 (Mobile IP version 6 - MIPv6). A proposta estende a arquitetura Loose Interworking e utiliza os requisitos do nÃvel 4 do 3GPP. Para especificar a proposta, as abordagens de integraÃÃo das redes UMTS e IEEE 802.11 foram modeladas em diagramas de seqÃÃncia e, em seguida, mapeadas para a tÃcnica de descriÃÃo formal SDL (Specification and Description Language). SDL, que à bastante utilizada para especificar formalmente sistemas de telecomunicaÃÃes, apresenta procedimentos de simulaÃÃo e validaÃÃo que sÃo aplicados para avaliar a especificaÃÃo e, em conseqÃÃncia, as abordagens propostas. / Wireless Local Area Networks (WLANs) IEEE 802.11 reach relatively high data transmission rates when compared to other wireless networks, such as Bluetooth. These high data transmission rates have gained attention from the cellular networks operators, which have been considering IEEE 802.11 networks as a complement to their access networks. This interoperability between cellular systems and WLANs has been frequently discussed in the literature. For example, 3GPP (Third Generation Partnership Project) has defined six levels for the complete integration of the third generation cellular networks and WLANs. However, the mobility support has not been specified yet, which is necessary to make feasible voice and data transmission transparence for the final users. Thus, this work presents two approaches for the mobility management of the integration between UMTS and IEEE 802.11 networks: the first one is based on SIP (Session Initiation Protocol), and the other one is based on MIPv6 (Mobile IP version 6). This proposal extends the Loose Interworking architecture and uses the fourth level of the 3GPP specification. First, these approaches are modeled using sequence diagrams and, then, they are mapped to the SDL (Specification and Description Language) formal description technique. SDL, which is largely used to formally specify telecommunications systems, presents simulation and validation procedures that are applied to evaluate the specification and, consequently, the proposed approaches.

CIENCIA DA COMPUTACAO

Framework for automated functional tests within value-added service environments

Wacht, Patrick

January 2016

Recent years have witnessed that standard telecommunication services evolved more and more to next generation value-added services. This fact is accompanied by a change of service characteristics as new services are designed to fulfil the customer’s demands instead of just focussing on technologies and protocols. These demands can be very specific and, therefore, diverse potential service functionalities have to be considered by the service providers. To make matters worse for service providers, a fast transition from concept to market product and low price of a new service is required due to the increasing competition in the telecommunication industry. Therefore, effective test solutions need to be developed that can be integrated in current value-added service development life-cycles. Besides, these solutions should support the involvement of all participating stakeholders such as the service provider, the test developers as well as the service developers, and, in order to consider an agile approach, also the service customer. This thesis proposes a novel framework for functional testing that is based on a new sort of description language for value-added services (Service Test Description). Based on instances of the Service Test Description, sets of reusable test components described by means of an applied Statecharts notation are automatically selected and composed to so-called behaviour models. From the behaviour models, abstract test cases can be automatically generated which are then transformed to TTCN-3 test cases and then assembled to an Executable Test Suite. Within a TTCN-3 test system, the Executable Test Suite can be executed against the corresponding value-added service referred to as System Under Test. One benefit of the proposed framework is its application within standard development life-cycles. Therefore, the thesis presents a methodology that considers both service development and test development as parallel tasks and foresees procedures to synchronise the tasks and to allow an agile approach with customer involvement. The novel framework is validated through a proof-of-concept working prototype. Example value-added services have been chosen to illustrate the whole process from compiling instances of the Service Test Description until the execution of automated tests. Overall, this thesis presents a novel solution for service providers to improve the quality of their provided value-added services through automated functional testing procedures. It enables the early involvement of the customers into the service development life-cycle and also helps test developers and service developers to collaborate.

384.5

Handover vertical em redes NGN: integrando a sinalização do domínio de comutação de circuitos e o IMS. / Sem título em inglês

Campacci, Rodrigo Bellotto

18 April 2008

Este trabalho visa estudar e implementar a integração entre o domínio de comutação de circuitos e o IP Multimedia Subsystem (IMS) para suportar handovers verticais, ou seja, entre redes de acesso distintas, por exemplo, Global System for Mobile communications (GSM) e WiFi, em especial no Serviço Voice Call Continuity (VCC). Entretanto muito pouco é especificado sobre a integração entre os domínios nas normas das diversas entidades de padronização que tratam sobre o assunto. Assim, apresenta-se uma proposta para essa integração, criando-se uma nova entidade funcional para realizá-la, o Call Data Storage Function (CDSF), que interage com os demais módulos do Serviço VCC e garante que algumas informações que devem ser trocadas entre os módulos não sejam perdidas, devido à conversão de protocolos de sinalização na interface entre tais domínios. O CDSF auxilia também no controle da alocação de endereços de referência utilizados no encaminhamento de chamadas de um domínio para o outro. São definidos os protocolos de acesso ao CDSF, bem como os métodos disponíveis. Em sua concepção, recorre-se a uma modelagem modular, que permite futuras melhorias, apenas por troca de módulos. Como estudos de caso para validar a proposta são apresentados cenários de chamadas que utilizam o Serviço VCC, passando pelo CDSF. Por fim, conclui-se que a integração entre os domínios é viável se a proposta deste trabalho for utilizada. Também se demonstra que a separação dos planos de controle dos planos de dados (de usuário) é uma das contribuições fundamentais da arquitetura NGN para o sucesso de suas implementações, como por exemplo o IMS.Além disso, destacam-se as vantagens que o Serviço VCC pode agregar ao IMS, contribuindo para sua adesão em menor prazo pelas operadoras de telecomunicações, dado que esse serviço contribui para a integração de redes, cada vez mais convergentes, agregando mobilidade e continuidade à sua utilização. / This work intends to study and implement the integration between the circuit switching domain and the IP Multimedia Subsystem (IMS) to support vertical handovers that are between different access networks, such as Global System for Mobile communications (GSM) and WiFi. Therefore the specifications are incomplete about this topic in standards from the entities who works with this subject. Then, is presented a new proposal for this integration: a new functional entity to realize this integration: the Call Data Storage Function (CDSF), which interacts with other modules of VCC Service and guarantees that some information shared between modules are not lost, due to conversion of signalling protocols in the interface between domains. Besides that, CDSF helps in the control of allocation of reference address that are used to route calls from one domain to another. Access protocols to CDSF are defined and CDSF methods are exposed. The CDSF design uses a modular approach, which allows future improvements, just changing modules. As case studies to validate this work proposal, call scenarios are presented that uses the VCC Service, using CDSF. Finally, it is concluded that the integration between domains is viable if this work proposal is used. It is presented, as well, that the separation between control plans and data plans is one of the main contributions of NGN architecture to the success of its implementations, like IMS. Furthermore, it is exposed the advantages that VCC Service can aggregate to IMS, contributing for more rapidly adoption by telecommunications operators, considering that this service helps the networks integration, adding convergence, mobility and continuity.

Handover

Handover

IMS (IP Multimedia Subsystem)

NGN (Next Generation Networks)

Redes multimídia

Telefonia móvel

VCC (Voice Call Continuity)

Handover vertical em redes NGN: integrando a sinalização do domínio de comutação de circuitos e o IMS. / Sem título em inglês

Rodrigo Bellotto Campacci

18 April 2008

Este trabalho visa estudar e implementar a integração entre o domínio de comutação de circuitos e o IP Multimedia Subsystem (IMS) para suportar handovers verticais, ou seja, entre redes de acesso distintas, por exemplo, Global System for Mobile communications (GSM) e WiFi, em especial no Serviço Voice Call Continuity (VCC). Entretanto muito pouco é especificado sobre a integração entre os domínios nas normas das diversas entidades de padronização que tratam sobre o assunto. Assim, apresenta-se uma proposta para essa integração, criando-se uma nova entidade funcional para realizá-la, o Call Data Storage Function (CDSF), que interage com os demais módulos do Serviço VCC e garante que algumas informações que devem ser trocadas entre os módulos não sejam perdidas, devido à conversão de protocolos de sinalização na interface entre tais domínios. O CDSF auxilia também no controle da alocação de endereços de referência utilizados no encaminhamento de chamadas de um domínio para o outro. São definidos os protocolos de acesso ao CDSF, bem como os métodos disponíveis. Em sua concepção, recorre-se a uma modelagem modular, que permite futuras melhorias, apenas por troca de módulos. Como estudos de caso para validar a proposta são apresentados cenários de chamadas que utilizam o Serviço VCC, passando pelo CDSF. Por fim, conclui-se que a integração entre os domínios é viável se a proposta deste trabalho for utilizada. Também se demonstra que a separação dos planos de controle dos planos de dados (de usuário) é uma das contribuições fundamentais da arquitetura NGN para o sucesso de suas implementações, como por exemplo o IMS.Além disso, destacam-se as vantagens que o Serviço VCC pode agregar ao IMS, contribuindo para sua adesão em menor prazo pelas operadoras de telecomunicações, dado que esse serviço contribui para a integração de redes, cada vez mais convergentes, agregando mobilidade e continuidade à sua utilização. / This work intends to study and implement the integration between the circuit switching domain and the IP Multimedia Subsystem (IMS) to support vertical handovers that are between different access networks, such as Global System for Mobile communications (GSM) and WiFi. Therefore the specifications are incomplete about this topic in standards from the entities who works with this subject. Then, is presented a new proposal for this integration: a new functional entity to realize this integration: the Call Data Storage Function (CDSF), which interacts with other modules of VCC Service and guarantees that some information shared between modules are not lost, due to conversion of signalling protocols in the interface between domains. Besides that, CDSF helps in the control of allocation of reference address that are used to route calls from one domain to another. Access protocols to CDSF are defined and CDSF methods are exposed. The CDSF design uses a modular approach, which allows future improvements, just changing modules. As case studies to validate this work proposal, call scenarios are presented that uses the VCC Service, using CDSF. Finally, it is concluded that the integration between domains is viable if this work proposal is used. It is presented, as well, that the separation between control plans and data plans is one of the main contributions of NGN architecture to the success of its implementations, like IMS. Furthermore, it is exposed the advantages that VCC Service can aggregate to IMS, contributing for more rapidly adoption by telecommunications operators, considering that this service helps the networks integration, adding convergence, mobility and continuity.

Handover

Redes multimídia

Telefonia móvel

Handover

IMS (IP Multimedia Subsystem)

NGN (Next Generation Networks)

VCC (Voice Call Continuity)

Diseño de un sistema de control de acceso en redes heterogéneas con privacidad basado en Kerberos

Pereñíguez García, Fernando

26 May 2011

Esta tesis doctoral aborda el problema de la definición de movimientos rápidos sin interrupciones (seamless handoffs) en redes heterogéneas de próxima generación (NGNs) mediante definición de un proceso de distribución de claves seguro, que habilite un proceso de re-autenticación rápida a la vez que un acceso autenticado anónimo y que no se pueda trazar. Concretamente, el sistema de control de acceso desarrollado ofrece un conjunto de características que, hasta la fecha, no han confluido en una misma solución: (1) aplicable a las futuras redes NGN basadas en EAP; (2) reducción de la latencia introducida por el proceso de autenticación en entornos móviles, con independencia del tipo de handoff realizado por el usuario; (3) que el proceso cumpla fuertes requisitos de seguridad; (4) fácil despliegue en redes existentes; (5) compatibilidad con las actuales tecnologías estandarizadas; y (6) soporte de protección de privacidad del usuario. / This PhD thesis deals with the problem of defining fast movements without interruptions (seamless handoffs) in the next generation of heterogeneous networks. This objective is achieved through a secure key distribution process, which enables a fast re-authentication process providing both user anonymity and untraceability. The developed access control system offers a set of features not covered so far by a single solution: (1) applicable for EAP-based NGNs; (2) reduction of the authentication latency in mobile environments irrespective of the type of handoff performed by the user; (3) provision of strong security properties; (4) easy deployment in current networks; (5) compatibility with current standardized technologies; and (6) user privacy support.

Redes próxima generación

movilidad transparente

control de acceso

privacidad

EAP

Kerberos

Next generation networks

seamless mobility

network access control

privacy

Ingeniería Telemática

004

Μελέτη δικτύων επόμενης γενιάς και μοντελοποίησή τους στο περιβάλλον του OPNET

Παντελής, Ιάσων-Κωνσταντίνος

03 October 2011

Ο όρος ‘Δίκτυα Επόμενης Γενιάς’ αναφέρεται σε μελλοντικά δίκτυα πρωτοποριακής λογικής και δομής, προσανατολισμένα στην υποστήριξη σύγχρονων απαιτητικών εφαρμογών και στη βελτίωση της λειτουργικότητας της τερματικής συσκευής, όπως την αντιλαμβάνεται ο χρήστης. Πολύ σημαντικά στοιχεία της νέας τηλεπικοινωνιακής πραγματικότητας που επιφέρουν τα δίκτυα αυτά, και με τα οποία σχετίζεται άμεσα η παρούσα εργασία, είναι η διάθεση προώθησης της γενικευμένης κινητικότητας των ασύρματων χρηστών και η ενθάρρυνση της σύγκλισης επιμέρους τεχνολογιών διαφορετικών δικτύων και της δημιουργίας υβριδικών ετερογενών δικτύων, με στόχο την επίτευξη καλύτερης αξιοποίησης του φάσματος και βελτίωσης των ρυθμών μετάδοσης δεδομένων. Σκοπός της παρούσας διπλωματικής εργασίας είναι η παρουσίαση της δομής και των λειτουργιών των Δικτύων Επόμενης Γενιάς, καθώς και ορισμένων υπαρχόντων τύπων ασύρματων δικτύων, η συνεργασία των οποίων θα μπορούσε να προσφέρει τα επιθυμητά πλεονεκτήματα. Δύο τέτοια είδη δικτύων είναι το δίκτυο κινητής τηλεφωνίας UMTS και τα τοπικά δίκτυα τεχνολογίας WLAN, τα οποία εξετάζονται ενδελεχώς ως προς τα χαρακτηριστικά τους και, κυρίως, ως προς τους μηχανισμούς διευθέτησης της περιαγωγής των χρηστών. Περιλαμβάνεται επίσης μία περιγραφή της λειτουργίας του Mobile IP, πρωτοκόλλου που θεωρείται ιδιαίτερα χρήσιμο για τη διαχείριση της κινητικότητας χρηστών ανάμεσα σε περιοχές εξυπηρέτησης διαφορετικών δικτύων. Η εργασία καταλήγει στη μοντελοποίηση των παραπάνω συστημάτων σε περιβάλλον εξομοίωσης, επιδιώκοντας την αξιολόγηση της αποτελεσματικότητας του ενδεχόμενου συνδυασμού των συστημάτων UMTS και WLAN και της χρησιμότητας του Mobile IP. Το λογισμικό που χρησιμοποιείται γι’ αυτόν το σκοπό είναι το OPNET Modeler ®, ένα πρόγραμμα που αναδεικνύεται τα τελευταία χρόνια σε εργαλείο όλο και περισσότερο πολύτιμο, τόσο σε ερευνητικό όσο και σε επιχειρησιακό επίπεδο. / The term ‘Next Generation Networks’ refers to future networks of revolutionary concept and structure, oriented to the support of demanding applications and the upgrade of the terminal device’s functionality, as perceived by the user. Some very important aspects of the new telecommunications reality that is brought on by these networks, and to which this project is directly related, is the intention of promoting generalized mobility for the wireless users and the encouragement of the convergence of distinct network technologies and of the foundation of new hybrid heterogeneous networks, in order to achieve better spectrum utilization and improvement of data transmission rates. The purpose of the current diploma thesis project is to present the structure and the functions of the Next Generation Networks, as well as of some existing types of wireless networks, the cooperation of which could provide the desirable advantages. Two such network types are the UMTS mobile telephony network and the local networks of WLAN technology, that are examined thoroughly towards their characteristics and, foremost, towards their roaming arrangement mechanisms. Also included is a description of the operation of Mobile IP, a protocol that is considered particularly convenient for the management of users’ mobility between service areas of different networks. The project concludes to the modeling of the above mentioned systems in a simulation environment, aiming to evaluate the efficiency of the prospective combination of the UMTS and WLAN systems and the utility of Mobile IP. The software used for this purpose is OPNET Modeler ®, a program that has emerged during the last years as an increasingly valuable research and business tool.

Κινητικότητα

Σύγκλιση

Ασύρματα δίκτυα

Μοντελοποίηση

Προσομοίωση

004.6

Next generation networks

Mobility

Convergence

WLAN

Wi-Fi

Mobile IP

MIP

ROMIP

NGN

OPNET

MIPv4

UMTS

Σχεδίαση και υλοποίηση μηχανισμών ασφάλειας για διάχυτες υπηρεσίες υγείας πάνω σε δίκτυα επόμενης γενιάς

Μαντάς, Γεώργιος

01 October 2012

Στην παρούσα διατριβή προτείνονται Μηχανισμοί Ασφάλειας για την ανάπτυξη ασφαλών και αξιόπιστων διάχυτων υπηρεσιών υγείας πάνω σε Δίκτυα Επόμενης Γενιάς (Next Generation Networks – NGN). Οι προτεινόμενοι Μηχανισμοί Ασφάλειας έχουν ως στόχο να λειτουργήσουν προσθετικά στο επίπεδο ασφάλειας που προσφέρουν οι υπάρχοντες μηχανισμοί ασφάλειας που υποστηρίζονται από το NGN. Αυτό είναι αναγκαίο καθώς οι διάχυτες υπηρεσίες υγείας εμπεριέχουν ιδιαιτέρως ευαίσθητη πληροφορία. Επιπρόσθετα, στην παρούσα διατριβή προτείνεται ένα γενικό πλαίσιο εφαρμογής, το οποίο υποστηρίζει τους προτεινόμενους Μηχανισμούς Ασφάλειας, προκειμένου να επιτυγχάνεται γρήγορη και αποτελεσματική ανάπτυξη ασφαλών και αξιόπιστων διάχυτων υπηρεσιών υγείας πάνω σε NGN. Πιο συγκεκριμένα, το προτεινόμενο πλαίσιο βασίζεται στην αρχιτεκτονική του προτύπου ETSI/Parlay και επεκτείνει το σύνολο των Διεπαφών των Χαρακτηριστικών Ικανότητας Υπηρεσίας (Service Capability Features Interfaces – SCFs Interfaces) και το σύνολο των μηχανισμών που υποστηρίζει το Πλαίσιο ETSI/Parlay. Το προτεινόμενο πλαίσιο επεκτείνει το σύνολο των Διεπαφών των Χαρακτηριστικών Ικανότητας Υπηρεσίας προκειμένου αυτό να περιλαμβάνει όχι μόνο τις διεπαφές που σχετίζονται με τις υπηρεσίες του υποκείμενου δικτύου (NGN), αλλά και επιπλέον διεπαφές που δίνουν τη δυνατότητα σε διάχυτες υπηρεσίες υγείας να έχουν πρόσβαση σε ικανότητες επαίσθησης (sensing capabilities) δικτύων αισθητήρων που είναι υπεύθυνα για τη συλλογή πληροφορίας περιβάλλοντος καθώς και βιοπληροφορίας. Επίσης, το προτεινόμενο πλαίσιο επεκτείνει το σύνολο των μηχανισμών που υποστηρίζει το Πλαίσιο ETSI/Parlay προκειμένου να είναι δυνατή η παροχή σε διάχυτες υπηρεσίες υγείας όχι μόνο των βασικών μηχανισμών, που υποστηρίζονται από το προτυποποιημένο Πλαίσιο ETSI/Parlay, αλλά και των Μηχανισμών Δικτύων Αισθητήρων καθώς και των Μηχανισμών Ασφάλειας, οι οποίοι προτείνονται στην παρούσα διατριβή. Οι Μηχανισμοί Ασφάλειας, οι οποίοι προτείνονται, στοχεύουν στην παροχή ασφάλειας στα δεδομένα των τελικών χρηστών καθώς και στην ασφαλή πρόσβαση στις διάχυτες υπηρεσίες υγείας και στην ασφαλή χρήση τους. Πιο συγκεκριμένα, οι προτεινόμενοι Μηχανισμοί Ασφάλειας επικεντρώνονται στη διασφάλιση της εμπιστευτικότητας των δεδομένων, της ακεραιότητας των δεδομένων, της πιστοποίησης αυθεντικότητας καθώς και του ελέγχου πρόσβασης των οντοτήτων που συμμετέχουν σε διάχυτες υπηρεσίες υγείας. Για τη διασφάλιση της εμπιστευτικότητας των δεδομένων προτείνεται ένα γενικό σχήμα κρυπτογράφησης. Αυτό το σχήμα επιτρέπει το σχεδιασμό και την υλοποίηση ασφαλών εξατομικευμένων κρυπτογραφικών αλγορίθμων τμήματος για την κρυπτογράφηση δεδομένων διάχυτων υπηρεσιών υγείας, όπως οι ιατρικοί φάκελοι των ασθενών. Επίσης, προτείνεται ένας μηχανισμός για διασφάλιση της ακεραιότητας των δεδομένων για σύστημα ιατρικής τηλε-παρακολούθησης. Αυτό το σύστημα τηλε-παρακολούθησης λειτουργεί σε περιβάλλον έξυπνου σπιτιού και υποστηρίζει τη μεταφορά βιοσημάτων του ασθενή από τον ασθενή στη Μονάδα Παροχής Υπηρεσιών Υγείας. Επιπρόσθετα, προτείνονται δύο μηχανισμοί για διασφάλιση της πιστοποίησης αυθεντικότητας. Ο πρώτος μηχανισμός είναι ένας ευφυής μηχανισμός πιστοποίησης αυθεντικότητας για εφαρμογές e-Hospital πάνω σε WLAN μέσα σε νοσοκομείο. Ο δεύτερος μηχανισμός είναι ένας μηχανισμός συμφωνίας κλειδιού ομάδας και ανάκτησης σε ad hoc δίκτυα, που χρησιμοποιούνται κατά τη διαχείριση ιατρικών συμβάντων έκτακτης ανάγκης σε περιοχές στις οποίες δεν υπάρχει σταθερή τηλεπικοινωνιακή υποδομή. Τέλος, προτείνεται μία υποδομή PKI σε ένα ιατρικό δίκτυο μεγάλης κλίμακας που συνδέει ένα ευρύ φάσμα από Μονάδες Παροχής Υπηρεσιών Υγείας. Η προτεινόμενη υποδομή PKI εστιάζεται στη διασφάλιση της πιστοποίησης αυθεντικότητας και του ελέγχου πρόσβασης των επαγγελματιών του χώρου της υγείας που επιθυμούν να αποκτήσουν πρόσβαση σε υπηρεσίες που σχετίζονται με αυτούς καθώς και σε υπηρεσίες υγείας που σχετίζονται με τον ασθενή. / In this dissertation, Security Mechanisms are proposed for the development of secure and reliable pervasive healthcare services over Next Generation Networks (NGN). The proposed Security Mechanisms aim at increasing the security level provided by the existing security mechanisms supported by NGN. It is essential since pervasive healthcare services include extremely sensitive information. Furthermore, in this dissertation, a generic application framework is proposed supporting the proposed Security Mechanisms in order the rapid and efficient development of secure and reliable pervasive healthcare services over NGN to be achieved. In particular, the proposed framework is based on the ETSI/Parlay architecture and extends the set of the Service Capability Features Interfaces (SCFs Interfaces) as well as the set of mechanisms supported by the ETSI/Parlay Framework. The proposed framework extends the set of the SCFs Interfaces in order to integrate not only the interfaces related to the services of the underlying network (NGN), but also additional interfaces enabling pervasive healthcare services to access sensing capabilities of sensor networks which are responsible for gathering context and bio information. Moreover, the proposed framework extends the set of mechanisms supported by the ETSI/Parlay Framework to provide pervasive healthcare services not only with the basic mechanisms supported by the standardized ETSI/Parlay Framework, but also with the Sensor Networks Mechanisms and the Security Mechanisms proposed in this dissertation. The proposed Security Mechanisms aim at securing the end-user data as well as the access to the pervasive healthcare services and the use of them. In particular, the proposed Security Mechanisms focus on ensuring data confidentiality, data integrity, authentication and access control of entities participating in pervasive healthcare services. To ensure data confidentiality, a generic encryption schema is proposed. This schema enables the design and implementation of secure personalized block ciphers for encryption of data included in pervasive healthcare services such as patients’ medical records. Moreover, a data integrity mechanism for a tele-monitoring system is proposed. This tele-monitoring system operates in a smart home environment and supports transmission of patient’s biosignals from the patient to the Healthcare Center. Additionally, two authentication mechanisms are proposed. The first mechanism is an intelligent authentication mechanism for e-Hospital applications over WLAN in a hospital. The second mechanism is a group key agreement and recovery mechanism in ad hoc networks used for handling emergency medical incidents in areas without fixed telecommunications infrastructure. Finally, a PKI infrastructure in a large-scale healthcare network connecting a wide spectrum of Healthcare Centers is proposed. The proposed PKI infrastructure focuses on ensuring authentication and access control of healthcare professionals willing to access services related to them as well as healthcare services related to patient.

Πρότυπο ETSI/Parlay

Μηχανισμοί ασφάλειας

005.8

Pervasive healthcare services

Next generation networks

ETSI/Parlay standard

Security mechanisms