Catálogo de publicaciones - libros

With the evolution of the Internet from a controlled research network to a worldwide social and economic platform, the initial assumptions regarding stakeholder cooperative behavior are no longer valid. Conflicts have emerged in situations where there are opposing interests. Previous work in the literature has termed these conflicts tussles. This article presents the research of the SESERV project, which develops a methodology to investigate such tussles and is carrying out a survey of tussles identified within the research projects funded under the Future Networks topic of the FP7. Selected tussles covering both social and economic aspects are analyzed also in this article.

Several new architectures have been recently proposed to replace the Internet Protocol Suite with a data-centric or publish/subscribe (pub/sub) network layer waist for the Internet. The clean-slate design makes it possible to take into account issues in the current Internet, such as unwanted traffic, from the start. If these new proposals are ever deployed as part of the public Internet as an essential building block of the infrastructure, they must be able to operate in a hostile environment, where a large number of users are assumed to collude against the network and other users. In this paper we present a security design through the network stack for a data-centric pub/sub architecture that achieves availability, information integrity, and allows application-specific security policies while remaining scalable. We analyse the solution and examine the minimal trust assumptions between the stakeholders in the system to guarantee the security properties advertised.

In this paper we analyze the need and the opportunity for establishing a discipline for engineering secure Future Internet Services, typically based on research in the areas of software engineering, of service engineering and security engineering. Generic solutions that ignore the characteristics of Future Internet services will fail, yet it seems obvious to build on best practices and results that have emerged from various research communities.

The paper sketches various lines of research and strands within each line to illustrate the needs and to sketch a community wide research plan. It will be essential to integrate various activities that need to be addressed in the scope of secure service engineering into comprehensive software and service life cycle support. Such a life cycle support must deliver assurance to the stakeholders and enable risk and cost management for the business stakeholders in particular. The paper should be considered a call for contribution to any researcher in the related sub domains in order to jointly enable the security and trustworthiness of Future Internet services.

Service designers and developers, while striving to meet the requirements posed by application scenarios, have a hard time to assess the trust and security impact of an option, a minor change, a combination of functionalities, etc., due to the subtle and unforeseeable situations and behaviors that can arise from this panoply of choices. This often results in the release of flawed products to end-users. This issue can be significantly mitigated by empowering designers and developers with tools that offer easy to use graphical interfaces and notations, while employing established verification techniques to efficiently tackle industrial-size problems. The formal verification of trust and security of the Internet of Services will significantly boost its development and public acceptance.

Cloud computing is a new service delivery paradigm that aims to provide standardized services with self-service, pay-per-use, and seemingly unlimited scalability. This paradigm can be implemented on multiple service levels (infrastructures, run-time platform, or actual Software as a Service). They are are expected to be an important component in the future Internet.

This article introduces upcoming security challenges for cloud services such as multi-tenancy, transparency and establishing trust into correct operation, and security interoperability. For each of these challenges, we introduce existing concepts to mitigate these risks and survey related research in these areas.

The increasing collection of private information from individuals is becoming a very sensitive issue for citizens, organizations, and regulators. Laws and regulations are evolving and new ones are continuously cropping up in order to try to control the terms of usage of these collected data, but generally not providing a real efficient solution. Technical solutions are missing to help and support the legislator, the data owners and the data collectors to verify the compliance of the data usage conditions with the regulations. Recent studies address these issues by proposing a policy-based framework to express data handling conditions and enforce the restrictions and obligations related to the data usage. In this paper, we first review recent research findings in this area, outlining the current challenges. In the second part of the paper, we propose a new perspective on how the users can control and visualize the use of their data stored in a remote server or in the cloud. We introduce a trusted event handler and a trusted obligation engine, which monitors and informs the user on the compliance with a previously agreed privacy policy.

Panlab is a Future Internet initiative which integrates distributed facilities in a federated manner. Panlab framework provides the infrastructure and architectural components that enable testing applications near production environments over a heterogeneous pool of resources. This paper presents a use case where an adaptive resource allocation algorithm was tested utilizing Panlab’s infrastructure. Implementation details are given in terms of building a RUBiS testbed that provides all the required resources. Moreover, this experiment needs to directly request, monitor and manage resources that it uses during the experiment. As a result of this use case a new feature for Panlab was developed called Federation Computing Interface (FCI) API which enables applications to access resources during an experiment.

The Internet today consist of many heterogeneous infrastructures, owned and maintained by separate and potentially competing administrative authorities. On top of this a wide variety of applications has different requirements with regard to quality, reliability and security from the underlying networks. The number of stakeholders who participate in provisioning of network and services is growing. More demanding applications (like eGovernment, eHealth, critical and emergency infrastructures) are on the rise. Therefore we assume that these two basic characteristics, a) multiple authorities and b) applications with very diverse demands, are likely to stay or even increase in the Internet of the future. In such an environment and of resources are key features that should be supported in a future Internet. The ability to form slices across domains that meet application specific requirements enables many of the desired features in future networks.

In this paper, we present a Multipath Routing Slice experiment that we performed over multiple federated testbeds. We combined capabilities from different experimental facilities, since one single testbed did not offer all the required capabilities. This paper summarizes the conducted experiment, our experience with the usability of federated testbeds and our experience with the use of advanced measurement technologies within experimental facilities. We believe that this experiment provides a good example use case for the future Internet itself because we assume that the Internet will consist of multiple different infrastructures that have to be combined in application specific overlays or routing slices, very much like the experimental facilities we used in this experiment. We also assume that the growing demands will push towards a much better measurement instrumentation of the future Internet. The tools used in our experiment can provide a starting point for this.

Federated testbeds aim at interconnecting experimental facilities to provide a larger-scale, more diverse and higher performance platform for accomplishing tests and experiments for future Internet new paradigms. In this work the Panlab experimental facilities and specifically the Octopus network testbed has been used in order to experiment on the improvement of QoS features by using the Self-NET software for self-management over a WiMAX network environment. The monitoring and configuration capabilities that different administrative domains provide has been exploited in order to test network and service layers cooperation for more efficient end-to-end self-management. The performance results from the experiments that have been performed prove that the proposed self-management solution and the mechanisms for the selection of the appropriate network or service level adaptation improve end-to-end behaviour and QoS features.

The work examines perspectives from the inclusion of the autonomicity and self-manageability features in the scope of Future Internet’s (FI) deployment. Apart from the strategic importance for further evolution, we also discuss some major future challenges among which is the option for an effective network management (NM), as FI should possess a considerably enhanced network manageability capability. We examine a new network manageability paradigm that allows network elements (NEs) to: be autonomously interrelated/controlled; be dynamically adapted to changing environments, and; learn the desired behaviour over time, based on the original context of the Self-NET research project effort. As self-organizing and self-managing systems have a considerable market impact, we identify benefits for all market actors involved. In addition, we incorporate some recent, but very promising experimental findings, mainly based on the context of a specific use-case for network coverage and capacity optimization, highlighting the way towards developing specific NM-related solutions, able to be adopted by the real market sector. We conclude with some essential arising issues.