Catálogo de publicaciones - libros

JXTA is a Peer-to-Peer application development infrastructure that enables developers to easily create service oriented software. This paper presents a low-cost, patient-friendly JXTA-based healthcare system, which is comprised of medical sensor modules in conjunction with wireless communication technology. In particular, the proposed system supports a wide range of services including mobile telemedicine, patient monitoring, emergency management and information sharing between patients and doctors or among the healthcare workers involved. For this purpose, the proposed system provides not only a systematic computing environment between the BAN (Body Area Network) and the subsystem within the hospital, but also participates in a JXTA network with the BAN’s PDAs through peers called JXTA relays. Information within the hospital is shared under a P2P environment by means of JXTA grouping technology. The proposed system is shown to be adequate for a ubiquitous environment which offers effective service management as well as continuous, remote monitoring of the patient’s status.

Although all existing service discovery middlewares provide similar functionality, they are incompatible with one another due to differences in approach and architecture. We believe that co-existence of various service discovery middlewares will be indispensable since their target services and network environments are quite different to each other. Considering the future pervasive computing environment, the interoperability between them must be essential toward minimum user distraction under the heterogeneous systems. As the requirements of this interoperability system under these environment, complete translation, accommodation of changes of legacy middlewares, and simplicity of managing available services must be very important aspects. We propose a novel architecture which satisfies these requirements, using dynamic service proxy concept. While this concept provides various advantages, it has a notable drawback such that it needs to prepare many proxy codes per each service. To alleviate the load, we design and implement a Service Code Development Toolkit. We implemented a sample application and proposed architecture, and the results show that this architecture fully satisfies targeted design objectives.

Cooperation among nodes is a critical prerequisite for the success of the relaying ad-hoc networks. Providing incentives for mobile nodes to forward data packets for others has received increasing attention. In this paper, we propose a Quality of Relay (QoR)-based pricing scheme to determine the price of the feedback incentives for intermediate nodes based on the individual importance of each mobile node contributing to successful hop-by-hop connections. Simulation results indicate that the QoR-based pricing scheme results in higher service availability than the fixed-rate pricing scheme under different relationships between price of feedback and willingness of forwarding packets. Moreover, the proposed pricing scheme shifts incentives from the nodes of low importance to the nodes of high importance in the networks so that it enhances service availability with only a slight increase in relaying costs.

Many Researchers have tried to design mechanisms to resist Distributed Denial of Service(DDoS) attacks. Unfortunately, any of them has not been satisfactory. Recently, Yaar et al.[1] suggested Pi (short for Path Identifier) marking scheme as one of solutions to thwart DDoS attacks, which is fast and effective in dropping the false positive and negative packets from users and attackers. They make use of the IP Identification field of which length is 16 bits as marking section. Every router en-route to the victim marks 1-bit or 2-bits by wrapping method sequentially. The victim drops the false positive and negative packets according to the attack markings list. The performance of Pi is measured for marking bit size of 1 or 2 bits. This paper suggests the method to decide the marking bit size dynamically in accordance with the number of hop counts. The performance is quite improved, compared with the existing one.

Home network environments provide telemetering services through AMR (Automatic Meter Reading) systems. For households’ convienience, the AMR system automatically inspects gas, water, and electricity meters at the remote site. Since this telemetering information is associated with billing, it must be secure. So, it is necessary to design a security protocol for AMR systems. In this paper, we adapt discrete logarithm based multi-signcryption to an elliptic curve based multi-signcryption protocol, for the purpose of efficiency. And, we propose a secure mobile agent protocol for AMR systems using the elliptic curve based multi-signcryption. Our protocol efficiently provides user authentication, integrity and confidentiality of telemetering information.

We propose an efficient scheme called to digitally sign on real-time stream of which application especially requires multiple sessions. A typical scenario is that a source multicast multimedia contents over the Internet using several RTP/RTCP sessions. With a system using a previously proposed stream authentication scheme directly, both the computation and the transmission overhead are linearly increased in proportional to the number of sessions to be opened. This is mainly because existing schemes have only taken a single session into account. MDS is well suited for supporting data origin authentication efficiently in such a scenario.

The risk analysis system has a mechanism to evaluate and analysis the potential risk level in an organization IT system. To evaluate the Risk Level, it must be calculated the essential vulnerability that appear in various assets of organization, threats for these assets. These elements, vulnerabilities, threats and assets are the important factor to evaluate the risk level in an organization In this paper, we describe about design and implementation of a system using the practical risk analysis process that we propose. Furthermore we suggest the security countermeasure choice algorithm against the risk we found in an organization. Especially, The Security Countermeasure choice algorithm is implemented by using the Genetic-Algorithm restricted by some important factor. In this paper, we describe the design and implementation idea of the suggested genetic-algorithm module. Finally, We propose the main idea of the practical risk analysis process and the system using the risk analysis process that we propose in this paper.

The boundary of a distributed denial of service attack, one of the most threatening attacks in a wired network, now extends to wireless mobile networks, following the appearance of a DDoS attack tool targeted at mobile phones. Many protocols and architectures for mobile networks were designed without regard to the possibility of a DDoS attack. Moreover, the existing defense mechanisms against such attacks in a wired network are not effective in a wireless mobile network, because of differences in their characteristics. In this paper, we propose a fast defense mechanism against IP spoofing traffic for mobile networks. IP spoofing is one of the features of a DDoS attack against which it is most difficult to defend. Among the various mobile networks, we focus on the Network Mobility standard that is being established by the NEMO Working Group in the IETF. Our defense consists of the following five processes: speedy detection, filtering of attack packets, identification of attack agents, isolation of attack agents, and notification of neighboring routers. We simulated and analyzed the effects on normal traffic of moving attack agents, and the results of applying our defense to a mobile network. Our experimental results show that our mechanism provides a robust defense.

In this paper, we propose a global traffic control architecture to isolate network attacks from normal traffic in the backbone networks designed to serve normal traffic only. Unlike existing methods based on individual packets or flows, the proposed traffic control methods are operated on the aggregate traffic level, so the computational complexity can be significantly reduced, and they are applicable to develop a global defense architecture against attacks to network infra-structure. Experimental results show that the proposed scheme can detect the network attack symptoms very exactly and quickly, and protect the network resources as well as the normal traffic flows very efficiently.

In this paper, we propose an approach to transport layer mobility support leveraging the SCTP extension dubbed dynamic address reconfiguration. Timing issues related to the end-to-end address management, and a novel error recovery mechanism associated with a handover are discussed. The error recovery time of proposed mechanism is analyzed and compared to that of the plain SCTP for handover cases. Finally, through a series of simulations, the performance of the proposed SCTP enhancements over plain IPv6 is compared with the MIPv6 and its variants (i.e., HMIPv6 and FMIPv6) with TCP Reno on top of them. The simulation results present the performance gains of the pro-posed error recovery mechanism, which is possible within the context of transport layer mobility management.