by

DOI: 10.1023/B:JONS.0000043693.96405.a0
Print publication date: 9/1/2004
View article on SpringerLink

by

DOI: 10.1023/B:JONS.0000043692.95100.4f
Print publication date: 9/1/2004
View article on SpringerLink

by Lima, Solange Rito; Carvalho, Paulo; Freitas, Vasco

This article proposes a distributed admission control (AC) model based on on-line monitoring to manage the quality of Internet services and Service Level Specifications (SLSs) in class-based networks. The AC strategy covers intra- and interdomain operation, without adding significant complexity to the network control plane and involving only edge nodes. While ingress nodes perform implicit or explicit AC resorting to service-oriented rules for SLS and QoS parameters control, egress nodes collect service metrics providing them as inputs for AC. The end-to-end operation is viewed as a cumulative and repetitive process of AC and available service computation. We discuss crucial key points of the model implementation and evaluate its two main components: the monitoring process and the AC criteria. The results show that, using proper AC rules and safety margins, service commitments can be efficiently satisfied, and the simplicity and flexibility of the model can be explored to manage successfully QoS requirements of multiple Internet services.

DOI: 10.1023/B:JONS.0000043687.34623.32
Print publication date: 9/1/2004
View article on SpringerLink

by Darlagiannis, Vasilios; Mauthe, Andreas; Steinmetz, Ralf

Large-scale, heterogeneous peer-to-peer (P2P) systems impose a set of diverse requirements. Current solutions do commonly only address a subset of these requirements since there are a number of trade-offs and constraints due to the different dimensions and aims they address. We present a novel approach for designing overlay networks for large-scale, highly dynamic, and heterogeneous P2P systems. A set of mechanisms is proposed to meet the complete set of requirements while keeping the trade-offs and constraints in balance. To handle effectively the large number of peers, they are clustered in manageable groups considering the requirements on their stability. The novelty in this approach is in the identification of the core services and operations of the aforementioned systems. On the basis of the requirements of those services and operations, peers are assigned the most suitable roles. Role relationships are further introduced to enable (and provide) incentives for the peers to adopt the most suitable roles while selecting an efficient overlay structure to preserve efficiency, robustness, and scalability. The proposed set of mechanisms is realized in Omicron, a novel hybrid P2P approach.

DOI: 10.1023/B:JONS.0000043686.04679.03
Print publication date: 9/1/2004
View article on SpringerLink

by D’Arienzo, Maurizio; Pescapè, Antonio; Ventre, Giorgio

Novel network architectures allow users to get specific performance guarantees via the definition of a document where QoS (Quality of Service) requirements are linked to the user traffic description. Such a document is defined SLA (Service Level Agreement), and it is a formal high level definition (user view) of characteristics for a communication service, whereas low level specification (network view) is obtained translating the SLA in a different document named SLS (Service Level Specification). Although in the case of static services the network configuration process is a well defined activity, when dynamic services come into play a more complicated scenario where SLA translation into the appropriate SLS is not a one-step and static process, but it needs an active and consistent evaluation with respect to the current situation. We claim that to make this process happen automatically, we need to have intelligent devices able to translate request specified inside SLAs in the most appropriate network configuration (by means of dynamic SLS) depending on client’s current “service conditions.” In this paper we introduce a framework for distributed network management through an entity, namely AcMe (Active Mediator), which performs dynamic creation of network services in a transparent to the user fashion. A new protocol, HNMP (Heterogeneous Network Management Protocol), orchestrates all AcMe functionality. Finally, an experimental analysis is presented.

DOI: 10.1023/B:JONS.0000043685.23085.21
Print publication date: 9/1/2004
View article on SpringerLink

by Rajvaidya, Prashant; Ramachandran, Krishna N.; Almeroth, Kevin C.

A lack of mechanisms to monitor and manage multicast networks has adversely affected progress in several areas critical for successful deployment. One such area involves discovering and solving multicast security vulnerabilities. Although a number of vulnerabilities exist, the most troubling are a set of easily exploited Denial-of-Service (DoS) attacks. The main reason for this concern is that the one-to-many nature of multicast can significantly magnify the effects of these attacks. Among the possible multicast DoS attacks, those that target the the Multicast Source Discovery Protocol (MSDP) can be most damaging. MSDP vulnerabilities are unusually easy to exploit and can lead to infrastructure-wide damage. In this paper, our goal is to develop a security framework that protects against DoS attacks through detection and then “deflection.” In developing our framework, we first examine the vulnerability of multicast protocols, to DoS attacks. We use data collected with our global monitoring infrastructure, Mantra, to analyze the nature and effects of attacks that have already occurred. We then create additional, more virulent strains. Finally, we propose a family of solutions to detect and deflect the effects of each attack. Our techniques are evaluated by simulating their effectiveness against both real and simulated workloads.

DOI: 10.1023/B:JONS.0000043683.63195.16
Print publication date: 9/1/2004
View article on SpringerLink

by Sarac, Kamil; Almeroth, Kevin C.

With the deployment of native multicast in commercial networks, multicast is getting closer to becoming a ubiquitous service in the Internet. The success of this deployment largely depends on the availability of good management tools and systems. One of the most important management tasks for multicast is to verify the availability of the service to its users. This task is usually referred to as reachability monitoring. Reachability monitoring requires a number of monitoring stations to work together to collect this information in a distributed manner in the interdomain scale. In this paper we present a general architecture for multicast reachability monitoring systems and focus on three critical functions: agent configuration, monitoring, and feedback collection. For each component, we provide a number of alternative approaches to implement the required functionality and discuss their advantages and disadvantages. Then, we focus on the feedback collection component. To a large extent, it determines the complexity and the overhead of a monitoring system. Using simulations, we compare a number of alternative approaches for feedback collection and make suggestions on when to use each. We believe our work provides insight into the issues and considerations in designing and developing multicast reachability monitoring systems.

DOI: 10.1023/B:JONS.0000043684.78854.fd
Print publication date: 9/1/2004
View article on SpringerLink

by John, Ajita; Stiller, Burkhard

DOI: 10.1023/B:JONS.0000043682.11272.99
Print publication date: 9/1/2004
View article on SpringerLink

by Bernstein, Lawrence

DOI: 10.1023/B:JONS.0000043681.69541.9d
Print publication date: 9/1/2004
View article on SpringerLink