Département Réseau, Sécurité et Multimédia Rapport d'Activités 2008
Département Réseau, Sécurité et Multimédia Rapport d'Activités 2008 Département Réseau, Sécurité et Multimédia Rapport d'Activités 2008
Access Control .................................................................................................................... 49Security of Web Services......................................................................................................... 49Security of NGN services......................................................................................................... 51A Fast Adaptative Secure Technology for high-speed Network.................................................... 52Consistency and interoperability in security policies ................................................................... 53Information flow control in organization ................................................................................... 55Dynamic access and usage control in pervasive environments.................................................... 56Peer 2 peer ......................................................................................................................... 58P2PIm@ges........................................................................................................................... 58Managing a Peer-to-Peer Storage System in a Selfish Society..................................................... 60Applications of networks to transports .............................................................................. 62Localization and Communication for emergency services ........................................................... 62Adaptive Application Support in Mobile Networks ...................................................................... 64Wireless Mesh Networks ......................................................................................................... 66Testbeds ............................................................................................................................. 68A showroom for practical IPv6 deployement ............................................................................. 68An Advanced Next Generation Mobile Open Network................................................................. 692 Extract of Pracom’s Annual Report 2008
ProtocolsHeader Compression over Mobile Networks and Satellite LinksResearch Staff : Jean-Marie Bonnin, Laurent Toutain – Ph.D. students: Priyanka RawatKeywords : Header Compression, Mobile IP, ROHC, Tunnel protocolApplications : VPN, network mobility, satellite linksIntroductionThe enormous growth in the use of the IPbasedmultimedia and other applications hasincreased the need of the efficient use ofavailable communication technologies includingsatellite and radio links. However, these linkshave high bit error rates and long delays.Moreover, the deployment of IP protocols overthese links leads to significant headeroverhead. Various IP tunneling mechanismswhich are widely used in network security(VPN), IPv4-to-IPv6 transition, and mobilenetworks have long delay characteristics.Header compression could be applied on suchlinks to reduce the header overhead. Thus, inthis context, it is required to study thebehavior of header compression schemes oversuch long delay links and tunnels.context of mobile networks and long delaylinks.First, we examined the behavior of ROHCmechanism over long delay links and tunnels.The study shows the impact of long delay,high bit error, and packet re-ordering on ROHCcompression mechanism.We investigated the behavior of ROHC overL2TP tunnel between the France and Korea[3]. This is important since L2TP and PPP linksare interesting in order to access the Internet(IPv6-IPv4 transition) by using a cellularaccess or to join the private network of aservice operator through any infrastructure.In mobile networks, header compressionmechanisms such as ROHC (Robust HeaderCompression) can be used to reduce theheader overhead. However, in several cases(for example IP tunneling mechanisms) thecompression mechanism does not take intoaccount all the protocol stack. The IP tunnelingmethods use multiple levels of encapsulationusing several IP and transport headers in eachpacket. That introduces high protocol headeroverheads especially in wireless links wherebandwidth remains a scarce resource.Mobility protocols Mobile IPv6 and NEMO use abi-directional tunneling mechanism and allcommunications go through this tunnel. Thistunnel easily provides network mobilitytransparency to the nodes within the networkand to their correspondents but it alsointroduces high protocol overheads sincemultiple IP headers are carried on eachmessage. However, ROHC is a complexmechanism and its use needs to be optimizedfor this specific usage.RealizationA study on ROHC and TuCP (TunnelingCompression) protocols has been done in theU modeO modeR mode0 10 50 100 200 300 400 500 600 700 800D l ( )Figure 1. ROHC performance for DelayFigure 1 shows the impact of delay on ACL(Average Compressed Header Length) in U, O,and R mode of operation. It shows that in Uand O mode, ACL is almost constant and doesnot vary with delay. However, in R mode, ACLincreases with the delay. Thus, ROHCcompression efficiency decreases while thedelay increases. It was also observed thatvalue of delay affects transitions betweenROHC modes (in O and R modes).The results obtained show that ROHCcompression can be used over long delay linksto reduce the header overheads with certainlimitations. The results of this study could beused for further designing header compressionExtract of Pracom’s Annual Report 2008 3
- Page 2 and 3: Présentation générale...........
- Page 4 and 5: Activités d’enseignementLe dépa
- Page 6 and 7: Activités de rechercheLe départem
- Page 8 and 9: Notre implication dans les organism
- Page 10 and 11: le cadre du projet NextTV4all où l
- Page 12 and 13: cloisonnement par domaine tels qu
- Page 14 and 15: - le GIS ITS (Intelligent Transport
- Page 16 and 17: Twente aux Pays Bas, Université de
- Page 18 and 19: Liste des doctorants présents en 2
- Page 20 and 21: Annexe 2 : liste des publicationsAr
- Page 22 and 23: COMA-BREBEL Céline, CUPPENS Nora,
- Page 24 and 25: PHAN LE Cam Tu, CUPPENS Frédéric,
- Page 26 and 27: Annexe 3 : description détaillée
- Page 30 and 31: schemes specifically suitable for l
- Page 32 and 33: An easy-to-use solution for IPv6 co
- Page 34 and 35: Loss Synchronization and Router Buf
- Page 36 and 37: Sensor NetworksRandom Walk Techniqu
- Page 38 and 39: Suppressing Neighbor Discovery in W
- Page 40 and 41: Media and NetworksIP-based transmis
- Page 42 and 43: One of the most difficult aspects o
- Page 44 and 45: Another direction is the associatio
- Page 46 and 47: classes. In our simple study case,
- Page 48 and 49: Management of Multiple Access Netwo
- Page 50 and 51: Adaptation of Multimedia Flows in a
- Page 52 and 53: Optimized mobility management in he
- Page 54 and 55: ecause it offers a generic framewor
- Page 56 and 57: Future workOur next step is to fina
- Page 58 and 59: Security Analysis and ValidationAna
- Page 60 and 61: RealizationFigure 1 shows a classif
- Page 62 and 63: Policy AdministrationResearch Staff
- Page 64 and 65: execution in a distributed manner.
- Page 66 and 67: Intrusion DetectionDetection and co
- Page 68 and 69: eported alerts have to be managed b
- Page 70 and 71: inside the corresponding detection
- Page 72 and 73: function has a limitation that it d
- Page 74 and 75: 1) Normal Node behavior simulation:
- Page 76 and 77: negotiation. These strategies speci
Access Control .................................................................................................................... 49Security of Web Services......................................................................................................... 49Security of NGN services......................................................................................................... 51A Fast Adaptative Secure Technology for high-speed N<strong>et</strong>work.................................................... 52Consistency and interoperability in security policies ................................................................... 53Information flow control in organization ................................................................................... 55Dynamic access and usage control in pervasive environments.................................................... 56Peer 2 peer ......................................................................................................................... 58P2PIm@ges........................................................................................................................... 58Managing a Peer-to-Peer Storage System in a Selfish Soci<strong>et</strong>y..................................................... 60Applications of n<strong>et</strong>works to transports .............................................................................. 62Localization and Communication for emergency services ........................................................... 62Adaptive Application Support in Mobile N<strong>et</strong>works ...................................................................... 64Wireless Mesh N<strong>et</strong>works ......................................................................................................... 66Testbeds ............................................................................................................................. 68A showroom for practical IPv6 deployement ............................................................................. 68An Advanced Next Generation Mobile Open N<strong>et</strong>work................................................................. 692 Extract of Pracom’s Annual Report <strong>2008</strong>