Ahmed Serhrouchni

SPIN model checking: an introduction

A long-standing and elusive problem in software engineering is to devise reliable means that would allow us to check the correctness of distributed systems code mechanically. Writing reliable distributed code is notoriously difficult; locating the inevitable bugs in such code is therefore important. As is well-known and often repeated, traditional testing methods are of little use in this context, because the most pernicious bugs typically depend on subtle race conditions that produce peculiar and unexpected interleavings of events. Well-known are the deadlock and starvation problems that plagued the designers of the first distributed systems code in the 1960s and 1970s (see for instance [16] p.155). In simple cases, a small set of strictly enforced rules can preserve the sanity in a system. One such rule is the requirement that frequently used resources in an operating system can only be allocated in a fixed order, to prevent circular waiting. But the simple rules only cover the known problems. Each new system builds a new context, with its own peculiarities and hazards. This is illustrated by the well-publicized description of the hangup problem in the control software of the Mars Pathfinder a few years ago [11]. In retrospect, the hangup scenario could be understood in very simple terms, yet it was missed even in the long and unusually thorough (but traditional) software testing process that had been used.

DHCP Authentication Using Certificates

In this paper, we describe several methods of DHCP authentication. We propose an extension to DHCP protocol in order to allow a strict control on equipments by using a strong authentication. This extension, called E-DHCP (Extended-Dynamic Host Configuration Protocol) is based on two principles. The first one is the defimition of a new DHCP option that provides simultaneously the authentication of entities (client/server) and DHCP messages. The technique used by this option is based mainly on the use of asymmetric keys encryption RSA, X.509 identity certificates and attribute certificates. The second principle is the attribution of PMI (Privilege Management Infrastructure) attribute authority server functionalities to DHCP server. This server creates an attribute certificate to the client, which ensures the relation between the identity certifiicate of the client and the allocated IP address. This attribute certificate will be then used in the access control.

A New Access Control Solution for a Multi-Provider Wireless Environment

The fundamental goal in future 4G mobile multi-service networks is to provide an efficient mobile computing environment. We presume that future terminals will be equipped with multiple heterogeneous wireless interfaces. We want to enable each user to seamlessly move between different providers’ networks. Besides seamless roaming, a key consideration is also devoted to quality-of-service provision. In this article, we propose a model and an architectural framework for supporting quality of service in the context of interconnected multi-provider wireless systems. The proposed integrated COPS-based management and RADIUS-based access control architecture will allow providers to offer multimedia services while optimizing the use of the underlying network resources. We suggest new concepts and protocols to provide solutions to these challenges and describe the French national research project named MMQoS aiming on building such future networks.

A lightweight identity authentication protocol for wireless networks

Mobile and wireless communication networks have created a major breakthrough in new telecom applications and services. Unfortunately, wireless networking is a double edged sword. Ever since it introduced new factors such as mobility, the temptation for unauthorized access and eavesdropping has been a reality because an attacker could easily access the transport medium. For that and in order to defend against targeted attackers, wireless networks need to define robust and layered protection mechanisms. In this paper, we present a TLS-based protocol named Light-Transport Layer Security (TLS), a lightweight identity authentication protocol for access control and key calculation and distribution for both mobile clients (WAP, GPRS) and application servers. The performance and the efficiency of our proposed protocol were performed using two Java Card Smartcards and then analyzed and compared to other solutions. The results demonstrate that our protocol efficiently manages to reduce the computation times and the message load and transport during the authentication phase.

A new secure session exchange key protocol for wireless communications

WAP architectures consist of several protocols, especially WTLS (wireless transport layer security) and SSL (secure sockets layer). Although both protocols secure data over an open network, they differ in their mode of operation. SSL secures end-to-end communications whereas WTLS defines connection-oriented and datagram transport protocols. As these two protocols are incompatible with each other, WTLS does not provide secure connections with SSL. Thus, WAP gateways break secure links. This paper proposes a new security protocol in order to ensure an end-to-end secure session key exchange between the client and the web server and thus would have an impact on new services independent of WAP gateways.

TCP over satellite links: Problems and solutions

Satellite communications are destined to play an important role in future telecommunications infrastructure. There is in particular an increasing interest in transporting Internet traffic over satellite links. Many studies have shown that TCP has a poor performance in the context of satellite communications. This is due to many factors inherent to satellite communications and for which TCP – originally designed for terrestrial networks – is inadequate. Our study is an overview of the many factors limiting TCP performance over a satellite link and the different solutions proposed to address the problem.

Critical analysis and new perspective for securing voice networks

Voice networks evolved from the traditional telephone system, to mobile and wireless networks and now towards a converged voice and data infrastructure. This convergence is based on the spread of the Internet Protocol, where VoIP is developing. Due to IP network characteristics, hackers are able to compromise and take control of different aspects of IP telephony such as signaling information and media packets. Security and privacy become mandatory requirements for this application area. IP telephony requires security services such as confidentiality, integrity, authentication, non-replay and non-repudiation. The available solutions are generic and do not respect voice specificities and constraints. In this paper, we present the security mechanisms as provided in some voice networks, outline major security weaknesses in these different environments and end this paper by a proposition to secure voice over IP packets drawing inspiration from the existing voice security solutions.

Using distributed component model for active service deployment

This paper presents a novel active architecture for building and deploying network services: HABA, hyper active components architecture. At the architectural level, HABA defines an active node whose functionalities are divided into the node operating system, the execution environment, and the active applications. At the implementation level, HABA is a component-based platform where new components could be added and deployed, in order to modify network node behavior dynamically. Applications can communicate across multi-tiered heterogeneous environments, and across Internet and intranet structures. Interoperability with ANTS is achieved by composition. At the deployment level, HABA uses an active node approach, and offers a parallel controlled deployment mode and a sequential by request mode. In terms of security, HABA offers different security levels according to service profiles. Authentication of deployed code, and protection of nodes, is achieved by the deployment of certificates on the nodes.

Simple voice security protocol

The public telephone network has been evolving from manually switching wires carrying analog encoded voice to an automatically switched grid of copper-wired, fiber optical and wireless mobile connectivity carrying digitally encoded voice, image and data. The evolution of the information technology yields to a converged data and voice network based on IP technology. VoIP emerged and it is taking a large part of the telephony market nowadays. However, the IP network presents security threats to both data and voice packets. To ensure a secure voice network, the security services and mechanisms are defined and the security protocols are created. But, the existing security solutions are related to each network infrastructure. Also, the existing public telephone network does not provide such a service. This paper describes the Simple Voice Security Protocol that provides a secure end-to-end voice communication with an abstraction of the underlying infrastructure.

E-DHCP: extended dynamic host configuration protocol

This paper proposes an extension to DHCP protocol, called E-DHCP (extended-dynamic host configuration protocol). This protocol is based on two principles. The first is the definition of a new DHCP option (RFC 2489) that provides simultaneously the authentication of entities and the authentication of DHCP message. The technique used by this option is based mainly on the use of asymmetric public keys encryption RSA, X.509 identity certificates and attribute certificates. The second is the attribution to DHCP server the functionalities of the AA (attribute authority) server of a PMI (privilege management infrastructure).