António Pinto

End-to-end delay estimation using RPL metrics in WSN

Critical monitoring applications can use wireless sensor networks to transport delay sensitive data. This data may demand bounded delays in order to be considered useful by the receiver. In these cases, an accurate and real-time estimation of the end-to-end delay could be used to anticipate the data usefulness prior to sending it. A novel real-time and end-to-end delay estimation mechanism is proposed in this paper, which considers processing times and two new RPL metrics. Results show that our proposal is more accurate than the ETT-based solution for delay estimation, and it does not significantly degrade the network performance.

Cross-Layer Admission Control to Enhance the Support of Real-Time Applications in WSN

Real-time monitoring applications may be used in a wireless sensor network (WSN) and may generate packet flows with strict quality of service requirements in terms of delay, jitter, or packet loss. When strict delays are imposed from source to destination, the packets must be delivered at the destination within an end-to-end delay (EED) hard limit in order to be considered useful. Since the WSN nodes are scarce both in processing and energy resources, it is desirable that they only transport useful data, as this contributes to enhance the overall network performance and to improve energy efficiency. In this paper, we propose a novel cross-layer admission control (CLAC) mechanism to enhance the network performance and increase energy efficiency of a WSN, by avoiding the transmission of potentially useless packets. The CLAC mechanism uses an estimation technique to preview packets EED, and decides to forward a packet only if it is expected to meet the EED deadline defined by the application, dropping it otherwise. The results obtained show that CLAC enhances the network performance by increasing the useful packet delivery ratio in high network loads and improves the energy efficiency in every network load.

On performance of group key distribution techniques when applied to IPTV services

IPTV services consist of multiple video channels grouped in bundles, such as sports, movies or generic bundles; users typically subscribe multiple bundles, including the generic bundle. Secure IP multicast can be used to implement IPTV services, but it still has problems to be addressed. Current solutions require high computational power in video channel zapping situations, lack support for groups sourced at the users, and present a weak support for admission control in IP multicast for both sources and receivers in dynamically configured environments. This work proposes a new, secure and efficient IPTV solution that, cumulatively: (a) enforces individual access control to groups of real-time IPTV video channels; (b) enforces IP multicast admission control for both multicast senders and receivers; (c) supports user generated videos; (d) generates low signaling overheads; (e) does not introduce perceivable delays, particularly in video channel zapping situations. Moreover, this solution can be easily integrated in the IPTV architectures being developed by ETSI and ITU-T.

RPL modifications to improve the end-to-end delay estimation in WSN

Real-time monitoring applications deployed in Low-power and Lossy Networks may generate flows sensitive to delay, where the information is useful for the destination only if it is received within a strict delay boundary. Data packets that will likely miss the application deadline could be discarded during their routing through the network or even be not transmitted at all, thus contributing for a better usage of the network resources. This paper presents RA-EEDEM, a set of modifications made to RPL that improve the End-to-End Delay (EED) estimation accuracy. The RA-EEDEM modifications include changes to the RPL metrics and to its Objective Function (OF). The results show that RA-EEDEM improves the accuracy of EED estimation while minimizing its impact on the average EED and Packet Reception Ratio (PRR).

Secure multicast in IPTV services

Technological evolution is leading telecommunications to all-IP networks where multiple services are transported as IP packets. Among these are the group communications services with confidentiality requirements. Secure IP multicast may be used to secure the broadcast of video channels. However, in scenarios such as cable TV where the concept of video channel and bundle are present, groups are very large, and users switch very rapidly between channels (zapping), a sort of problems still need to be addressed. The solution proposed in this paper addresses these problems. For that purpose, a centralized form of secure group communications is proposed also used to transmit, not data, but group cryptographic material. Threes types of cryptographic keys are used. End systems use this material to decrypt the data sent by the content providers.

Admission Control in IP Multicast over Heterogeneous Access Networks

Network operators have been reluctant to deploy IP multicast services mainly due to the lack of native control over multicast groups. This lack of control does not only prevent operators from generating revenue from multicast-based services but also hinders regular network management. In this work we identified the network elements where admission control should be enforced for multicast sessions spawning over heterogeneous access networks. The architecture proposed uses existing AAA functionality to perform user identification and multicast session admission control. This control is made at the network layer with no protocol modifications. Three access networks were considered: xDSL, WiMAX and UMTS.

A Framework for the Secure Storage of Data Generated in the IoT

The Internet of Things can be seen has a growing number of things that inter-operate using an Internet-based infrastructure and that has evolved during the last years with little concern for the privacy of its users, especially regarding how the collected data is stored. Technological measures ensuring users privacy must be established. In this paper we will present a technological framework for the secure storage of data. Things can then interact with the framework’s API much in the same way they now interact with its current servers, after which, the framework will perform the required operations in order to secure the data before storing it. The methods adopted for the secure storage will maintain the sharing ability, conveniently allowing authorized access to other users, the initial user’s terms (e.g. data anonymity) and the ability to revoke assigned privileges at all times.

Delay Accounting Optimization Procedure to Enhance End-to-End Delay Estimation in WSNs

Real-time monitoring applications may generate delay sensitive traffic that is expected to be delivered within a firm delay boundary in order to be useful. In this context, a previous work proposed an End-to-End Delay (EED) estimation mechanism for Wireless Sensor Networks (WSNs) to preview potential useless packets, and to early discard them in order to save processing and energy resources. Such estimation mechanism accounts delays using timers that make use of an Exponentially Weighted Moving Average (EWMA) function where the smoothing factor is a constant defined prior to the WSN deployment. Later experiments showed that, in order to enhance the estimation results, such smoothing factor should be defined as a function of the network load.

Multicast deflector

Technological evolution is leading telecommunications toward all-IP scenarios, where multiple services are transported as IP packets. Among these services is the broadcast of video. A possible mechanism for broadcasting multiple video channels over IP is to use IP multicast, and let each client decide about the reception of a channel. The secure IP multicast specified by the IETF MSEC working group is a candidate solution for securing these broadcast services. In this paper we propose a new solution for supporting the broadcast of multiple video channels which can be accessed only by authorized users; besides, when a video channel is not visualized in the last mile its transmission is temporarily suspended, so that the cable can be used for other services such as standard Internet access.

Hash-Chain Based Authentication for IoT Devices and REST Web-Services

The number of everyday interconnected devices continues to increase and constitute the Internet of Things (IoT). Things are small computers equipped with sensors and wireless communications capabilities that are driven by energy constraints, since they use batteries and may be required to operate over long periods of time. The majority of these devices perform data collection. The collected data is stored on-line using web-services that, sometimes, operate without any special considerations regarding security and privacy. The current work proposes a modified hash-chain authentication mechanism that, with the help of a smart-phone, can authenticate each interaction of the devices with a REST web-service using One Time Passwords (OTP). Moreover, the proposed authentication mechanism adheres to the stateless, HTTP-like behavior expected of REST web-services, even allowing the caching of server authentication replies within a predefined time window. No other known web-service authentication mechanism operates in such manner.