Ravi Pendse

Security in multi-tenancy cloud

Cloud computing creates exciting opportunities like reduced costs and flexibility to the users. It also comprises of some risks like data security within the cloud. Several common security threats like data leakage, insecure APIs, and malicious inside users are applicable to cloud computing environment as well. In this paper, the authors consider a cloud computing service where multiple Virtual Machines (VMs) are co-located on the same physical server. In such systems, physical resources are transparently shared by the VMs belonging to multiple users. In systems like these, a malicious user having control of a VM can try to gain control over other VMs resources or utilize all system resources leading to denial of resource attack over other VM users. A malicious user can also try to steal the data of other users located on the same server by compromising hypervisor file system (logical volumes). In this paper, security threats associated with cloud computing environment are evaluated. Authors also explore how such co-existent of VMs can be exploited to gain access over other users data or deny service and propose constructive security measures that can be deployed to avoid such attacks.

Analytical Estimation of Path Duration in Mobile Ad Hoc Networks

Path duration is an important design parameter that determines the performance of a mobile ad hoc network (MANET). For example, it can be used to estimate the route expiry time parameter for routes in “on demand” routing protocols. This paper proposes an analytical model to estimate path duration in a MANET using the random way point mobility model as a reference. The salient feature of the proposed model is that it establishes a relationship between path duration and MANET design parameters including node density, transmission range, number of hops, and velocity of nodes. Although this relationship has been previously demonstrated through simulations, a detailed analytical model is not available in the literature to present. In particular, the relationship between path duration and node density has not been derived in previous models. The accuracy of the proposed model is validated by comparing the results obtained from the analytical model with the experimental results available in literature and with the results of simulations carried out in ns-2.

Energy-aware routing protocol for ad hoc wireless sensor networks

Wireless ad hoc sensor networks differ from wireless ad hoc networks from the following perspectives: low energy, lightweight routing protocols, and adaptive communication patterns. This paper proposes an energy-aware routing protocol (EARP) suitable for ad hoc wireless sensor networks and presents an analysis for its energy consumption in various phases of route discovery and maintenance. Based on the energy consumption associated with route request processing, EARP advocates the minimization of route requests by allocating dynamic route expiry times. This paper introduces a unique mechanism for estimation of route expiry time based on the probability of route validity, which is a function of time, number of hops, and mobility parameters. In contrast to AODV, EARP reduces the repeated flooding of route requests by maintaining valid routes for longer durations.

Aviation data networks: security issues and network architecture

The information technology (IT) revolution, combined with peoples need to access information quickly, has resulted in the explosive growth of the Internet in the past decade. Ubiquitous access to the Internet has become an essential component of a mobile workforce and multiple mechanisms are being devised to ensure seamless connectivity to corporate resources. An integrated security framework requires a careful consideration of the security features of the network within an airplane. Potentially, the aircraft could consist of three kinds of networks namely passenger network, crew network, and control network. The security protocol implemented must ensure a proper separation of these networks and also watch for any security protocol violations. In this paper, the authors review the existing aircraft data network standards, security provisioning, and the security threats associated with the aircraft data networks. In addition, the authors also analyze the security threats associated with different network architectures.

Security, Internet connectivity and aircraft data networks

Internet connectivity which was in experimental stages only a few years ago is a reality today. Current implementations allow passengers to access Internet for pleasure and in some cases secure VPN access is provided to corporate networks. Several researchers are looking at the possibility of the existence of a total three networks: passenger network (PN), crew network (CRN), and the control network (CON). Researchers envision an architecture where these three networks co-exist in an airplane. The available Internet connectivity can be utilized for transporting flight critical information like cockpit flight data recorder (CFDR) data, digital flight data recorder (DFDR) data, cockpit voice recorder (CVR) data and controller pilot data link communication. In addition, the Internet connectivity could also be used for other safety mechanisms like video surveillance and remote control of the flight. Security is one of the major concerns that affect the successful deployment of aircraft data networks (ADN) and other safety features. Several studies have been carried out to secure the network using firewalls and intrusion detection system but so far no study has focused on securing the communication channel (between the aircraft and the ground station) and its impact on the ADN. The scope of this research is to determine the viability and need of a security mechanism. The research also focuses on the performance of different security architectures and determine their usability in the framework of an ADN

Scalable QoS provisioning for mobile networks using wireless sensors

In the past few years support for mobility has increased to a large extent. Mobile IP enables nodes to move from one network to the other while maintaining the same IP address. Minimal packet loss during handoff is a requirement for provisioning QoS for real-time applications. However, loss of packets during handoff and the best effort service offered by the Internet degrades the quality of applications such as voice and video. High-speed mobility such as those in trains and vehicles further deteriorates the services of such time critical applications. In this paper, the authors propose a new handoff technique based on location tracking by wireless sensor networks. Networks of such sensors perform movement detection of mobile nodes in a particular direction and inform the mobility agent to which the mobile node is attached. This agent looks up the new mobility agent determination table and informs the new agent to which the node is moving. Based on entries in the proposed IP-QoS mapping table, old mobility agent also informs the new agent about the mobile nodes traffic characteristics so it can make reservations in advance. Numerical analysis shows that packet loss during handoff when compared to traditional mobile IP is reduced by as high as 93% and agent utilization increases by 96% at high speeds.

Airborne network: a cyber-physical system perspective

An airborne network is a cyberphysical system (CPS) in which there is an intense interaction between the physical and cyber components. While computation, communication and networking elements form the cyber components of the system, fight-paths, manoeuvre geometries, and multimode resources including ground-based nodes and control stations form the physical components of the CPS. The synergy between the cyber and physical components, if explored and exploited, will signicantly enhance the safety and security capabilities of Next Generation (NextGen) air transportation systems. In this paper, we characterize airborne networks based on their mobility patterns, path predictability, and model complexity. We discuss mobility models suitable for airborne networks, analytical models for estimating the link/path duration in airborne networks, and strategies for information assurance in airborne networks.

PCF vs DCF: a performance comparison

Wireless LANs are gaining importance at a very rapid pace. The idea of being mobile and connected to the Internet is driving new innovations in this area. With the recent innovations in the field of multimedia networks, the requirements of QoS support over wireless LANs are becoming more stringent. Quality of service in a wireless LAN is affected by a number of parameters like channel access method, physical/environmental conditions, number of nodes, distance etc. A proper selection of protocols/topology helps in maintaining/improving the QoS support of a wireless network. In this paper, the authors analyze the effect of channel access methods on the multimedia (voice) traffic. Two channel access methods, namely point coordinate function (PCF) and distributed coordinated function are considered for their support for QoS. The simulation results indicate that using PCF for multimedia traffic results in better performance.

IP connectivity and DAP

The information technology (IT) revolution, combined with peoples need to access information quickly, has resulted in the explosive growth of the Internet in the past decade. Ubiquitous access to the Internet has become an essential component of a mobile workforce and multiple mechanisms are being devised to ensure seamless connectivity to corporate resources. The authors present a possible use of the available IP connectivity between the airplane and the ground stations for the download of voice/video/data traffic from an airplane onto the ground stations to ease the reliance on blackboxes in a post-incident scenario. A discussion of the simulation test-bed, the results obtained and the practical set of guidelines for their deployment in real-world situations is also included.

Semi-Markov process based model for performance analysis of wireless LANs

In this paper, we propose a new semi-Markov process based model to compute the network parameters such as saturation throughput, for the IEEE 802.11 Distributed Coordination Function (DCF) employing the Binary Exponential Backoff (BEB). The backoff stages of BEB and their backoff intervals are modeled as the states of semi-Markov process and their state holding-times, respectively. The proposed model is simpler than Bianchis two-dimensional Markov chain based model, with the number of states in the proposed model being of the order O(m), where m is the number of backoff stages in the BEB, compared with the Bianchis model where number of states is of the order O(2m). Using the proposed semi-Markov process model, we compute the parameters of interest in wireless LANs, such as conditional collision probability, packet transmission probability, and saturation throughput. We show that the proposed model is quite accurate in computing these parameters of interest. Moreover, we show that the computation time with the proposed model is approximately one-tenth of that with Bianchis model, using Matlab simulations. Thus, the proposed model achieves accurate results with less complexity and computation time, and is suitable to be used for performance evaluation of complex protocols such as IEEE 802.11e.