Computer network architectures

In this thesis we have proposed and analyzed a new architecture for high speed fiber optic LANs/MANs, called the Dual Bus R-Net. The scheme is based on a slotted unidirectional dual bus structure. It uses a reservation mechanism to generate slotted frames on each bus. Frames consist of a reservation slot and one or many information slots. Stations reserve slots by transmitting reservation requests on the bus carrying information in the opposite direction. The scheme has the advantage of superior channel utilization, bounded delay, fair access to all stations, dynamic bandwidth allocation to network users, and implementation simplicity. Extensive simulations have been carried out to verify the characteristics of the network. Simulation results reinforce the initial claims of the advantages offered by Dual Bus R-Net. Performance analysis is presented in terms of network delay and channel utilization. Simulation results are compared with similar results of X-Net, R-Net, DQDB, and Expressnet.

A Next Generation Computer Network Communications Architecture, CNCA, is developed in this thesis. Existing communication techniques and available networking technologies are explored. This provides the background information for the development of the architecture. Hardware, protocol, and interface requirements are addressed to provide a practical architecture for supporting high speed communications beyond current implementations. A reduction process is then performed to extract the optimal components for the CNCA platform. The resulting architecture describes a next generation communications device that is capable of very fast switching and fast processing of information. The architecture interfaces with existing products, and provides extensive flexibility. This protects existing equipment investments, and supports future enhancements.

In a mobile ad hoc network, node cooperation in packet forwarding is required for the network to function properly. However, since nodes in this network usually have limited resources, some selfish nodes might intend not to forward packets to save resources for their own use. To discourage such behavior, we propose RMS, a reputation-based system, to detect selfish nodes and respond to them by showing that being cooperative will benefit there more than being selfish. We also detect, to some degree, nodes who forward only the necessary amount of packets to avoid being detected as selfish. We introduce the use of a state model to decide what we should do or respond to nodes in each state. In addition, we introduce the use of a timing period to control when the reputation should be updated and to use as a timeout for each state. The simulation results show that RMS can identify selfish nodes and punish them accordingly, which provide selfish nodes with an incentive to behave more cooperatively.

IP address autoconfiguration poses a challenge for mobile ad-hoc networks (MANETs) because it has to be done to ensure correct routing. An IP autoconfiguration protocol that is based on quorum voting is proposed. Nodes are distributed configured when a write quorum can be collected. Making the compromise between message overhead and data consistency, quorum voting enforces data consistency by ensuring fresh read on every access so that each node is configured with a unique IP address. The protocol is scalable since the configuration information is maintained locally and no central server is involved. Extensive experiments are carried out comparing the configuration latency, message overhead and address reclamation cost between our protocol and existing stateful protocols. The simulation results show that nodes are configured in lower latency and the message overhead for maintaining the network is fairly low. Moreover, the proposed protocol greatly enhances the address availability by keeping proper redundancy.

Current management architectures address portions of the problem of managing high speed distributed networks; however, they do not provide a scalable end-to-end solution that can be applied to both large LAN and WAN high speed distributed networks. A new management architecture, "Web Integrated Network for Distributed Management Including Logic" (WINDMIL), is proposed to address the challenges of managing complex heterogeneous networks. The three primary components of the system are the Network Management Server (NMS), the Network Element Web Server (NEWS), and the Operator's Logic and Processing Platform (OLAPP). The NMS stores the management functions used by both the NEWS and the user. The NEWS is a Web server which collects and processes network element data in order to support management functions. The OLAPP executes the management functions and interfaces with the user.

In this dissertation a new architecture, Counter Rotating Slotted Ring (CRSR), is proposed for Metropolitan Area Networks (MANs). MANs are newly developed optical fiber based networks that have high data transmission rates and wide area coverage. They provide voice, video and data services. A CRSR has a dual-ring architecture that consists of two uni-directional transmission media, which are shared among the network nodes. The transmission time in a CRSR is divided into fixed length slots. These slots are generated by a head station during the system initialization phase. They flow inside the dual-ring in opposite directions: clockwise and counter clockwise. In each slot, there is an Access Control Field, a Segment Header Field and a Segment Payload Field. These fields contain slot control bits, segment identification and data respectively. One of the control bits is used to indicate if a slot has data or not. Once a busy slot, i.e. a slot with data, reaches its destination, it is marked as 'read'. An eraser node is used to identify 'read' slots and erase the data in the slots. In CRSR, there are two possible routes to send data from one node to another. The route with fewer nodes in between is always selected. This Minimum Node Count Routing reduces traffic on the transmission medium. IEEE has issued a Distributed Queue Dual Bus (DQDB) 802.6 standard for the subnetwork of a MAN. Under most circumstances, DQDB performs better than Fiber Distributed Data Interface (FDDI), an ANSI MAN standard. However, DQDB has two drawbacks: positional unfairness and poor channel efficiency. A number of solutions have been proposed to solve the unfairness problem, but these approaches do not improve the situation without negative effects on network performance. A CRSR with eraser in all its nodes has two times as much maximum throughput as an equivalent DQDB and at the same time, it is a positionally fair network. Although CRSRs with fewer eraser nodes are unfair, they always outperform equivalent DQDBs both in throughput and fairness.

During the last few years, Service-Oriented Architecture (SOA) has been considered to be the new phase in the evolution of distributed enterprise applications. Even though there is a common acceptance of this concept, a real problem hinders the widespread use of SOA : A methodology to design and build secure service-oriented applications is needed. In this dissertation, we design a novel process to secure service-oriented applications. Our contribution is original not only because it applies the MDA approach to the design of service-oriented applications but also because it allows their securing by dynamically applying security patterns throughout the whole process. Security patterns capture security knowledge and describe security mechanisms. In our process, we present a structured map of security patterns for SOA and web services and its corresponding catalog. At the different steps of a software lifecycle, the architect or designer needs to make some security decisions.

Web Service Business Process Execution Language (BPEL) has become a standard language in the world of Service Oriented Architecture (SOA) for specifying interactions between internet services. This standard frees developers from low-level concerns involving platform, implementation, and versioning. These freedoms risk development of less robust artifacts that may even become part of a mission-critical system. Model checking a BPEL artifact for correctness with respect to temporal logic properties is computationally complex, since it requires enumerating all communication and synchronization amongst various services with itself. This entails modeling BPEL features such as concurrency, hierarchy, interleaving, and non-deterministic choice. The thesis will provide rules and procedures for translating these features to a veriable model written in Promela. We will use these rules to build a program which automates the translation process, bringing us one step closer to push button verification. Finally, two BPEL artifacts will be translated, manually edited, verified, and analyzed.

A social network is a structure of individuals and organizations, which are connected by one or more types of interdependency, such as friendship, affinity, common interests or knowledge. Social networks use Web 2.0 technology, which is mostly based on a service-oriented architecture. We are studying patterns for social networks in this environment. A pattern is an encapsulated solution to a software problem in a given context, secure threats are possible in this context. We present a collection of patterns associated with the most important aspects of social networks, with emphasis on controlling the actions of the users of these networks.

The use of permutations in data compression is an aspect that is worthy of further exploration. The work that has been done in video compression based on permutations was primarily oriented towards lossless algorithms. The study of previous algorithms has led to a new algorithm that could be either lossless or lossy, for which the amount of compression and the quality of the output can be controlled. The lossless version of our algorithm performs close to lossy versions of H.264 and it improves on them for the majority of the videos that we analyzed. Our algorithm could be used in situations where there is a need for lossless compression and the video sequences are part of a single scene, e.g., medical videos, where loss of information could be risky or expensive. Some results on permutations, which may be of independent interest, arose in developing this algorithm. We report on these as well.