Mobile IPv6 and Network Mobility (NEMO) have been standardized as IP extensions. While these technologies are planned to be adopted by several communities, such as the vehicle, aviation, and cellular industries, Mobile IPv6 has serious deployment issues such as scalability, protocol resilience, and redundancy. In these technologies, a special router called a home agent is introduced to support the movement of mobile nodes. This home agent introduces overlapping, inefficient routes, and becomes a single point of failure and a performance bottleneck. In this paper, a new concept for scalable and dependable mobility management scheme is proposed. Multiple home agents serve the same set of mobile nodes. The Home Agent Reliability protocol and Home Agent migration are introduced to achieve this concept. We also propose an overlay network named a Global Mobile eXchange (GMX) that efficiently handles data traffic from and to mobile nodes, and operates home agents as would an Internet eXchange Point (IXP).

抄録全体を表示

This paper presents a method of measuring the traffic of IP multicast streaming, such as IPTV, by using IPFIX and PSAMP. The IP multicast streaming service has recently become one of the popular network services, but no IP multicast operation method has been established yet. In particular, traffic measurement of IP multicast streaming encounters two challenges: as monitoring a multicast path tree and QoS measurement. There is no method to monitor them continuously in large-scale networks. Hence, we explore measurement structure suitable for large-scale networks, and then using IPFIX and PSAMP, we propose an efficient a network-level quality measurement method for IPTV and a method to extract multicast path tree data. In addition, we demonstrate the feasibility of the measurement method by evaluating a prototype system.

抄録全体を表示

Advanced metering infrastructure (AMI) is a kind of wireless sensor network that provides two-way communication between smart meters and city utilities in the neighborhood area of the smart grid. And the routing protocol for low-power and lossy network (RPL) is being considered for use in AMI networks. However, there still exist several problems that need to be solved, especially with respect to QoS guarantees. To address these problems, an improved algorithm of RPL based on triangle module operator named as TMO is proposed. TMO comprehensively evaluates routing metrics: end-to-end delay, number of hops, expected transmission count, node remaining energy, and child node count. Moreover, TMO uses triangle module operator to fuse membership functions of these routing metrics. Then, the node with minimum rank value will be selected as preferred parent (the next hop). Consequently, the QoS of RPL-based AMI networks can be guaranteed effectively. Simulation results show that TMO offers a great improvement over several the most popular schemes for RPL like ETXOF, OF-FL and additive composition metric manners in terms of network lifetime, average end-to-end delay, average packet loss ratio, average hop count from nodes to root, etc.

抄録全体を表示

We specified a mechanism with which Mobile IPv6 and IPsec/IKE can work together efficiently. The interaction is necessary for updating the endpoint address of an IPsec tunnel in accordance with movement performed by a mobile node. Based on an analysis of needs for interaction between Mobile IPv6 and IPsec/IKE, we designed and implemented a mechanism that is an extension to the PF_KEY framework. The proposed mechanism allows Mobile IPv6 to inform IPsec/IKE of the movement so that necessary updates to the security policy database and security association database can be taken by IPsec/IKE.This notification helps IKE to update its internal state. The mechanism is also applicable to the other scenarios, such as NEMO, Mobile VPN and its variants.

抄録全体を表示

We specified a mechanism with which Mobile IPv6 and IPsec/IKE can work together efficiently. The interaction is necessary for updating the endpoint address of an IPsec tunnel in accordance with movement performed by a mobile node. Based on an analysis of needs for interaction between Mobile IPv6 and IPsec/IKE, we designed and implemented a mechanism that is an extension to the PF_KEY framework. The proposed mechanism allows Mobile IPv6 to inform IPsec/IKE of the movement so that necessary updates to the security policy database and security association database can be taken by IPsec/IKE.This notification helps IKE to update its internal state. The mechanism is also applicable to the other scenarios, such as NEMO, Mobile VPN and its variants.

抄録全体を表示

IEEE 802.16m is an advanced air interface standard which is under development for IMT-Advanced systems, known as 4G systems. IEEE 802.16m is designed to provide a high data rate and a Quality of Service (QoS) level in order to meet user service requirements, and is especially suitable for mobilized environments. There are several factors that have great impact on such requirements. As one of the major factors, we mainly focus on latency issues. In IEEE 802.16m, an enhanced layer 2 handover scheme, described as Entry Before Break (EBB) was proposed and adopted to reduce handover latency. EBB provides significant handover interruption time reduction with respect to the legacy IEEE 802.16 handover scheme. Fast handovers for mobile IPv6 (FMIPv6) was standardized by (IETF) in order to provide reduced handover interruption time from IP layer perspective. Since FMIPv6 utilizes link layer triggers to reduce handover latency, it is very critical to jointly design FMIPv6 with its underlying link layer protocol. However, FMIPv6 based on new handover scheme, EBB has not been proposed. In this paper, we propose an improved cross-layering design for FMIPv6 based on the IEEE 802.16m EBB handover. In comparison with the conventional FMIPv6 based on the legacy IEEE 802.16 network, the overall handover interruption time can be significantly reduced by employing the proposed design. Benefits of this improvement on latency reduction for mobile user applications are thoroughly investigated with both numerical analysis and simulation on various IP applications.

抄録全体を表示

スパムメールなどのなりすましメールの増加に伴い、大手メールサービスプロバイダを始めとして、送信ドメイン認証技術を用いたメールフィルタリングが強化されてきている。これまでSPFのみを用いて送信ドメイン認証を行なっていた組織も、DKIMやDMARCの導入がこれまでよりも強く求められるようになってきた。そこで、筆者が所属する組織では、これまで行なっていたSPFに加えてDKIM及びDMARCを導入し、その評価を行った。導入に当たっては、postfixやopendkimなどのオープンソースソフトウェアを利用した。送信メールのうち、SMTP認証を経たものに対してDKIM署名を付加するように設定し、DKIMの公開鍵とDMARCに関するDNSレコードを設定した。DMARCのAggregate Reportから統計情報を得ることで、DKIM署名の付加により、正規の送信者からのメールをより多くの受信者に届けることができるのを確認した。また、送信メールに対するAggregate Reportの割合が低いことも確認した。

抄録全体を表示

Resource discovery is an essential function for distributed mobile applications integrated in vehicular communication systems. Key requirements of the mobile resource discovery are wide-area geographic-based discovery and scalable resource discovery not only inside a vehicular ad-hoc network but also through the Internet. While a number of resource discovery solutions have been proposed, most of them have focused on specific scale of network. Furthermore, managing a large number of mobile resources in the Internet raises a scalability issue due to the mobility of vehicles. In this paper, we design a solution to wide area geographical mobile resource discovery in heterogeneous networks composed of numerous mobile networks possibly connected to the Internet. The proposed system relies on a hierarchical publish-subscribe architecture and geographic routing so that users can locate resources according to geographical coordinates without scalability issue. Furthermore we propose a location management mechanism for mobile resources, which enables to reduce periodic updates of geographical location. Numerical analysis and simulation results show that our system can discover mobile resources without overloading both mobile network and the Internet.

抄録全体を表示

There are various wireless communication technologies, such as 3G, WiFi, used widely in the world. Recently, not only the laptop but also the smart phones can be equipped with multiple wireless devices. The communication terminals which are implemented with multiple interfaces are usually called multi-homed nodes. Meanwhile, a multi-homed node with multiple interfaces can also be regarded as multiple single-homed nodes. For example, when a person who is using smart phone and laptop to connect to the Internet concurrently, we may regard the person as a multi-homed node in the Internet. This paper proposes a new routing method, Multi-homed Mobile Cross-layer Control to handle multi-homed mobile nodes. Our suggestion can provide a distributed end-to-end routing method for handling the communications among multi-homed nodes at the fundamental network layer.

抄録全体を表示

There are demands for secure group communication on the internet, such as pay-per-view type broadcasting, business confidential information sharing and teleconference. Secure communication inside a groups on an open network is critical to enhance the internet capability. The public key system is not sufficient to support the group security, since it is not scalable for large groups. Some researchers propose a scalable group security model, managing several common keys for encryption and decryption sharing inside the community. In this paper, we will evaluate the performance of these group security model. Using M/G/∞ queueing models and the basic queueing theory, we show how to find the optimal condition of the allocation of the common keys if the joins to group is a Poisson process. In addition, we show our optimal condition may work for more general arrival processes by using the cross covariance formula (a variant of Papangelou's formula) for the stochastic intensity of departure process.

抄録全体を表示

At Eurocrypt'03, Boneh, Gentry, Lynn and Shacham proposed a pairing based verifiably encrypted signature scheme (the BGLS-VES scheme). In 2004, Hess mounted an efficient rogue-key attack on the BGLS-VES scheme in the plain public-key model. In this letter, we show that the BGLS-VES scheme is not secure in the proof of possession (POP) model.

抄録全体を表示

The global outbreak of COVID-19 has rapidly increased the use of video conferencing systems, highlighting the importance of end-to-end encryption (E2EE) technology for protecting user privacy. This paper analyzes the security of SFrame, an E2EE technology used in Cisco Webex and similar systems. Specifically, we assess the security of SFrame as described in two versions published by the IETF: an older version known as draft-omara-sframe-01 and the latest version at the time of writing this paper, draft-ietf-sframe-enc-03. The draft-omara-sframe-01 had signature vulnerabilities pointed out by Isobe et al., and the draft-ietf-sframe-enc-03 includes updates addressing these issues. First, we analyze the older version of SFrame, draft-omara-sframe-01, and propose new attacks that allows us to manipulate more plaintext than the attacks identified by Isobe et al. Next, we study the latest version, draft-ietf-sframe-enc-03, showing that many of the attacks proposed by Isobe et al. and our new attacks are still effective against this latest version, even when it uses the same signature process as the older version.

抄録全体を表示

In multiagent systems, each agent as a learner must decide actions by itself. Distance information between agents is needed for selecting actions, for example, in order to make routing tables. Usually we get information of a wireless signal power from a wireless network card because there is a relationship between the wireless signal power and distance between agents. But some network cards do not provide us a wireless signal power or such information. In this paper, we provide a novel distance measurement method using acoustic wave. A composite wave which consists of a direct wave and reflected waves is not a monotone decreasing because it has `nodes' which amplitude are always almost zero per wavelength. So we can not get distance information from a wave signal power. In this paper, we propose the distance measurement method with the two ore more sine waves. And experiment shows its implementability.

抄録全体を表示

Testbeds play a key role in the advancement of network science and the exploration of new network architectures. Because the scale and scope of any individual testbed is necessarily limited, federation is a useful technique for constructing testbeds that serve a wide range of experimenter needs. In a federated testbed, individual facilities maintain local autonomy while cooperating to provide a unified set of abstractions and interfaces to users. Forming an international federation is particularly challenging, because issues of trust, user access policy, and local laws and regulations are of greater concern that they are for federations within a single country. In this paper, we describe an architecture, based on the US National Science Foundation's GENI project, that is capable of supporting the needs of an international federation.

抄録全体を表示

本論文では，農業情報のための動画像通信システムに適した動的な画像制御機能を提案する．本研究で扱う動画像通信システムは，画像による病害虫の遠隔診断や圃場などの監視・管理での利用が可能である．本研究で提案する機能の特徴は，画像の受信者側からの要求と目的に応じて，注目領域の選択範囲と画像の量子化係数を動的に変更することである．提案する機能により，動画像通信におけるQoSパラメータの調整作業が不要となる．さらに，使用している帯域を使い切るように，これらの値を動的に制御することで，与えられた帯域の中で可能な限り多くの情報の転送が可能となる．この機能を農業情報のための動画像通信システムに実装し，3つの帯域に対して画像による病害虫診断に適用する実験を行った．実験結果より，いずれの帯域においても，提案した機能が有効に働き，与えられた帯域の中で可能な限り多くの情報が転送でき，ネットワーク帯域を有効に利用できることを確認した．

抄録全体を表示

According to the recent observations of IPv4 (Internet Protocol version 4) address allocation status, it will be running out within few years. Consequently, to ensure the continuous extension of the Internet operation, introducing IPv6 (Internet Protocol version 6) protocol is surely needed. But at the same time, such transformation must be “smooth” for every Internet users and be compatible with today's IPv4 based practices. This paper describes several techniques and usage scenario which are discussed mainly in the IETF — — and tried to be implemented as prototype products to transform today's Internet towards the IPv6 based one.

抄録全体を表示

In recent year, ad-hoc network technology has gained attention, which consists of not access points and base stations but of wireless nodes. In this network, it is difficult to maintain the whole data flow because of the absence of access points as the network administrator when nodes share the data. This paper proposes the security camera system which has only nodes sharing the taken pictures and has the robustness against the data destroying. The sender node cannot know whether packets are received or not by neighboring nodes in broadcasting because of a unidirectional communication. So in our proposed method, the sender node selects the receiver node from neighboring nodes, and they communicate with each other. On the other hand, neighboring nodes listen to packets between the sender node and the receiver node. After that, this method guarantees nodes of more than 1 which receive a data in broadcasting. We construct the security camera system using wireless nodes with the IEEE 802.15.4 specification and show the performance for security. At last, using the simulator we show the efficiency in the large environment, and conclude this paper.

抄録全体を表示