Vol. 64, No 5-6, May-June 2009

 

Content available on SpringerLink  http://www.springerlink.com/content/0003-4347

 

Network virtualization: the path to future Internet

Guest editors : Omar Cherkaoui (UQUAM, Canada), Masum Z. Hasan (Cisco, USA), Guy Pujolle (LIP6, France)

 

Foreword

^{O. Cherkaoui, M. Z. Hasan, G. Pujolle}

 

 

 

Brief Report: The clean slate approach to future Internet design: a survey of research initiatives

Jim Roberts (Orange Labs)

The AGAVE approach for network virtualization: differentiated services delivery

M. Boucadair¹, P. Georgatsos²,  N. Wang³, D. Griffin⁴, G. Pavlou⁴, M. Howarth³, A. Elizondo⁵

¹France Telecom R&D, 42 Rue des Coutures, 14066 Caen, France

²Algonet SA, Athens, Greece

³University of Surrey, Guildford, UK

⁴University College London, London, UK

⁵Téléfonica, Madrid, Spain

 

Abstract: This paper describes a new paradigm to realize network virtualization and defines two novel concepts, network planes and parallel Internets, to achieve service differentiation. These concepts are packaged in a technologyagnostic and a multi-dimensional approach for the delivery of Internet protocol (IP) service differentiation, both intra- and inter-domain. The definition of the aforementioned concepts covers several dimensions, mainly routing, forwarding, and traffic management ones. Unlike some radical “Post IP” proposals, this paper advocates an evolutionary approach for enhancing the level of experienced connectivity services (including quality of service and robustness) and therefore to enhance the Internet of the future. Both the rationale and the merits of our approach are explained. In addition, this paper focuses on the critical problem of determining the network planes and parallel Internets to be engineered by a given IP network provider to meet the service connectivity requirements of external service providers. Finally, in order to assess the validity of the proposed approach, a network plane Emulation Platform is described.

Keywords: Service differentiation . Quality of service . Traffic engineering . Robustness . Business model

 

Enhancing virtual environments with QoS aware resource management

Fernando Rodríguez-Haro · Felix Freitag · Leandro Navarro

Computer Architecture Department, Polytechnic University of Catalonia, Jordi Girona, 1-3, D6 Campus Nord, 08034 Barcelona,  Spain

 

Abstract: Nowadays, the consolidation of application servers is the most common use for current virtualization solutions. Each application server takes the form of a virtual machine (VM) that can be hosted into one physical machine. In a default Xen implementation, the scheduler is configured to handle equally all of the VMs that run on a single machine. As a consequence, the scheduler shares equally all of the available physical CPU resources among the running VMs. However, when the applications that run in the VM dynamically change their resource requirements, a different solution is needed. Furthermore, if the resource usage is associated with service-level agreements, a predefined equal share of the processor power is insufficient for the VMs.Within the Xen’s primitives, even though it is possible to tune the scheduler parameters, there is no tool to achieve the dynamic change of the share of the processor power assigned to each VM. A combination of a number of primitives, however, appears to be suited as a base for achieving this. In this paper, we present an approach to efficiently manage the quality of  service (QoS) of virtualized resources in multicore machines. We evaluate different alternatives within Xen for building an enhanced management of virtual CPU resources. We compare these alternatives in terms of performance, flexibility, and ease of use. We devise an architecture to build a high-level service that combines interdomain communication mechanisms with monitoring and control primitives for local resource management. We achieve this by our solution, a local resource manager (LRM), which adjusts the resources needed by each VM according to an agreed QoS. The LRM has been implemented as a prototype and deployed on Xen-virtualized machines. By means of experiments, we show that the implemented management component can meet the service-level objectives even under dynamic conditions by adapting the resources assigned to the virtualized machines according to demand. With the LRM, we therefore achieve both fine-grain resource allocation and efficient assignment.

 

Keyword: Dynamic resource management · Virtualization · Multicore

 

 

 

Scenario-based virtual network infrastructure management in research and educational testbeds with VNUML

Application cases and current challenges

Fermín Galán¹ · David Fernández² · Walter Fuertes³ · Miguel Gómez¹ · Jorge E. López de Vergara³

¹Telefónica Investigación y Desarrollo (TID),  Madrid, Spain

²Departamento de Ingeniería de Sistemas Telemáticos  (DIT), Universidad Politécnica de Madrid (UPM),  Madrid, Spain

³Departamento de Ingeniería Informática,  Universidad Autónoma de Madrid (UAM),  Madrid, Spain

Abstrac:  Virtual machine technologies have evolved  during the last 40 years from mainframe to commodity  (x86) systems. Although these techniques are  nowadays quite mature in data center environments  (consolidation, service continuity, etc.), scenario-based  virtual infrastructure management tools keep evolving  in research and educational areas. In this work, one  such tool is described, Virtual Network User Mode  Linux (VNUML), which has been successfully used  during the past few years to help researchers and educators  to build testbeds in a wide range of innovative  network environments (such as IPv6 IX design and  third-generation networks). Such application cases are  detailed in this paper, assessing the soundness and  flexibility of the tool.However, in spite of these successful  applications, several challenges remain to be solved  in virtual scenario management (distributed management,  decoupling from any particular virtualization  technique, and alignment with industry standards), and  the way they are being addressed as part of VNUML’s  evolution is also discussed.

Keyword: Virtual networking infrastructure · Testbeds · Scenario-based management · VNUML ·

 

 

 

Using tunneling techniques to realize virtual routers

Ting-Chao Hou · Ming-Chieh Chan · Chien-Tse Yu

National Chung Cheng University, Chiayi, 62102, Taiwan

 

Abstrac: The evolution of the router architecture has  gradually changed from a conventional architecture,  which processes all functions on one operating system/  processor, to a remote architecture, which can be split  into a control plane and a data plane with their respective  functions. The control plane is mainly responsible  for the operations of the routing/signaling protocols  and the data plane is responsible for forwarding the  large amount of data packets. Furthermore, the remote  architecture facilitates the realization of virtual routers.  Virtual routers are created basically by logically splitting  a routing processor in the control plane into many  virtual routing units that have independent routing  tables, use independent protocols, and connect to the  external network through different interfaces. A virtual  router with a remote architecture is more flexible and  efficient than conventional routers; however, it requires  an additional communication mechanism between the  control plane and the data plane. We propose using  existing tunneling techniques to provide a communication  mechanism between the control plane and the  data plane. Many design and implementation issues  on the software architecture and protocol ramification  are identified. We discuss solutions to these issues and  successfully demonstrate a working virtual router with  our proposed solutions.

 

Keyword: Virtual routers · Control plane · Data plane · Tunnel · Virtual interface

 

 

 

 

Third generation virtualized architecture for the MVNO context

Imen Limam Bedhiaf¹ · Omar Cherkaoui¹ · Guy Pujolle²

¹University of Quebec at Montréal, Montréal, Canada

²University of Pierre and Marie Curie, Paris, France

 

Abstrac: The third-generation architectures have to  support multiple mobile virtual network operators  (MVNOs). They have also to host different types of  these virtual operators. Virtualizing these architectures  will allow the MVNOs to rapidly deploy their equipment.  It will separate the management domain between  them and the mobile host operator. It will also allow  sharing resources and reducing the deployment cost.  Motivated by these requirements, we propose some  MVNO distributed architectures. First of all, we evaluate  the physical and virtual deployment time, then  we define the utility function of the equipment for  the different types of MVNOs. The utility function  evaluates the gain in deployment time for each type  of MVNO. This function has to be maximized. Our  study demonstrates that the data calls type is the best  MVNO candidate for virtualization. This latter consistently  yields the best overall utility across an important  number of network equipment to be virtualized by  varying the time required for software installation and  the time spent to determine the physical position of the  equipment.

 

Keyword:  MVNO · Virtualization · 3G network · Utility · Deployment time

 

 

Open Topics

 

Hybrid approach for modeling transient EM fields generated by large earthing systems

Moussa Lefouili & Kamel Kerroum¹, Khalil El Khamlichi Drissi²

¹LAMEL Laboratory, University of Jijel, B.P. 98, Ouled Aissa 18000 Jijel, Algeria

²LASMEA UMR 6602 du CNRS, 24 Avenue des Landais, 63177 Aubière Cedex, France

 

Abstract: A new hybrid approach is adopted in this paper  for modeling the transient electromagnetic fields radiated  by grounding systems under lightning strokes. This  approach is based on electrical dipole theory for determining  EM fields’ radiation in infinite conductive medium,  modified images theory, taking into account the interface in  the half space and transmission line approach for determining  the longitudinal and leakage currents. This model can  be used to predict the transient characteristic of grounding  systems because it can calculate electromagnetic field in  any point of interest; it is sufficiently accurate, time  efficient, and easy to apply.

 

Keywords: Transient . Earthing systems . Electromagnetic fields . Modified images theory

 

 

Lossy compression of volumetric medical images with 3D dead-zone lattice vector quantization

Yann Gaudeau¹, Jean-Marie Moureaux²

¹LSITT, Université de Strasbourg (ULP)-CNRS, Pole API, Bd S. Brant, Illkirch 67412, France

²CRAN, Nancy-Université-CNRS, Faculté des Sciences et Techniques, BP 239,Vandoeuvre-lès-Nancy Cedex F-54506, France

 

Abstract: This paper presents a new lossy coding scheme  based on 3D wavelet transform and lattice vector quantization  for volumetric medical images. The main contribution  of this work is the design of a new codebook enclosing a  multidimensional dead zone during the quantization step  which enables to better account correlations between  neighbor voxels. Furthermore, we present an efficient  rate–distortion model to simplify the bit allocation procedure  for our intra-band scheme. Our algorithm has been  evaluated on several CT- and MR-image volumes. At high  compression ratios, we show that it can outperform the best  existing methods in terms of rate–distortion trade-off. In  addition, our method better preserves details and produces  thus reconstructed images less blurred than the well-known  3D SPIHT algorithm which stands as a reference. 

 

Keywords: Lossy compression .  Volumetric medical images . 3D wavelet transform .  3D dead-zone lattice vector quantization 

 

 

An experimental illustration of 3D facial shape analysis under facial expressions

Boulbaba Ben Amor¹ · Hassen Drira¹ · Lahoucine Ballihi^1,2 · Anuj Srivastava³ · Mohamed Daoudi¹

¹Institut Telecom; Telecom Lille1, LIFL CNRS, Lille, France

²Faculté des Sciences, GSCM/LRIT, Rabat, Morocco

³Department of Statistics, Florida State University, Tallahassee, FL 32306, USA

 

Abstract: The main goal of this paper is to illustrate a geometric analysis of 3D facial shapes in the presence of varying facial expressions. This approach consists of the following two main steps: (1) Each facial surface is automatically denoised and preprocessed to result in an indexed collection of facial curves. During this step, one detects the tip of the nose and defines a surface distance function with that tip as the reference point. The level curves of this distance function are the desired facial curves. (2) Comparisons between faces are based on optimal deformations from one to another. This, in turn, is based on optimal deformations of the corresponding facial curves across surfaces under an elastic metric. The experimental results, generated using a subset of the Face Recognition Grand Challenge v2 data set, demonstrate the success of the proposed framework in recognizing people under different facial expressions. The recognition rates obtained here exceed those for a baseline ICP algorithm on the same data set.

Keywords: Facial shape analysis · 3D Face recognition · Automatic preprocessing

 

 

Model-based similarity estimation of multidimensional temporal sequences

Romain Tavenard¹ · Laurent Amsaleg² · Guillaume Gravier²

1IRISA / ENS Cachan, Campus de Beaulieu, 35 042 Rennes Cedex, France

2CNRS / IRISA, Campus de Beaulieu, 35 042 Rennes Cedex, France

 

Abstrac: Content-based queries in multimedia sequence  databases where information is sequential is a  tough issue, especially when dealing with large-scale  applications. One of the key points is similarity estimation  between a query sequence and elements of the  database. In this paper, we investigate two ways to compare  multimedia sequences, one—that comes from the  literature—being computed in the feature space while  the other one is computed in a model space, leading  to a representation less sensitive to noise. We compare  these approaches by testing them on a real audio  dataset, which points out the utility of working in the  model space.

Keyword:  Multidimensional feature sequences · Support vector regression · Temporal aspects · Similarity estimation in a model space

 

 

MPLS security: an approach for unicast  and multicast environments

Sahel Alouneh¹, Abdeslam En-Nouaary², Anjali Agarwal³

¹German-Jordanian University, Amman, Jordan

²Institut National des Postes et Telecommunications (INPT), Rabat, Morocco

³Concordia University, Montreal, QC, Canada

 

Abstract: Multi-Protocol Label Switching (MPLS) network  architecture does not protect the confidentiality of data  transmitted. This paper proposes a mechanism to enhance  the security in MPLS networks by using multi-path routing  combined with a modified (k, n) threshold secret sharing  scheme. An Internet Protocol (IP) packet entering MPLS  ingress router can be partitioned into n shadow (share)  packets, which are then assigned to maximally node  disjoint paths across the MPLS network. The egress router  at the end will be able to reconstruct the original IP packet  if it receives any k share packets. The attacker must  therefore tap at least k paths to be able to reconstruct the  original IP packet that is being transmitted, while receiving  k−1 or less of share packets makes it hard or even  impossible to reconstruct the original IP packet. In this  paper, we consider the multicast case in addition to the  unicast. To our best knowledge, no work has been  published for MPLS multicast security. We have implemented  our model and measured its time complexity on  variable packets size. 

Keywords: MPLS . Security . Confidentiality .  Threshold secret sharing scheme

 

 

 

 

A robust security scheme for wireless mesh  enterprise networks

Md. Abdul Hamid · M. Abdullah-Al-Wadud · Choong Seon Hong · Oksam Chae · Sungwon Lee

Department of Computer Engineering,  School of Electronics and Information,  Kyung Hee University, 1 Seocheon, Giheung, Yongin,  Gyeonggi 446-701, South Korea

 

Abstrac: In this paper, we address the security  challenges for wireless mesh enterprise networks  (WMENs). The topology and communication characteristics  of WMEN include the following: (a) deployment  of the network devices are not planar, rather,  devices are deployed over three-dimensional space  (e.g., office buildings, shopping malls, grocery stores,  etc.); (b) messages, generated/received by a mesh  client, traverse through mesh routers in a multihop  fashion; and (c) mesh clients, being mostly mobile in  nature, may result in misbehaving or be spurious during  communications. We propose a security scheme for  WMEN in order to ensure that only authorized users  are granted network access. Particularly, our scheme  includes: (a) a deterministic key distribution technique  that perfectly suits the network topology, (b) an efficient  session key establishment protocol to achieve  the client–router and router–router communications  security, and (c) a distributed detection mechanism to  identify malicious clients in the network. Analytical and  simulation results are presented to verify our proposed  solutions.

 

Keywords:Wireless mesh enterprise networks · Key distribution · Communications security · Malicious client detection