Browsing by Author "Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, Finland"
Now showing 1 - 11 of 11
Results Per Page
Sort Options
Item Access Control in Distributed Systems using SPKI Authorisation Certificates(Aalto University, 2015) Kortesniemi, Yki; Kari, Hannu, Prof., National Defence University, Finland; Särelä, Mikko, Dr., Aalto University, Department of Communications and Networking, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandIn distributed systems, the ability to effectively manage access to a large number of resources can be challenging. The situation becomes even more difficult, when there are limited computational resources or network availability to implement the access control solution. Examples are Internet of Things (IoT) applications, such as the many internet-connected devices at home. To make them easy to use, there has to exist a relatively simple way to manage the large number of devices and to, e.g., grant temporary access to some of them for a visiting friend. In this dissertation, I examine how the problem can be overcome with the Simple Public Key Infrastructure (SPKI), which expresses access rights as cryptographically signed authorisation certificates. I approach the issue from several angles. First, I develop a phase model to analyse the access control process / certificate life-cycle and use it to study SPKI and other certificate technologies for access control while pointing out areas requiring future work. Although SPKI has been studied for some 20 years, standardisation has not been completed. I identify three important missing parts of SPKI in utilising the certificates, as well as in managing and validating online conditions. I also expand the SPKI model to support usage quotas. I then design solutions for all these areas and analyse the resultant system for its applicability, scalability, security and usability. Of particular interest are system performance and privacy. My final focus area is certificate chain reduction, a proposed way to improve performance and privacy of SPKI. I study the approach in detail, identify the relevant design choices for the systems architect, and design a protocol for requesting reductions. For performance evaluation we implemented a prototype, which demonstrates that even modern embedded devices can reach transaction times of one second including all communication delays and using only a software implementation for cryptography. We also found that the transaction was over 40 % faster with chain reduction thus proving the promise of improved performance. Using such reductions does requires a reduction server, but calculations from our use case show that even with pessimistic assumptions, a single reduction server can support millions of users thus making scalability a manageable issue. Privacy-wise, SPKI is a good solution with support for anonymous identities - and chain reduction can further improve user privacy by hiding additional information. Finally, all my use cases demonstrate the same certificate chain structure, an hourglass-model, which I hypothesise is prevalent in many other systems, as well. It forms natural basis for reduction and provides for a consistent performance regardless of certificate chain length.Item Challenges in Cyber Security(Aalto University, 2018) Kiravuo, Timo; Särelä, Mikko, Dr., Aalto University, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandDigitalization is a megatrend that spreads information technology to all sectors of society. Networking information systems, especially through the Internet, is a key factor in digitalization. In addition to information processing, these systems increasingly control physical processes and, in particular, the critical infrastructure of the society. While digital control systems, as a rule, increase efficiency and reliability, they also provide a broad reachable interface that provides opportunities for malicious actions that threaten the safety and security of society. This doctoral dissertation studies the vulnerabilities and weaknesses of the digitalized society. The research area is wide and has been approached by examining several smaller topics. Key findings include mapping known vulnerabilities in Ethernet, and that intrusion protection systems are vulnerable to evasion techniques, even well known old attacks can pass the protection. Scanning the Finnish Internet networks revealed a large number of unprotected industrial control devices, many of which have known vulnerabilities. The work also describes the architecture of cyber weapons, lifting state actors up into a key threat. The thesis also examines protection against cyber threats: examining the usability of SPKI (Simple Public Key Infrastructure) certification techniques, presenting an analysis of the cyber response provided by Finland against a Stuxnet-like attack and ponders the effectiveness of active network scanning. As a conclusion, it should be noted that, within the framework of the current technology, it is not possible to achieve comprehensive protection against cyber threats by means of technology alone, nor can the critical infrastructure protection of society be left to the individual players in the industry alone. The missing part of the solution is careful regulation: the existing critical infrastructure regulation needs to be enhanced to protect against digital technology based harm, the systemic risk of networked information systems needs to be analyzed and, in the case of consumer products, incentives for companies and other actors to encourage voluntary protection should be encouraged. A similar approach has helped to resolve previous technological changes in society, such as the introduction of motor cars.Item Distributed Routing Bridges(Aalto University, 2016) Varis, Nuutti; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandIn the span of four decades, Ethernet has become the most widely deployed link-layer technology in data communication networks. It is used in various environments, including home, data center, wide area and metropolitan, and automotive networks. The commonly accepted reasons for the spread of Ethernet link-layer is its simplicity, cost efficiency, and the promise of a plug-and-play and zero-configuration network. The Ethernet link-layer is also associated with several issues that are evident in deployments to this day. Over time, mitigating or eliminating the issues have significantly complicated the overall Ethernet link-layer protocol stack. One typical issue in Ethernet deployments is the scalability of the network segment size. As the number of hosts connected to the link-layer increases, the communication model of the link and higher-layer protocols generate increasing numbers of broadcast traffic. Broadcast traffic populates all forwarding tables in network devices, and is delivered to and processed by all hosts in the network segment. Eliminating the major sources of broadcasting makes it possible to consider larger network segment sizes. This thesis presents the system design and experimental evaluation of an enhanced Ethernet forwarding protocol. The aim of the system design is to offer improved scalability and reliability compared to conventional Ethernet forwarding protocols, while still retaining the core features of Ethernet. This is realized by introducing additional features to the Routing Bridges protocol standard from the Internet Engineering Task Force (IETF), by combining it with a Distributed Hash Table (DHT) concept. To verify the design, it is extensively evaluated through multiple use cases that target specific characteristics of the overall system design. A look at the software-based processing performance cost of the system design is also presented with a comparison to a conventional forwarding device. The results presented in this thesis show that it is possible to enhance the Routing Bridges standard in a way that mitigates the effects of the prolific broadcast communication model in Ethernet networks. Simultaneously it is possible to support the enhanced features in mixed networks that contain conventional STP-based devices and Routing Bridges without host service disruption. In some network environments, it is also possible to improve the quality of service roaming hosts receive from the link-layer.Item Enhancing the Performance of UAV Communications in Cellular Networks(Aalto University, 2022) Hellaoui, Hamed; Chelli, Ali, Prof., University of South-Eastern Norway, Norway; Bagaa, Miloud, Dr., Aalto University, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandThe use of cellular networks as a communication infrastructure for Unmanned Aerial Vehicles (UAVs) has become the current trend. This would mainly enable beyond visual line-of-sight applications and allow UAVs to benefit from the latest evolutions achieved in cellular networks.Despite the advantages that cellular networks can bring to UAVs, several issues still need to be addressed. Indeed, cellular networks are deployed to serve ground user equipment (UEs), whereas UAVs' aerial communications are characterized by different channel conditions. Field evaluations have shown that flying UAVs can experience poor link quality, or even negatively affect ground communication. In addition, UAV applications can be deployed in a challenging environment characterized by different types of QoS (Quality of Services). For instance, UAVs can be deployed to provide network connectivity to ground devices, whereas each one of the latter requires sending two types of traffics with different QoS, at the same time. Furthermore, the consideration of cellular networks for UAVs can bring more opportunities that merit to be explored to enhance the communications, mainly in terms of taking advantage of the presence of several UAVs and Mobile Network Operators (MNOs). The main objective of the dissertation is to contribute to enhancing the performance of UAV communications in cellular networks. The contributions of this dissertation can be divided into six categories. First, as aerial communication presents different channel conditions, we are interested in modeling UAV communications in cellular networks and deriving expressions that define the performance indicators. All the contributions build from these expressions, and target performing network optimization to enhance UAV communications in cellular networks. Second, we consider a cellular network deployed to serve both UEs and UAVs, and we investigate their co-existence by enhancing their underlying performances. Next, we focus on supporting the co-existence of several QoS types in UAV communications. To this end, we consider the scenario where UAVs are deployed to provide network connectivity to ground devices, where each one of the latter requires two different QoS types. In the fourth and the fifth categories, we focus on new opportunities that cellular networks can bring to UAV communications. In particular, we investigate the possibility of taking advantage of the presence of several UAVs and MNOs in a way to enhance the performance of UAV communications. Finally, we explore the use of machine learning in order to enable fast optimization and enhance the performance of UAV communications. All the contributions of this dissertation have been validated with a series of performance evaluations.Item Evolution of Mobile Backhaul(Aalto University, 2017) Drozdy, Árpád; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandIn the last quarter of a century, wireless networks have dramatically transformed and redefined our lives. At first, cellular networks provided mobile telephone service; currently, they also offer mobile internet access. This technology has been evolving at an astonishing pace to provide ever-higher network capacities, increasing mobile internet data rates, and lower latency access. While radio access networks have drawn the most attention, the fixed network providing connectivity to the base stations - the backhaul network - has evolved at a similar pace. As innovations on the radio interface have continued to create issues for the backhaul, in turn, this has led to innovations on the backhaul network. This dissertation investigates six challenges for the backhaul network; it presents solutions to these challenges and evaluates their performance through simulations. One such challenge was the femtocell concept, which appeared with 3.5G systems. Femtocells are small cells that are backhauled by an arbitrary wired internet connection. Another challenge is the shift to Voice over Internet Protocol (VoIP). VoIP has led to very inefficient transportation of small and frequent voice packets, which are burdened by excessive packet overhead. This overhead can be reduced if the small packets are bundled or multiplexed together in order for multiple packets to share a single overhead. Adaptive multiplexing algorithms are proposed that further improve efficiency. A further issue is the backhaul requirement for Coordinated Multipoint (CoMP), which is a feature of 4G that increases radio interface efficiency. Its applicability is restricted by backhaul latency requirements. This dissertation describes a method that decreases these backhaul requirements, and allows its employment in more scenarios. Furthermore, a cognitive radio system concept is presented where the difference between the radio interface and backhaul is blurred. To provide the data rates promised by 5G, wireless networks have to turn to far higher frequencies, such as millimetre wavelengths; however, this implies very small maximum cell sizes. For providing backhaul for such dense deployments, a cost efficient technology candidate is multi-hop, millimetre-wave, in-band backhaul; the performance of which is also evaluated in this dissertation. Finally, the effect of rain fading on millimetre-wave multi-hop backhaul is also quantized. The results presented in this dissertation show that the individual backhaul challenges of each generation of wireless networks can be overcome with corresponding backhaul solutions.Item Mobile network delay characteristics and interactions with the transport layer(Aalto University, 2017) Schulte, Lennart; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking , Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandMobile networks have become an integral part of every day life, and many users rely on its presence and performance. In the past years user num bers and traffic volume has skyrocketed, as adoption of the technology continues to increase. The popularity of internet based services in mobile networks and the increase in user numbers makes the available resources precious and ever more important to use them: a user's satisfaction is inversely proportional to the time it takes for the requested content to load. While the mobile network sets an upper bound on the transmission rate, it is up to the delivering end point to make use of these resources, which for many applications is in the hands of the Transmission Control Protocol (TCP). As TCP has to make the best use of the resources in every situation, it is vital to understand the interactions between the protocol and the mobile network in order to achieve best performance. This work is a measurement based study on the performance of TCP in Finnish 3rd generation (3G) and 4th generation (4G) mobile networks. First, it is investigated how the round-trip time (RTT) behaves throughout end-to-end connections traversing mobile networks, on long term as well as on short term in the form of delay spikes. Second, the proper way for TCP to deal with these delay spikes is examined. Lastly, the interactions of TCP with the mobile network is investigated in real-life situations and causes for sub-optimal performance is extracted. The thesis concludes with a discussion on what is necessary to improve TCP performance in mobile networks, and the changes coming with future networks and algorithms.Item On improving usability and network management of challenging systems(Aalto University, 2019) Luostarinen, Riku; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandThe modern Internet is built on top of Internet Protocol (IP) and is based on the assumption of end-to-end connectivity, low packet loss, and low delay. However, also other kinds of network exist and they are common, e.g., in rescue and resiliency operations and in the military context. In these networks, the messaging is done over intermittently connected and heterogeneous network media using concepts of Delay/Disruption Tolerant Networking (DTN). Further, in these challenging network systems the operators are typically part of a strongly hierarchical organization structure, and the context of use is highly user-centric. This thesis focuses on improving the usability and network management of challenging network systems. In challenging systems, intermittent network connectivity and heterogeneity of underlying network media set challenges to both usability and management of the systems. Further, the harsh operation environment, users with different skills and computer literacy, and variation in terminal devices set additional challenges to the usability. The thesis presents technical solutions and UI design principles that can be used to improve the usability of challenging systems, and shows how the usability of challenging systems can be evaluated. Results of two usability evaluations are presented and analyzed, and suggestions based on the findings are given. Further, the thesis introduces a way to access and manage heterogeneous network interfaces of a system, and presents a related generalized solution that can be used to configure any heterogeneous system component. On the system level, the thesis shows how a network of a hierarchically structured organization that operates in a DTN environment can be managed using hierarchy-based methods. The thesis presents the impact of the hierarchy to network management centralization, network quality in different parts of the network, roles and responsibilities of the managing and managed nodes, and configurability and messaging between the nodes. A comparison to an equivalent non-hierarchical solution shows that hierarchical management requires proportionally more preconfiguration but improves performance significantly.Item On Providing Energy-efficient Data Transmission to Mobile Devices(Aalto University, 2016) Wang, Le; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Networking Technology; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandThe transformation from telephony to mobile Internet has fundamentally changed the way we interact with the world by delivering ubiquitous Internet access and reasonable cost of connectivity. The mobile networks and Internet services are supportive of each other and together drive a fast development of new services and the whole ecosystem. As a result, the number of mobile subscribers has skyrocketed to a magnitude of billions, and the volume of mobile traffic has boomed up to a scale no-one has seen before with exponential growth predictions. However, the opportunities and problems are both rising. Therefore, to enable sustainable growth of the mobile Internet and continued mobile service adaption, this thesis proposes solutions to ensure that the reduction of overall environmental presence and the level of QoE are mutually addressed by providing energy-efficient data transmission to mobile devices. It is important to understand the characteristics of power consumption of mobile data transmission to find opportunities to balance the energy consumption and the growth of mobile services and the data volumes. This research started with power consumption measurements of various radio interfaces and investigations of the trade-off between computation and communication of modern mobile devices. Power consumption models, state machines and the conditions for energy-efficient mobile data transmission were proposed to guide the development of energy-saving solutions. This research has then employed the defined guideline to optimise data transmission for energy-efficient mobile web access. Proxy-based solutions are presented in this thesis, utilising several strategies: bundling-enabled traffic shaping to optimise TCP behaviour over congested wireless links and keep the radio interface in low power consumption states as much as possible, offloading HTTP-object fetching to shorten the time of DNS lookups and web content downloading, and applying selective compression on HTTP payload to further reduce energy consumption of mobile data transmission. As a result, the solutions dramatically reduce the energy consumption of mobile web access and download time, yet maintain or even increase user experience.Item On upgrading the mobile Internet to the next generation Internet Protocol(Aalto University, 2015) Soininen, Jonne; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandThe growth in Internet usage has been phenomenal over the last decade. During the last few years more and more of this growth has come from mobile broadband access. The most widely used types of mobile broadband access are based on the standards defined by the 3rd Generation Partnership Project (3GPP). This growth, and the introduction of smartphones that are always connected to the Internet, have put a strain on the Internet infrastructure itself. Concretely, this strain is visible in the exhaustion of the Internet Protocol (IP) address space of the currently widely used Internet Protocol version, the Internet Protocol version 4 (IPv4). This dissertation describes how the address exhaustion can be solved in the 3GPP networks using a new version of the Internet Protocol - the IP version 6 (IPv6). IPv6 has been designed by the Internet Engineering Task Force (IETF) to address the shortcomings of IPv4 especially the limits of the address space. The dissertation shows how IPv6 support was designed and introduced to the second and third generation network specifications, how it has evolved through the time and what the current state is in the second, third and and fourth generation cellular networks. The original drivers for IPv6 adoption are also described along the intended scenarios for the transition to IPv6. Finally, the dissertation discusses the current state of the IPv6 adoption in the 3GPP networks in the market place. The research described in this dissertation has been adopted in the 3GPP specifications and implemented in millions of devices and networks all over the globe.Item Optimal control for energy-aware server farms(Aalto University, 2018) Gebrehiwot, Misikir Eyob; Aalto, Samuli, Dr., Aalto University, Department of Communications and Networking, Finland; Lassila, Pasi, Dr., Aalto University, Department of Communications and Networking, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandIn many cases, services hosted in server farms are designed to be highly available and fault tolerant in the presence of randomly varying traffic, which often translates into over-provisioning of the server farms targeting peak demand periods. Consequently, the servers spend a substantial amount of time in low utilization range, which also happens to be the range in which servers are far less energy efficient. Moreover, even when completely idle, servers still consume a large portion of their peak power. However, servers cannot be simply switched off to save energy for two main reasons. First, any energy saving obtained by switching servers off comes at the expense of reduced performance due to the setup delay required to switch servers back to an operational state. Furthermore, servers are rarely completely idle since dispatching policies are often designed in such a way that the workload is evenly distributed across the server farm, resulting in low but non-zero utilization during off-peak demand periods. Thus, a coordinated control approach needs to be devised to achieve energy savings by consolidating workload and placing unused servers in low-power states while still providing good performance. This thesis studies the energy-performance trade-off by applying queueing theoretic methods and by formulating the trade-off as a multi-objective optimization problem. Single-server models are first analyzed and the mean response time and mean power consumption metrics are derived. Compound cost functions are defined from these metrics and the control variables that minimize these cost functions are optimized. For such cost functions, it is shown under very general assumptions that in a single-server queue there is no gain from delaying the decision to switch off the server upon becoming idle. Instead the optimal decision is either to switch off immediately or never switch off. Server farms are modeled as parallel queueing systems with each server belonging to either a baseline or reserve group of servers. Energy-aware dispatching and power-control policies are developed so that the reserve servers are placed in a low-power state whenever possible. To this end, the dispatching decisions are studied by formulating the problem as a Markov Decision Process, and the resulting system is solved using the Policy Iteration method to construct a near-optimal dispatching policy. More simple, heuristic power-control and dispatching policies are also proposed to reduce the energy consumption of a server farm without compromising the performance.Item Performance and Usage Patterns of Mobile Networks(Aalto University, 2021) Walelgne, Ermias Andargie; Ott, Jörg, Prof., Aalto University, Finland; Tietoliikenne- ja tietoverkkotekniikan laitos; Department of Communications and Networking; Sähkötekniikan korkeakoulu; School of Electrical Engineering; Manner, Jukka, Prof., Aalto University, Department of Communications and Networking, FinlandThe popularity of mobile devices and the availability of various services over mobile cellular networks has increased over the past twenty years. Over time, mobile cellular network technologies have evolved, and the performance of wireless links from mobile devices to the core networks is increasing. Mobile applications and services require differ- ent network qualities to meet users’ expectations and increase the Quality of Experience (QoE). To support the increased number of users, and to deliver the capacity required by applications, mobile networks have become complex systems. The demand for high-quality experience in mobile cellular networks is in the interest of both end-users and providers. However, mobile network performance is affected by a multitude of network features. This includes radio technology, network bandwidth and coverage, signal strength, mobility, throughput, latency, and data usage patterns of users. This thesis analyzes mobile cellular network performance and usage patterns. We apply different data analysis methods and use various datasets collected through crowdsourcing and testbeds. We study various features of mobile networks and their effect on mobile network performance. We propose an estimation method for QoE in web browsing and discuss factors affecting web-flows performance in mobile networks. We present different models based on machine learning that predict network throughput, cluster, and classify mobile users’ data usage patterns. This thesis contributes to the evolving mobile networks by studying various network features that determine the performance of mobile networks and the data usage patterns of mobile users. The large-scale crowdsourced mobile network measurement datasets provide valuable input for understanding factors affecting the performance and quality of mobile networks. The study on the data usage patterns of mobile users provides significant input for understanding mobile users’ data usage patterns and behavior across different countries. The classification model on network stability and data usage patterns can be valuable input for network resource optimization. The study conducted on the feasibility of teleoperated driving and correlation-based network feature mapping shows how crowd-sourced datasets can be used to analyze different uses cases in mobile networks.