Martin Waldburger, Legal Compliance in Commercial Service Provisioning Across Administrative Domains, In: Perspectives Workshop: Telecommunication Economics. 2008. (Conference Presentation)
|
|
Burkhard Stiller, WMAN 2008 - KuVS Fachgespräch über Mobile Ad-hoc Netzwerke, Universität Ulm, Fakultät für Ingenieurwissenschaften und Informatik, Ulm, Germany, 2008. (Book/Research Monograph)
|
|
David Hausheer, Cristian Morariu, Thomas Bocek, EmanicsLab: A distributed computing and storage testbed for EMANICS, 2008. (Other Publication)
|
|
Fabian Hensel, Flow-based and Packed level-based Intrusion Detection as Complementary Concepts, University of Zurich, Faculty of Economics, Business Administration and Information Technology, 2008. (Master's Thesis)
Network-based intrusion detection systems monitoring state-of-the-art high-volume net-
work links demand for more computational resources than available from conventional
computer hardware. Frequently, this problem is overcome by increasing the available
resources with dedicated, specialized hardware. Instead of employing expensive infras-
tructure, efficiently decreasing the amount of data to be processed may lead to the same
goal.
NetFlow enabled routers can be used as a source for aggregated connection data that
can be leveraged for intrusion detection purposes. Using a model, possible use cases for
combining conventional, packet-based and novel, flow-based intrusion detection are elabo-
rated. With the Bro intrusion detection system as a central component, an architecture to
combine both data sources is presented. In order to effectively reduce the amount of pack-
ets to be processed, a pre-filter employing flow data for the detection of peer-to-peer-based
and IRC-based botnets is presented.
The performed evaluation, based on the comparison of the new, combined approach and
the analysis of all packets, shows, depending on the implementation, a reduction of re-
source usage. Minor losses in the detection rate were observed. The prototypical imple-
mentation which was realized with existing software components shows synergy potentials
for combining NetFlow and packet data for intrusion detection purposes. Further work
is recommended, particularly to develop a flow-based pre-filter in a low-level language in
order to further enhance resource efficiency. |
|
Gregor Berther, Wuala Monitoringsystem - Erfassen, Speichern und Darstellen von relevanten Ereignissen in einem grossen verteilten Speichersysstem, University of Zurich, Faculty of Economics, Business Administration and Information Technology, 2008. (Master's Thesis)
Monitoring is an important concept to evaluate relevant events in a supervised system,
which helps to recognize undesired developments and to make strategical decisions for
further improvements. Especially in distributed systems, monitoring is not trivial, because
the necessary data is not locally available, but scattered on all of the network’s nodes. The system has no global state that can be simply supervised, but consists of lot of autonomous interacting nodes. Wuala is such a large-scale distributed storage system, which stores the user’s data in a peer-to-peer network. This diploma thesis describes the design and the implementation of the Wuala monitoring system. It provides a framework for a quick and simple collection of reports in every single part of Wuala. The gathered data is stored on a centralized database, where it can be visualized and analyzed with various programs. |
|
Eryk Jerzy Schiller, Paul Starzetz, Fabrice Theoleyre, Andrzej Duda, Properties of Greedy Geographical Routing in Spontaneous Wireless Mesh Networks, In: IEEE GLOBECOM 2007-2007 IEEE Global Telecommunications Conference, IEEE, Piscataway, New Jersey, US, 2007-12-26. (Conference or Workshop Paper published in Proceedings)
We analyze greedy geographical routing in spontaneous wireless mesh networks to show several interesting properties. First, we can approximate the dependence of packet loss probability on the mean node rank with a Fermi-Dirac function. When the mesh network grows, it becomes opaque to packets regardless of the average node rank. We also show that packet loss probability in mesh networks with greedy geographical routing does not exhibit the behavior of percolating systems. Finally, we propose an analytical model of greedy geographical routing and use it to derive packet loss probability. |
|
Michael Roth, A Java EE Framework for Managing Biometric Data based on BioLANCC, University of Zurich, Faculty of Economics, Business Administration and Information Technology, 2007. (Master's Thesis)
Biometric data has become an important subject in many situations that require control mechanisms. Besides passports with biometric information about a person or military applications, access controls for buildings or rooms based on biometric data are discussed. With the introduction of such a system, the management of the involved data is an important issue. BioLANCC is a software that supports this management. It has been developed for the centralized managment of biometric data and is being used at several places. In many use cases, the needs of the users cannot be met with a completely centralized access to the management software. More flexibility in terms of a distributed access is required. To provide this additional functionality, this work focuses on the creation of a framework that enables a distributed use of BioLANCC. This framework builds on the original BioLANCC and converts it into a Java EE web application. With this adaption of the original software, the biometric data can be managed from any place with an internet connection and a web browser. This work comprises evaluations of middleware and frameworks as well as the actual implementation of a prototype. |
|
Burkhard Stiller, Grid Services and Federations in the Future Internet, In: DATEV, Nürnberg - TrendScout Workshop. 2007. (Conference Presentation)
|
|
David Hausheer, Auctions for Virtual Network Environments, In: Workshop on Management of Network Virtualisation. 2007. (Conference Presentation)
|
|
Cristian Morariu, LINUBIA: A Linux-supported User-Based IP Accounting, In: 18th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management (DSOM 2007). 2007. (Conference Presentation)
|
|
Hasan Hasan, AURIC: A Scalable and Highly Reusable SLA Compliance Auditing Framework, In: 18th IFIP/IEEE International Workshop on Distributed Systems: Operations and Management (DSOM 2007). 2007. (Conference Presentation)
|
|
Hasan Hasan, Burkhard Stiller, AURIC: A Scalable and Highly Reusable SLA Compliance Auditing Framework, In: IFIP/IEEE International Workshop on Distributed Systems: Operations and Management, Springer, New York, 2007. (Conference or Workshop Paper published in Proceedings)
Service Level Agreements (SLA) are needed to allow business interactions to rely on Internet services. Service Level Objectives (SLO) specify the committed performance level of a service. Thus, SLA compliance auditing aims at verifying these commitments. Since SLOs for various application services and end-to-end performance definitions vary largely, automated auditing of SLA compliances poses the challenge to an auditing framework. Moreover, end-to-end performance data are potentially large for a provider with many customers. Therefore, this paper presents a scalable and highly reusable auditing framework and a prototype, termed AURIC (Auditing Framework for Internet Services), whose components can be distributed across different domains. |
|
Kevin Leopold, Decentralized Voting for Document Storage in a Peer-to-Peer Collaboration System, University of Zurich, Faculty of Economics, Business Administration and Information Technology, 2007. (Bachelor's Thesis)
Computergest¨utzte Kollaborationsmittel wie Online-Foren, Blogs oder Wikis sind immer
h¨aufiger in gemeinschaftlichen Projekten anzutreffen. Kooperationsmittel dieser Art haben
jedoch den Nachteil, dass sie f¨ur die Aufrechterhaltung dieses Dienstes grosse Mengen
an Speicher- und Netzwerkressourcen ben¨otigen. Dies hat wiederum zur Folge, dass ein
Weg gefunden werden muss, diese Ressourcen zu finanzieren. Ausserdem leiden Kollaborationssysteme
unter sogenanntem
”
Online-Vandalismus“, dem absichtlichen verf¨alschen
von Themeninhalten durch b¨osartige Benutzer.
In dieser Arbeit wird ein Prototyp eines vollst¨andig dezentralisierten Online-Kooperationsmittel
entworfen, implementiert und getestet, der L¨osungsans¨atze f¨ur die genannten
Probleme zeigt. Dazu wird ein P2P-Speichermechanismus, zur persistenten Sicherung von
Inhalten und der effizienten Nutzung vorhandener Ressourcen, kombiniert mit einem vollst
¨andig dezentralisierten Voting-Mechanismus. Dieser Voting-Mechanismus erlaubt es, das
Ver¨andern von Beitr¨agen durch die bisherigen Autoren dieser Beitr¨age zu kontrollieren
und somit Online-Vandalismus zu vermindern. ¨ Ahnlich wie das zentrale Kooperatiosmittel
Wikipedia, bietet der Prototyp den Benutzern an, beliebige Inhalte zu bestimmten
Themen abzurufen, zu speichern oder zu editieren.Computer-aided collaboration systems like online forums, blogs or wikis are often used in
communal projects. Unfortunately, large amounts of storage and network ressources are
needed in order to provide these services. This results in high costs for the service providers
and the need of a way to finance these ressources. Furthermore, online cooperation systems
suffer from so called
”
online vandalism“; the intentional falsification of article contents by
malicous users.
Along with this thesis, a prototype of a fully dezentralized online collaboration system
is designed, implemented and tested, which shows possible solutions for the mentioned
issues. For that purpose, a P2P storage mechanism, intended to persistently save articles
and efficiently use the available ressources of all connected users, is combined with a
fully dezentralized voting mechanism. That voting mechanism allows for the authors of a
document to control all changements made in their document and therefore to diminish
online vandalism. Similar to the cenralized cooperation system Wikipedia, the prototype
allows users to retrieve, save or edit articles for any given subject. |
|
Franck Rousseau, Yan Grunenberger, Vincent Untz, Eryk Jerzy Schiller, Paul Starzetz, Fabrice Theoleyre, Martin Heusse, Olivier Alphand, Andrzej Duda, An architecture for seamless mobility in spontaneous wireless mesh networks, In: Proceedings of 2nd ACM/IEEE International Workshop on Mobility in the Evolving Internet Architecture (MobiArch), ACM Press, New York, New York, USA, 2007-09-27. (Conference or Workshop Paper published in Proceedings)
In this paper, we consider spontaneous wireless mesh networks that can provide wide coverage connectivity to mobile nodes. Our mobility scheme builds upon separation between a persistent node identifier and its current address. When joining the mesh, a mobile node associates with a mesh router that updates a location service managed in the mesh as a distributed hash table. Mobility implies changing addresses while a node moves in the mesh. To keep the rate of location updates and correspondent node notifications low, the address of the new mesh router with which the mobile node is associated needs to be topologically close to the previous one. Thus, such a mobility scheme requires an addressing space with specific properties. We achieve this by defining an algorithm for constructing a pseudo-geographical addressing space: a few nodes know their exact locations and others estimate their relative positions to form a topologically consistent addressing space. Such an addressing space also enables scalable and low overhead routing in the wireless mesh---we propose a trajectory based long distance ballistic geographical routing. |
|
Martin Waldburger, Burkhard Stiller, Regulatory issues for mobile grid computing in Europe, In: 18th European Regional ITS Conference (ITS 2007), 2007-09-04. (Conference or Workshop Paper)
Regulatory issues for communications and value-added services determine a key requirement of study to ensure that a competitive and fair commercial usage within a legal domain can be achieved. Therefore, this paper pursues a comprehensive study identifying the key mobile grid regulations on a European level, while such grid services are considered to be of major importance for upcoming value-added services. The focus is put mainly on those regulatory determinations affecting areas neglected by the eCommunications framework, namely the areas of value-added services in mobile grids and of determinations governing relations among service providers and between service consumers and service providers. Thus, the major achievement here outlines the potential for open and unregulated mobile grid applications as well as services markets. Due to the lack of eCommunications determinations— as shown in a previous study [38]—, this new work ensures the careful consideration of fundamental consumer rights and competition efficiency for value-added services. |
|
Martin Waldburger, Burkhard Stiller, Regulatory Issues for Mobile Grid Computing in Europe, In: 18th European Regional ITS Conference (ITS 2007), Istanbul, Turkey, 2007. (Conference or Workshop Paper published in Proceedings)
|
|
Stefan Weibel, JBioDC-Treiber für einen Venenscanner, University of Zurich, Faculty of Economics, Business Administration and Information Technology, 2007. (Master's Thesis)
The importance of biometrics used for the identification of people has increased over the last few years. For example, it is used on the new Swiss passport, which was introduced 2006. For access control in buildings, the use of biometrics is on the increase. BioLANCC offers a central administration of biometric devices used for access control. In order to access biometric devices with BioLANCC, a driver has to be implemented. Nowadays, drivers for several finger scanners are already developed.This thesis describes the whole development of the BioLANCC driver for the palm vein scanner PalmSecure™ designed by Fujitsu. The implementation of this driver is based on JBioDC, an API that was developed for communicating with biometric devices. To control the vein scanner a control-software, called embedded system, was used. This software forms together with the PalmSecure™ vein scanner the embedded device. Based on the PalmSecure™ driver, an additional driver for the BioAPI framework was developed. This framework works as an interface between applications and biometric devices. |
|
Christophe Suter, Evaluation of an Accounting Model for Grid Infrastructures, University of Zurich, Faculty of Economics, Business Administration and Information Technology, 2007. (Master's Thesis)
In the age of increasing data amounts, the importance of Grid computing is growing. Huge amounts of data joined with increasingly complex models require high-performance computer environments to process and analyze it. This is the field of Grid computing with the possibility of combining heterogeneous and changing hardware at geographically separated locations. The resulting internetworking of organizations and people allows access to enormous resources. Being a neglected field mainly existing in scientific environments, Grids gain now the attention of industries. Amongst others, an important issue is a transparent and reliable accounting of Grid service requests.
Based on a theoretical development of an accounting model for Grid environments, this thesis evaluates in cooperation with the ""Hochleistungs-Rechenzentrum Stuttgart"" (HLRS) the accounting model within an existing Grid environment. The goal is an evaluation of this accounting model based on existing accounting and monitoring information of the HLRS environment. Focus lies on the integration in an existing Grid environment, on the granularity of information needs and on answering the question how well the Grid accounting model is able to calculate costs for a specific service request.
Given that not all necessary data was available for the evaluation and that the accounting model fulfilled the requirements for the HLRS environment, a next step would be the expansion and integration of the whole organization for being able to calculate the real product costs. Because of technical restrictions, some measuring points are not available at the moment, and another further work would be the development of monitoring tools to measure the bandwidth or the memory usage of the Grid customers. Further limiting this evaluation was the inexistence of virtual organizations, thus it could be very interesting to evaluate the accounting model under this aspect. |
|
Gregor Schaffrath, Applications and Issues of Distributed Intrusion Detection, In: Doctoral Seminar. 2007. (Conference Presentation)
|
|
Gregor Schaffrath, Challenges in Distributed Intrusion Detection Systems, In: Research Group Retreat. 2007. (Conference Presentation)
|
|