Open Access

Verschiedene intelligente Heimautomatisierungsgeräte wie Lampen, Schlösser und Thermostate verbreiten sich rasant im privaten Umfeld. Ein typisches Kommunikationsprotokoll für diese Geräteklasse ist Bluetooth Low Energy (BLE). In dieser Arbeit wird eine strukturierte Sicherheitsanalyse für BLE vorgestellt. Die beschriebene Vorgehensweise kategorisiert bekannte Angriffsvektoren und beschreibt einen möglichen Aufbau für eine Analyse. Im Zuge dieser Arbeit wurden einige sicherheitsrelevante Probleme aufgedeckt, die es Angreifern ermöglichen die Geräte vollständig zu übernehmen. Es zeigte sich, dass im Standard vorgesehene Sicherheitsfunktionen wie Verschlüsselung und Integritätsprüfungen häufig gar nicht oder fehlerhaft implementiert sind.

Avoiding possible interference is a key aspect to maximize the performance in Wi-Fi based Long Distance networks. In this paper we quantify self-induced interference based on data derived from our testbed and match the findings against simulations. By enhancing current simulation models with two key elements we significantly reduce the deviation between testbed and simulation: the usage of detailed antenna patterns compared to the cone model and propagation modeling enhanced by license-free topography data. Based on the gathered data we discuss several possible optimization approaches such as physical separation of local radios, tuning the sensitivity of the transmitter and using centralized compared to distributed channel assignment algorithms. While our testbed is based on 5 GHz Wi-Fi, we briefly discuss the possible impact of our results to other frequency bands.

More and more low-power wide-area networks (LPWANs) are being deployed and planning the gateway locations plays a significant role for the network range, performance and profitability. We choose LoRa as one LPWAN technology and evaluated the accuracy of the Received Signal Strength Indication (RSSI) of different chipsets in a laboratory environment. The results show the chipsets report significantly different RSSI. To estimate the range of a LPWAN beforehand, path loss models have been proposed. Compared to previous work, we evaluated the Longley-Rice Irregular Terrain Model which makes use of real-world elevation data to predict the path loss. To verify the results of that prediction, an extensive measurements campaign in a semi-urban area in Germany has been conducted. The results show that terrain data can increase the prediction accuracy.

Two key questions motivated the work in this paper: What is the impact of different usage schemes for multiple channels in a dual-radio Wireless Mesh Network (WMN), and what is the impact of some popular WMN routing protocols on its performance. These two questions were evaluated in a small and simple real-world scenario. A major concern was reproducibility of the results. We show that it is beneficial to use both radios on different frequencies in a fully meshed environment with four routers. The routing protocols Babel, B.A.T.M.A.N. V, BMX7 and OLSRv2 recognize a saturated channel and prefer the other one. We show that in our scenario all of the protocols perform equally well since the protocol overhead is comparably low not influencing the overall performance of the network.

This paper describes the security mechanisms of several wireless building automation technologies, namely ZigBee, EnOcean, ZWave, KNX, FS20, and Home-Matic. It is shown that none of the technologies provides the necessary measure ofsecurity that should be expected in building automation systems. One of the conclusions drawn is that software embedded in systems that are build for a lifetime of twenty years or more needs to be updatable.

SDN and WMN evolved to be sophisticated technologies used in a variety of applications. However, a combined approach called wmSDN has not been widely addressed in the research community. Our idea in this field consists of WiFi-based point-to-point links managed by the OpenFlow protocol. We investigate two different issues regarding this idea. First, which WiFi operational mode is suitable in an OpenFlow managed broadcast domain? Second, does the performance decrease compared with other routing or switching principles? Therefore, we set up a real-world testbed and a suitable simulation environment. Unlike previous work, we show that it is possible to use WiFi links without conducting MAC address rewriting at each hop by utilizing the 4-address-mode.

WiFi-based Long Distance (WiLD) networks have emerged as a promising alternative technology approach for providing Internet in rural areas. An important factor in network planning of these wireless networks is estimating the path loss. In this work, we present various propagation models we found suitable for point-to-point (P2P) operation in the WiFi frequency bands. We conducted outdoor experiments with commercial offthe- shelf (COTS) hardware in our testbed made of 7 different long-distance links ranging from 450 m to 10.3 km and a mobile measurement station. We found that for short links with omni-directional antennas ground-reflection is a measurable phenomenon. For longer links, we show that either FSPL or the Longley-Rice model provides accurate results for certain links. We conclude that a good site survey is needed to exclude influences not included in the propagation models.

This book constitutes the thoroughly refereed post-conference proceedings of the Third International ICST Conference on e-Infrastructure and e-Services for Developing Countries, AFRICOMM 2011, held in Zanzibar, Tansania, in November 2011. The 24 revised full papers presented together with 2 poster papers were carefully reviewed and selected from numerous submissions. The papers cover a wide range of topics in the field of information and communication infrastructures. They are organized in two tracks: communication infrastructures for developing countries and electronic services, ICT policy, and regulatory issues for developing countries.

For efficient deployment of new reliable multicast applications in heterogeneous mobile Internet environments, appropriate retransmission strategies are proposed. The focus is the minimization of the protocol overhead for reliable transport taking into account behaviour in mobile networks (oss and handover behaviour) and application requirements (such as carousel file transfer, one-to-many download and media streaming combined with recording). The proposed techniques are designed as building blocks for localized multicast error control supported by access routers. Considering IETF RMT standardization work, the discussed retransmission approaches can be used for flexible configuration of tree-based reliable multicast protocols in converged wired and wireless Internet environment. The implementation developed for the European project DAIDALOS [1] is based on Linux IPv6 environment. Simulations in ns2 focusing on the benefits of the proposed multicast retransmission schemes for particular application scenarios are presented.

With the rapid advances in multimedia content delivery technologies, there is an increasing challenge for efficient Quality of Service (QoS) based multicast transport in mobile Internet environment. This paper discusses architectural approach for provision of multicast services in heterogeneous mobile IPv6 environment using context transfer. Following issues of QoS based mobile multicast transport are addressed: - Application of context transfer between access routers for seamless handover of active multicast services; - Adaptation of multicast group management and routing designed for wired IPv6 infrastructures to heterogeneous mobile environment; - Candidate access router discovery and context aware user interfaces for optimised handover; - Reliable mobile multicast for content delivery supported by context transfer at access routers; - Distributed QoS management of multicast services in heterogeneous mobile environment. The work is part of the mobile architecture developed in the EU IST project DAIDALOS.

In this paper we examine the impact of multiple packet loss due to a Mobile IP handoff on the performance of TCP. When a mobile node performs a handoff, a sequence of packets sent to the mobile node can get lost due to the mobile node’s logical disconnection from the network during the handoff.

3rd Generation networks as proposed by 3GPP claim to follow the path towards fixed-mobile convergence and full support of Internet services. Although the providers have obviously recognised the dynamics of the Internet, their attempt to provide IP-services over the system has led to a circuit switched architecture. This forthcoming infrastructure will be a sophisticated, complicated, and quite expensive network, with some IP-equipment in the middle (core-network). From an IETF-biased engineers view, some parts of this network and protocols could be dropped, except that they are probably needed for backward compatibility. But since backward compatibility and saving of investment is a major concern of the standardising bodies, the evolving architectures carry a big burden.

This paper presents the current stage of an IP-based architecture for heterogeneous environments, covering UMTS-like W-CDMA wireless access technology, wireless and wired LANs, that is being developed under the aegis of the IST Moby Dick project. This architecture treats all transmission capabilities as basic physical and data-link layers, and attempts to replace all higher-level tasks by IP-based strategies.

The Internet Engineering Task Force (IETF) is currently working on the development of Differentiated Services (DiffServ). DiffServ seems to be a promising technology for next-generation IP networks supporting Quality-of-Services (QoS). Emerging applications such as IP telephony and time-critical business applications can benefit significantly from the DiffServ approach since the current Internet often can not provide the required QoS. This paper describes an implementation of Differentiated Services for Linux routers and end systems. The implementation is based on the Linux traffic control package and is, therefore, very flexible. It can be used in different network environments as first-hop, boundary or interior router for Differentiated Services. In addition to the implementation architecture, the paper describes performance results demonstrating the usefulness of the DiffServ concept in general and the implementation in particular.

Bei der Datenübertragung im Internet ist es wünschenswert, daß unterschiedliche Datenpackete unterschiedlich behandelt werden können, damit für die zeitkritischen Anwendungen wie Internet-Telefonie die größere Priorität gewährleisten könnte. Erst dann kann ein Netzbetreiber seinen Kunden verschiedene Dienstqualitäten anbieten. Zwei grundsätzliche Mechanismen existieren, um dem Netzwerk solche Anforderungen mitzuteilen: explizit, indem vor der eigentlichen Datenübertragung Kotrollnachrichten ausgetauscht werden; implizit, indem jedes Datenpacket eine Kennzeichnung erhält. Der zweite, Differentiated Services(DS), Ansatz ist Thema dieses Referates. Bei DS wird jedem Packet den sogenannten DS-Codepoint (DSCP) im IP-Header zugewiesen, und dementsprechend erfährt ein Datenpaket eine bestimmte Behandlung durch einen DS-fähigen Router. Drei unterschiedliche Dienstklassen wurde bisher spezifiziert: Best-Effort entspricht dem derzeit im Internet verwendeten Mechanismus; Premium-Service entspricht einer virtuellen Mietleitung und soll eine rasche Weiterleitung von Paketen gewährleisten; Datenpakete mit Assured Forwarding Service (AFS) sollen besser behandelt werden als Best-Effort. Bei AFS wurden insgesamt drei Verlustklassen und vier Weiterleitungsklassen definiert. Es wird auch verschiedene Typ von DS-Router vorgestellt und diskutiert. Der praktische Einsatz erfolgte bisher immer in Laborumgebung (Uni Bern, Uni Karlsruhe, EPFL, Forschungszentrum NEC Research), größere Feldversuche stehen noch aus.

Recent developments in the standardization of the future Internet (driven by the IETF) and next generation telecom networks (driven by 3GPP) show a convergence towards each other. While it is currently unknown if and to what extend this development leads to a unified technical approach (in terms of signaling, routing, mobility management, charging and security) for both real-time (voice / video) and non-real-time (data) networks, the vision of an All-IP-based communication environment for all classes of traffic is one relevant option to look at.

The term "virtual studio" refers to real-time 3D graphics systems used to render a virtual set in sync with live camera motion. As the camera pans and zooms, the virtual set is redrawn from the correct perspective. Using blue room techniques, actors in front of the real camera are then “placed in” the virtual set. Current virtual studio systems are centralized – the blue room, cameras, renderers etc. are located at a single site. However distributed configurations offer significant economies such as the sharing of expensive rendering equipment among many sites. This paper describes early expe- riences of the DVP1 project in the realization of a distributed virtual studio. In particular we de- scribe the first video production using a distributed virtual studio over ATM and make observations concerning network QOS requirements.

An Information on Demand teleservice that was developed at the German National Research Center for Information Technology (GMD) provides remote access to multimedia information consisting of audio, video, and text [jonas et al. 94]. It uses a bidirectional narrowband message link between the end user and the service provider, and a unidirectional broadband data link from the service provider to the end user. Since the IoD teleservice is used across a satellite connection (among others), it turned out to be necessary to implement an access protocol that is optimized for the access of real-time multimedia data across a long-delay high-bandwidth link, a long fat pipe [jacobsen et al. 92]. This paper introduces the MediaService Protocol (MSP) and describes a prototype implementation (version 0.6).