The Satellites represent a solution for Internet connectivity and data distribution in isolated locations, on high mobility platforms such as planes, ships or high-speed trains or for disaster recovery applications. However, due to the characteristics of the satellite systems, the data transmission over the satellite networks must face some challenges. In particular, performance, from both security and communication point of view, are strongly affected by several factors introduced by the characteristics of the satellite systems (i.e. wireless nature, latency, link availability, propagation channel, link asymmetry, etc.), which significantly impact in particular web based applications, increasing both in terms of volumes and complexity Satellite networks, either commercial or military, are prone to different security threats. To care security of the information sent over the satellite networks is very important, considering that the typology of services usually carried over includes emergency management, telemedicine, banking, off shore and airplane connectivity. In this thesis, novel end-to-end robust security architecture is introduced for securing DVB-RCS satellite networks. This security architecture is inspired by the robust security mechanism available in IEEE 802.11i WLAN but considers the particular characteristics of the satellite networks. An efficient authentication and key management mechanism is proposed, which performs the mutual authentication and key distribution through three round-trips only. Modular formalization for the security correctness is presented to prove that the proposed framework is as secure as IEEE 802.11i. Furthermore, the simulation results show that the proposed security framework has a very small data overhead and a better performance than IPSec, which is commonly used as end-to-end security solution over IP satellite networks. The other aspect addressed in this thesis is Web performance over satellite using the future web technologies, such as SPDY protocol. SPDY is a new application technology, introduced by Google, to accelerate Web transfers over common terrestrial links. Most of the SPDY techniques (i.e. header compression, pushing and multiplexing) have been usually included in satellite Performance Enhancing Proxies (PEPs) to optimize performance. Therefore, SPDY over satellite is expected to provide end-to-end performance optimization solution without requiring any specific modification over the network. Proof of such an improvement is revolutionary for the role of satellite in the future Internet, since it could be considered as a transparent link, which does not need ad-hoc protocol adaptations. Performance assessment of the protocol has been obtained through a satellite emulator that reproduces in software a DVB-RCS link while running real implementations of both TCP/IP stacks and SPDY.
Abdelsalam, A. (2015). End-to-end security and resource optimization for broadband satellite networks [10.58015/abdelsalam-ahmed_phd2015].
End-to-end security and resource optimization for broadband satellite networks
ABDELSALAM, AHMED
2015-01-01
Abstract
The Satellites represent a solution for Internet connectivity and data distribution in isolated locations, on high mobility platforms such as planes, ships or high-speed trains or for disaster recovery applications. However, due to the characteristics of the satellite systems, the data transmission over the satellite networks must face some challenges. In particular, performance, from both security and communication point of view, are strongly affected by several factors introduced by the characteristics of the satellite systems (i.e. wireless nature, latency, link availability, propagation channel, link asymmetry, etc.), which significantly impact in particular web based applications, increasing both in terms of volumes and complexity Satellite networks, either commercial or military, are prone to different security threats. To care security of the information sent over the satellite networks is very important, considering that the typology of services usually carried over includes emergency management, telemedicine, banking, off shore and airplane connectivity. In this thesis, novel end-to-end robust security architecture is introduced for securing DVB-RCS satellite networks. This security architecture is inspired by the robust security mechanism available in IEEE 802.11i WLAN but considers the particular characteristics of the satellite networks. An efficient authentication and key management mechanism is proposed, which performs the mutual authentication and key distribution through three round-trips only. Modular formalization for the security correctness is presented to prove that the proposed framework is as secure as IEEE 802.11i. Furthermore, the simulation results show that the proposed security framework has a very small data overhead and a better performance than IPSec, which is commonly used as end-to-end security solution over IP satellite networks. The other aspect addressed in this thesis is Web performance over satellite using the future web technologies, such as SPDY protocol. SPDY is a new application technology, introduced by Google, to accelerate Web transfers over common terrestrial links. Most of the SPDY techniques (i.e. header compression, pushing and multiplexing) have been usually included in satellite Performance Enhancing Proxies (PEPs) to optimize performance. Therefore, SPDY over satellite is expected to provide end-to-end performance optimization solution without requiring any specific modification over the network. Proof of such an improvement is revolutionary for the role of satellite in the future Internet, since it could be considered as a transparent link, which does not need ad-hoc protocol adaptations. Performance assessment of the protocol has been obtained through a satellite emulator that reproduces in software a DVB-RCS link while running real implementations of both TCP/IP stacks and SPDY.File | Dimensione | Formato | |
---|---|---|---|
Thesis-Ahmed.pdf
solo utenti autorizzati
Licenza:
Copyright degli autori
Dimensione
3.42 MB
Formato
Adobe PDF
|
3.42 MB | Adobe PDF | Visualizza/Apri Richiedi una copia |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.