The Satellites represent a solution for Internet connectivity and data distribution in isolated locations, on high mobility platforms such as planes, ships or high-speed trains or for disaster recovery applications. However, due to the characteristics of the satellite systems, the data transmission over the satellite networks must face some challenges. In particular, performance, from both security and communication point of view, are strongly affected by several factors introduced by the characteristics of the satellite systems (i.e. wireless nature, latency, link availability, propagation channel, link asymmetry, etc.), which significantly impact in particular web based applications, increasing both in terms of volumes and complexity Satellite networks, either commercial or military, are prone to different security threats. To care security of the information sent over the satellite networks is very important, considering that the typology of services usually carried over includes emergency management, telemedicine, banking, off shore and airplane connectivity. In this thesis, novel end-to-end robust security architecture is introduced for securing DVB-RCS satellite networks. This security architecture is inspired by the robust security mechanism available in IEEE 802.11i WLAN but considers the particular characteristics of the satellite networks. An efficient authentication and key management mechanism is proposed, which performs the mutual authentication and key distribution through three round-trips only. Modular formalization for the security correctness is presented to prove that the proposed framework is as secure as IEEE 802.11i. Furthermore, the simulation results show that the proposed security framework has a very small data overhead and a better performance than IPSec, which is commonly used as end-to-end security solution over IP satellite networks. The other aspect addressed in this thesis is Web performance over satellite using the future web technologies, such as SPDY protocol. SPDY is a new application technology, introduced by Google, to accelerate Web transfers over common terrestrial links. Most of the SPDY techniques (i.e. header compression, pushing and multiplexing) have been usually included in satellite Performance Enhancing Proxies (PEPs) to optimize performance. Therefore, SPDY over satellite is expected to provide end-to-end performance optimization solution without requiring any specific modification over the network. Proof of such an improvement is revolutionary for the role of satellite in the future Internet, since it could be considered as a transparent link, which does not need ad-hoc protocol adaptations. Performance assessment of the protocol has been obtained through a satellite emulator that reproduces in software a DVB-RCS link while running real implementations of both TCP/IP stacks and SPDY.

Abdelsalam, A. (2015). End-to-end security and resource optimization for broadband satellite networks [10.58015/abdelsalam-ahmed_phd2015].

End-to-end security and resource optimization for broadband satellite networks

ABDELSALAM, AHMED
2015-01-01

Abstract

The Satellites represent a solution for Internet connectivity and data distribution in isolated locations, on high mobility platforms such as planes, ships or high-speed trains or for disaster recovery applications. However, due to the characteristics of the satellite systems, the data transmission over the satellite networks must face some challenges. In particular, performance, from both security and communication point of view, are strongly affected by several factors introduced by the characteristics of the satellite systems (i.e. wireless nature, latency, link availability, propagation channel, link asymmetry, etc.), which significantly impact in particular web based applications, increasing both in terms of volumes and complexity Satellite networks, either commercial or military, are prone to different security threats. To care security of the information sent over the satellite networks is very important, considering that the typology of services usually carried over includes emergency management, telemedicine, banking, off shore and airplane connectivity. In this thesis, novel end-to-end robust security architecture is introduced for securing DVB-RCS satellite networks. This security architecture is inspired by the robust security mechanism available in IEEE 802.11i WLAN but considers the particular characteristics of the satellite networks. An efficient authentication and key management mechanism is proposed, which performs the mutual authentication and key distribution through three round-trips only. Modular formalization for the security correctness is presented to prove that the proposed framework is as secure as IEEE 802.11i. Furthermore, the simulation results show that the proposed security framework has a very small data overhead and a better performance than IPSec, which is commonly used as end-to-end security solution over IP satellite networks. The other aspect addressed in this thesis is Web performance over satellite using the future web technologies, such as SPDY protocol. SPDY is a new application technology, introduced by Google, to accelerate Web transfers over common terrestrial links. Most of the SPDY techniques (i.e. header compression, pushing and multiplexing) have been usually included in satellite Performance Enhancing Proxies (PEPs) to optimize performance. Therefore, SPDY over satellite is expected to provide end-to-end performance optimization solution without requiring any specific modification over the network. Proof of such an improvement is revolutionary for the role of satellite in the future Internet, since it could be considered as a transparent link, which does not need ad-hoc protocol adaptations. Performance assessment of the protocol has been obtained through a satellite emulator that reproduces in software a DVB-RCS link while running real implementations of both TCP/IP stacks and SPDY.
2015
2014/2015
Sistemi e Tecnologie per lo Spazio
27.
Aerospace Implants; Aerospace Systems; Satellites; Broadband; Data Transmission
Settore ING-IND/05 - IMPIANTI E SISTEMI AEROSPAZIALI
Settore IIND-01/E - Impianti e sistemi aerospaziali
English
Tesi di dottorato
Abdelsalam, A. (2015). End-to-end security and resource optimization for broadband satellite networks [10.58015/abdelsalam-ahmed_phd2015].
File in questo prodotto:
File Dimensione Formato  
Thesis-Ahmed.pdf

solo utenti autorizzati

Licenza: Copyright degli autori
Dimensione 3.42 MB
Formato Adobe PDF
3.42 MB Adobe PDF   Visualizza/Apri   Richiedi una copia

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/2108/203072
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact