Your search keyword '"Hongke Zhang"' showing total 9 results

1. CIDMS: a security connection identifier mapping system for universal network

Author

Daochao Huang, Dong Yang, Hongke Zhang, and Fei Song

Subjects

Identifier, Unique identifier, Fragment identifier, Computer science, business.industry, Distributed computing, User identifier, Network Access Identifier, The Internet, Denial-of-service attack, business, Network Service Access Point Identifier

Abstract

The identifier split is a design principle for new Internet architectures such as Universal Network, Lisp, which make Internet more scalable, reliable and security. One important form of identifier split in Universal Network is connection identifier/access identifier (CID/AID) split which is introduced to improve security isolation during communication. Using CID/AID split, terminals communicate with each other without knowledge of the opponent's access identifier, so as to eliminate targeted attacks such as denial-of-service attack. This spit relies on a mapping system to resolve a flat connection identifier that identifies a session to one or several appropriate access identifiers in response to mapping requests for specific connection identifier. In this paper we present a secure CID/AID split mechanism and its corresponding mapping system: CIDMS. We also present simulations of mapping system's performance, evaluate its resolution delay and scalability.

Published

2011

2. The cognitive mobility management based on the identifier/location split mechanism

Author

Hongke Zhang, Huachun Zhou, Changqiao Xu, and Jianfeng Guan

Subjects

Identifier, Network architecture, Engineering, Mobility model, Cognitive radio, Handover, business.industry, The Internet, business, Spectrum management, Mobility management, Computer network

Abstract

The mobility management of the traditional Internet consists of the location management and handover management to support movement of space and time. While with the introduction of the cognitive radio technology, the mobility management has to consider the location management, handover management, and spectrum management to deal with the mobility of space, time and spectrum. Furthermore, the cognitive radio allows the cognitive user can access to different frequencies and networks, which results in the interconnection problems due to the different network architectures. In this paper, we investigate the recent development of the new Internet architecture and mobility management, and propose a mobility management scheme in the cognitive Internet based on the Identity/Location Split (ILS) mechanism. The proposed scheme takes the cognitive mobility management as the single-interface heterogeneous handover problem, and adopts the AID (Accessing Identifier) and RID (Routing Identifier) to separate the identity and location of the traditional IP, and introduces the global mapping mechanism to maintain the relationship between the AID and RID to realize the mobility support for space, time and spectrum.

Published

2011

3. Modeling the TTL-based mapping cache

Author

Hongbin Luo, Xiaoqian Li, Hongke Zhang, and Feng Qiu

Subjects

Computer Science::Performance, Computer Science::Hardware Architecture, Smart Cache, Hardware_MEMORYSTRUCTURES, Computer science, Cache invalidation, Cache coloring, Bus sniffing, Page cache, Cache, Parallel computing, Cache-oblivious algorithm, Cache algorithms

Abstract

In the Locator/ID separation network, the mapping cache in the border routes plays an important part to improve the network performance and the user experience. In this paper, we model the Time-To-Live (TTL)-based mapping cache to evaluate the cache hit rate. The analytical models get a formula of the cache hit rate as a function of the distribution of packet inter-arrival time and the value of TTL. In the mapping cache, the lifetime of a cache item is reset to TTL if it is fetched. The analytical models are based on a simple assumption that the sequence of inter-arrival time of packets can be modeled as independent, identically distributed (i.i.d.) random variables. The cache hit rate depends on the inter-packet time distribution and we derive the empirical distribution of inter-packet time from our campus network data. The accuracy of our models and the i.i.d. assumption is proved by comparing the results from the trace driven simulation, the renewal assumption with the empirical distribution obtained from the trace data, and using the renewal assumption with the analytical distribution. We also give the trace driven simulation results on the number of mapping items versus the change of the TTL to better understand the mapping cache behavior.

Published

2011

4. Performance investigation of IPsec protocol over IPv6 network

Author

Xin Wen, Hongke Zhang, Wei Su, Jianfeng Guan, and Changqiao Xu

Subjects

business.industry, computer.internet_protocol, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Testbed, Throughput, Transmission security, IPv6, Packet loss, IPsec, The Internet, business, computer, Computer network, Data transmission

Abstract

IPsec is a core security protocol suite for next generation IPv6-based Internet. With the growing demand for bulk data transmission over next generation Internet such as high-speed multimedia communications, P2P large file sharing and so on, it brings increasing need to evaluate the performance of data transmission with the IPsec over IPv6 networks. In this paper, we investigate the end-to-end throughput, delay, jitter and packet loss for UDP-based multipath transmission with IPsec over IPv6 testbed. The evaluation and analysis results can assist us to design a compromise balancing way between transmission security and performance for the specific applications.

Published

2010

5. An overview of future information network research (Abstract only)

Author

Hongke Zhang

Subjects

Identifier, Network architecture, Service (systems architecture), Service layer, business.industry, Computer science, Routing (electronic design automation), Network layer, Layer (object-oriented design), business, Network model, Computer network

Abstract

Summary form only given. Due to historical reasons, the original model of existing information networks is that one network corresponds to one main service, and this mode can't adapts well to increasing multi-demands of networks and services. So network architecture should be redesigned urgently based on new network concept and protocols. We have studied the main issues in future information network, and give the new architecture of future information network. According to research on theories of layer division of current various information networks, we find that the structure of every network can be divided into two basic layers, one is service layer and the other is network layer. Therefore we propose a new two-layer architecture model, that is "Pervasive Service Layer" and "Switching and Routing layer". On "Switching and Routing layer", we conclude that the routing principles of various networks are similar. They fulfill data exchanging and forwarding and have only few differences in data formats and services supported. So we propose generalized switching and routing theory, separating and mapping of access identifier, which is the core of universal network model and theory. On "Pervasive Service Layer", we find that the principles of various networks are similar: all services (businesses) set up link first, then the link selects routes based on the switching and routing principle, and realize data transportation. Based on this similar principle, we propose the parsing and mapping theory between "service identifier" and "connection identifier", which is the core of pervasive service model and theory, addressing the pervasive service issue.

Published

2010

6. A cross-layer design for mobile peer-to-peer video on demand services

Author

Jianfeng Guan, Hongke Zhang, Changqiao Xu, and Lujie Zhong

Subjects

Multimedia, Computer science, business.industry, IMT Advanced, Mobile computing, Mobile Web, computer.software_genre, Application layer, Mobile search, Mobile technology, business, computer, Mobile device, Computer network, Mobile collaboration

Abstract

With the evolution of mobile technology, we have witnessed a great improvement in the communication ability, computing power and memory size of mobile devices. Mobile networks thus can provide much more interesting services, such as multimedia streaming. Video on Demand (VoD) is expected to be one of the most attractive services over the next generation mobile Internet. Delivering VoD efficiently over mobile networks is a significant challenge. Inspired by the great success of P2P networks, this paper proposes a cross-layer solution for Mobile Peer-to-Peer (MP2P) VoD delivery. This framework is based on a MP2P overlay network constructed at the application layer and makes used of the Stream Control Transmission Protocol at the transport layer for efficient video distribution.

Published

2010

7. A chord-based handoff authentication scheme under ID/locator separation architecture

Author

Ying Liu, Huachun Zhou, Ming Wan, and Hongke Zhang

Subjects

ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, Access network, Handover, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Authentication scheme, Architecture, Chord (peer-to-peer), business, Computer network

Abstract

Aiming at resolving the problem of the fast handoff authentication under ID/locator separation architecture, this paper presents a secure handoff authentication scheme based on Chord. This scheme not only adapts for our architecture of ID/locator separation, but also holds the characteristics of Chord which can lookup the target fast. When completing the double-way authentication between the terminals and access network, this scheme can make the terminals achieve the fast handoff authentication in different access networks. By the use of identity label, this scheme effectively guarantees the authenticity of the mobile terminals in the handoff process, and synchronously ensures the security of the handoff authentication under ID/locator separation architecture.

Published

2010

8. A new context awareness scheme for multi-mode mobile terminals in mobile Internet

Author

Hongzeng He, Qi Liu, Hongke Zhang, and Wei Su

Subjects

Public land mobile network, Radio access network, Engineering, business.industry, Mobile database, Mobile computing, Mobile search, Context awareness, Mobile technology, Mobile Web, business, Computer network

Abstract

Mobile Internet should provide pervasive services anywhere, anytime, and in numerous ways. Therefore, it is demanded that users could visit Internet services through any kind of radio access technology. Context awareness for multimode mobile terminals (MMT) in Mobile Internet is very important in next generation wireless mobile communications. It is the foundation of network co-operation and seamless access for user services. In this paper, a new context awareness scheme for MMT is proposed. And monitoring models for context awareness is also raised. The scheme is based on mobile agent technology, which is beneficial for saving monitoring cost of MMT. Furthermore, a mechanism of radio access network (RAN) monitoring is presented. This mechanism is on the basis of cognitive radio and reconfiguration technologies. It not only improves the intelligence of MMT but also can be widely applied in heterogeneous radio environment. Signal detecting method is designed, and the process of this mechanism is also given. Finally, in the context composed of 4 kinds of overlapped RANs, the availability of this scheme is proved by simulation results.

Published

2010

9. Design and implementation of lightweight encryption and signature protocol for universal network

Author

Hongke Zhang, Sidong Zhang, Jianfeng Guan, Changqiao Xu, Hongchao Wang, and Yuanzhi Hong

Subjects

Router, Spoofing attack, Network packet, business.industry, Computer science, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Access control, Computer security, computer.software_genre, Encryption, Identifier, Header, The Internet, business, computer, Computer network

Abstract

The identifier spoofing is a common threat problem which the access control protocol of Internet faces. In order to make sure that the identity of legal terminal avoids being spoofed, the identity can't be imitated by third-party and the data packets between the terminal and Access Switching Router (ASR) should be added with a signature. In this paper, we design and implement a kind of signature mechanism in lightweight encrypted form to achieve security and efficiency purpose for the access control protocol in the Universal Network. The mechanism of the encryption to the communication between terminals and ASR in the way of adding an additional expansion header is the key point of this paper.

Published

2010