Endpoint admission control: architectural issues and performance
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
Measurement-Based Call Admission Control: Analysis and Simulation
INFOCOM '97 Proceedings of the INFOCOM '97. Sixteenth Annual Joint Conference of the IEEE Computer and Communications Societies. Driving the Information Revolution
RTAS '05 Proceedings of the 11th IEEE Real Time on Embedded Technology and Applications Symposium
A Secure Data Transmission Mechanism for Cloud Outsourced Data
International Journal of Cloud Applications and Computing
| Hi-index | 0.00 |
In this paper the network architecture under consideration is secure networking, in which an IPSec Tunneling encryption device is located at the boundary between the insecure LAN and the secure WAN. This architecture has been used in many DoD tactical networks to satisfy the COMSEC requirements. Since there is virtually no information allowed to be sent across the IPSec Tunneling device, a lot of the vital information on the WAN side (where radio links form a mobile ad hoc network), like topology and link bandwidth data, can not be made known to the LAN side, where end-users are located. This makes providing end-to-end QoS support in this type of network very challenging. Although it is assumed that Differentiated Services (DiffServ, as described in RFC 2475) is implemented in the WAN routers, DiffServ by itself is not enough to provide satisfactory end-to-end QoS support due to the dynamic nature of the WAN. To address this, a study was launched under the ARMY CERDEC Multi-functional On-the-move Secure Adaptive Integrated Communications (MOSAIC) program to investigate the effectiveness of a real-time observationbased Bandwidth Broker solution to provide end-to-end QoS support in this type of secure mobile ad hoc network, without violating any security requirement of the IPSec Tunneling device. In this paper, the findings of our investigation are reported. The core of our solution is a light-weight call admission control and preemption control module located at the LAN side to provide end-to-end QoS assurance. The salient feature of our solution is that call admission control and preemption control decision is based on the real-time measurements on the traffic loading. The traffic loading data enables the admission and preemption algorithm to quickly react to the status change of the network caused by radio dynamics and traffic congestion. As such, together with DiffServ, our traffic loading based admission and preemption algorithm ensures the high-priority missioncritical applications are protected. We simulated the QoS architecture using OPNET to evaluate the performance characteristics. We studied the performance over five different priority classes (as suggested by the DoD GIG QoS/CoS Working Group) for six different applications. The performance metrics under consideration include average delay per priority class for UDP applications, throughput and file transfer completion time for TCP applications, and per class preemption/blocking probability. Our study showed that this integrated solution exhibited superb end-to-end QoS performance over a wide range of traffic loadings.