Source Accountability with Domain-brokered Privacy
Taeho Lee (Speaker), Christos Pappas, David Barrera, Pawel Szalachowski, Adrian Perrig
There are two network design objectives: accountability and privacy. And they are conflicting in network design.
This works tries to arrive a solution that both features are preserved.
The limitations of current best practice, APIP SIGCOMM’14, is two-fold: selective packet authentication and error reporting.
The speaker defines two objectives in a formal way: source accountability and communication privacy.
The solution has three components:
1/ ISP as accountability agent and privacy broker.
2/ Ephemeral ID: temporary network address given by the ISP
3/ Certificate for Ephemeral ID given from ISP to host
Q: Privacy guarantee under analysis with temporal correlation?
A: (wasn’t able to catch)
Q: About trust model. The solution does not trust ISP for the communication content, while it trusts ISP for hiding the identity of users.
A: It is a problem of balancing. You have to leak some info to enable the communicate, while still you want protect the most important part which is the content that could be seen.
A NEaT Design for Reliable and Scalable Network Stacks
Tomas Hruby (Speaker), Cristiano Giuffrida Lionel Sambuc Herbert Bos Andrew S. Tanenbaum
There are two expectations for OS design: reliability and scalable.
The current commodity OS might be scalable but not reliable.
As the reliability is achieved by testing and bug fixing, but not originated from design scheme.
The speaker argues the the key for reliability is fault isolation.
However physical isolation is not performant as it introduces communication overhead.
The proposition of this work bases on microkernel, where system processes are spread over dedicated cores.
This is not a scaling design, as there could be bottle necks come from single component.
A nature thinking is to replicate those component to scale up, in a way that:
1/ application don't need to know the system replica numbers;
2/ replicas work independently;
3/ no sharing among replicas, so there is no locks.
The proposed network stack implementation allows the shared memory among network stack replicas.
Q: How network stack replicas work together, e.g. DHCP lease from different replica?
A: There is only one single ip for the entire stack. And communications took place among replicas.
Q: Comment on lock-free.
A: It’s more about the way you programme, thread based or state-machine based.
Q: Fairness issue.
A: Components only run for a short time. Fairness can thus be achieved in a dynamic fashion.
ACACIA — Context-aware edge computing for continuous interactive applications over mobile networks
Junguk Cho (Speaker), Karthikeyan Sundaresan, Rajesh Mahindra, Jacobus Van der Merwe, Sampath Rangarajan
Continuous Interactive applications (CI) requires short latency.
Current enablers for CI:
1/ computation offloading to cloud;
2/ mobile networks, e.g. 5G;
3/ NFV & SDN;
4/ mobile edge computation;
5/ user context: location and interest of users.
Previous works mainly take a standalone approach.
The speak argues that it is not enough and thus proposes an end2end design, incorporating application, mobile network and user at the same time to delivery small delay for CI.
Then the speak presents the three components of the design.
1/ user context discovery
It uses publish and subscribe mechanism.
User pushes interest to LTE modem filter.
The later then listens the broadcast and sees if there is a match.
2/ mobile edge network
In this part, the speak explains how CI apps establishes new connection to mobile edge network.
3/ context aware application
App aware of user location can reduce searching space and reduce latency.
LTE-direct publisher is used to locate user.
Then follows the implementation and evaluation.
Q: Localisation accuracy.
A: Not as accurate as dedicated approach; but the work has shown the feasibility and latency decrease already. 3 meter error; with more publisher, error will further decrease.
Q: How about combining WIFI with LTE-direct publisher?
A: The design is extensible. But the author don't want to include other radio technologies for power consumption considerations.
Q: There are two mobile cores: EPC + EPC in mobile edge. How the two cores synchronise for a single user?
A: According to fig.5 in the article, the SGW-C & PGW-U insert rules into MEC basing on the user information to enable the connection from user to MEC.
Lying your way to be better traffic engineering
Marco Chiesa (Speaker), Gábor Rétvári, Michael Schapira
This work aims at enhancing the traditional TE scheme, in the situation where accurate knowledge on traffic demand is not available.
The problem is formulated as: given the network topology and traffic demand as input, construct per-destination DAG and traffic split that minimises the worst case link utilisation.
The speaker then decomposes the above problem into three steps:
1/ DAG construction.
In this step, shortest DAG is first calculated, then augmented with heuristics.
2/ traffic split in DAG
In order to reach optimality with reasonable computable complexity; the speaker casts the problem as a mixed linear-geometric programming problem.
3/ Legacy router configuration
One major contribution of the work is, when actual traffic deviates from the input traffic demand (i.e., with traffic uncertainty), the proposed scheme largely outperforms traditional TE scheme.
Q: Is split calculated for each TM snapshot over time?
A: The split is calculated for base TM.
Q: How it compares to source-destination networking?
A: They are two different settings. With source routing, you have more routing capability, but it is not compatible with traditional networking.
Q: What's the connection to SDN?
A: This work differs from traditional OSPF TE at these points 1/ explicit per dest DAG, instead of shortest DAG; 2/ per destination DAG and 3/ weighted in DAG split. Fibbing is just a way of implementing the proposed scheme. Other SDN configuration frameworks shall as well work.