Recently, SCTP is attracting attention to support mobility in the Internet because it does not require additional equipment such as the Home Agent of Mobile IP. This paper focuses on an SCTP fast handover mechanism using a single interface because it is assumed that small mobile devices have a single interface per communication medium such as IEEE802.11b due to hardware limitations. The proposed mechanism called SCTPmx employs a cross layer control information exchange system called LIES to predict handover. LIES was originally designed to achieve network layer fast handover and then it was extended by adding the network layer primitives for efficient interaction among the link layer, the network layer, and the transport layer. Prior to handover, SCTPmx can generate a new address that will be used after handover and can execute duplicate address detection of IPv6. SCTPmx can suppress the delay caused by channel scanning at the link layer by employing selective background scanning mechanism which allows to continue data communication during channel scanning. In addition, SCTPmx can notify the correspondent node of the new address before handover. SCTPmx was implemented on FreeBSD. SCTPmx achieved better than 25 times lower handover latency (100 msec) and 2 times higher throughput than previous proposals.

The Internet infrastructure is evolving with various approaches such as cloud computing. Interest in cloud computing is growing with the rise of services and applications particularly in business community. For delivering service securely, cloud computing providers are facing several security issues, including controlling access to services and ensuring privacy. Most of access control approaches tend to a centralization of policy administration and decision by introducing a mediator central third party. However, with the growth of the Internet and the increase of cloud computing providers, a centralized administration is no longer supported. In this paper, we present a new collaborative access control infrastructure for distributed cloud computing environment, supporting collaborative delegations across multiple domains in order to authorize users to access services at a visited domain that does not have a direct cooperative relationship with the user's home domain. For this purpose, we propose an extension of the XACML (eXtensible Access Control Markup Language) model with a new entity called Delegation Validation Point (DVP) to support multi-domain delegation in a distributed environment. We describe the new extended model and functionalities of the new component. In addition, we define new XACML messages for acquiring delegation across domains. For exchanging delegation between domains we use SAML (Security Association Markup Language) and Diameter protocol. Two Diameter applications are defined for transporting securely multiple delegation requests and answers and for building a trusted path of cooperation to acquire the chain of delegations. We detail the implemented prototype and evaluate performance within a testbed of up to 20 domains.

Distributed Mobility Management (DMM) defines Internet Protocol (IP) mobility which does not depend on centralized manipulation. DMM leads to the abatement of non-optimal routing, a single point of failure, and scalability problems appearing in centralized Mobility Management (MM). The fact that most DMM schemes are in the proposal phase and non-existence of a standardization, urge to investigate the proposed schemes thoroughly to confirm their capabilities and thereby, to determine the best candidate practice for DMM. This paper examines five novel DMM proposals discussed in the Internet Engineering Task Force (IETF) using router-level Internet Service Provider (ISP) topologies of Sprint (USA), Tiscali (Europe), Telstra (AUS), and Exodus (USA), as user mobility within an ISP network is considered the most realistic and recurrent user movement in the modern scope. Results reflect behavioral differences of schemes depending on the network. ISPs closer to the Internet core with high density of Point of Presences (PoPs) such as Sprint show poorer outcome when centralized anchors/controllers are employed while Proxy Mobile IP (PMIP) based enhancements offer higher reliability. In contrast, smaller ISPs that reside farther away from the Internet core yield better performance with SDN-Based and Address Delegation schemes. Although the PMIP-Based DMM schemes perform better during handover, their outturn is trivialized due to higher latency in the data plane. In contrast, the Address Delegation and SDN-Based schemes have excessive cost and latency in performing handover due to routing table updates, but perform better in data plane, suggesting that control/data plane split may best address the optimal routing.

This paper proposes a protocol to support mobile hosts in IPv6 by introducing a new addressing architecture and a new hop-by-hop option. This protocol also allows a mobile host to communicate with another host via a firewall machine which drops packets from untrustworthy hosts. The new addressing scheme is based on the separation of the identifier and the location of a mobile host. This is a straightforward implementation of the basic concept of VIP, a protocol providing seamless mobility in IPv4. The new hop-by-hop option of IPv6 allows a firewall machine to authenticate the source host of the forwarded packet with negligible overhead. The author plans to implement this protocol on several operating systems in the near future.

Cognitive radio in network core devices, such as basestations, is being considered as a spectrum management solution for future society's communication demands. Aside from new resource allocation algorithms, efficient inter- and intra-protocol processing should be considered. In this paper, we propose an opportunistic cross layer architecture called COmmon Layer Architecture (COLA) for information exchange between arbitrary layers in New Generation Networks with network-oriented cognitive radio. COLA provides a means for faster information exchange between OSI layers by introducing abstraction at each layer and designing primitives for communication between each abstraction layer. Emulation and simulation results showed improvements, compared to conventional networks, in disrupted service (42% reduction), average delay (47% reduced) and packet drop ratio (22% reduced) in the scenario analyzed.

Using “clean-slate approach” to redesign the Internet has attracted considerable attention. ZNA (Z Network Architecture) is one of clean-slate network architectures based on the layered model. The major features of ZNA are as follows: (1) introducing the session layer to provide the applications with sophisticated communication services, (2) employing inter-node cross-layer cooperation to adapt to the dynamically changing network conditions, (3) splitting the node identifier and the node locator for mobility, multi-homing, and heterogeneity of network layer protocols, (4) splitting the data plane and the control plane for high manageability, and (5) introducing a recursive layered model to support network virtualization. This paper focuses on the first three topics as well as the basic design of ZNA.