The use of IP addresses as host IDs and locators in the present day Internet protocols imposes constraints on designing efficient solutions for mobility, multihoming, renumbering, and security. To eliminate the constraints, different approaches of introducing ID/locator split into future network architectures have been discussed recently. HIMALIS is such an architecture, which uses distinct sets of values for identifiers and locators and allows the network layer to change locators without requiring the upper layers to change identifiers. One of the major challenges of HIMALIS is the design and implementation of a distributed ID-to-locator mapping database system to efficiently store, update and provide the up-to-date mapping data to the network elements. For this purpose, this paper discusses the application of the Domain Trusted Entity (DTE) infrastructure to the HIMALIS architecture. It provides a unified manner to get locators from high level identifiers (names) with enhanced security, privacy, and trust, while maintaining all capabilities and full compatibility with the previous DNR, HNR, and IDR infrastructures found in HIMALIS.

For flexibility in supporting mobility and multihoming in edge networks and scalability of the backbone routing system, future Internet is expected to be based on the concept of ID/locator split. Heterogeneity Inclusion and Mobility Adaptation through Locator ID Separation (HIMALIS) has been designed as a generic future network architecture based on ID/locator split concept. It can natively support mobility, multihoming, scalable backbone routing and heterogeneous protocols in the network layer of the new generation network or future Internet. However, HIMALIS still lacks security functions to protect itself from various attacks during the procedures of storing, updating, and retrieving of ID/locator mappings, such as impersonation attacks. Therefore, in this paper, we address the issues of security functions design and implementation for the HIMALIS architecture. We present an integrated security scheme consisting of mapping registration and retrieval security, network access security, communication session security, and mobility security. Through the proposed scheme, the hostname to ID and locator mapping records can be securely stored and updated in two types of name registries, domain name registry and host name registry. Meanwhile, the mapping records retrieved securely from these registries are utilized for securing the network access process, communication sessions, and mobility management functions. The proposed scheme provides comprehensive protection of both control and data packets as well as the network infrastructure through an effective combination of asymmetric and symmetric cryptographic functions.

Future wireless/mobile system is expected to have heterogeneous wireless overlay networks for ubiquitous multimedia communication. In a such network environment, mobile users are likely to try to get attached to higher bandwidth network as bandwidth-hungry multimedia applications are increasing. However, the users have to perform vertical handoff to lower bandwidth network, as high bandwidth network become unavailable due to various reasons (such as its limited coverage, network congestion, etc.). In this paper, we discuss the problem of vertical handoff from a user's perspective. For this purpose, we formulate user satisfaction as a function of bandwidth utility and handoff latency. Then, we investigate the effect of call holding time, user movement probability, etc. on the satisfaction that a user derives from the use of network service for multimedia applications. In addition, based on the evaluation, we present an algorithm for selecting a wireless network, which maximizes the effective user satisfaction.

Network virtualization and slicing technologies create opportunity for infrastructure-less virtual network operators (VNOs) to enter the market anytime and provide diverse services. Multiple VNOs compete to provide the same kinds of services to end users (EUs). VNOs lease virtual resources from the infrastructure provider (InP) and sell services to the EUs by using the leased resources. The difference between the selling and leasing is the gross profit for the VNOs. A VNO that leases resources without precise knowledge of future demand, may not consume all the leased resources through service offers to EUs. Consequently, the VNO experiences loss and resources remain unused. In order to improve resource utilization and ensure that new entrant VNOs do not face losses, proper estimation of initial resource demand is important. In this paper, we propose a Bayesian game with Cournot oligopoly model to properly estimate the optimal initial resource demands for multiple entrant competing VNOs (players) with the objective of maximizing the expected profit for each VNO. The VNOs offer the same kinds of services to EUs with different qualities (player's type), which are public information. The exact service quality with which a VNO competes in the market is private information. Therefore, a VNO assumes the type of its opponent VNOs with certain probability. We derive the Bayesian Nash equilibrium (BNE) of the presented game and evaluate numerically the effect of service qualities and prices on the expected profit and market share of the VNOs.

Service function chain (SFC) is a series of ordered virtual network functions (VNFs) for processing traffic flows in the virtualized networking environment of future networks. In this paper, we present a mathematical model and dynamic programing based scheme for solving the problem of SFC placement on substrate networks equipped with network function virtualization (NFV) capability. In this paper, we first formulate the overall cost of SFC placement as the combination of setup cost and operation cost. We then formulate the SFC placement problem as an integer linear programing (ILP) model with the objective of minimizing the overall cost of setup and operation, and propose a delay aware dynamic programming based SFC placement scheme for large networks. We conduct numeric simulations to evaluate the proposed scheme. We analyze the cost and performance of network under different optimization objectives, with and without keeping the order of VNFs in SFC. We measure the success rate, resources utilization, and end to end delay of SFC on different topologies. The results show that the proposed scheme outperforms other related schemes in various scenarios.

Network function virtualization (NFV) enables network operators to flexibly provide diverse virtualized functions for services such as Internet of things (IoT) and mobile applications. To meet multiple quality of service (QoS) requirements against time-varying network environments, infrastructure providers must dynamically adjust the amount of computational resources, such as CPU, assigned to virtual network functions (VNFs). To provide agile resource control and adaptiveness, predicting the virtual server load via machine learning technologies is an effective approach to the proactive control of network systems. In this paper, we propose an adjustment mechanism for regressors based on forgetting and dynamic ensemble executed in a shorter time than that of our previous work. The framework includes a reducing training data method based on sparse model regression. By making a short list of training data derived from the sparse regression model, the relearning time can be reduced to about 57% without degrading provisioning accuracy.

The current Internet is not capable of meeting the future communication requirements of society, i.e., reliable connectivity in a ubiquitous networking environment. The shortcomings of the Internet are due to the lack of support for mobility, multihoming, security and heterogeneous network layer protocols in the original design. Therefore, to provide ubiquitous networking facilities to the society for future innovation, we have to redesign the future Internet, which we call the New Generation Network. In this paper, we present the Heterogeneity Inclusion and Mobility Adaptation through Locator ID Separation (HIMALIS) architecture for the New Generation Network. The HIMALIS architecture includes a new naming scheme for generating host names and IDs. It also includes a logical control network to store and distribute bindings between host names, IDs, locators and other information useful for providing support for network operation and control. The architecture uses such information to manage network dynamism (i.e., mobility, multihoming) and heterogeneity in network layer protocols. We verify the basic functions of the architecture by implementing and testing them using a testbed system.

The IETF (Internet Engineering Task Force) has developed a Network Mobility (NEMO) basic support protocol by extending the operation of Mobile IPv6 to provide uninterrupted Internet connectivity to the communicating nodes of mobile networks. The protocol uses a mobile router (MR) in the mobile network to perform prefix scope binding updates with its home agent (HA) to establish a bi-directional tunnel between the HA and MR. This solution reduces location-update signaling by making network movements transparent to the mobile nodes behind the MR. However, delays in data delivery and higher overheads are likely to occur because of sub-optimal routing and multiple encapsulation of data packets. To resolve these problems, we propose a mobile router-assisted route optimization (MoRaRo) scheme for NEMO support. With MoRaRo, a mobile node performs route optimization with a correspondent node only once, at the beginning of a session. After that the MR performs route optimization on behalf of all active mobile nodes when the network moves. The virtue of this scheme is that it requires only slight modification of the implementation of the NEMO basic support protocol at local entities such as the MR and mobile nodes of the mobile network, leaving entities in the core or in other administrative domains untouched. MoRaRo enables a correspondent node to forward packets directly to the mobile network without any tunneling, thus reducing packet delay and encapsulation overheads in the core network. To enable the scheme to be evaluated, we present the results of both theoretical analysis and simulation.

To support multimedia applications effectively in mobile networks, the handover latency or packet losses during handover should be very small. Addressing this issue, we present a cooperative mobile router-based handover (CoMoRoHo) scheme for long-vehicular multihomed mobile networks. The basic idea behind CoMoRoHo is to enable different mobile routers to access different subnets during a handover and cooperatively receive packets destined for each other. In general, packet losses are directly proportional to handover latency; however, the overlapped reception of packets from different subnets makes possible to minimize packet losses even without reducing handover latency. To evaluate the scheme, we carried out performance modeling of the CoMoRoHo scheme in comparison with the Fast Handover for Mobile IPv6 (FMIPv6) protocol in regard to the handover latency, packet loss, signaling overhead, and packet delivery overhead in access networks. The analysis results show that CoMoRoHo outperforms FMIPv6 by reducing the packet losses as well as signaling overheads by more than 50%. Moreover, CoMoRoHo imposes lower packet delivery overheads required for preventing packets from being dropped from access routers. We thus conclude that CoMoRoHo is a scalable scheme because its performance remains intact even when the access network is overloaded.

Limitations are found in the recent Internet because a lot of functions and protocols are patched to the original suite of layered protocols without considering global optimization. This reveals that end-to-end argument in the original Internet was neither sufficient for the current societal network and nor for a sustainable network of the future. In this position paper, we present design guidelines for a future network, which we call the New Generation Network, which provides the inclusion of diverse human requirements, reliable connection between the real-world and virtual network space, and promotion of social potentiality for human emergence. The guidelines consist of the crystal synthesis, the reality connection, and the sustainable & evolutional guidelines.

In this paper, we propose a method for automatic virtual resource allocation by using a multi-target classification-based scheme (MTCAS). In our method, an Infrastructure Provider (InP) bundles its CPU, memory, storage, and bandwidth resources as Network Elements (NEs) and categorizes them into several types in accordance to their function, capabilities, location, energy consumption, price, etc. MTCAS is used by the InP to optimally allocate a set of NEs to a Virtual Network Operator (VNO). Such NEs will be subject to some constraints, such as the avoidance of resource over-allocation and the satisfaction of multiple Quality of Service (QoS) metrics. In order to achieve a comparable or higher prediction accuracy by using less training time than the available ensemble-based multi-target classification (MTC) algorithms, we propose a majority-voting based ensemble algorithm (MVEN) for MTCAS. We numerically evaluate the performance of MTCAS by using the MVEN and available MTC algorithms with synthetic training datasets. The results indicate that the MVEN algorithm requires 70% less training time but achieves the same accuracy as the related ensemble based MTC algorithms. The results also demonstrate that increasing the amount of training data increases the efficacy ofMTCAS, thus reducing CPU and memory allocation by about 33% and 51%, respectively.

Both placing responsibility of message sending on every IoT object and obfuscating the object's location from other objects are essential to realize a secure and privacy-preserved communication service. Two or more short-lived link identifiers (or pseudonyms) authorized by a trustable authority are often used in related studies, instead of a persistent or long-term use link identifier (i.e. vendor assigned MAC address). However, related studies have limitations in terms of frequently changing pseudonyms to enhance location privacy because the cryptographic algorithms used in them fixedly couple object's identifiers with its security keys. To overcome those limitations, we present a new pseudonym and key management scheme that enables dynamic coupling of pseudonym and key pairs without incurring any adverse impacts. Furthermore, we propose two lightweight pseudonym allocation protocols to effectively reduce the volume of message carrying the allocation parameters. Through qualitative analyses, we verify that the proposed scheme is more scalable than related approaches as it can efficiently allocate enough number of pseudonym/key pairs by reducing the control message overhead by more than 90%.