Enforcing access control policies in Information-Centric Networking (ICN) is difficult due to there being multiple copies of contents in various network locations. Traditional Access Control List (ACL)-based schemes are ill-suited for ICN, because all potential content distribution servers should have an identical access control policy or they should contact a centralized ACL server whenever their contents are accessed by consumers. To address these problems, we propose a distributed capability access control scheme for ICN. The proposed scheme is composed of an internal capability and an external capability. The former is included in the content and the latter is added to a request message sent from the consumer. The content distribution servers can validate the access right of the consumer through the internal and external capabilities without contacting access control policies. The proposed model also enhances the privacy of consumers by keeping the content name and consumer identification anonymous. The performance analysis and implementation show that the proposed scheme is feasible and more efficient than other access control schemes.

Named Data Networking (NDN) has emerged as an alternative to traditional IP-based networking for the achievement of Information-Centric Networking (ICN). Currently, most NDN is deployed over IP networks, but such an overlay deployment increases the transport network overhead due to the use of dual network control planes (NDN routing and IP routing). Software-Defined Networking (SDN) can be used to mitigate the network overhead by forwarding NDN packets without the use of IP routing. However, to deploy NDN over SDN, a variable NDN content name needs to be mapped to a fixed-size match field in an OpenFlow switch flow table. For efficient support of such a mapping task, we propose a new architecture that uses dual name for content: content name and Name Tag. The Name Tag is derived from the corresponding content name and is a legitimate IPv6 address. By using the proposed Name Tag, the SDN with an NDN control application can transport an IPv6 packet that encapsulates an NDN packet for an NDN name-based routing. We emulate the proposed architecture using Mininet and verify that it is feasible.

Random scattering of sensors may cause some location not to be covered. In such a case, it is useful to make use of mobile sensors that can move to eliminate the coverage holes. Wang et al [1]. proposed self-deployment schemes of mobile sensors by using Voronoi polygon. However, some coverage holes still remain after the execution of the schemes. We propose a new self-deployment scheme using the centroid (geometric center) of each sensor's Voronoi polygon as the moving target position. The performance evaluation shows that the proposed scheme achieves better results than the existing schemes in terms of fast coverage expansion.

A key challenge in developing energy-efficient sensor networks is to extend network lifetime in resource-limited environments. As sensors are often densely distributed, they can be scheduled on alternative duty cycles to conserve energy while satisfying the system requirements. Directional sensor networks composed of a large number of directional sensors equipped with a limited battery and with a limited angle of sensing have recently attracted attention. Many types of directional sensors can rotate to face a given direction. Maximizing network lifetime while covering all of the targets in a given area and forwarding sensor data to the sink is a challenge in developing such rotatable directional sensor networks. In this paper, we address the maximum directional cover tree (MDCT) problem of organizing directional sensors into a group of non-disjoint subsets to extend network lifetime. One subset, in which the directional sensors cover all of the targets and forward the data to the sink, is activated at a time, while the others sleep to conserve energy. For the MDCT problem, we first present an energy-consumption model that mainly takes into account the energy expenditure for sensor rotation as well as for the sensing and relaying of data. We also develop a heuristic scheduling algorithm called directional coverage and connectivity (DCC)-greedy to solve the MDCT problem. To verify and evaluate the algorithm, we conduct extensive simulations and show that it extends network lifetime to a reasonable degree.

The integration of VANETs with Internet is required if vehicles are to access IP-based applications. A vehicle must have an IP address, and the IP mobility service should be supported during the movement of the vehicle. VANET standards such as WAVE or C-ITS use IPv6 address auto configuration to allocate an IP address to a vehicle. In C-ITS, NEMO-BS is used to support IP mobility. The vehicle moves rapidly, so reallocation of IP address as well as binding update occurs frequently. The vehicle' communication, however, may be disrupted for a considerable amount of time, and the packet loss occurs during these events. Also, the finding of the home address of the peer vehicle is not a trivial matter. We propose a network based identifier locator separation scheme for VANETs. The scheme uses a vehicle identity based address generation scheme. It eliminates the frequent address reallocation and simplifies the finding of the peer vehicle IP address. In the scheme, a network entity tracks the vehicles in its coverage and the vehicles share the IP address of the network entity for their locators. The network entity manages the mapping between the vehicle's identifier and its IP address. The scheme excludes the vehicles from the mobility procedure, so a vehicle needs only the standard IPv6 protocol stack, and mobility signaling does not occur on the wireless link. The scheme also supports seamlessness, so packet loss is mitigated. The results of a simulation show that the vehicles experience seamless packet delivery.

Three representative protocols are proposed to support mobility for IPv6 in IETF: Mobile IPv6, Hierarchical Mobile IPv6, and Fast Handovers for Mobile IPv6. Recently, IEEE 802.11 network has been widely deployed in public areas for mobile Internet services. In the near future, IPv6 mobility support over IEEE 802.11 network is expected to be a key function to actualize the pure IP-based mobile multimedia service. The IPv6 mobility support protocols have their characteristics in terms of signaling, handover latency, lost packets, and required buffer size. In this paper, we analyze the performance of the protocols over IEEE 802.11 network. We define a packet-level traffic model and a system and mobility model. Then, we construct a framework for the performance analysis. We also make cost functions to formalize each protocol's performance. Lastly, we investigate the effect of varying parameters used to show diverse numerical results.

In this paper, Proxy Mobile IPv6 (PMIPv6), which is a network-based mobility management protocol, is adapted to the OpenFlow architecture. Mobility-related signaling is generally performed by network entities on behalf of a mobile node, but in standard PMIPv6, the control and data packets are delivered and processed over the same network entities, which prevents the separation of the control and the data planes. In addition, IP tunneling inherent to PMIPv6 imposes excessive overhead for the network entities. In order to adapt PMIPv6 to the OpenFlow architecture, the mobility management function is separated from the PMIPv6 components, and components are reconstructed to take advantage of the offerings of the OpenFlow architecture. The components configure the flow table of the switches located in a path, which comprise the OpenFlow controller. Mobility-related signaling can then be performed at the dedicated secure channel, and all of the data packets can be sent normally in accordance with the flow table of the OpenFlow switches. Consequently, the proposed scheme eliminates IP tunneling when user traffic is forwarded and separates the data and the control planes. The performance analysis revealed that the proposed scheme can outperform PMIPv6 in terms of the signaling cost, packet delivery cost, and handover latency.

Target Q coverage is needed to secure the stability of data collection in WSN. The targets may have different level of importance then the multiple-target coverage scheme must schedule sensors according to each target's weight to increase the network lifetime. The schedule scheme previously proposed for weighted coverage uses an iterative solution to solve the problem but it has long computation time. We propose a heuristic greedy-TQC algorithm to use the residual energy of sensors to generate multiple scheduling cover sets. A simulation shows a dramatic reduction in computation time. The greedy-TQC algorithm is suitable for the frequently topology-changing WSN and for the often changing targets' weights in WSN.

Proxy Mobile IPv6 (PMIPv6) is proposed as a new network-based local mobility protocol which does not involve the Mobile Node (MN) in mobility management. PMIPv6, which uses link-layer attachment information, reduces the movement detection time and eliminates duplicate address detection procedures in order to provide faster handover than Mobile IPv6 (MIPv6). To eliminate packet loss during the handover period, the Local Mobility Anchor (LMA) buffering scheme is proposed. In this scheme, the LMA buffers lost packets of the Mobile Access Gateway (MAG) and the MN during the handover and recovers them after handover. A new Automatic Repeat reQuest (ARQ) handler is defined which efficiently manages the LMA buffer. The ARQ handler relays ARQ result between the MAG and the MN to the LMA. The LMA removes any buffered packets which have been successfully delivered to the MN. The ARQ handler recovers the packet loss during the handover using buffered packets in the LMA. The ARQ information, between the MAG and LMA, is inserted in the outer header of IP-in-IP encapsulated packets of a standard PMIPv6 tunnel. Since the proposed scheme simply adds information to the standard operation of an IP-in-IP tunnel between the LMA and the MAG, it can be implemented seamlessly without modification to the original PMIPv6 messages and signaling sequence. Unlike other Fast Handovers for Mobile IPv6 (FMIPv6) based enhancement for PMIPv6, the proposed scheme does not require any handover related information before the actual handover.

The IETF Mobile IPv6 enables any IPv6 node to both cache the Care-of Address associated with a mobile node's home address, and to directly send packets addressed to a mobile node at the Care-of Address using the IPv6 routing header. Support for optimizing the route is built in as a fundamental part of the protocol. Several hierarchical schemes have been presented recently on top of the Mobile IPv6. These schemes separate micro-mobility from macro-mobility and exploit a mobile node's locality. They can reduce the number of signaling messages sent to a home network and improve hand-off performance. However, existing hierarchical schemes do not achieve route optimization. When external correspondent nodes send packets to a mobile node, these packets are intercepted by an intermediate mobility agent encapsulated and routed to the mobile node. In this paper, we propose a new hierarchical scheme that enables any correspondent node to cache two Care-of Addresses; the mobile node's temporary address and the intermediate mobility agent's address. Also, we introduce two lifetimes managing the two Care-of Addresses. Until the lifetime associated with the mobile node's temporary address expires, a correspondent node can send packets directly to the mobile node. If the lifetime expires but the lifetime associated with the intermediate mobility agent's address has not expired, the correspondent node sends packets to the intermediate mobility agent. This proposal can reduce delay in packet delivery and optimize routing. Furthermore, based on the mobility of a mobile node, we introduce more reduced frequency of binding update and longer period of the lifetimes than the existing hierarchical schemes. Therefore, our proposal can reduce the binding update bandwidth as well as the packet delivery bandwidth lower than those of the IETF IPv6 and the existing hierarchical schemes.