Institut für Informatik
Refine
Year of publication
- 2010 (18) (remove)
Document Type
- Diploma Thesis (6)
- Part of Periodical (6)
- Study Thesis (4)
- Bachelor Thesis (1)
- Doctoral Thesis (1)
Keywords
- Netzwerk (2)
- Routing (2)
- hybrid automata (2)
- API (1)
- Algorithm Engineering (1)
- Authentisierung (1)
- Automatisches Beweisverfahren (1)
- Computational logic (1)
- Context-aware processes (1)
- Controlling (1)
Institute
- Institut für Informatik (18)
- Fachbereich 4 (6)
The processing of data is often restricted by contractual and legal requirements for protecting privacy and IPRs. Policies provide means to control how and by whom data is processed. Conditions of policies may depend on the previous processing of the data. However, existing policy languages do not provide means to express such conditions. In this work we present a formal model and language allowing for specifying conditions based on the history of data processing. We base the model and language on XACML.
In this thesis a Java program is developed that can be used to visualize networks previously described in configuration files. These networks must consist of layer 2 switches and hosts only. After loading such a configuration file, the program will visualize the network, and the spanning tree algorithm IEEE 802.1D may be started. The program allows the user to modify specific attributes of switches and hosts. The hosts will be able to exchange messages. The switches are realized as threads so that they can run independently and parallel to each other. The absence of central coordination and control prevents the switches from sharing global knowledge. This characteristic renders the implementation closer to the way an actual network functions.
A network like the internet is a set of subnets that are connected to each other by a router. A router is a computer, containing multiple network devices to be connected to multiple subnets. So, it is able to forward packages from one subnet to another. A network can be represented as a graph with its routers as vertices and subnets as edges. This graph is called the topology of the network. A packet send to a host outside the own subnet usually will be send first to the so-called default router. This router (like any router) contains a table (the so-called forwarding table) with every subnet. Additionally for each net, the table contains the router through which the subnet can be reached best. So, the packet will be forwarded from router to router until it reaches the destination subnet. On this way every router looks up in its forwarding table for the best next router. A routing protocol takes care of the automatic exchange of informations between the routers to build the forwarding tables and keep them up to date. If the forwarding tables of all routers are up to date the network is called convergent. The time needed to build or update the routing tables is called the convergence time The RIP routing protocol is a well known and well explored distance vector protocol. But there are only few examinations about the convergence properties (e.g. the time needed to converge or the traffic volume produced by the routing messages). This work tries to examine a relationship between the topology properties of a network and the convergence properties of the rip routing protocol. Therefore, over 5000 single measurements were performed and statistically analyzed. Mathematical formulas have been derived from the results that are able to approximate the convergence properties of a network from its topology properties.
In this work, some network protocols with Wireshark Protokollanalyser should be observed and described the deal with them. Wireshark is an offshoot of "Ethereal", one of the most popular protocol analyzer. Wireshark analysis network traffic, draws on it and make it clear . For the simulation of the network is used VNUML. Since VNUML can only be used under Linux, andLinux is running as a virtual machine in between to work in Windows to be able to.
RMTI (RIP with Metric based Topology Investigation) wurde in der AG Rechnernetze an der Universität Koblenz-Landau entwickelt. RMTI stellt eine Erweiterung zum RIP (Routing Information Protocol) dar, die das Konvergenzverhalten bei Netzwerkveränderungen, insb. bei Routingschleifen, verbessern soll. Dies geschieht durch Erkennen von Routingschleifen und Reduzieren des Count-to-infinity Problems. Um dieses gewünschte Verhalten nachweisen zu können, bedarf eine reichhaltige Evaluierung des RMTI- Algorithmus. Hierzu wurde in der gleichen Arbeitsgruppe die Client-/Server-Applikation XTPeer entwickelt. In Kombination mit anderen Software wie VNUML und Quagga Routing Suite lässt sich per XT-Peer der Algorithmus evaluieren. Die Applikation XTPeer generiert durch die Simulationen Daten. Diese können in Form von XML konforme SDF-Dateien exportiert werden. Diese können ohne weitere Auswertungen wieder in die XTPeer Applikation importiert werden. Die Evaluierung der Simulationen findet automatisiert nur an der aktuellen Simulation statt. Evaluierung über mehrere Simulationen muss der Benutzer manuell berechnen. Um diese Evaluierungsarbeiten für den Benutzer zu vereinfachen, verfolgt die vorliegende Diplomarbeit daher das Ziel, die XTPeer Applikation mit einem Auswertungsmodul zu erweitern. Die Auswertungen soll sich über alle gespeicherten Simulationsdaten und nicht wie bisher nur über die aktuell laufende Simulation erstrecken. Dies ermöglicht bessere statistisch verwertbare Aussagen. Zusätzlich können diese Auswertungsergebnisse grafisch unterstrichen werden.
Dieses Dokument schlägt ein Konzept für eine Personal Key Infrastruktur in iCity vor. Über ein Trust Center (TC) ausgestellte Zertiffkate gewährleisten einen sicheren Schlüsselaustausch mit nachweisbarer Authentisierung des Kommunikationspartners, Abhörsicherheit sowie Unverf älschtheit und Nachweisbarkeit der Nachrichten. Das gemeinsam vertrauensw ürdige TC muss während der Kommunikation nicht erreichbar sein. Es erhält lediglich öffentliche Informationen. Das Konzept stellt mehrere Sicherheitsstufen vor, die sichere Identiffkation und Anonymität unterschiedlich gewichten.
Conventional security infrastructures in the Internet cannot be directly adopted to ambient systems, especially if based on short-range communication channels: Personal, mobile devices are used and the participants are present during communication, so privacy protection is a crucial issue. As ambient systems cannot rely on an uninterrupted connection to a Trust Center, certiffed data has to be veriffed locally. Security techniques have to be adjusted to the special environment. This paper introduces a public key infrastructure (PKI) to provide secure communication channels with respect to privacy, confidentiality, data integrity, non-repudiability, and user or device authentication. It supports three certiffcate levels with a different balance between authenticity and anonymity. This PKI is currently under implementation as part of the iCity project.
Hybrid automata are used as standard means for the specification and analysis of dynamical systems. Several researches have approached them to formally specify reactive Multi-agent systems situated in a physical environment, where the agents react continuously to their environment. The specified systems, in turn, are formally checked with the help of existing hybrid automata verification tools. However, when dealing with multi-agent systems, two problems may be raised. The first problem is a state space problem raised due to the composition process, where the agents have to be parallel composed into an agent capturing all possible behaviors of the multi-agent system prior to the verification phase. The second problem concerns the expressiveness of verification tools when modeling and verifying certain behaviors. Therefore, this paper tackles these problems by showing how multi-agent systems, specified as hybrid automata, can be modeled and verified using constraint logic programming(CLP). In particular, a CLP framework is presented to show how the composition of multi-agent behaviors can be captured dynamically during the verification phase. This can relieve the state space complexity that may occur as a result of the composition process. Additionally, the expressiveness of the CLP model flexibly allows not only to model multi-agent systems, but also to check various properties by means of the reachability analysis. Experiments are promising to show the feasibility of our approach.