Networking, Computing and Control Technologies

1- Optical Networking and IP Traffic

Start and End Dates
October 1, 2000 – April 30, 2004

Principal Investigator

• Hussein Mouftah, Professor and CRC Chair in Optical Networking at the University of Ottawa

Co-Investigators

• Gregor Bochmann, Professor, SITE, University of Ottawa
• Dan Ionesco, Professor, SITE, University of Ottawa
• Dimitris Makarakis, Professor, SITE, University of Ottawa
• Luiz Orozco-Barbosa, Professor, SITE, University of Ottawa
• Ioannis Lambadaris, Professor, Department of Systems and Computer Engineering, Carleton University
• Michel Savoie, Program Manager, Broadband Applications & Optical Networking, CRC

Industry Partner
Nortel

Summary:
Communication networks today are built over optical fiber links with WDM technology and employ optical switches for provisioning purposes. Fast switching capabilities are expected to be available in the near future and be employed not only for provisioning of optical end-to-end channels including protection switching, but also for dynamic bandwidth allocation, and maybe in the more distant future, for packet switching (e.g.  burst mode). The main objectives of this research project were to focus research on the following topics:

• Development of new operations, administration and management approaches for future optical networks. This included network architectures and algorithms for fast wavelength routing, protection switching, optimal resource allocation and in general, considering particular constraints of optical networks such as distinction between port and wave-length switching.
• Transport of internet IP traffic to address IP traffic aggregation into the wave-length channels of the optical network, packet switching in burst mode, and the problems of end-to-end routing from the (electronic) ingress Internet domain into the (optical) backbone network and then through the (electronic) egress domain to the final destination.

The research work is led by Professor Gregor Bochmann of the University of Ottawa working along with other researchers at the University of Ottawa, Carleton University and CRC. Nortel Networks participates in reviewing progress of research work. Professor Hussein Mouftah (who recently moved from Queen’s University to take a Canada Research Chair position in optical networking at the University of Ottawa) assumed project leadership in October 2002. Professor Bochmann took up other challenges in optical networking research with the newly established AAPN Research Network project spear-headed by McGill University.

2- Development of Universal Personal Agents for Mobile Users and Services

Start and End Dates
April 1, 2002 – April 30, 2004

Principal Investigator

• Ahmed Karmouch, Professor, SITE, University of Ottawa

Co-Investigators

• Roger Impey, Research Scientist, IIT, NRC

Summary:
Advances in telecommunications and information technologies coupled with globalization of markets and business processes and by the changing lifestyles and aspirations of the workforce have facilitated the emerging of a new concept of business organization and work team structures termed virtual teams. In such organizations people, information systems, and communication networks are highly mobile, and dynamic.  In this research project the target was to develop and demonstrate algorithms, techniques and tools to help people to work together across different, possibly mobile, locations and different time zones and to facilitate access and delivery of personalized services on the network.  Some of the key target features of this system were:

• Facilitate the interactions of people across space and time.
• Help locate useful services within the network and personalized access, and delivery of these services to people.
• Provide automatic configuration of the tools, programs and services depending on peoples' location and devices.
• Provide techniques for tracking mobile users.
• Study of adaptive-advance QoS reservation to prevent and meet the new requirements introduced by the dynamic nature of mobile users and services.

The project targeted a unified approach to the development of a universal personal agent (UPA) to help the user accomplish the daily business activities regardless of device, location, and underlying communication networks. For instance, universal personal agent can manage the person’s profile and, based on it, provides personal communication services by integrating different modalities. Users can request communication services through UPA without being aware of network configuration and location of hardware resources, services, and people. The UPA interacts with agents pool where each agent in the pool logically defines and manages a resource or a service in the network, e.g., phone, mobile, fax, pager, PDA, personal computer, text-to-speech converter, voice response unit, video abstraction, QoS, group meeting, e-commerce transactions, etc.  These agents were to be activated and dispatched by UPA as needed at the appropriate time by the (mobile) worker. The vision for the architecture of such a system is made of three main components: People Finding Agents, Service Provisioning Agents, and Agent Infrastructure.

3- Scalable Network Service Provisioning

Start and End Dates
May 1, 2002 – May 30, 2003

Principal Investigator

• Dorina Petriu, Associate Professor, Department of Systems and Computer Engineering, Carleton University

Co-Investigators

• Mohamed El Darieby, Carleton University Graduate Student (PhD)
• Mihai Constantin, Carleton University Graduate Student (MSc)
• Cheng-Yin Lee, Alcatel

Industry Partner
Alcatel

Summary:
Computer networks have become ubiquitous with end users increasingly dependent on network services. A Service Provider (SP) must now offer reliable and flexible network services with specific Quality of Service (QoS) levels to their users.                                                                                                                

• An SP is responsible for the allocation of network resources to different network services by selecting appropriate network elements and dynamically optimizing QoS routing, signaling and resource utilization through Traffic Engineering (TE).
• An SP is also responsible for Service Management involving Fault, Configuration, Accounting, Performance, and Security (FCAPS).
• The growth of network size and demand for network services result in an explosion in the number of routing computations and signaling messages required to create/restore a network service.

In short, an SP faces significant scalability problems. In previous research work, we evaluated the performance of a Multi-Protocol Label Switching (MPLS)-based service provisioning architecture as the underlying physical network and achieved good understanding of how increased size of the physical network affects service creation performance under different loads, and how sensitive service creation performance is to various architectural parameters.

In this project, the focus was on development of a new hierarchical framework for the control plane of a network-switching element. The framework was expected to scale up to very large networks extending the current two-tier architecture of the Internet to a multi-level one and encapsulates the signaling and routing protocols required for service creation/restoration. These protocols were to be optimized to suit the current requirements of the Internet architecture and control mechanisms for QoS, intra- and inter-domain TE. The framework was designed to respond to changes in network topology dynamics (e.g.failures) and to changes in workload and the design was tailored to take full advantage of the capabilities of IP, GMPLS and optical networks. Planned research work also focused on developing a new hierarchical distributed routing protocol that computes QoS routes in a fully distributed manner.

4- QoS Architecture for Services Over the NCIT*net Research Network

Start and End Dates
June 1, 2002 – June 30, 2004

Principal Investigator

• Dan Ionesco, Professor, University of Ottawa

Co-Investigators

• Maike Miller, VP, Alliances at NCIT (On Leave from Algonquin)
• Serban Popescu, University of Ottawa Graduate Student (MSc)

Industry Partner
Nortel, Diatem and Net Test Canada

Summary
The NCIT*net is an advanced research network, employing up-to-date communications equipment and software at Layers 1, 2, and 3 for use by researchers in NCIT Member organizations (University of Ottawa, Carleton University, Algonquin College, NRC and CRC). In this project, research topics envisioned targeted evaluation of network architectures for Quality of Service studies and studying performance of a blend of up-to-date technologies in the areas of network architecture, network and service control, and network layer mapping. The research was planned to focus on setting up the foundation network architecture to support QoS and allow evaluation and performance analysis in a heterogeneous environment.

5- VPN Interoperability

Start and End Dates
May 1, 2002 – May 30, 2003

Principal Investigator

• Craig Gauthier, Professor, Algonquin College

Co-Investigators

• Jack Treuhaft, Director, Applied R&D Algonquin College
• Ian McCormick, Student, Algonquin College
• Rob MacIntosh, Alcatel

Industry Partner
Alcatel

Summary:
The proliferation of the Internet and its importance for communications in corporate, government, small business and home environments raised and still raises concerns about communications security. Due to its historical development, TCP/IP standards leave valuable data vulnerable to a wide variety of security attacks. To address these security concerns vendors have taken a number of approaches to tunnel private traffic over public networks to achieve sender authentication, message integrity and data confidentiality. At the same time, largely uncontrolled home gateways have proliferated. At this time, very little work has been done to understand the impact of these home gateways on VPN security. The purpose of this seed project is to examine some of the basic issues related to home gateways attached to virtual private networks. This project conducted the first step in a series of potential future projects examining "back-door" threats to corporate networks and other smaller VPNs and ways to revamp security. The research focused on tunneling techniques, characteristics and interoperability of home gateways using a variety of common Microsoft operating systems (Windows 95, 98, 2000, and XP). A test bed with a variety of gateway devices was assembled using VPN equipment from Algonquin and Alcatel.

6- Data Communications Switching Interoperability Studies

Start and End Dates
July 1, 2004 – December 31, 2005

Principal Investigator

• Doug Reid, Professor, Algonquin College

Co-Investigators

• Gerry Crichlow, Professor, Algonquin College
• Jim Barclay, Professor, Algonquin College
• Nelson Rogers, Applied R&D, Algonquin College
• Shahzad Ahmed, Andrew Deek, Aaron Snow, Tony Hawkson, Students at Algonquin College

Industry Partner
Nortel

Summary:
The focus of this hands-on project was on exploring the manner in which earlier generation data communications equipment can be utilized in new applications on its own or in-conjunction with later-generation equipment for telecommunications services and education. The purpose was to extend the serviceability and lifespan of earlier generation equipment by providing economical equipment alternatives for public organizations that have limited resources to set up community and educational/instructional networks. The project used the equipment donated to Algonquin College through the NCIT and the work was carried out by students at the Telecommunications Laboratory at Algonquin College. The focus of this hands-on project has been on:

• Setting up test beds to study interoperability between different generations of equipment. This involved linking to other systems such as VOIP PBX, other routers and networks equipment. This work also allowed the appraisal of the capabilities and discovering of good approaches to use the equipment as learning platforms for networking courses. The platforms proved to be a source of valuable “hands on” experience for students. The Magellan Passport systems involved, had many different service modules that allowed the performance evaluation of several WAN/LAN physical interfaces and protocols.
• Exploring of the capabilities of the multi-service ATM switches used in an IP LAN Emulation environment to support a Wireless Distribution System (WDS). This leveraged the project work being carried out by Algonquin College and NPS to develop and document (cookbook) techniques that can be used to deploy WI-FI based broadband services in remote and rural locations. (This work is supported by a consortium involving Algonquin, CIDA, Industry Canada and NCIT).

In addition to the above, the project explored the suitability of the equipment to be redeployed to provide essential network services for third world schools and institutions that otherwise cannot fund new technologies.

7- Conferencing in VoIP

Start and End Dates
November 1, 2002 – November 30, 2004    

Principal Investigator

• Rafik Goubran, Professor and Chair, Department SCE, Carleton University

Co-Investigators

• R. Dansereau, Professor and Chair, Department SCE, Carleton University
• Tyseer Aboulnasr, Professor, SITE, University of Ottawa
• Martin Bouchard, Professor, SITE, University of Ottawa

Industry Partner
Nortel

Summary:
Voice-over-Internet Protocol (VoIP) systems have been emerging as viable means to provide voice telephony. Conferencing in VoIP is a challenging problem as voice packets originating from different participants to a central conferencing unit may have different compression standards necessitating intensive processing and hence unacceptable delays and distortion.

Transmitting voice over IP networks results in excessive delays, packet losses, delay jitters, echoes, and clock synchronization problems. These impairments have major implications on the voice quality.  A number of Advanced Digital Signal Processing approaches can be used to overcome these effects and improve the speech quality. These techniques include packet concealment techniques, echo and noise cancellation, speech enhancement, delay estimation, and delay jitters buffer design. Conferencing in VoIP introduces additional challenges. Voice packets originating from different participants are sent to a central conferencing unit to be combined. These packets may have different compression formats. At the present time, these packets are un-compressed and mixed in the linear domain. They are then converted to their original compression format and sent back to their originator. Due to the packetization and compression, VoIP conferencing introduces unacceptable additional delays and distortion. This is especially true when the different participants in the conference use different compression standards. The most common voice compression formats commonly used in VoIP include ITU-G.711, G.729A, G.723.1, G.726, G.728, and G.722. This research project investigated new approaches for implementing conferencing in next generation VoIP systems to alleviate latency and distortion problems and evaluate impact on speech quality, scalability, flexibility, and implementation feasibility.

8- Packet Classification in Network Processors

Start and End Dates
January 1, 2002 – January 30, 2003

Principal Investigator

• Yiqiang Q. Zhao, Professor, School of Mathematics and Statistics, Carleton University

Co-Investigators

• Quan-Lin Li, PDF
• Xuehong Sun, Ph.D. student
• Zhen Xu, Ph.D. student
• Yong Li, Ph.D. student
• Xiaojun Nie, Master's student
• Jun Li, Master's student

Industry Partner
Alcatel

Summary:
The traditional Internet provides “best of effort” services for Internet traffic. However, the future Internet was expected to provide more advanced services such as traffic billing, packet filtering in firewalls, policy-based routing and QoS. These requirements demand a more intelligent network node. The four main tasks of a network processor (core of a network node) are packet classification, packet modification, queue/policy management and packet forwarding. Packet classification is becoming the bottleneck in the multi-Gigabit Internet node. The network processor implements packet classification algorithms (in software or in hardware) to classify packets into flows that match certain rules. Traditional Internet involves IP address lookup. Next generation network needs multiple field classification of packets. This needs new algorithms to be developed to accommodate the requirements.

In this research the plan was to examine and compare the performance of the existing algorithms for packet classification (including the IP address lookup algorithms) under realistic network traffic conditions (e.g., non-Poisson traffic in practical network settings). For the performance analysis of the algorithms, standard Random Access Machine model of computations was too coarse to be used in practice. For example, multiplying two numbers took more time than adding two numbers on most processors; Memory access times differed greatly depending on whether data sits in cache or in off-chip memory. The complexity of the algorithms was to be studied with focus on finer and practical perspectives. This is expected to provide an in-depth understanding of the relations and tradeoffs between the factors that are involved in the packet classification. It is also expected to provide understanding of the algorithms and under which application contexts they perform best.

9- NPCal: Network Processor Calculus

Start and End Dates
January 1, 2002 – January 30, 2003

Principal Investigator

• Amitava Bose, Professor, School of Mathematics and Statistics, Carleton University

Co-Investigators

• X. Jiang, PDF, School of Mathematics and Statistics, Carleton University
• Bin Liu, PDF, School of Mathematics and Statistics, Carleton University

Industry Partner
Alcatel

Summary:
Network Calculus is a collection of results based on Min-Plus algebra, which applies to deterministic queuing systems found in communication networks. It is a relatively new field, with the earliest paper on the topic are from 1991. There are few established researchers in the field at this point, and only two books on the subject, both published only in the last eighteen months. It can be used for example to understand:

• Computations for delays used in the IETF guaranteed service;
• Why re-shaping delays can be ignored in shapers or spacer-controllers;
• As common model for schedulers;
• To determine effective bandwidth.

Although Network Calculus has been used successfully in understanding the performance of a network as a whole, it has not yet been applied to small-scale systems, such as a network processor. The main objective of this project was to study application Network Calculus (NetCal) to design and model performance of network processors (NP).

10- Secure MPLS Networks

Start and End Dates
January 1, 2003 – January 30, 2004

Principal Investigator

• Chung-Horng Lung, Associate Professor, Carleton University

Industry Partner
Eion International

Summary
This research focused on study of MPLS (Multi-Protocol Label Switching) and associated traffic engineering. MPLS provides a mechanism to achieve connection-oriented services on connectionless networks and allows switching IP, ATM or Frame Relay traffic at Layer 2, avoiding major routing overheads.  IP on MPLS networks come in flavors depending upon QoS (diffserv/non-diffserv) and Switching/Routing (MPLS/non-MPLS) capabilities. Currently EION supports non-diffserv/non-MPLS and diffserv/MPLS networks using QoS capabilities. However, for a complete solution, MPLS functionality needs to be integrated to cater for different IP network deployments options. Request for Comments (RFCs) and internet drafts issued by IETF, the Internet Engineering Task Force (www.ietf.org) provided a good background for MPLS and Generalized MPLS research topics.

11- Fault Tolerance in MPLS Networks

Start and End Dates
January 1, 2003 – January 30, 2004

Principal Investigator

• Dorina Petriu, Associate Professor, Department of Systems and Computer Engineering, Carleton University

Co-Investigators

• Anand Srinivasan, Eion University Coordinator & Architect, Eion Software International
• Rama Munikoti, Vice President, Eion Software International

Industry Partner
Eion International

Summary
MPLS inherently provides connection-oriented path in a connectionless system. Label Switched Paths (LSPs) are created to communicate between a source and destination pair. Redundancy is introduced to achieve fault-tolerance.  LSP reroute is an important area for introducing fault-tolerance as a part of MPLS architecture.  Interesting strategies can be tried to set up alternate paths that do not use nodes or links used by primary paths in order to increase the reliability when node or link failures occur in an LSP.

MPLS has been widely identified as a new tool to help service providers meet the often-conflicting challenges of increased predictability, growth in revenue, and cost reduction.  MPLS’s connection-oriented nature was expected to provide a mechanism to increase IP service predictability, create differentiated IP services, and potentially reduce operation costs in IP-centric and multi-service networks.

This project concentrated on fault-tolerance and security in MPLS based networks.

12- Connection Management and Traffic Engineering in MPLS/GMPLS

Start and End Dates
January 1, 2003 – January 30, 2004

Principal Investigator

• Changcheng Huang, Assistant Professor, Department of Systems and Computer Engineering, Carleton University

Co-Investigators

• Rama Munikoti, Vice President, Eion International
• Anand Srinivasan, Eion University Coordinator & Architect, Eion Software International
• Frank Zeng, Graduate Student, Department of Systems and Computer Engineering, Carleton University
• Minzhe Li, Graduate Student, Department of Systems and Computer Engineering, Carleton University

Industry Partner
Eion International

Summary
The focus of this research was on Traffic Engineering (connection management, traffic trunk controller, accounts, performance and resource monitors). The natural extension was to explore traffic engineering for optical networks that employ GMPLS and study associated connection management techniques.

Research work in this project focused on MPLS (Multi-Protocol Label Switching) and associated traffic engineering. MPLS provided a mechanism of achieving connection-oriented services on connectionless networks.  MPLS can switch IP, ATM or Frame relay traffic at layer two levels, avoiding major routing overheads.  IP on MPLS networks come in a few flavors depending upon the QoS (diffserv/non-diffserv) and Switching/Routing (MPLS/non-MPLS) capabilities. At the start of this project,  Eion catered for the needs of non-diffserv/non-MPLS networks and diffserv/MPLS networks using QoS capabilities. However, for a complete solution, MPLS functionality needed to be integrated to cater for different IP network deployments options.

13- IP Messaging and SIMPLE

Start and End Dates
January 1, 2003 – January 30, 2004

Principal Investigator

• Babak Esfandiari, Assistant Professor, Department of Systems and Computer Engineering, Carleton University

Co-Investigators

• Rama Munikoti, Vice President, Eion International
• Liping Zhao, MSc Student
• Raul San Martin, Software Architect, Eion International

Industry Partner
Eion International

Summary:
The objective of this project was to research J2ME IP Messaging and its combination with presence protocols such as SIMPLE. The intent was to run them on J2ME-enabled devices and on native J2ME CPUs. These components are infrastructure software, the underlying protocols that allow higher level applications to simply use messaging, location services, etc. This combination did not exist at the onset of the research, neither do implementations in J2ME which are platform independent and can be used in any J2ME mobile device.

The research looked at aspects of reliable and secure IP messaging protocols in combination with presence protocols for wireless devices. These included messaging over IP as well as the SIMPLE protocol.

14- Optimization of MPLS/GMPLS Networks

Start and End Dates
September 1, 2003 – September 30, 2004

Principal Investigator

• Sivarama Dandamudi, Professor, School of Computer Science, Carleton University

Co-Investigators

• Anand Srinivasan, Eion University Coordinator & Architect, Eion Software International
• Rama Munikoti, Vice President, Eion International

Industry Partners
Eion International

Summary
Research focus was on optimization of Traffic Engineering (TE) parameters and rules in MPLS networks where multiple TE parameters are distributed through routing protocols (e.g. OSPF and ISIS) extensions. It was very important to obtain the optimal route based on the (source/destination) pair with TE constraints.  In most cases, algorithms did not exist to find path by optimizing all the constraints. Heuristic algorithms have been developed to optimize route selection based on multiple constraints and to prove correctness of the algorithms and analyze complexity.  An extension of this work would be to implement the network optimization algorithms as a part of product with well-defined user interfaces.

15- Online Measurement, Traffic Prediction and Self-Sizing for End-to-End IP Networks

Start and End Dates
January 1, 2003 – January 30, 2005

Principal Investigator

• Dr. Changcheng Huang, Assistant Professor, Department of Systems and Computer Engineering, Carleton University

Co-Investigators

• Dr. Mihail Devetskiotis, Associate Professor, Electrical and Computer Engineering, North Carolina State University (visiting)
• Dr. Gerard Damm, Alcatel Research and Innovation, Intelligent Switch Routers

Industry Partners
Alcatel

Summary:
IP networks require efficient scalable high-speed core and edge routers to support IP traffic classes based on variable Quality of Service (QoS) and Class of Service (CoS) parameters. This research focused on development of sophisticated system-based classification, policing and scheduling schemes for IP networks. With optical transmission and switching, emphasis was put on fast system implementation to ensure high router efficiency. Quantitative analysis and computer simulation were used to design the most efficient edge/core router architecture.The research focused on the following:

• Development of  new effective bandwidth estimators applicable to edge/border IP nodes with different levels of granularity, study their performance through simulation, and design and implement the online measurement and the selected EB algorithm in hardware such as FPGA and NP
• Application of DTMW (Double Threshold Moving Window) [3] traffic predictor to an edge/border node to further improve efficiency and robustness, compare the DTMW with other predictors such as Least Mean Square Estimator, Envelope Predictor, Wavelets, Neural Network, Fuzzy Logic, etc., test its scalability in terms of different time scales, different aggregation levels of flows and different CoS through simulation, and help design and implement the DTMW module in hardware such as FPGA and NP
• Conducting a comprehensive study on integrating various self-sizing rules with the selected EB/TP algorithms, design and simulate an end-to-end network with bandwidth brokers that support the proposed self-sizing rules and routers that support online measurement modules with the EB/TP algorithms implemented;
• Showcasing these efforts by establishing and conducting on-line trials between the Alcatel sites in Plano and Ottawa, Carleton University and NC State University.

16- Packet Classification Algorithms - Testing and Verification Phase

Start and End Dates
January 1, 2003 – January 30, 2004

Principal Investigator

• Yiqiang Q. Zhao, School of Mathematics and Statistics, Carleton University

Co-Investigators

• Jiashan Tang, Post-doctoral fellow
• Xuehong Sun, Ph.D. Student
• Gerard Damm, Alcatel Research and Innovation, Intelligent Switch Routers
• Rui Mao, Research Assistant
• Xiaojun Nie, Master Student
• Zhen Xu, Ph.D. Student

Private Sector Partners
Alcatel

Summary:
Past research in 2002 resulted in significant contributions to performance analysis of existing packet classification algorithms and most importantly in developing a new packet classification algorithm with significant performance improvement. The new algorithm used a novel IP address lookup arrangement and the new concept of independent sets to partition routing tables into groups in which the elements are easy to distinguish. With the help of a technique similar to fractional cascading, a data structure was created to make packet classification fast resulting in significantly reduced memory requirements when compared to known algorithms. The new algorithm converts a higher dimensional classification problem into a lower dimensional one.  Thus, the lower bound that a d-dimensional classification problem requires to perform at least d one-dimensional range searches is expected to break. The search speed of the new algorithm is neither sensitive to the size of the rule table nor the percentage of wildcards in the fields.  It scales well from two-dimensional classifiers to high dimensional ones.  We envision that it scales to IPv6. The new algorithm is fast and offers hardware implementation benefits. This proposal focused on implementing, testing and verification of performance of a new packet classification algorithms.

17- Distributed Infrastructure to Detect and React to Denial of Services (DoS) Attacks

Start and End Dates
March 1, 2003 – March 30, 2004

Principal Investigator

• Paul Van Oorschot, Professor, Canada Research Chair in Network and Software Security, School of Computer Science, Carleton University

Co-Investigators

• Miguel Vargas Martin, Post Doctoral Fellow
• Jean-Marc Robert, Alcatel Research and Innovation, Security

Industry Partners
Alcatel

Summary
The purpose of this project was to explore approaches to enable network-level mechanisms to detect and prevent DoS-Carrier attacks. If such approaches prove possible, their integration into network elements could allow telecommunication providers to offer better services to their customers. Initially this research studied performance of firewall and Intrusion Detection Systems (IDS). Conventional firewalls and IDS rely on a ‘Fortified Castle’ model: the castle walls and any additional security measures represent the firewall and its filtering policies for enforcing network traffic restrictions. Hosts outside the firewall are un-trusted; those inside are implicitly trusted. The evolution of current Internet network topologies no longer supports this model; filtering policies must be applied to nodes both inside traditional perimeters and at the edges of the network. Traditional firewalls break down under these conditions as there is no longer a perimeter to defend; nodes must be protected within a distributed network environment.  Additionally, the assumption that a node is to be trusted solely because they are inside a firewall is fundamentally flawed.

The concepts of distributed firewalls and networked IDS have been proposed as solutions. In most cases, the “system intelligence” remains centrally defined but enforcement is extended to the edges of the network. This research project initially focused on the application of distributed firewalls and networked IDS technologies to explore how distributed IDS and firewalls can mitigate DoS impacts against Layers 3-4 and routing protocols. Effort were  also spent exploring the issues related to the impact of policy management to distribute and update security policies securely.

18- Application of NetCal to Network Processor Designs

Start and End Dates
July 1, 2003 – November 30, 2004

Principal Investigator

• Amitava Bose, Associate Professor, School of Mathematics and Statistics, Carleton University

Co-Investigators

• X. Jiang, Assistant Professor, Dept of Industrial Engineering, Louisiana State University, Visiting Professor
• Peter Rabinovitch, Alcatel

Industry Partner
Alcatel

Summary:
During 2002, a feasibility study was completed on the applicability of NetCal to describe and analyze performance of datapaths in a network processor (NP). Datapaths take packets coming into an NP on its various interfaces (e.g. SONET, Ethernet), and transport the data to the desired outbound interfaces. This research work was initiated because there was no previously known NetCal description of manufacturing blocking, which is employed between datapath components.

Results obtained in 2002 were encouraging, and therefore this project focus was on study of the next steps towards the generalized use of NetCal to the design and performance modeling of an NP in its entirety. The Team planned to work to extend NetCal tools when necessary to achieve this goal. Results obtained are laying the foundations of a new set of related mathematical tools which we coin “Network Processor Calculus (NPCal)”. Results obtained can be considered a major leap forward towards enabling design of software defined packet forwarding functions in network processors.

19- High Speed Data Over UMTS Systems

Start and End Dates
July 1, 2003 – July 30, 2004

Principal Investigator

• Yiqyang Zhao, Associate Professor, School of Mathematics & Statistics, Carleton University

Co-Investigators

• Amitava Bose, Associate Professor, School of Mathematics & Statistics, Carleton University
• Jay Wang, CDMA Access, Nortel
• Delfin Montuno, Advanced Technology, Nortel
• Steven Wang, Assistant Professor, School of Mathematics & Statistics, Carleton University

Industry Partners
Nortel

Summary
This research aimed at developing new and better radio resource management schemes and corresponding schedulers that maximize throughput with different user’s QoS guarantee in UMTS systems, and optimizing TCP/UDP/IP performance over UMTS systems by determining optimal parameters settings in the TCP & RLC layers. In UMTS systems, selective repeat automatic repeat request (SR-ARQ) is used at layer 2 (Radio Link Control or RLC Layer) for error recovery and flow control. Using existing mathematical models to analyze different setups of parameters to maximize the wireless link performance, the proposed research had two primary objectives:

• Development of radio resource management schemes and corresponding schedulers that maximize throughput and guarantee user’s QoS.
• Optimization of the performance of TCP/UDP/IP over the mobile wireless system by determining the optimal parameters setting in TCP layer and link layer (i.e. RLC in UMTS, TD SCDMA and RLP in CDMA 2000).

20- Next Generation Control and Management for Optical Networks

Start and End Dates
July 1, 2003 – November 30, 2004

Principal Investigator

• Dan Ionescu, Professor, SITE, University of Ottawa

Co-Investigators

• Maike Miller, Professor, Algonquin College (Vice-President Research Alliances, NCIT)
• Paul Fodor, Graduate Student
• Ricardo F. Santos, Graduate Student
• Mohamed Abou-Sabel, Graduate Student
• Michel Savoie, Research Manager, BADLAB, Communications Research Centre
• Ted Gruszecki, General Manager, Bell Canada iTECH Centre
• Dongli Zhang, Graduate Student

Industry Partners
Bell Canada and Rational

Summary:
Control and management of optical networks is still emerging with standards and regulations currently being defined and will require introduction of intelligence in the transport network. The focus of this research was on the actual “switching” of information in the physical network and the necessary management and control functions. The needed functionality has been based on the standards set forth by the generic Automatic Switched Transport Network (ASTN) and the more specific Automatic Switched Optical Network (ASON) which defines control plane architecture for introducing intelligence into the optical network to support for example:

• Reactive traffic engineering to allow dynamic allocation of network resources
• Use of specialized control plane protocols not generalized network management protocols
• Extendable capability sets for signaling and connection control in a multi-vendor environment
• Reactive restoration that takes into account the current state of the transport network.
• Introduction of supplementary services like closed user groups and virtual private networks.
• Rapid service provisioning
• Reduction of the need for service providers to develop and maintain operational support systems software for configuration management for new technologies.

21- Performance Testing and Monitoring Over NCIT*net

Start and End Dates
July 1, 2003 – November 30, 2004

Principal Investigator

• Hussein Mouftah, CRC Chair in Optical Networks, Professor, SITE, University of Ottawa

Co-Investigators

• Michel Savoie, Research Manager, BADLAB, Communications Research Centre
• Alex Vukovic, Research Scientist, Communications Research Centre

Industry Partners
Navtel

Summary:
Today’s broadband multimedia networks are expected to carry a wide variety of traffic patterns, ranging from traditional “best effort” Internet traffic to teleconference traffic with specific Quality of Service (QoS) guarantees. Therefore, new performance testing and monitoring methodologies are needed in order to test the performance of the used signaling protocols in a multi-service environment.

The main objective of this project was to develop new performance testing and monitoring techniques for optical networks and new architectures and key building blocks to support operation of next generation optical networks. NCIT*Net has been used as the testing environment through which end-to-end connectivity between the Communications Research Center (CRC) laboratories and the University of Ottawa Optical Networks Research Center (ONRC) was established. The optical end-to-end connection established over NCIT*Net enabled:

• Development of innovative architectures, protocols, services and technologies for the distribution of broadband IP services over light including dynamic provisioning of light paths over a WDM infrastructure
• Testing and experimental verification of performance with the support of tools from Navtel.