Adaptive security-aware scheduling for packet switched networks using real-time multi-agent systems.
详细信息
- 作者:Saleh ; Ma'en Saleh.
- 学历:Doctor
- 年:2012
- 毕业院校:Western Michigan University
- ISBN:9781267581891
- CBH:3528155
- Country:USA
- 语种:English
- FileSize:2379705
- Pages:171
文摘
Conventional real-time scheduling algorithms are in care of timing constraints; they dont pay any attention to enhance or optimize the real-time packets security performance. In this work,we propose an adaptive security-aware scheduling with congestion control mechanism for packet switching networks using real-time agent-based systems. The proposed system combines the functionality of real-time scheduling with the security service enhancement,where the real-time scheduling unit uses the differentiated-earliest-deadline-first Diff-EDF) scheduler,while the security service enhancement scheme adopts a congestion control mechanism based on a resource estimation methodology. The security service enhancement unit was designed based on two models: single-layer and weighted multi-layer design models. For single-layer,the design provides an enhancement for a single security service: confidentiality,integrity,or authentication,while the weighted multi-layer design provides an enhancement for multiple security services with different weights on a real-time network with multi-processor end nodes. The proposed system provides the required QoS guarantees for different classes of real-time data flows video,audio),while adaptively enhances the packets security service levels according to a feedback from the congestion control model,which efficiently utilizes the buffering system at the edge network,and thus protects the network from being congested by heavy traffic load. Our agent-based system eliminates the overhead of the security association phase performed by the internet protocol security IPsec). Such elimination had been achieved by overloading the priority code point PCP) fields of the IEEE 802.1Q tagged frame format for the single-layer scheme,while repeated single-layer and overloading the PCP and the virtual-LAN identifier VID) fields of the IEEE 802.1Q were the adopted methodologies by the weighted multi-layer security design model. By using the Diff-EDF scheduler,the proposed system minimizes the flows miss rates and the flows average total delays compared to the earliest-deadline-first EDF) and the first-come-first-served FCFS) schedulers. From the other hand,our adaptive security enhancement scheme minimizes the buffer consumption,the average total packet delays,and the pending packets at the end users compared to the IPsec protocol. It was also compared to an implemented feedback-IPsec,where our adaptive system eliminated the repeated security associations performed by the feedback-IPsec,hence less overhead and increases the chances to meet the flows QoS requirements.