著者
Keita Shimada Hiroki Watanabe Takao Kondo Fumio Teraoka
出版者
情報処理学会
雑誌
情報処理学会論文誌 (ISSN:18827764)
巻号頁・発行日
vol.63, no.12, 2022-12-15

Current IoT systems are closed and specialized for specific purposes. In the near future, IoT Service Providers (IoTSPs) will emerge to allow providing sensing data observed by IoTSPs to subscribers. This paper proposes a mechanism called FedIoT, in which IoTSPs federate or namely unite in an autonomous and decentralized manner. Subscribers to an IoTSP in an FedIoT system can obtain sensing data observed by any IoTSPs in the FedIoT system. The design principle of FedIoT is analogous to that of the Internet. A FedIoT system is composed of multiple IoTSPs as the Internet is composed of multiple ASs (Autonomous Systems). FedIoT basically provides only sensing data to IoT applications and it depends on IoT applications how the sensing data is utilized as the Internet basically provides data exchange between applications. IoTSPs are interconnected with a unified interface called Primitive API considering operation policy as ASs exchange routing information considering operation policy. FedIoT defines a domain ontology called OntoFedIoT as the unified representation of locations and types of sensor nodes. A proof of concept system is implemented in Go language. The basic performance evaluation in this paper shows that the time required for obtaining sensing data is short enough for practical use.------------------------------This is a preprint of an article intended for publication Journal ofInformation Processing(JIP). This preprint should not be cited. Thisarticle should be cited as: Journal of Information Processing Vol.30(2022) (online)DOI http://dx.doi.org/10.2197/ipsjjip.30.898------------------------------
著者
Wataru Ohgai Takao Kondo Korry Luke Satoshi Kai Keisuke Uehara Satoru Tezuka
雑誌
研究報告コンピュータセキュリティ(CSEC) (ISSN:21888655)
巻号頁・発行日
vol.2022-CSEC-96, no.16, pp.1-8, 2022-03-03

The TLS security model enables the identification and secrecy of the host-to-host communication channel on the Web; however, TLS cannot guarantee the relationship between service providers. This paper proposes a lightweight self-managed mutual declaration mechanism, M2DMRT, in which service providers mutually sign their TLS public keys and publish them in DNSSEC-protected DNS zones. With M2DMRT, service providers can mutually declare their relationships with each other, and end users can easily trust the relationships by verifying the signatures. Further, this paper implemented a server-side proof of concept. After evaluating its basic performance and feasibility from an Internet architecture perspective, this paper found this mechanism can realize more trustable Web security architecture by providing a sufficiently performant way to declare and verify relationships between service providers without significantly impacting the current Internet environment.
著者
Hiroki Watanabe Kazuki Hayashi Tomonori Sato Takao Kondo Fumio Teraoka
出版者
Information Processing Society of Japan
雑誌
Journal of Information Processing (ISSN:18826652)
巻号頁・発行日
vol.29, pp.640-648, 2021 (Released:2021-10-15)
参考文献数
25
被引用文献数
2

In the age of edge/fog computing, it is important to consider not only computing resources but also network resources when hosting services. Since service is composed of multiple small functions in the microservice architecture, we treat a service as a set of BFs (basic functions) that fulfill a single task. It is required to place BFs at edge/fog nodes considering the computing resources and network requirements within a practical time. This paper proposes a MANO (Management and Network Orchestration) for deploying services composed of multiple BFs with requirements to computing and network resources of distributed nodes. The proposed MANO considers the computing resources of edge/fog/cloud as well as the network delay and the bandwidth between them. This paper proposes an optimal method and a heuristic method for calculating the placement of BFs. The evaluation results show that the placement calculation time for a service composed of four BFs is about 10 seconds with the optimal method and about 20 seconds with the heuristic method. The calculation time is within the practical range.
著者
Takao KONDO Shuto YOSHIHARA Kunitake KANEKO Fumio TERAOKA
出版者
The Institute of Electronics, Information and Communication Engineers
雑誌
IEICE Transactions on Communications (ISSN:09168516)
巻号頁・発行日
vol.E101.B, no.8, pp.1853-1865, 2018-08-01 (Released:2018-08-01)
参考文献数
45
被引用文献数
1

This paper argues that a layered approach is more suitable for Information Centric Networking (ICN) than a narrow-waist approach and proposes an ICN mechanism called ZINK. In ZINK, a location-independent content name is resolved to a list of node IDs of content servers in the application layer and a node ID is mapped to a node locator in the network layer, which results in scalable locator-based routing. An ID/Locator split approach in the network layer can efficiently support client/serever mobility. Efficient content transfer is achieved by using sophisticated functions in the transport layer such as multipath transfer for bandwidth aggregation or fault tolerance. Existing well-tuned congestion control in the transport layer achieves fairness not only among ICN flows but also among ICN flows and other flows. A proof-of concept prototype of ZINK is implemented on an IPv6 stack. Evaluation results show that the time for content finding is practical, efficient content transfer is possible by using multipath transfer, and the mobility support mechanism is scalable as shown in a nationwide experiment environment in Japan.
著者
Takamasa OCHIAI Kohei MATSUEDA Takao KONDO Hiroaki TAKANO Ryota KIMURA Ryo SAWAI Fumio TERAOKA
出版者
The Institute of Electronics, Information and Communication Engineers
雑誌
IEICE TRANSACTIONS on Communications (ISSN:09168516)
巻号頁・発行日
vol.E102-B, no.8, pp.1649-1659, 2019-08-01

In LTE (Long Term Evolution) / LTE-Advanced (LTE-A) system, the user-plane for a user equipment (UE) is provided by tunneling, which increases header overhead, processing overhead, and management overhead. In addition, the LTE-A system does not support moving cells which are composed of a mobile Relay Node (RN) and UEs attached to the mobile RN. Although there are several proposals for moving cells in the LTE-A system and the 5G system, all of them rely on tunneling for the user-plane, which means that none of them avoid the tunneling overheads. This paper proposes MocLis, a moving cell support protocol based on a Locator/ID split approach. MocLis does not use tunneling. Nested moving cells are supported. Signaling cost for handover of a moving cell is independent of the number of UEs and nested RNs in the moving cell. A MocLis prototype, implemented in Linux, includes user space daemons and modified kernel. Measurements show that the attachment time and handover time are short enough for practical use. MocLis has higher TCP throughput than the tunneling based approaches.
著者
Hiroki WATANABE Takao KONDO Kunitake KANEKO Fumio TERAOKA
出版者
The Institute of Electronics, Information and Communication Engineers
雑誌
IEICE TRANSACTIONS on Communications (ISSN:09168516)
巻号頁・発行日
vol.E101-B, no.9, pp.1967-1981, 2018-09-01

Recently, application demands placed on the network have become more multifaceted. Highly functional application-to-application communication services such as bandwidth aggregation, fault tolerant communication, and delay/disruption tolerant networking (DTN) were developed independently in the network layer, the transport layer, and the application layer. As a result, protocol layering has become complicated. This paper proposes to insert Layer-5 (L5) between the application layer and the transport layer to separate communication policies and communication mechanisms to make protocol layering clearer. The transport layer (L4) provides end-to-end communication mechanisms such as reliable byte stream while L5 realizes communication policies such as bandwidth aggregation by combining the communication mechanisms in L4. This paper proposes five types of L5-paths as communication policies: (1) the L5 bundled path for bandwidth aggregation or fault tolerant communication, (2) the L5 spatially-spliced path for communication with middleboxes, (3) the L5 temporally-spliced path for DTN, (4) the L5 spliced-bundled path, and (5) the L5 bundled over spatially-spliced path. An application can select and use an appropriate L5-path depending on the network circumstances through a common API. A prototype of L5 is implemented in the Linux user space as a library to make deployment and maintenance easier. An evaluation shows that establishment time of L5-paths is short enough and performance of L5-paths is comparable or superior to existing technologies.