Evaluation of performance enhancing proxies in internet over satellite

Performance enhancing proxies (PEPs) are widely used to improve the performance of TCP over high delay‐bandwidth product links and links with high error probability. In this paper we analyse the performance of using TCP connection splitting in combination with web caching via traces obtained from a commercial satellite system. We examine the resulting performance gain under different scenarios, including the effect of caching, congestion, random loss and file sizes. We show, via analysing our measurements, that the performance gain from using splitting is highly sensitive to random losses and the number of simultaneous connections, and that such sensitivity is alleviated by caching. On the other hand, the use of a splitting proxy enhances the value of web caching in that cache hits result in much more significant performance improvement over cache misses when TCP splitting is used. We also compare the performance of using different versions of HTTP in such a system. Copyright © 2003 John Wiley & Sons, Ltd.     

Estimating and eliminating redundant data transfers over the web: a fragment based approach

Redundant data transfers over the Web, can be mainly attributed to the repeated transfers of unchanged data. Web caches and Web proxies are some of the solutions that have been proposed, to deal with the issue of redundant data transfers. In this paper we focus on the efficient estimation and reduction of redundant data transfers over the Web. We first prove that a vast amount of redundant data is transferred in Web pages that are considered to carry fresh data. We show this by following an approach based on Web page fragmentation and manipulation. Web pages are broken down to fragments, based on specific criteria. We then deal with these fragments as independent constructors of the Web page and study their change patterns independently and in the context of the whole Web page. After the fragmentation process, we propose solutions for dealing with redundant data transfers. This paper has been based on our previous work on ‘Web Components’ but also on related work by other researchers. It utilises a proxy based, client/server architecture, and imposes changes to the algorithms executed on the Proxy server and on clients. We show that our proposed solution can considerably reduce the amount of redundant data transferred on the Web. Copyright © 2004 John Wiley & Sons, Ltd.     

The Content Driven Mobile Internet

The development of future mobile networks will be driven, in large part, by content and web based services. In this paper, we examine several performance, scalability and architectural challenges faced by future mobile web applications and how advanced mobile content delivery techniques can address these challenges. We review existing content delivery using a taxonomy that consists of three categories: network scaling, end system acceleration, and content and protocol optimization. While wireline content delivery focuses on network and server scalability, mobile content delivery will likely benefit most from optimizing radio link usage. We also present our ongoing work in this area, which extends the functionality of edge caching to the terminal, uses user interest correlation information to maintain low terminal power consumption and adds a new dimension to radio resource management. This revised version was published online in August 2006 with corrections to the Cover Date.     

Stateful session handoff for mobile WWW

This paper proposes a web session handoff system that can hand over not only stateless but also stateful sessions between homogenous and heterogeneous user devices to enable uninterrupted and seamless web access. The proposed system adopts a proxy-based approach and an optional client-assisted scheme in order to track and hand over session information. In the proposed system, a session is registered at a User Agent Proxy (UAP) and then tracked by the UAP so that the session can be handed over from one device via the UAP to another device. In addition to session information tracked by a UAP, the UAP can hand over more comprehensive session information by using the client-assisted scheme. Compared with client-based approaches, our design has several advantages, such as less modification to user devices, practicability, and fault tolerance. We have implemented a UAP on a PC and client programs for both PC and PDA. The implementation can successfully hand over between PC and PDA a stateful session for online shopping applications.     

一个通用代理计费系统开发框架的设计与实现

用户在不同的网络环境中选择不同的代理软件实现上网和用户管理，这些代理软件既有共性又各具特色，为减少开发不同代理计费软件的工作量，提高开发效率，加快开发周期，提出利用软件重用的思想，将代理软件的差异集中到少数几个类的实现上，设计并实现一个通用代理计费系统开发框架，基于此框架利用相对简单的步骤开发了基于SQUID的代理计费系统，验证了框架的实用性和可行性，达到了设计目标。     

Improvement on threshold proxy signcryption scheme

Signcryption is a public key or asymmetric cryptographic method that provides simultaneously both message confidentiality and integrity at a lower computational and communication cost. This paper presents a （t, n） threshold proxy signcryption scheme in which no less than t proxy agents in the proxy group can produce the signcryption cryptogram. combines the functionality of threshold proxy signing and encryption. The proposed scheme combines the functionality of both threshold proxy signing and encryption, and provides fair protection for the sender and the proxy agents. This scheme is secure against attack of public key substitution. It also satisfies security properties such as confidentiality and authenticity.     

一种基于多项式的代理保护代理签名体制研究

文章首先分析了张青坡等人中提出的多项式形式的E1Gamal签名体制的安全缺陷,然后基于有限域上多项式的性质,提出了有限域上多项式形式代理保护代理签名方案;新的签名方案中,利用多项式进行签名权利的委托,并由改进的有限域上的多项式形式的E1Gamal签名体制生成代理签名。新方案的安全性基于离散对数的难解性。     

基于身份的强指定验证人签名方案*

在有些情况下, 需要将验证者限定为某一个人。 利用基于身份的密码体制, 提出了一种强指定验证人签名和一种强指定验证人多重代理签名, 并对其安全性进行了分析。 在签名代价和验证代价上, 提出的强指定验证人签名比Kang等人的方案要低。提出的强指定验证人多重代理签名可以同时授权给n个代理人, 可以有效防止代理签名人对签名权的滥用。     

基于EPR态的量子代理签名方案*

提出了一种量子代理签名方案,利用量子力学中Einstein-Podolsky-Rosen(EPR)的纠缠特性并结合经典编码方法来实现对量子比特串的签名和验证。在本方案中,原始签名人可以将自己的签名权委托给代理签名人,而量子密钥分配和一次一密保证了新方案的无条件安全性。研究表明新方案满足不可伪造性、不可否认性和可追踪性。     

基于HTTP协议的安全代理研究

网上资金结算系统对传统资金结算系统的发展具有良好的推动作用,但安全问题是必须解决的核心问题之一。在分析了网上资金结算系统结构及安全需求的基础上,提出了一种基于HTTP协议的安全代理方案和相关数据处理的流程,并结合该流程设计了服务器安全代理和用户端安全代理,满足了网上资金结算对信息安全的要求。