Auflistung nach Autor:in "Steffen, Andreas"
1 - 3 von 3
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragAdvanced network simulation under user-mode Linux(„Heute schon das Morgen sehen“, 19. DFN-Arbeitstagung über Kommunikationsnetze in Düsseldorf, 2005) Steffen, Andreas; Marchionni, Eric; Rayo, PatrikThe debugging of data communications software in an active networking environment can be a tricky and quite tiresome affair, often so because intermittent disturbances occurring in productive systems cannot be reproduced reliably and consistently or cannot be traced thoroughly enough. Thus for any Linux-based networking appliances like routers, firewalls, intrusion detection systems, VPNs, VoIP gear, etc., the User-Mode-Linux (UML) framework presented in this paper might be the optimum solution for running and testing these systems in a virtual networking environment under near real-time conditions. E. g. when a user of the OpenSource Linux strongSwan VPN software reported an IPsec re-keying error occurring in conjunction with a NAT router, this rare problem could be reproduced in a virtual UML test setup within two hours of simulation and a bug fix was found, tested and released on the same day. UML-based networks are also a powerful didactic tool in education where students can gain practical experience with complex network setups without the need of heavy investments in hardware equipment. This paper shows how a UML network can be set up with relative ease either for interactive explorative use or for automated regression testing.
- KonferenzbeitragSIP security(E-Science und Grid Ad-hoc Netze Medienintegration, 18. DFN-Arbeitstagung über Kommunikationsnetze, 2004) Steffen, Andreas; Kaufmann, Daniel; Stricker, AndreasUbiquitous worldwide broadband Internet access as well the coming of age of VoIP technology have made Voice-over-IP an increasingly attractive and useful network application. Currently the “human-readable” Session Initiation Protocol (SIP) which is based on a simple HTTP-like request/response exchange is steadily gaining headway against the considerably more complex ASN.1 encoded H.323 Multimedia ITU-T standard introduced by the telecom industry some years ago. Unfortunately little attention has been given to the security aspects involved in running a phone connection over the public Internet. This paper gives a comparative overview over the security mechanisms recommended by the SIP standard and presents a practical SIP implementation realized at the Zürcher Hochschule Winterthur (ZHW), based on S/MIME authentication and encryption of the session initiation and ensuing protection of the media channels using the Secure Real-time Transport Protocol (SRTP).
- KonferenzbeitragVirtual private networks coping with complexity(Security, E-learning, E-Services, 17. DFN-Arbeitstagung über Kommunikationsnetze, 2003) Steffen, Andreas