Last touched:
03.11.2004
|
RESACO is a project of
GET
aiming to
promote an opening and adaptability of the modern networks and to
study the resulting inter-network cooperation possibilities.
Practically, topics treated in RESACO include three main study
cases:
- dynamic router configuration,
- GRPS/WLAN interworking
- secure network access and service discovery.
Though different at the first glance, RESACO proposes solutions
to all these problems by following its doctrine of adaptive
reconfiguration. The first part of the project has been carried out
at the
INT Evry, using MIT's
CLICK language for dynamic router
configuration. The second part has been analyzed at the
ENST
Bretagne proposing a loosely coupled GPRS/WLAN cooperation based on
an IPv6 tunneling techniques. The third part has been treated at the
ENST Paris, based on its former experience in the
Authentis project
and using the UPnP protocol.
 The theoretical and practical results of the common work of the three participants have
been presented at the regular GET Meeting in Brest/France. The team
of the ENST Bretagne prepared a video of the proposed solution for GPRS/WLAN cooperation. The teams of INT Evry
and ENST Paris could show a demonstrator: an open platform
integrating a network access control element, network access point,
edge router and service discovery mechanisms
[>>> Photos]. A
paper on RESACO entitled
"RESACO:
An Open and Programmable Multi-Domain Platform for Cooperative and
Auto-Configurable Networks”
was presented at the International Conference on Wireless
Networks (ICWN'2004) which took place in Las Vegas/USA in June 2004
[1].
All
integrated elements consequently apply the user profile restrictions
stored in a profile data base. The policy enforcement is carried out at the first met network
element, thus enabling the maximum possible control. Controlling access to the network at the 2nd layer (802.1X over 802.11), the
access point applies the QoS restrictions according to the user profile . Further, at the
3rd layer (IP) DiffServ based router establishes restrictive routing
rules with packet tagging and weighted queuing according to the user profile, assigned
traffic classes and current load. Additionally, strict filtering opens higher level
access (layer 7) to the enabled services only. Consistently, the only
network services
the user can discover using a standard UPnP control point on
the terminal are the services allowed by the user profile. A UPnP device included in the
edge device adapts to
the user profile, the available resources and the available
services. The device gathers information on available network
resources and services via COPS (integrated LPDP and a PEP), manual
configuration or/and some other service discovery techniques.
Profiles are stored in LDAP/SQL data bases and are accessed via
RADIUS. Web-based management console gives the network administrator
the current network situation in terms of connected users, used
resources, etc. at any moment.
The demonstrator
implementation was based on Linux platforms with a modified hostAP
implementation, the freeradius server, MySQL and OpenLDAP data
bases, Apache Web-server, PHP interpreter, Intel's UPnP SDK and a
house-made COPS PDP/PEP implementations. VideoLAN software was used
to show the differentiation of traffic classes dependent on the user
profile. |
v Resources
MIT's
CLICK
HostAP Project
FreeRADIUS
MySQL
OpenLDAP
Apache httpd
PHP
Intel's UPnP SDK
UPnP Forum
VideoLAN
v
Publication
ICWN 2004 |
