This course will be advised over Stud.IP.
Dr. Xiaoming Fu (fu---at---cs.uni-goettingen.de)
Jun Lei (lei---at---cs.uni-goettingen.de)
Niklas Steinleitner (nsteinleitner---at---cs.uni-goettingen.de)
Ingo Juchem (juchem ---at---cs.uni-goettingen.de)
2 SWS, ECTS-Studium, ECTS-Credits: 6, Alte PO: 9 ECTS-Credits.
The course objectives for Praktikum Telematik (UnivIS#99065) include (but are not limited to) the following:
The course is organized as several independent projects, each consisting of
2~3 students (you have to choose a project and your co-worker by your own):
Project 1: Build a programmable firewall
supporting both stateless and
stateful packet filtering. Stateful filtering dynamically allows specific
connections, e.g., based on TCP packets. Stateless filtering filters packets
based on protocol (UDP, TCP) and port numbers. External updates, e.g., based on
application-layer protocols, are desirable. (A setup protocol such as RTSP
dynamically installs a new filter for the duration of the connection.).
Team: Sebastian Kraatz, Benedikt Over, Fabian Schreibe.
The final report for this project is available here.
Project 2: Access Control for HIP
HIP is a new Internet protocol working as a 3.5-layer in the TCP/IP stack, which
supports stronger security and mobility. Open source HIP implementations are Boeing HIP-Server, InfraHIP or
HIP4Inter .
A distributed hash table, or DHT, is a building block for peer-to-peer applications. At the most basic level, it allows a group of distributed hosts to collectively manage a mapping from keys to data values, without any fixed hierarchy, and with very little human assistance. This building block can then be used to ease the implementation of a variety of peer-to-peer applications such as file sharing services, DNS replacements, web caches, etc.
The goal of the project is to prototype an "access control for HIP" mechanism based on an open source DHT implementation like Bamboo, which aims to provide a router with a capability of allowing or denying HIP data traffic to pass between two HIP end nodes. Participation of this project will enrich your experience in network protocols, security, peer-to-peer networking.
Team: Christian Bauer, Nils Röttger
Further readings:
OpenDHT
[draft-ietf-hip-esp-00]
[draft-ietf-hip-base-03]
[draft-ietf-hip-arch-03]
Project 3: Integrating SAML with SIP
The Security Assertion Markup Language (SAML) in collaboration with SIP will accommodate
richer authorization mechanisms and enable trait-based authorization where a user are
authenticated using roles or traits instead of identity. A motivation for trait based
authorization and some scenarios are presented in [ietf-sipping-trait-authz-00].
[draft-tschofenig-sip-saml-04]
defines an extension for SIP to support this functionality.
The goal of the project is to prototype SAML-SIP for an open source SIP implementation to provide rich authorization support
for examples described in [ietf-sipping-trait-authz-00].
Application scenarios of SAML-SIP: charging for wireless LAN access; event based charging for ring tones or video streaming.
Project 4: Divided in two parts
a: Linux-Patch, DSCP-Field (IPv6)
b: Diameter-QoS / Radius-Qos
[draft-alfano-aaa-qosprot-04]
Team: Martin Gerhardy, Jochen Kemnade, Matthias Quade.
For each projects students are required to organize the work effectively according to the streamline of a realistic project, including milestones (task and time allocation, deliverables) definition, implementation and revision, reports of design, implementation, test results and intermediate results etc. Each project will elect a project leader who should be responsible for directing and regularly reporting the overall progress of the team.
Prerequisite: Computer Networks course or equivalent
References:
Course time: Wednesday 11:15 - 13:00
First Lecture: October 19, 2005
Room: MN 68
Created: Aug 2005
fu--at--informatik.uni-goettingen.de