Projects on-sale in SAHARA

Graduate or Senior Undergraduate Projects:

OASIS programmable networking testbed/cluster management and control tools (George)
Tomography-based Overlay Network Monitoring System: Implementation and Deployment (Yan)
Policy Check Engine for Secure Wireless Network Access (Takashi and Ana)

Title: OASIS programmable networking testbed/cluster management and control tools
Background: The OASIS project is focused on building network services from the network layer up. Informed by the introduction of a vast array of special-purpose processing points within the network (such as SAN storage directors, HTTP load balancers, firewalls, traffic shapers, etc), we are designing Programmable Network Elements based on a Classify, Infer, and Act architecture. By utilizing arbitrary combinations of high speed--yet customizable--packet filters, we will be able to invoke per-stream and per-packet processing at various points in the network. This capability will be the basis of larger, distributed services and applications such as storage management, distributed authentication, and multimedia applications.
Brief Description: To evaluate the PNE design, as well as deployed applications, we have built a cluster/testbed in 440 Soda. This testbed consists of 20 rack-mounted Pentium-class computers, several Alteon 180 switches, and two Nortel Passport Carrier-class routers. This design will allow for quickly reconfigurable, dynamic topologies. The problem is that going from one configuration to another is a very tedious and error-prone activity, since we must update the routers, routing tables in each of the linux boxes, and VLAN tags in the switches. Currently there is no clean way to manage the testbed, control it, and diagnose and identify problems.

The purpose of this undergraduate research project would be to design a system to control and manage the testbed. Ideally, a user would specify a topology, and the system would map that into a set of updates for each of the devices. Using Tcl and SNMP, these updates could be propogated to the various devices. Furthermore, SNMP could be used to collect information and statistics from the routers and servers to identify errors. Maybe you might even design a webpage interface? Feel free to go nuts!
Required Qualifications: Basic UNIX experience. Additionally, must either know (or be willing to learn on your own) Tcl/Tk (or Java, depending on what you want to use), SNMP, and basic unix networking. Could be a good way to learn network management/networking.
Contact: George Porter (gporter at

Title: Tomography-based Overlay Network Monitoring System: Implementation and Deployment (valid through Dec. 2003)
Background: This project aims to understand the behavior of Internet, and designs a scalable Internet overlay monitoring system to provide adaptation to Internet applications and services.
Brief Description: Overlay network monitoring enables distributed Internet applications to detect and recover from path outages and periods of degraded performance within several seconds. We will design and implement a scalable overlay network monitoring system, which given n end hosts and n^2 paths among them, we only selectively monitor k linearly independent paths so that the loss rates/latency of all other paths can be inferred. We will deploy it on global network testbed, PlanetLab to provide it as a continuous service to the research community. The students will get hand-on experience of network measurement and analysis, and understand the real behaviors of various networks (access network, core network, etc.). Besides, you will get acquainted with many researchers from various institutes and research labs who will use this service. You may be famous :)
Required Qualifications: Java/C programming, Basic knowledge of network protocols.
Contact: Yan Chen (yanchen AT

Title: Policy Check Engine for Secure Wireless Network Access
Background: Roaming is a major issue for wireless networking industry because of the growing number of wireless ISPs. We envision that they will federate with each other, and mobile clients will be able to seamlessly roam over the federated networks without interrupted. Seamless roaming, however, is not always good. For example, users might seamlessly sign-on to a rogue access point, which cheats the victims out of credit card number. Even seamless sign-on to a legitimate provider can be undesirable if it charges by the hour even while users are not using the network. They don't like to pay because their PCs stayed up in their bags.
Brief Description: In the light of this problem, we are planning to build a policy check engine, which interacts with a user agent and makes a decision about whether the requested authentication information can be sent out from the client. This decision is made according to a user-defined policy written in an XML-based access control language (XACML). In the policy, users can specify who is authorized to access which authentication information under which conditions. We will use an XACML open source to implement the policy check engine. The developed policy check engine will be tested on our testbed, which is currently under development to emulate federated wireless networks.
Required Qualifications: Experienced in XML and Java.
Contact:Takashi Suzuki ( and Ana Sanz Merino (