What do we want in a future information infrastructure? David Alderson Engineering and Applied Science, Caltech MS&E 91SI November.

Slides:

Advertisements

Similar presentations

Layering and the network layer CS168, Fall 2014 Sylvia Ratnasamy

Advertisements

Chapter 17 Networking Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles, 6/E William.

6.033: Intro to Computer Networks Layering & Routing Dina Katabi & Sam Madden Some slides are contributed by N. McKewon, J. Rexford, I. Stoica.

COS 461 Fall 1997 Networks and Protocols u networks and protocols –definitions –motivation –history u protocol hierarchy –reasons for layering –quick tour.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets Chapter 4.

Technical Review Group (TRG)Agenda 27/04/06 TRG Remit Membership Operation ICT Strategy ICT Roadmap.

CCNA 1 v3.1 Module 11 Review.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Communicating over the Network Network Fundamentals – Chapter 2.

IS Network and Telecommunications Risks

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Application Layer – Lecture.

Middle Boxes Lixia Zhang UCLA Computer Science Dept Sprint Research Symposium March 8-9, 2000.

Introduction1-1 Introduction to Computer Networks Our goal:  get “feel” and terminology  more depth, detail later in course  approach:  use Internet.

Inside the Internet. INTERNET ARCHITECTURE The Internet system consists of a number of interconnected packet networks supporting communication among host.

1 Last Class! Today: r what have we learned? r where is the networking world going? r question and answers r evaluation.

SESSION 9 THE INTERNET AND THE NEW INFORMATION NEW INFORMATIONTECHNOLOGYINFRASTRUCTURE.

 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.

Connecting Networks © 2004 Cisco Systems, Inc. All rights reserved. Exploring How TCP/IP Works INTRO v2.0—4-1.

Chapter 2 TCP/ IP PROTOCOL STACK. TCP/IP Protocol Suite Describes a set of general design guidelines and implementations of specific networking protocols.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Open Cloud Sunil Kumar Balaganchi Thammaiah Internet and Web Systems 2, Spring 2012 Department of Computer Science University of Massachusetts Lowell.

1: Introduction1 Part I: Introduction Goal: r get context, overview, “feel” of networking r more depth, detail later in course r approach: m descriptive.

Chapter 1 Introduction Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

? INTERNET WHAT, WHY, HOW. DEFINITION The Internet is a massive public spiderweb of computer connections. It connects personal computers, laptops, tablets,

Internet Service Provisioning Phase - I August 29, 2003 TSPT Web:

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.

1 10 THE INTERNET AND THE NEW INFORMATION TECHNOLOGY INFRASTRUCTURE.

Remote Access Chapter 4. Learning Objectives Understand implications of IEEE 802.1x and how it is used Understand VPN technology and its uses for securing.

Pindaro Demertzoglou Lally School of M&T Internet-Intranets-Extranets.

1.1 What is the Internet What is the Internet? The Internet is a shared media (coaxial cable, copper wire, fiber optics, and radio spectrum) communication.

Introduction1-1 Course Code:EE/TE533 Instructor: Muddathir Qamar.

Networks – Network Architecture Network architecture is specification of design principles (including data formats and procedures) for creating a network.

Networks QUME 185 Introduction to Computer Applications.

CS 3214 Computer Systems Godmar Back Lecture 23. Announcements Project 5 due Dec 8 Exercise 10 handed out Exercise 11 coming before Thanksgiving CS 3214.

What makes a network good? Ch 2.1: Principles of Network Apps 2: Application Layer1.

Network Services Networking for Home & Small Business.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Network Services Networking for Home and Small Businesses – Chapter 6.

Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.

Internet and Intranet RMUTT, Course Outline 1 st half –Internet overview –TCP/IP protocol –Applications in TCP/IP network 2 nd half –JSP programming.

Computer Networks. Introduction Computer Network2 A History Lesson of Networking 1969 – ARPANET, first packet switched network consist of UCLA, Stanford,

Hands-On Microsoft Windows Server Introduction to Remote Access Routing and Remote Access Services (RRAS) –Enable routing and remote access through.

TCP/IP Transport and Application (Topic 6)

1 Introduction to Microsoft Windows 2000 Windows 2000 Overview Windows 2000 Architecture Overview Windows 2000 Directory Services Overview Logging On to.

Ch 1. Computer Networks and the Internet Myungchul Kim

NSH0503/01/11041 Overview Computer Network Technology By Diyurman Gea.

Chapter 1 Communication Networks and Services Network Architecture and Services.

Computer Security Workshops Networking 101. Reasons To Know Networking In Regard to Computer Security To understand the flow of information on the Internet.

CHAPTER 5 TCP/IP PROTOCOLS. P ROTOCOL STANDARDS Protocols are formal rules of behavior When computers communicate, it is necessary to define a set of.

Copyright © 2007 Pearson Education, Inc. Slide 3-1 E-commerce Kenneth C. Laudon Carol Guercio Traver business. technology. society. Third Edition.

OS Services And Networking Support Juan Wang Qi Pan Department of Computer Science Southeastern University August 1999.

Application Layer 2-1 Chapter 2 Application Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Connecting to the Network Introduction to Networking Concepts.

1 Chapters 2 & 3 Computer Networking Review – The TCP/IP Protocol Architecture.

Fundamentals of Information Systems, Second Edition 1 Telecommunications, the Internet, Intranets, and Extranets.

Cisco Discovery Semester 1 Chapter 6 JEOPADY RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands RouterModesWANEncapsulationWANServicesRouterBasicsRouterCommands.

Reading TCP/IP Protocol. Training target: Read the following reading materials and use the reading skills mentioned in the passages above. You may also.

Chapter 3 Selecting the Technology. Agenda Internet Technology –Architecture –Protocol –ATM IT for E-business –Selection Criteria –Platform –Middleware.

Transmission Control Protocol (TCP) Internet Protocol (IP)

Advanced Higher Computing Computer Networking Topic 1: Network Protocols and Standards.

PRESENTED BY– IRAM KHAN ISHITA TRIPATHI GAURAV AGRAWAL GAURAV SINGH HIMANSHU AWASTHI JAISWAR VIJAY KUMAR JITENDRA KUMAR VERMA JITENDRA SINGH KAMAL KUMAR.

A presentation by John Rowley for IUP COSC 356 Dr. William Oblitey Faculty member in attendance.

Oct 2000C.Watters1 Internet for E-Commerce Internet, Intranet, Extranet Basics.

Virtual Private Networks

Graciela Perera Introduction Graciela Perera

Lecture 6: TCP/IP Networking By: Adal Alashban

TASK 4 Guideline.

File Transfer Issues with TCP Acceleration with FileCatalyst

Beyond FTP & hard drives: Accelerating LAN file transfers

Introduction to Networking Security

Presentation transcript:

What do we want in a future information infrastructure? David Alderson Engineering and Applied Science, Caltech MS&E 91SI November 18, 2004

Acknowledgements Caltech: John Doyle, Lun Li AT&T: Walter Willinger CISAC: Kevin Soo Hoo, Mike May, David Elliott, William Perry MS&E 91SI: Dan, Martin, Keith

The Internet* has become a critical information infrastructure. Individuals Private corporations Governments Other national infrastructures

The Internet* has become a critical information infrastructure. Personal communication – , IM, IP telephony, file sharing Business communication –Customers, suppliers, partners Transaction processing –Businesses, consumers, government Information access and dissemination –web, blog

The Internet* has become a critical information infrastructure. Our dependence on the Internet is only going to increase. This will be amplified by a fundamental change in the way that we use the network.

What do we want in a future information infrastructure? How will we use the network?

Compute Communicate Store Communicate Communications and computing Courtesy: John Doyle

Compute Sense Environment Act Communicate Store Communicate Courtesy: John Doyle

Computation Devices Dynamical Systems Devices Communication Control Courtesy: John Doyle

From Software to/from human Human in the loop To Software to Software Full automation Integrated control, comms, computing Closer to physical substrate Compute Communicate Store Communicate Computation Devices Dynamical Systems Devices Communication Control New capabilities & robustness New fragilities & vulnerabilities Courtesy: John Doyle

Are we ready? This represents an enormous change, the impact of which is not fully appreciated Few, if any, promising methods for addressing this full problem Even very special cases have had limited theoretical support Compute Communicate Store Communicate Computation Devices Dynamical Systems Devices Communication Control New capabilities & robustness New fragilities & vulnerabilities Courtesy: John Doyle

The Internet* has become a critical information infrastructure. The Internet is a control system for monitoring and controlling our physical environment.  Hijacking the Internet can be even more devastating than interrupting it. The Internet has become a type of public utility (like electricity or phone service) that underlies many important public and private services.  Internet disruptions have a “ripple effect” across the economy.

What do we want in a future information infrastructure? What features or attributes would we like it to have?

Is the Internet* robust? What is robustness?

working definition robustness = the persistence of some feature/attribute in the presence of some disturbance. must specify the feature/attribute must specify the disturbance

Is the Internet* robust? What can we say based on its architecture?

Hosts Routers

Hosts Routers Sources Links

Sources Links

Network protocols. HTTP TCP IP Sources Links

HTTP Sources Hidden from the user Files

Network protocols. HTTP TCP IP Files packets Sources Links Files

Network protocols. HTTP TCP IP Sources Links Vertical decomposition Protocol Stack Each layer can evolve independently provided: 1.Follow the rules 2.Everyone else does “good enough” with their layer

Network protocols. HTTP TCP IP Sources Links Horizontal decomposition Each level is decentralized and asynchronous Individual components can fail (provided that they “fail off”) without disrupting the network.

The Internet hourglass IP WebFTPMailNewsVideoAudiopingkazaa Applications TCPSCTPUDPICMP Transport protocols Ethernet SatelliteOpticalPower linesBluetoothATM Link technologies

IP The Internet hourglass WebFTPMailNewsVideoAudiopingkazaa Applications TCP Ethernet SatelliteOpticalPower linesBluetoothATM Link technologies

The Internet hourglass IP WebFTPMailNewsVideoAudiopingkazaa Applications TCP Ethernet SatelliteOpticalPower linesBluetoothATM Link technologies Everything on IP IP on everything

The Internet hourglass IP WebFTPMailNewsVideoAudiopingnapster Applications TCP Ethernet SatelliteOpticalPower linesBluetoothATM Link technologies robust to changes fragile to changes

Internet Vulnerabilities On short time scales: –Robust to loss of components (“fail off”) –Fragile to misbehaving components On long time scales: –Robust to changes in application or physical layer technologies –Fragile to changes in hourglass “waist” (IP) Is there a practical way of thinking about all of this in the context of cybersecurity? (i.e., a taxonomy for disruptions?)

Network Services (the end-to-end services that provide basic user functionality to the network) A Simplified Taxonomy Network Infrastructure (the hardware/software required to enable the movement of data across the network)

Vertical decomposition Network Services (the end-to-end services that provide basic user functionality to the network) A Simplified Taxonomy Network Infrastructure Physical Hardware Operating Systems Fundamental Protocols

Network Services (the end-to-end services that provide basic user functionality to the network) A Simplified Taxonomy Network Infrastructure Physical Hardware Operating Systems Fundamental Protocols Physical Hardware Operating Systems Fundamental Protocols Network “Core” Network “Edge” Horizontal decomposition

Network Services (the end-to-end services that provide basic user functionality to the network) Infrastructure in Network Core Physical Hardware Operating Systems Fundamental Protocols Network “Core”

Physical Hardware (cables, routers, switches) Operating Systems (Cisco IOS) Fundamental Protocols (TCP, IP, BGP) Network Services (the end-to-end services that provide basic user functionality to the network) Infrastructure in Network Core Network “Core” Standards Orgs (e.g. IETF) ISPs Vendors (e.g. Cisco) ISPs Stakeholders IP spoofing BGP misconfigs Physical attacks Disruptions Cisco IOS attack?

Network Services (the end-to-end services that provide basic user functionality to the network) Infrastructure at Network Edge Physical Hardware Operating Systems Fundamental Protocols Network “Edge”

Network Services (the end-to-end services that provide basic user functionality to the network) Infrastructure at Network Edge Physical Hardware Operating Systems Fundamental Protocols Network “Edge” (TCP, IP, DNS) (Microsoft, Linux, MacOS) (desktops, laptops, servers) Physical Hardware (desktops, laptops, servers) Fundamental Protocols (TCP, IP, DNS) Operating Systems (Windows, Linux, MacOS) Standards Orgs (e.g. IETF) Users Vendors (e.g. Microsoft, Dell) Users (Corporate, Individual, Government) Stakeholders IP spoofing DNS attacks Physical attacks Disruptions Most virus/worm attacks

Network Services Network “Edge” Network “Core” Network Services (the end-to-end services that provide basic user functionality to the network) Physical Hardware Operating Systems Fundamental Protocols Physical Hardware Operating Systems Fundamental Protocols

Types of Network Services Network “Edge” Network “Core” Public Services (specification and use is freely available) Private Services (specification and/or use is restricted or proprietary) Physical Hardware Operating Systems Fundamental Protocols Physical Hardware Operating Systems Fundamental Protocols

Public Services (specification and use is freely available) Private Services (specification and/or use is restricted or proprietary) Types of Network Services Network “Edge” Network “Core” Physical Hardware Operating Systems Fundamental Protocols Physical Hardware Operating Systems Fundamental Protocols Remote Access (Telnet) WWW (HTTP ) (SMTP ) File Transfer (FTP, P2P) Financial Networks (FedWire ) SCADA Systems Other Infra- structures

Network “Edge” Network “Core” S E R V I C E S WWW (HTTP ) (SMTP ) File Transfer (FTP, P2P) Remote Access (Telnet) Financial Networks (FedWire ) SCADA Systems Other Infra- structures Private Public Physical Hardware Operating Systems Fundamental Protocols Physical Hardware Operating Systems Fundamental Protocols

Physical Hardware (cables, routers, switches) Operating Systems (Cisco OS) Physical Hardware (desktops, laptops, servers) Fundamental Protocols (TCP, IP, DNS) Fundamental Protocols (TCP, IP, BGP) S E R V I C E S A S S E T S (Information, Money) Operating Systems (Windows, Linux, MacOS) Network CORE Network EDGE E L E C T R I C I T Y & O T H E R P H Y S I C A L I N F R A S T R U C T U R E S WWW (HTTP ) (SMTP ) File Transfer (FTP, P2P) Remote Access (Telnet) Financial Networks (FedWire ) SCADA Systems Other Infra- structures Private Public Technology Dependence Disruptions

Open Questions Is an Internet monoculture a significant threat to the security of cyberspace? Insight into the patch/worm problem? Who are the stakeholders and what are their economic incentives? How does misalignment of economic incentives contribute to insecurity? To what extent are the technological, economic, social, and legal factors in the current cyber infrastructure to blame for the overall (in)security of the system? How to design policy to promote a secure cyber infrastructure?

What do we want in a future information infrastructure? What do we have with our current information infrastructure?

What We Have Are these attributes important for a critical information infrastructure? Heterogeneity Open access Compatibility Evolvability Anonymity Diverse Functionality Best Effort Service Robustness* –Best Effort Service –Component loss

Security Reliability Accountability –Clear responsibility –Auditability Management simplicity Limited functionality Economic self- sustainability What We Have What We Need Heterogeneity Open access Compatibility Evolvability Anonymity Diverse Functionality Best Effort Service Robustness* –Best Effort Service –Component loss Are there tradeoffs that we might be willing to make?

Remembering History Strategic split of ARPANet and MILNet Different needs of each merited a split in which separate networks could be optimized to achieve different objectives

Two Distinct Needs A public Internet –Embraces the ideals of the original Internet –Open access, anonymity (but at a price) A critical information infrastructure –Meets the emerging needs of society –Secure, reliable, performance guarantees (but at a price) Is there any reason that they should be the same network?

What do we want in a future information infrastructure? A thought experiment

Vision for a Future Information Infrastructure A network that is an appropriate foundation for the deployment and support of critical infrastructure systems, thereby enhancing our national security A network in which there are clearly defined roles, responsibilities, and accountability for its owners, operators, support industries, and users A network that grows incrementally on top of the existing mesh of intranets and extranets, driven by a properly incentivized innovation community A network that interfaces and coexists with legacy infrastructure, providing incremental benefits to all who choose to participate A network that has self-sustaining economics

Some General Beliefs Private networks (even excluding the military) are a significant portion of all data networks Most private networks tend to use public infrastructure somewhere (virtual separation) The ISP industry is in tough economic times There is a large amount of excess capacity (e.g. dark fiber) Most of the technology for a secure network already exists The government and corporations are be willing to spend money to solve the problem

A Crazy Idea? Semi-private, with restricted access Security and reliability as primary objectives Built from the best of existing technology Strict deployment standards Leverage existing and unused capacity Limited, but guaranteed functionality Exist alongside current “best effort” Internet Clear responsibility –Licensed users –Audit trails Mandated use by other critical infrastructure providers Available by application to corporations (for a fee) Goal: long-term economic self-sustainability Have the federal government commission a few major ISPs to build and operate an “Internet alternative”

What about GovNet? Was it a good idea? Did any part of it make sense? Could it be implemented?

What do we want in a future information infrastructure? David Alderson Engineering and Applied Science, Caltech MS&E 91SI May 26, 2004