Last week the New York Times printed an article by John Markoff entitled, Do We Need a New Internet? In the article, Markoff states, “…there is a growing belief among engineers and security experts that Internet security and privacy have become so maddeningly elusive that the only way to fix the problem is to start over.” Stanford’s Nick McKeown is quoted in the article, “Unless we’re willing to rethink today’s Internet, we’re just waiting for a series of public catastrophes.” The article speculates that in a new network architecture, some users would “give up their anonymity and certain freedoms in return for safety.”
It’s certainly exciting to see core computer science issues featured so prominently in the press! Indeed, this article has generated quite a bit of discussion in the research community. For example, while acknowledging that a new network architecture would certainly play an important role in improving security, Purdue’s Gene Spafford writes on his CERIAS blog, “Do we need a new Internet? Short answer: Almost certainly, no.” (Gene tells me that he will be interviewed on this topic on C-SPAN’s Washington Journal, airing at 9:30am on Saturday, February 21.) UCSD’s Stefan Savage is largely in agreement, saying that “the network is by and large the smallest part of the security problem” and that “at a technical level the security problem is really an end-host issue, coupled with an interface issue — lots of power given to lots of different pieces of software whose couplings present opportunities to bad guys that aren’t anticipated, at a social level its a human factors issue.” The bottom line is that, outside of resource management (that is, controlling DDoS) and attribution/accountability, the main sources of security risk are at the end points — a key point missed in the NY Times article. Peter Freeman perhaps puts it most plainly:
To be succinct, although technical improvements are clearly needed, a large part of the security issue comes back to people, not technology. If we could figure out how to educate people so they don’t respond to pleas from Nigerians who need to transfer money or they don’t leave their passwords on post-its or never install the frequent security patches that are issued, we could make huge improvements immediately.
That’s not to say, however, that reinventing some aspects of networking isn’t an important research goal. Peter Freeman, while he was the director of NSF’s computer science (CISE) division, was instrumental in helping to launch the GENI Project in 2004, with the goal of developing an experimental platform for exploring truly reliable and higher capacity networks. For Freeman and others, new approaches to networking were deemed an important area for government investment because of the basic nature of the research problems involved.
Mounting a global-scale effort such as GENI has been a major challenge for the computing research community, perhaps similar to what the astronomy community goes through when it decides to develop large telescopes. But the initiative has already had several ripple effects. Guru Parulkar, who was the NSF program manager for GENI at the start, went to work with Nick McKeown and helped start the Clean Slate Project mentioned in the NY Times article. The GENI effort also put Princeton’s Larry Peterson in the middle of things, as the PlanetLab Consortium was one of the most influential early inspirations for GENI. And now, a much broader visioning effort in Network Science and Engineering, or NetSE, supported by the Computing Community Consortium (CCC), is defining the critical research questions in a wide range of network-related areas.
As for GENI itself, significant progress on development of a prototype has been made, coordinated by a GENI Project Office (GPO) and involving a large number of academic researchers. BBN’s Chip Elliott says that a version of the testbed will be available for early testing in a matter of months, “which will allow researchers to investigate many core networking research questions, some of which are the thorniest questions for Network Science and Engineering, upon the earliest end-to-end prototype of GENI.” Ellen Zegura, Georgia Tech professor and NetSE Council Chair, cites the importance of this development, saying “For me, the deep technical issues of security and privacy are at the heart of the GENI effort, and one of the main reasons for developing it.”
The demand for better security grows with the public’s dependence on computing and networking. As Chip Elliott states:
Would our lives improve if all aspects of the Internet were firmly bound to real-world personal and organizational identities? Might total public transparency reduce crime and misbehavior – in short, might less privacy lead directly to more security? Is privacy already a vanishing concern, fated to disappear in a few years without widespread regret?
Careful thinking will illuminate these issues — particularly if coupled to a vigorous program of experimentation.