Posts Tagged ‘NetSE

 

Does Better Security Depend on a Better Internet?

February 21st, 2009

Last week the New York Times printed an article by John Markoff entitled, Do We Need a New Internet? In the article, Markoff states, “…there is a growing belief among engineers and security experts that Internet security and privacy have become so maddeningly elusive that the only way to fix the problem is to start over.” Stanford’s Nick McKeown is quoted in the article, “Unless we’re willing to rethink today’s Internet, we’re just waiting for a series of public catastrophes.” The article speculates that in a new network architecture, some users would “give up their anonymity and certain freedoms in return for safety.”

It’s certainly exciting to see core computer science issues featured so prominently in the press! Indeed, this article has generated quite a bit of discussion in the research community. For example, while acknowledging that a new network architecture would certainly play an important role in improving security, Purdue’s Gene Spafford writes on his CERIAS blog, “Do we need a new Internet? Short answer: Almost certainly, no.” (Gene tells me that he will be interviewed on this topic on C-SPAN’s Washington Journal, airing at 9:30am on Saturday, February 21.) UCSD’s Stefan Savage is largely in agreement, saying that “the network is by and large the smallest part of the security problem” and that “at a technical level the security problem is really an end-host issue, coupled with an interface issue — lots of power given to lots of different pieces of software whose couplings present opportunities to bad guys that aren’t anticipated, at a social level its a human factors issue.” The bottom line is that, outside of resource management (that is, controlling DDoS) and attribution/accountability, the main sources of security risk are at the end points — a key point missed in the NY Times article. Peter Freeman perhaps puts it most plainly:

To be succinct, although technical improvements are clearly needed, a large part of the security issue comes back to people, not technology. If we could figure out how to educate people so they don’t respond to pleas from Nigerians who need to transfer money or they don’t leave their passwords on post-its or never install the frequent security patches that are issued, we could make huge improvements immediately.

That’s not to say, however, that reinventing some aspects of networking isn’t an important research goal. Peter Freeman, while he was the director of NSF’s computer science (CISE) division, was instrumental in helping to launch the GENI Project in 2004, with the goal of developing an experimental platform for exploring truly reliable and higher capacity networks. For Freeman and others, new approaches to networking were deemed an important area for government investment because of the basic nature of the research problems involved.

Mounting a global-scale effort such as GENI has been a major challenge for the computing research community, perhaps similar to what the astronomy community goes through when it decides to develop large telescopes. But the initiative has already had several ripple effects. Guru Parulkar, who was the NSF program manager for GENI at the start, went to work with Nick McKeown and helped start the Clean Slate Project mentioned in the NY Times article. The GENI effort also put Princeton’s Larry Peterson in the middle of things, as the PlanetLab Consortium was one of the most influential early inspirations for GENI. And now, a much broader visioning effort in Network Science and Engineering, or NetSE, supported by the Computing Community Consortium (CCC), is defining the critical research questions in a wide range of network-related areas.

As for GENI itself, significant progress on development of a prototype has been made, coordinated by a GENI Project Office (GPO) and involving a large number of academic researchers. BBN’s Chip Elliott says that a version of the testbed will be available for early testing in a matter of months, “which will allow researchers to investigate many core networking research questions, some of which are the thorniest questions for Network Science and Engineering, upon the earliest end-to-end prototype of GENI.” Ellen Zegura, Georgia Tech professor and NetSE Council Chair, cites the importance of this development, saying “For me, the deep technical issues of security and privacy are at the heart of the GENI effort, and one of the main reasons for developing it.”

The demand for better security grows with the public’s dependence on computing and networking. As Chip Elliott states:

Would our lives improve if all aspects of the Internet were firmly bound to real-world personal and organizational identities? Might total public transparency reduce crime and misbehavior – in short, might less privacy lead directly to more security? Is privacy already a vanishing concern, fated to disappear in a few years without widespread regret?

Careful thinking will illuminate these issues — particularly if coupled to a vigorous program of experimentation.

This, in a nutshell, is what the NetSE and GENI initiatives aim to address.

Peter Lee

25 comments »

Posted in big science, research horizons

Tags:

What is a “Better Internet”?

February 15th, 2009

Ellen Zegura is Professor and Chair of Computer Science at the Georgia Institute of Technology. She writes to us today in her role as chair of the NetSE Council.

What is a “better Internet”? The current Internet has been a remarkable success, providing a platform for innovation that far exceeds its original vision as a research instrument. It is well documented that the Internet has transformed the lives of billions of people in areas as diverse as education, healthcare, entertainment and commerce. Yet many of these successes are threatened by the increasing sophistication of security attacks and the organizations that propagate them. A materially more secure Internet would be “better”. Further, billions of people remain untouched by the advantages of the Internet; Internet World Statistics puts worldwide average Internet penetration at about 22% in mid 2008. An Internet that affordably reaches the other 80% of the world population would be “better”.

Beyond security and accessibility, there are other areas where limitations of the current Internet are significant. The Internet usually works pretty well, but every user has experienced inexplicable periods of degraded performance or outright non-function. The current Internet provides no visibility to end-users and shockingly little visibility to network managers and operators to support understanding, adapting to and fixing reliability problems. Such limitations require lay people spend their leisure time as network systems administrators and companies to spend heavily in network operations. Further, the lack of performance reliability prevents the Internet from advancing to become a truly dependable, critical infrastructure. Indeed, current societal reliance on the Internet for critical functions is disproportionate to our ability to deliver a high degree of dependability. A more predictable Internet would be “better”.

The Internet embeds societal values in ways that are often implicit and not well understood. For example, the Internet is “open”, usually intended to mean that anyone can join the network by implementing the public protocol IP. In principle, users can run any application on the Internet, without limitation imposed by the network protocols. Open networks promote organic growth, but suffer from a lack of mechanisms to vet or bar participation. Issues of trust and individual accountability are confusing. As the well-known cartoon says, “On the Internet, no one knows you’re a dog.” An Internet that contains support for identity would be “better”.

The research community is poised to dramatically advance the agenda of building better networks through advances in both empirical design methodology and systematic design methodology. We have an approach to support large-scale and flexible experimentation based on programmability of devices and federation of multiple test-beds. We have a nascent mathematical framework for understanding architectural features and underlying principles. The time is right to advance and link both methodologies to realize better networks.

Ellen Zegura

7 comments »

Posted in research horizons, Uncategorized

Tags:

Update on NetSE

October 13th, 2008

One of the visioning activities supported by the CCC is exploring the possibility of a compelling research agenda in the theoretical, experimental, and societal aspects of “network science and engineering” (NetSE). A NetSE Council has been established.  It’s chair, Ellen Zegura, provides this brief status report on the NetSE Council’s activities.

Thanks for the opportunity to update the community on what has been happening recently with the Network Science and Engineering (NetSE) effort, from my perspective as chair of the NetSE Council.

Let me explain my take on NetSE with an anecdote from my Georgia Tech colleague Mike Best based on a recent trip he made to Africa. Mike and his group met with a group of chiefs of the Acholi people in Northern Uganda. This is an area that has suffered through profound conflict and lacks for essentially any communication technology. Mike and his team wanted to engage in participatory design to understand the existing communication needs, unmet needs and requirements, and latent requirements.

They were very cautious not to influence the conversation towards modern communication technologies so they did not mention specific systems. But after about thirty minutes of this exercise one of the chiefs finally stated, “We want the internet. Unless you have something better.”

To me, NetSE is about the potential for something better. That isn’t to take away from how incredible the Internet is, but that success has led to a dependence on an infrastructure that we understand surprisingly little about. Figuring out what “better” means and how we might get there is a challenge that is intellectual, economic, political and social. In other words, hard, but incredibly important.

The last couple of months have been busy for the NetSE community. Five workshops and meetings have taken place since mid-June covering Network Design and X, where X has been Network Science, Societal Values, Theoretical Computer Science, Behavioral Economics, and Network Engineering. The goal of these activities has been to add to all the good work on research opportunities done under the auspices of GENI, but without the yoke of justifying a large facility.

NetSE is shaping up to be strongly disciplinary AND interdisciplinary. There remain major challenges and opportunities in the core disciplines of networking and distributed systems, as well as across disciplines in and out of CISE. For example, technology advances are producing the ability to program all the way down to the photon or RF wavelength. How can and should future networks take advantage of programmability at this extreme? In the interdisciplinary vein, there are important and exciting opportunities at the intersection of human behavior and network behavior. How should home networks be structured so that mere mortals can deploy and manage them?

Over the next couple of months, we will be synthesizing the output of the various activities into a NetSE research agenda that will include recommendations to funding agencies about what is needed to advance the agenda. You can watch for updates on the NetSE page hosted by the CCC at www.cra.org/ccc/netse.php.

Ellen Zegura is Professor and Chair of Computer Science, School of Computer Science, College of Computing, at the Georgia Institute of Technology.

No comments »

Posted in research horizons, workshop reports

Tags: