Lec 2_02_ACN_BITS

BITS Pilani Pilani Campus

Advance Computer Networks (CS G525)

Virendra S Shekhawat Department of Computer Science and Information Systems

BITS Pilani Pilani Campus

Second Semester 2015-2016 Lecture-2 [02nd Aug 2015]

BITS Pilani, Pilani Campus First Sem 2015-16

Agenda

• Tussle in Cyber space [CH-3]

– Compulsory Reading

• Tussle in Cyberspace: Defining Tomorrow’s Internet *Clark 2003]

Advanced Computer Networks CS ZG525

3


Tussle in Cyberspace

• Interests of different stakeholders can adverse of each other… called as “tussle”

– End user, Commercial ISPs, Govt., Private sector providers, IP Right Holders, Content Providers

• Diversity among stakeholders creates problems

– e.g. Music lovers wants to exchange recordings with each other but the rights holder wants to stops them

• Accommodating this tussle is crucial to the evolution of the network’s technical architecture.


4


Requirements in Today’s Communication

• User’s communicate but don’t trust

– User desire anonymity

• End-Parties Distrust Their Software and Hardware

– E.g. Cookies, collect consumer details for marketing goals

• Third Party asserts it’s right to interpose communication

– Private ISPs and Govt. agencies wants to monitor traffic

• One party forces Interaction on Another

– E.g. Email Spam

• Multi-way Communication ( Internet has been designed for one to one communication only… end to end argument)

– e.g. Teleconferencing, Broadcasting


5


Where we are moving…

• Operation in Untrustworthy World

• Demanding Applications

– Audio/Video Streaming

• Uses intermediate nodes (Violates end to end argument)

• ISP Service Differentiation

– Application specific services are offered by some ISPs

• Third Party Involvement

– Ex. Govt. agencies wants to monitor the traffic


6


Natures of Engineering and Society

• Engineers: Solve the problems by designing mechanisms with predictable consequences.

• Society: Dynamic management of evolving and conflicting interests.


7


Changes Over Time

• Internet developed in simpler times

– Common goals, consistent vision

• With success came multiple goals – examples:

– ISPs must talk to provide connectivity but are fierce competitors

– Privacy of users vs. government’s need to monitor

– User’s desire to exchange files vs. copyright owners

• Must deal with the tussle between concerns in design

8



Tussle Spaces [1]

• Economics

– Providers tussles as they compete and consumers tussle with providers to get the service they want at a low price

– Principle of design of choice into mechanism is the building block of competition

• Customers must have the ability to choose (switch) providers freely.


9


Examples

• Provider lock-in from IP addressing

– Incorporate mechanisms that make it easy for a host to change address

– Like you can change cell phone carrier without changing your cell phone number

• Value pricing

– Divide customers based on their willingness to pay

• Pay higher rate to run a server at home


10


Tussle Spaces [2]

• Trust – Users do not trust each other

– Users don’t trust parties they actually want to talk to

• Stealing /gathering information

• Explicit choice of trusted 3rd party

– Less and less trust to their own software

• Browsers gather the information without user’s knowledge

• Design for choice: privacy vs. security – Users should be able to choose-

• with whom they interact (Identity….?)

• what level of transparency they offer to other users


11


Tussle Spaces [3]

• Openness – The openness to innovation that permits a new application

to be deployed

– But economical motivations are against openness

• Proprietary interfaces give market power

• Vertical integration by ISPs – Bundling infrastructure and services

– Somewhat restricted but better QoS

– Separate

• Tussle of vertical integration

• Tussle of sustaining innovation


12


New Principles?

• Design for variation in outcome – Allow design to be flexible to different uses/results – Tussle in the design, not by violating the design

• Two specific principles: – Modularize the design along tussle boundaries

– Design for choice

• Challenges – Flexible designs will be complex

• Applications should be written to deal with this complexity

• Innovations will be slow

– Flexibility may decrease efficiency • Not optimized for all cases

• Active Networks!!!

13



Examples

• Isolate tussles – QoS designs uses separate ToS bits instead of overloading

other parts of packet like port number – Separate QoS decisions from application/protocol design

• Provide choice allow all parties to make choices on interactions – Creates competition – Fear between providers helps shape the tussle – Example: mail system


14


Enough Patchwork …?

• Original simplicity is changing … – Hourglass approach

• Why…? – New class of applications

• Real time, multimedia, content distribution, 3D immersive, cloud services etc.

– Operational and management requirements – Variety of business models – Security mechanisms

• Firewalls, NAT (to come up from IPv4 address crunch!)

– Scalability enablers gives rise to Adhoc solutions

• Patching can affect the performance …

15



Next …

• Future Internet Design Project: Named Data Networking [CH-4]

– Compulsory Readings

• Named Data Networking (NDN) Project [L Zhang 2010]


16


Problems with Current Internet [1]

• Security

– Control and Data planes are intermixed

• Mobility

– Identity and location in one (IP Address) makes mobility complex

• Energy

– Assumes live and awake end systems

– Communication can happen only when both ends are awake

• No Explicit Support for Client-Server Traffic and Distributed Services


17


• One to one communication – No support for multicast and multipath

• Symmetric protocols – No difference between a PDA and a big server

• Stateless – QoS is difficult

– Some applications guarantees about the delay and throughput of their flows

• Location Independent Addressing – Most services requires nearest server


18

Problems with Current Internet [2]


Leading to New Internet Architecture

• Innovations in various aspects of the Internet

– Security, mobility, energy etc.

• Collaborative projects putting multiple innovations into an overall networking architecture

• Testbeds for real-scale experimentation


19


Key Research Topics for Future Internet Design [1]

• Content or data oriented paradigms – Primary usage of today’s Internet has changed from host-

to-host communication to content distribution

– Introduces challenges in data and content security and privacy, scalability of naming and aggregation, compatibility and co-working with IP

• Mobility and ubiquitous access to networks – Shift from PC-based computing to mobile computing.

– Introduces challenges such as how to trade off mobility with scalability, security, and privacy protection of mobile users, mobile endpoint resource usage optimization


20



• Cloud computing centric architectures – Computing becomes Utility Computing – Needs to create secure, trustworthy, extensible, and

robust architecture to interconnect data, control, and management planes of data centers

• Security

– In Original Internet it works as an Overlay not an integral part of it

– Technical aspects encryption, authentication, authorization

– Non-Technical aspects to provide trustworthy interface among the participants


21



• Experimental test beds

– Explore challenges related to large-scale hardware, software, distributed system test and maintenance, security and robustness, coordination, openness, and extensibility.


22


Research Projects on Future Internet Design

• US National Foundation (2005)

– Working on project Future INternet Design (FIND)

• European Union

– 7th Framework program

• Future Internet Architecture (FIA) (2010)

• 4 Extra-Large Projects Future Internet Assembly (FIA) in Europe


23


Mobility First Project (Rutgers Univ.)

• Motivation Current Internet is designed to interconnects fixed points – Fail to address the demands of mobile devices and

services – To introduce a pervasive system to interface human

beings with the physical world

• Challenges addressed by Mobility First

– Stronger security and trust requirements due to open wireless access

– Dynamic association, privacy concerns, and greater chance of network failure

– Content caching


24


Mobility First Architecture


25

Source: A Survey of the Research on Future Internet Architectures [Pan 2012]


Named Data Networking Project (Univ of California)

• Moving from end to end packet delivery to Content Centric Model

– Current Client server model facing challenges in supporting secure content oriented functionality

• Network is transparent and just forwarding the data

– NDN focuses on ‘what’ (content) in place of ‘where’ (address)

– Allows content caching on network side to optimize traffic


26


NDN Architecture


27

Source: A Survey of the Research on Future Internet Architectures [Pan 2012]


Architectural Principles of NDN

• Hourglass architecture is maintained surrounding the Data NOT IP

• Security is built-in into the architecture

• Retains the E2E for fast application development and caters network failures.

• Flow balanced data delivery ensures self regulating network traffic

• Routing and Forwarding Plane separation

• Caters user choice and competition where possible


28


Three Research Issues in NDN

• How to find the data, or how the data are named and organized to ensure fast data lookup and delivery…? – Name the content by a hierarchical “name tree”

• Data Security and trust worthy-ness – NDN proposes to secure the data directly instead of

securing the data “containers” such as files, hosts, and network connections.

– Trust of Host and servers Trust in Data

• Scaling of NDN Names – NDN names are longer than IP addresses, but the hierarchical

structure helps the efficiency of lookup and global accessibility of the data.

Advanced Computer Networks CS G525

29


NDN Architecture -1

• Communication is driven by the receiver – Sends interest packet

• /pilani/computerscience/courses/acn.htm

• Router forwards interest packet by looking up the name in its FIB (name based routing protocol)

• Once the Interest packet reaches a node that has the requested data, a Data packet is sent back, which carries both the name and the content of the data, together with a signature by the producer’s key

• This Data packet traces in reverse the path created by the Interest packet back to the consumer


30


NDN Architecture: Forwarding Process

• Jj


31


NDN Architecture -2

• NDN routers keep both Interests and Data for some period of time.

– To serve consumers with same interests

• NDN router stores interests in a table called PIT (Pending Interest Table)

– Name of the Interest + Interfaces information through it received

– When Data receives, router checks against PIT entries and forward it accordingly.

– Router also caches the data


32


NDN Architecture -3

• NDN Supports following inherently

– Content Distribution (many users are requesting the same data at different times)

– Multicast (Many users are requesting same data at same time)

– Mobility (users requesting data from different locations)

– Delay Tolerant Networking (Users having intermittent connectivity)


33


Research Issues in NDN -1

• How to find the data, or how the data are named and organized to ensure fast data lookup and delivery…? – Names need not to be globally unique – Naming can be application specific – Name the content by a hierarchical “name tree”

• Data Security and trust worthy-ness – NDN proposes to secure the data directly instead of securing

the data “containers” such as files, hosts, and network connections.

– Data signatures are mandatory. – Trust of Host and servers Trust in Data

• Question? – How to achieve content access control and Infrastructure

security..?


34



• Forwarding – Forwarding is based on names – Benefits wrt IP Routing…?

• Routing – IP Prefixes Name Prefixes – Existing routing protocols can be used to construct FIB

table

• Question..? – How to keep routing table sizes scalable for unbounded

data names • NDN names are longer than IP addresses, but the hierarchical

structure helps the efficiency of lookup and global accessibility of the data.


35



• NDN Inherently supports multipath routing

– No chance of looping unlike IP routing… Why?

• It improves Routing security…How?

– Every data is signed…including routing messages

– Multipath routing mitigates prefix hijacking because routers may detect the anomaly caused by prefix hijacking and try other paths to retrieve the data.

– Attacking to a particular target is difficult… Why??

• Privacy Protection

– No information about Who requested what data


36


Thank You!


37

Lec 2_02_ACN_BITS

Documents

Transcript of Lec 2_02_ACN_BITS