Transcript Document 7309488

Re-Inventing the Internet:
Building Security In
CISE
National Science Foundation
[email protected]
Executive Summary
• The current Internet is unreliable and vulnerable to
attack.
• Many of these vulnerabilities are inherently in design
choices of the architecture
• Yet critical infrastructures depend upon it.
• We need to re-invent the Internet.
• This time we need to design-in security, robustness,
flexibility, manageability, evolvability, and…
2
Internet Vulnerability and the
Need to Re-invent the Internet
3
2005 PITAC Report on CyberSecurity
“Because much of this (IT) infrastructure connects one way or
another to the Internet, it embodies the Internet’s original
structural attributes of openness, inventiveness, and the
assumption of good will.
These signature attributes have made the U.S. IT
infrastructure an irresistible target for vandals and
criminals worldwide”
“A broad consensus among computer scientists is emerging
that the approach of patching and retrofitting networks,
computing systems, and software to “add” security and
reliability may be necessary in the short run but is
inadequate for addressing the Nation’s cyber security
needs.”
4
Not a new problem
5
1987 An Agenda for Research in
Networking and Communications
(NSF)
“It is vital to devote much more research,
both at the academic level and at the
industrial level, to these [survivability]
problems before a truly major catastrophe
occurs.”
6
1988 Toward a Network Research
Network (NRC)
“Privacy and security are issues that are
especially important to consider early on…
privacy and security in data communications
have been underappreciated and
underprotected to date”
7
1991 Computers at Risk: Safe
Computing in the Information Age
(NRC)
“…we cannot wait to see what a attackers may
devise, or what accident may happen, before
we start our defense. We must develop a longterm plan, based on our predictions of the
future, and start now to develop systems that
will provide adequate security and
trustworthiness over the next decades.”
8
1997 Critical Foundations: Protecting
America’s Infrastructures
(President’s Commission on Critical
Infrastructure Protection)
“The rapid proliferation and integration of
telecommunications and computer systems have
connected infrastructure to one another in a complex
network of interdependence. This interlinkage has
created a new dimension of vulnerability, which, when
combined with an emerging constellation of threats,
poses unprecedented national threat.”
“Potential cyber threats and associated risks range from
recreational hackers to terrorists to national teams of
information warfare specialists.”
9
Not just technology
• Economics
• Privacy
– Personal information and Identity theft
– Surveillance (sensors; cameras; web activity, location)
• Open society
– Freedom of speech
– Freedom of access
– Reachability
10
IEEE Spectrum June 2005
• “If censorship technology flourishes in China, it
will be easier and cheaper to take root
elsewhere.”
• “The features that China wants installed in
intermediating devices and software will
gradually find their way into all of the suppliers’
products, if only because it is cheaper that way.”
• “The primary and most longstanding means of
blocking is at the router level.”
11
What should we do?
12
1999 Trust in Cyberspace (NRC)
Recommendation:
“It is time to challenge th[e] paradigm of ‘absolute
security’ and move toward a model built on three
axioms of insecurity: insecurity exists; insecurity
cannot be destroyed; and insecurity can be
moved around.”
“’Trustworthiness from untrusted components’ is a
research area that deserves greater attention.”
13
2003 Grand Research Challenges in
Information Systems (CRA)
Create Systems you can count on:
• System development tools that reduce the frequency
and severity of bugs.
• System administration tools that reduce the frequency
and severity of configuration errors.
• Understandable, deployable, and usable security.
• New approaches to composition of modular elements.
• New approaches to federation.
• Pervasive audit trails.
• Self-adaptive systems.
• Architectural enhancements to processors (trusted HW)
14
2005 Overcoming Barriers to Disruptive
Innovation in Networking, (NSF)
“… in the thirty-odd years since its invention, new uses
and abuses, along with the realities that come with
being a fully commercial enterprise, are pushing the
Internet into realms that its original design neither
anticipated nor easily accommodates.”
“Such problems are numerous, and the Internet’s
emerging centrality has made these flaws all the more
evident and urgent. As a result, it is now widely
believed that the Internet architecture is in need of
substantial change.”
15
2001 Looking over the Fence at
Networks (NRC)
“… successful and widely adopted technologies are
subject to ossification, which makes it is hard to
introduce new capabilities or, if the current
technology has run its course, to replace it with
something better. Existing industry players are not
generally motivated to develop and deploy
disruptive technologies … “
16
2001 Looking over the Fence at
Networks (NRC)
“Networking research should more aggressively
seek to develop new ideas and approaches.”
“To encourage thinking that is unconstrained by
the current Internet, ‘Plan B’ approaches
should be pursued that begin with a clean
slate and only later (if warranted) consider
migration from current technology.”
17
NeTS Planning Activities
• Planning Grants FY04
– Disruptive network innovations via network
virtualization
– Optical integration and implications on optical
networking
• Planning Grants FY05:
– Clean-slate network security
– End to end network architecture
– Wireless mobile and sensor networks
– Distributed systems
– Real time networked systems and CIP
18
Purpose of Planning Grants
• Articulate a compelling research agenda
• Articulate requirements for an experimental
infrastructure
• Get communities to work together
– Network architects and security experts
– Network architects and optical integration experts
–…
• Help NSF & other agencies to fund and promote
19
2006 NSF NeTS Research
Agenda
• Rethink/Reinvent the Internet
– Keep the good, address limitations, create new
• Clean-slate architecture
– Include optical, wireless, sensor network, etc.
technologies
– Enable new applications
• Build-in attributes of security, robustness,
scalability, manageability, evolvability, etc.
• Work together for a synergistic approach
– Security, network architecture, realtime experts …
20
Potential Outcomes of Initiative
• Migrate functionality into Current Internet
• Enable an Alterative Secure Internet for
Critical Infrastructures
• Replace of Internet under Catastrophic
Failure
21
Your Role
• Discuss how to build-in security into a
clean slate architecture
• Write a report—
– Research Agenda
– Infrastructure Needs
• Engage in joint research with networking
and security researchers
22