* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Download Powerpoint - Syzygy Engineering
Network tap wikipedia , lookup
Computer network wikipedia , lookup
Wake-on-LAN wikipedia , lookup
Computer security wikipedia , lookup
Zero-configuration networking wikipedia , lookup
TCP congestion control wikipedia , lookup
Distributed firewall wikipedia , lookup
Wireless security wikipedia , lookup
Deep packet inspection wikipedia , lookup
Piggybacking (Internet access) wikipedia , lookup
Airborne Networking wikipedia , lookup
Cracking of wireless networks wikipedia , lookup
Internet protocol suite wikipedia , lookup
Recursive InterNetwork Architecture (RINA) wikipedia , lookup
Internet Trends and the Cost of Connectivity 1st BroadSky Workshop, Lacco Ameno, Italy November 6, 2003 Will Ivancic – wivancic@grc.nasa.gov 1 NASA Glenn’s Space Communications Program  Experimental Satellites (70s – early 90s)    Maintain US preeminence in satellite communication Focused on Commercial Communications Satellites Space Communications (mid 90s +)  NASA Mission Focused     Earth Science Computer Information and Communications Technology (CICT) Human Exploration and Development of Space Aeronautics (2000 +)   Capacity (Air Traffic Management) Safety (Weather and Security) 2 Aeronautics  Communications, Navigation, and Surveillance (Low Data-Rate Requirements)    Delivery via VHF and/or Satellite Command and Control requires a reliable transport protocol Current protocols     Weather (Low Data-Rate Requirements)     Aircraft Communications Addressing and Reporting System (ACARS) Aeronautical Telecommunication Network (ATN) Moving Toward IPv6 (commercial standards) Possible use of multicasting and broadcasting protocols Low Bandwidth requirements May use non-reliable transport protocols (no feedback) Others (Medium to High Data-Rate Requirements)      Entertainment Maintenance Video Surveillance Black Box Data eBusiness (Records, manuals, maps, etc…) 3 Transmission Control Protocol (TCP)   Currently the Dominant Reliable Transport Protocol in the Internet Designed to be fair and operate over shared infrastructure (Congestion Dominates most end-to-end links)     Slow Start (Exponential Increase) to probe for bandwidth Rate Halving when packet is lost (Multiplicative Decrease) Rate Increase by 1 packet per round trip (Additive Increase) Parameters Affecting Throughput     Bandwidth-Delay Product Congestion Errors File Size 4 Round Trip Time (RTT) Delay  US to Japan Terrestrial   GEO Satellite    Negligible (Network Delay Dominates) G2 / G3 Cellular   550 msec (Theory) Real Systems 0.8 - 1.5 sec 802.11 Wireless Ethernet   20 – 100 msec ~1 Second using General Packet Radio Services (GPRS) from T-Mobile LEO  ~1 – 2.5 Seconds (Using Globalstar) 5 Performance Enhancing Proxies (PEPs)    Middleware deployed to help TCP performance over links with large bandwidth-delay products Attempt to optimize control loops Often breaks end-to-end architecture   If so, breaks end-to-end reliability (at lease at the transport layer) Difficulty working with Security (IPSec, Virtual Private Networks) PEPs Internet Internet Control Loop 1 Control Loop 2 End-to-End Control Loop Control Loop 3 6 Reliable Transport Protocol Developments  TCP Swift Start   TCP Westwood   Attacks Additive Increase, Multiplicative Decrease (AIMD) problem Cumulative Explicit Transport Error Notification   Improves Slow Start Performance Attacks Additive Increase, Multiplicative Decrease (AIMD) problem Stream Control Transport Protocol (SCTP)   New Reliable Transport Protocol Incorporates many proposed improvements to TCP    Byte Counting Selective Acknowledgements Non-Blocking of multiple streams 7 Internet Trends  Inexpensive Broadband Connectivity    Always On Connectivity Peer-to-Peer networking      Maintain connections when crossing networks IPv6 Security   Web replaces paper forms (e.g. eNASA, eCoast Guard) Network Centric Warfare Mobile Networking   Symmetric Links (no longer highly asymmetric) Conversation may be initiated from outside your network! eBusiness   Cable Modem, DSL, WiFi, G2.5/G3/G4 Network Address Translation and Proxies can really mess things up, but are probably here to stay. Ad Hoc Networking 8 What is Mobile-IP and Mobile Networking?  Mobile IP is a routing protocol that enables IP nodes (hosts and routers) using either IPv4 or IPv6 to seamlessly “roam" among IP subnetworks.    Supports transparency above the IP layer, including the maintenance of active TCP connections and UDP port bindings. Link Independent Supports Multi-Homing (connections to more than one route and/or media type) 9 Mobile Router uses Time Ethernet Ethernet FA FA PortB FA Port A NOC HA Carnival Cruise Military Applications AWACS Tactical data forwarded from surveillance satellites to the BGCC. Home-Agent deployed in BGCC Communications link between BGCC and the Field Command Post Battle Group Command Center (BGCC) Foreign-Agent deployed in UAV Intelligence Control Center Non-preferred-path becomes preferred-path UAV Non-preferred-path In case of communications loss of preferred-path Preferred-path Mobile-Router deployed in Armored Field Unit. Secondary communications link utilized due to lost LOS of primary. Mobile-Router deployed in Armored Field Unit. Foreign-Agent deployed in Tracked Command Post Carrier. Unit deployed in vicinity of the battlefield. 11 Hostage House Z INTERNET Foreign Agent HQ Z Home Agent Z Remote Command Center Hostage House Z INTERNET Foreign Agent HQ Z Home Agent Z Remote Command Center Securing Networks  Constraints/Tools  Policy       Security Policy Education Enforcement Architecture Protocols Must be done up front to be done well 14 Security • • • • Security  Bandwidth Utilization  Security  Performance  Tunnels Tunnels Tunnels and more Tunnels Performance  Security   User turns OFF Security to make system usable! • Thus, we need more bandwidth to ensure security. ENCRYPTION ON THE RF LINK ENCRYPTION AT THE NETWORK LAYER VIRTUAL PRIVATE NETWORK ORIGINAL PACKET HEADER HEADER HEADER HEADER PAYLOAD Conclusions Regarding Security  Security Breaks Everything        At least it sometimes feels like that. “The ultimate Denial-of-Service attack.” – D.S. Need to change policy where appropriate. Need to develop good architectures that consider how the wireless systems and protocols operate. If you cannot change policy or architecture, then you must change the protocol. Possible solutions that should be investigated:  Dynamic, Protocol aware firewalls and proxies.  Possibly incorporated with Authentication and Authorization. 16 Satellites and Their Competition The Cost of Connectivity 17 RF Technologies (Mobile)  Globalstar (L-Band)        Boeing Connex (Ku-Band) INMARSAT Swift 64 TrackNet™ 2.0 (Ku-Band) G2.5/G3/G4     Globalstar MCM-8 (Client/Server) Seatel MCM-3 (Client/Server) Qualcomm MDSS-16 General Packet Radio Service (GPRS) – 56 kbps 1xRTT – 110 kbps WiFi (802.11) VHF 18 Satellites vs. The World  Advantages       Broadcast / Multicast Large Coverage Area Physical Security Surveillance Remote Sensing Navigation (Supplemented by Governments and Defense Agencies)  Disadvantage          Cost to deploy Cost of Service Time to deploy Landing Rights (politics) Bandwidth and Frequency reuse Point-to-Point Costs Incremental deployment may be difficult High Link budgets Link Delay 19 Cost of Connectivity (Examples) 20 Deployment issues (mobile)    Equipment Costs Service Cost Network Peculiarities    Network Address Translators Performance Enhancing Proxies Security Mechanisms   Packet Filtering Connection Mechanisms    Smart Card Authentication MAC and/or Static Key (manual login is unacceptable) 21 Verizon Wireless Coverage 22 T-Mobile Coverage 23 Cingular Wireless Coverage 24 GSM Coverage - Terrestrial Based on Particular Service Providers 25 Satellite Coverage Globalstar INMARSAT From SaVi 26 Typical Ku-Band Coverage 27 Applications, Requirements and Costs 128 kbps 550 msec RTT 11 Mbps ~50 msec RTT 28 Stratospheric Platforms – These Are Coming Soon – Refernece: Ryu MIURA and Masayuki OOD: “R&D Program on Telecom and Broadcasting System Using High Altitude Platform Stations,” Journal of the Communications Research Laboratory Vol.48 No.4 2001 High Altitude Airships (Platforms) - Coming Soon      500 feet long, 160 feet in diameter Volume of 5.2 million cubic feet, about 25 times larger than the blimps seen at athletic events. 21.33 km (70,000 feet) elevation Payload 1814 kilograms (4000 pounds) 10 kWatts power www.lockheedmartin.com/akron/protech/aeroweb/aerostat/haa.htm The Missile Defense Agency today (Sept 29.2003) awarded Lockheed Martin (NYSE: LMT - News) a $40 million design and risk reduction contract as the next phase of the advanced technology concept demonstration to deliver a high altitude airship (HAA) prototype in 2006 30 www.elec.york.ac.uk/comms/presentations/HAPsmainpres2000/HAPSmainpres.pdf Comments Relative to Mobile Networking  Fixed Flat-Rate pricing or die  Price per bit or connect time     Not manageable Impossible to budget Voice, Video and Data are all just bits Cost of satellite equipment and services justifies:   Development of new technologies (e.g. Ad Hoc Networks, High Altitude Airships and Stratospheric Platforms) Deployment of new infrastructure 32 Papers and Presentations http://roland.grc.nasa.gov/~ivancic/papers_presentations/papers.html or http://roland.grc.nasa.gov/~ivancic/ and pick “Papers and Presentations” 33
 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
									 
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                             
                                            