Presentation is loading. Please wait.

Presentation is loading. Please wait.

Internet Architecture Board; Report Back IAB Stack Evolution Programme: interaction with NFV Doc: TBA Source: Bob Briscoe, BT Agenda item: Liaisons For:

Published byBryce Powers Modified over 8 years ago

Similar presentations

Presentation on theme: "Internet Architecture Board; Report Back IAB Stack Evolution Programme: interaction with NFV Doc: TBA Source: Bob Briscoe, BT Agenda item: Liaisons For:"— Presentation transcript:

1 Internet Architecture Board; Report Back IAB Stack Evolution Programme: interaction with NFV Doc: TBA Source: Bob Briscoe, BT Agenda item: Liaisons For: Discussion © ETSI 2015. All rights reserved

2 IAB Stack Evolution Programme Internet Architecture Board (IAB) Architecture and Liaison activity for the IETF IAB Stack Evolution Programme Addressing near-impossibility of evolving the Internet stack This talk Prepared in co-operation with our IETF liaison: Diego Lopez Recent IAB workshop: Stack Evolution in a Middlebox Internet (SEMI) https://www.iab.org/activities/workshops/semi/ participants decided to reach out to NFV ISG this update is given in my personal capacity More formal liaison or joint action could follow 2

3 Collision course 1. Pervasive monitoring by government agencies Snowden revelations 2. The middlebox tussle two perceived drivers: security protection & business protection widespread blocking of IETF extensibility mechanisms new e2e protocols (IP next header numbers) blocked, e.g. SCTP new services (port numbers) blocked (often leaving only https and http) new protocol option numbers blocked (e.g. TCP options like multipath) IAB/IETF response in both cases: plans to encrypt and authenticate all end-to-end protocol fields and data 1. protects privacy* 2. enforces architecture unsolicited services might be useful, but they have no right to data visibility 3 * Nov 2013 IAB recommendation to harden Internet ConfidentialityIAB recommendation

4 Impact Market in (virtualised) network functions could shrink Need to define new interface(s) need to shift from unsolicited to solicited intervention signalling from app to network function, or vice versa in-band preferred, out-of-band maybe think "ICMP that works" 4 ICMP: Internet Control Message Protocol

5 Potential positive role of NFV recognised freshness – protocol extensions should deploy faster protocol extension often not possible with hardware middleboxes more systematic update practices as NFV becomes the norm a voice for the middlebox industry NFV ISG brings most middlebox vendors and operators together the first time the IETF can address this industry in one place Downsides also recognised staleness many virtual appliances will still be updated rarely or never not central to scope of NFV ISG data plane interfaces specific to each network function (but security ToR does address pervasive encryption) 5

6 Next steps Invitation to relevant IETF activities IETF WGs: httpbis, TAPS, tcpinc, TLS, tsvarea, PCP,...? non-WG mailing list: Handling pervasive monitoring (PERPASS) Potential activities: MCIC, SPUD, middlebox detection & error collection,...? Collectively forming decisions on trust model crypto coverage in protocol headers next IETF meeting, Dallas 22-27 Mar 2015. IAB stack evolution programme* lead: Brian Trammel NFV ISG activity? joint NFV-IETF initiative? 6 TAPS: TrAnsPort Services tcpinc: TCP INCreased security TLS: Transport Layer Security tsvarea: Transport Area Plenary PCP: Port Control Protocol MCIC: Multiparty Content Integrity & Confidentiality SPUD: Session Protocol Under Datagrams TAPS: TrAnsPort Services tcpinc: TCP INCreased security TLS: Transport Layer Security tsvarea: Transport Area Plenary PCP: Port Control Protocol MCIC: Multiparty Content Integrity & Confidentiality SPUD: Session Protocol Under Datagrams * https://www.iab.org/activities/programs/ip-stack-evolution-program/

Download ppt "Internet Architecture Board; Report Back IAB Stack Evolution Programme: interaction with NFV Doc: TBA Source: Bob Briscoe, BT Agenda item: Liaisons For:"

Similar presentations

CONEX BoF. Welcome to CONEX! Chairs: –Leslie Daigle –Philip Eardley Scribe Note well MORE INFO: -ECN.

CONEX BoF. Welcome to CONEX! Chairs: –Leslie Daigle –Philip Eardley Scribe Note well MORE INFO: -ECN.
Jacques Bus, Head of Unit DG Information Society and Media EU-US Cooperation in Network and Information Security 17 Mar, 2008 – Yale, US.

Jacques Bus, Head of Unit DG Information Society and Media EU-US Cooperation in Network and Information Security 17 Mar, 2008 – Yale, US.
UWB UWB: High speed(>100Mbps), small area(WPAN), accurate positioning and distance measuring. Blue tooth: although it’s low speed, it has a more mature.

UWB UWB: High speed(>100Mbps), small area(WPAN), accurate positioning and distance measuring. Blue tooth: although it’s low speed, it has a more mature.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: 2014-05-07 Discussion  Source: OBERTHUR Technologies Information  Contact:

SEC Clarification Group Name: WG4 (SEC-2014-xxxx) Decision  Meeting Date: Discussion  Source: OBERTHUR Technologies Information  Contact:
Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.

Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.
October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.

October 22, 2002Serguei A. Mokhov, 1 Intro to Internet-services from Security Standpoint, Part II SOEN321-Information-Systems Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
T-110.5110 Computer Networks II Introduction 17.9.2007 Adj. Prof. Sasu Tarkoma.

T Computer Networks II Introduction Adj. Prof. Sasu Tarkoma.
Introduction to Transport Layer. Transport Layer: Motivation A B R1 R2 r Recall that NL is responsible for forwarding a packet from one HOST to another.

Introduction to Transport Layer. Transport Layer: Motivation A B R1 R2 r Recall that NL is responsible for forwarding a packet from one HOST to another.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
K. Salah1 Security Protocols in the Internet IPSec.

K. Salah1 Security Protocols in the Internet IPSec.
COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.

COE 342: Data & Computer Communications (T042) Dr. Marwan Abu-Amara Chapter 2: Protocols and Architecture.
Abstraction and Control of Transport Networks (ACTN) BoF

Abstraction and Control of Transport Networks (ACTN) BoF
Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.

Lecture slides prepared for “Business Data Communications”, 7/e, by William Stallings and Tom Case, Chapter 8 “TCP/IP”.
Host Identity Protocol

Host Identity Protocol
Report of ETSI NGN IPTV activities Rainer Münch, TISPAN Chairman Presenter: Ian Spiers DOCUMENT #:GSC13-PLEN-56 FOR:Presentation SOURCE:Rainer Münch, Ian.

Report of ETSI NGN IPTV activities Rainer Münch, TISPAN Chairman Presenter: Ian Spiers DOCUMENT #:GSC13-PLEN-56 FOR:Presentation SOURCE:Rainer Münch, Ian.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Similar presentations

Ads by Google