Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2002 Stephen F. Bush1 Three Points to Remember Active Networks Are Cool Active Networks Are Cool Active Networks Can Be At Least As Secure As.

Published byShanna Heath Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright 2002 Stephen F. Bush1 Three Points to Remember Active Networks Are Cool Active Networks Are Cool Active Networks Can Be At Least As Secure As."— Presentation transcript:

1 Copyright 2002 Stephen F. Bush1 Three Points to Remember Active Networks Are Cool Active Networks Are Cool Active Networks Can Be At Least As Secure As Legacy Networks ;) Active Networks Can Be At Least As Secure As Legacy Networks ;) Data and Algorithm Are Mutable Active Networks Data and Algorithm Are Mutable Active Networks Introduction

2 Copyright 2002 Stephen F. Bush2 Motivation for Active Networking Faster Hardware Not Fully Utilized Enables More Flexible Network De-couples Protocol From Transport Minimizes Requirements for Global Agreement Enables On-the-fly Experimentation Enables Faster Deployment of New Services Introduction http://www.darpa.mil/ato/programs/activenetworks/actnet.htm http://www.darpa.mil/ato/programs/activenetworks/actnet.htm Email List: activenets_wire@ittc.ukans.edu Email List: activenets_wire@ittc.ukans.edu

3 Copyright 2002 Stephen F. Bush3 DataHeader Traditional Packet Network HeaderCodeData Active Network Network-Aware Devices Devices Become Network-aware and Smart Custom Code Injected By Applications/devices Makes Network Intelligent Reduces Protocol Deployment Time From Years to Months Adaptive Monitoring, And Predictive Control Active Networking: A Natural Evolution Introduction

4 Copyright 2002 Stephen F. Bush4 Change Is Inevitable Internet ProtocolActive and Programmable Networks Fossilized: Resistant to Change Layers of Complexity O(4000) RFCs Inability to Customize Quickly or Efficiently Lack of Security Paradigm Downward Side of the Innovation Curve Built for Change Reduced Complexity Rapid, Efficient Customization Security Paradigm Built-in Upward Innovation Path Introduction

5 Copyright 2002 Stephen F. Bush5 Integrated Versus Discrete Approaches Discrete Approach Discrete Approach Programs (P) Injected Into Active Nodes Separately From Passive Data (D) Programs (P) Injected Into Active Nodes Separately From Passive Data (D) Integrated Approach Integrated Approach Programs Integrated Into Every Packet Along With Passive Data Programs Integrated Into Every Packet Along With Passive Data DP D P PDPD Introduction Active Network Node

6 Section 1 Active Network Framework

7 Copyright 2002 Stephen F. Bush7 Host Active Router Legacy Co-Existence Host ip_active Active Router Legacy Router ip_active Cut-through Sect. I: Framework

8 Copyright 2002 Stephen F. Bush8 Active Network Framework Active Application (AA) Active Application (AA) The active network application The active network application Execution Environment (EE) Execution Environment (EE) Analogous to a Unix shell in which to execute a packet Analogous to a Unix shell in which to execute a packet Node Operating System (NodeOS) Node Operating System (NodeOS) Operating System support for Execution Environments Operating System support for Execution Environments EE 1 NodeOS EE 2 Hardware AA Sect. I: Framework

9 Copyright 2002 Stephen F. Bush9 Active Network Framework Primary Focus Is Communication and Not Computation Primary Focus Is Communication and Not Computation Packet Is Unit of Multiplexing Packet Is Unit of Multiplexing No Assumptions About Underlying Forwarding Technologies No Assumptions About Underlying Forwarding Technologies Sect. I: Framework

10 Copyright 2002 Stephen F. Bush10 EE 1EE 2... IPv6 Policy db ChannelsStore NodeOS Execution Environment Management EE Security Enforcement Engine... Active Network Working Group Version 1.0, Ken Calvert ed. Active Network Framework. http://www.cc.gatech.edu/projects/canes/arch/arch-0-9.ps, August 31 1998. Version 0.9.", citeseer.nj.nec.com/group98architectural.html. Active Network Framework Sect. I: Framework

11 Copyright 2002 Stephen F. Bush11 Framework Considerations (I) End Systems (ES) and Intermediate Systems (IS) End Systems (ES) and Intermediate Systems (IS) No Architectural Differences Between EEs and ISs. No Architectural Differences Between EEs and ISs. Execution Environment (EE) and Active Application (AA) Execution Environment (EE) and Active Application (AA) AA Implements an End-to-end Service Executed Within an EE AA Implements an End-to-end Service Executed Within an EE Sect. I: Framework

12 Copyright 2002 Stephen F. Bush12 Framework Considerations (II) AA Should Be Composable AA Should Be Composable Mobility and Multicast AAs Should Work Together to Implement Mobile Multicast Mobility and Multicast AAs Should Work Together to Implement Mobile Multicast EE and AA Deployment EE and AA Deployment EE API Must Be Available for AA Access EE API Must Be Available for AA Access ANEP Packet Types Accepted by EE Must Be Available ANEP Packet Types Accepted by EE Must Be Available Sect. I: Framework

13 Copyright 2002 Stephen F. Bush13 Framework Considerations (III) Node Operating System (NodeOS) Node Operating System (NodeOS) Primary Role Is Mediator of Node Resources to the EEs Primary Role Is Mediator of Node Resources to the EEs Security Security All Requests to the NodeOS Are Verified Based Upon Credentials Sufficient to Verify Authorized Access All Requests to the NodeOS Are Verified Based Upon Credentials Sufficient to Verify Authorized Access EEs Must Trust NodeOS and Can Add Stricter Policies EEs Must Trust NodeOS and Can Add Stricter Policies NodeOS May Trust Some EEs More Than Others NodeOS May Trust Some EEs More Than Others Sect. I: Framework

14 Copyright 2002 Stephen F. Bush14 Active Network Framework IP|UDP|ANEP IP Packet Classification Input Channel Processing EE Processing Output Channel Processing Scheduling and Transmission EE 1 UDP|IP IP IP|UDP|ANEP IP|UDP IP|ANEP IP EE 2 IPv4 classify EE 3 sched ANEP|IP UDP|IP IP ANEP|UDP|IP IP sched Sect. I: Framework Active Network Working Group Version 1.0, Ken Calvert ed. Active Network Framework. http://www.cc.gatech.edu/projects/canes/arch/arch-0-9.ps, August 31 1998. Version 0.9.", citeseer.nj.nec.com/group98architectural.html. (Cut-through)

15 Copyright 2002 Stephen F. Bush15 Hardware Reference Model Switch Fabric input ports output ports Switch Fabric input ports output ports EE Sect. I: Framework Passive Active Active Network Working Group Version 1.0, Ken Calvert ed. Active Network Framework. http://www.cc.gatech.edu/projects/canes/arch/arch-0-9.ps, August 31 1998. Version 0.9.", citeseer.nj.nec.com/group98architectural.html.

16 Copyright 2002 Stephen F. Bush16 Node Operating System (NodeOS) Resource Abstractions Thread pools Thread pools Memory pools Memory pools Channels Channels Files Files Flows (or Domains) Flows (or Domains) Active Network Working Group, Larry Peterson ed. NodeOS Interface Specification. January 24, 2000, citeseer.nj.nec.com/532678.html. Sect. I: Framework

17 Copyright 2002 Stephen F. Bush17 NodeOS EE ANEP|UDP|IP|ATM NodeOS EE ANEP|UDP|IP|ATM ETH|IP|ATM EE NodeOS Port Anchored Cut-Through Node Operating System Sect. I: Framework Active Network Working Group, Larry Peterson ed. NodeOS Interface Specification. January 24, 2000, citeseer.nj.nec.com/532678.html.

18 Copyright 2002 Stephen F. Bush18 NodeOS EE 2 EE 1 Domain 1 OutChan InChan Domain 2 OutChanInChan Active Domains (Flows): Resource Control Each Domain Is Allocated Resources According to Policy in Effect at Flow Creation Time Each Domain Is Allocated Resources According to Policy in Effect at Flow Creation Time Patrick Tullman, Mike Hibler, and Jay Lepreau. Janos: A Java-oriented OS for Active Network Nodes, 2002 Patrick Tullman, Mike Hibler, and Jay Lepreau. Janos: A Java-oriented OS for Active Network Nodes, 2002 Sect. I: Framework Active Network Working Group, Larry Peterson ed. NodeOS Interface Specification. January 24, 2000, citeseer.nj.nec.com/532678.html. Threads Memory

Download ppt "Copyright 2002 Stephen F. Bush1 Three Points to Remember Active Networks Are Cool Active Networks Are Cool Active Networks Can Be At Least As Secure As."

Similar presentations

Active Jitter Control Stephen F. Bush General Electric Corporate R & D DARPA ITO F30602-98-C-0230 supported by the Air.

Active Jitter Control Stephen F. Bush General Electric Corporate R & D DARPA ITO F C-0230 supported by the Air.
1 IK1500 Communication Systems IK1330 Lecture 3: Networking Anders Västberg 08-790 44 55.

1 IK1500 Communication Systems IK1330 Lecture 3: Networking Anders Västberg
CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.

CSCI 530 Lab Firewalls. Overview Firewalls Capabilities Limitations What are we limiting with a firewall? General Network Security Strategies Packet Filtering.
Tunis, Tunisia, 28 April 2014 Business Values of Virtualization Mounir Ferjani, Senior Product Manager, Huawei Technologies 2.

Tunis, Tunisia, 28 April 2014 Business Values of Virtualization Mounir Ferjani, Senior Product Manager, Huawei Technologies 2.
SDN and Openflow.

SDN and Openflow.
Introduction to Operating Systems CS-2301 B-term 20081 Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.

Introduction to Operating Systems CS-2301 B-term Introduction to Operating Systems CS-2301, System Programming for Non-majors (Slides include materials.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) SriramGopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side, delivers.

4-1 Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving side, delivers.
Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.

Chapter 4 Network Layer slides are modified from J. Kurose & K. Ross CPE 400 / 600 Computer Communication Networks Lecture 14.
10 - Network Layer. Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving.

10 - Network Layer. Network layer r transport segment from sending to receiving host r on sending side encapsulates segments into datagrams r on rcving.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.

Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
In-Band Flow Establishment for End-to-End QoS in RDRN Saravanan Radhakrishnan.

In-Band Flow Establishment for End-to-End QoS in RDRN Saravanan Radhakrishnan.
1 Network Management Active Networks. 2 Network Management.

1 Network Management Active Networks. 2 Network Management.
Spring 2004 1 EE4272 Switch vs. Router Switch:  Def. 1: A network node that forwards packets from inputs to outputs based on header information in each.

Spring EE4272 Switch vs. Router Switch:  Def. 1: A network node that forwards packets from inputs to outputs based on header information in each.
Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.

Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.
1© Copyright 2015 EMC Corporation. All rights reserved. SDN INTELLIGENT NETWORKING IMPLICATIONS FOR END-TO-END INTERNETWORKING Simone Mangiante Senior.

1© Copyright 2015 EMC Corporation. All rights reserved. SDN INTELLIGENT NETWORKING IMPLICATIONS FOR END-TO-END INTERNETWORKING Simone Mangiante Senior.
EEC-484/584 Computer Networks Lecture 9 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.

EEC-484/584 Computer Networks Lecture 9 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
Programming mobile devices Part II Programming Symbian devices with Symbian C++

Programming mobile devices Part II Programming Symbian devices with Symbian C++
Introduction to Active Networks Stephen F. Bush GE Global Research Center.

Introduction to Active Networks Stephen F. Bush GE Global Research Center.
Virtual LAN Design Switches also have enabled the creation of Virtual LANs (VLANs). VLANs provide greater opportunities to manage the flow of traffic on.

Virtual LAN Design Switches also have enabled the creation of Virtual LANs (VLANs). VLANs provide greater opportunities to manage the flow of traffic on.

Similar presentations

Ads by Google