Terena Networking Conference
TNC'2005

Personal notes from some sessions during the TNC'2005 in Poznan, June 2005

By Professor Jacob Palme,
Stockholm University and KTH Technical University

Table of contents

 

Geant2: A very different kind of network
Understanding the risks: Is safe computing possible?
Grid computing
Security
Sensor networks
Networking within the law
Transport protocols
Connecting to the nervous system

 

How to build larger nets

 

GEANT2: A very different kind of network

Dai Davis said: The technology used by the Internet today will not work for larger nets than those using 10 GB/second building blocks. A new technology is needed. There is a risk of losing more packets, and that the network will not degrade gracefully when highly loaded, unless correctly managed.

Back to table of contents » Other meeting notes

 
 

Understanding the risks: Is safe computing possible?

 

Robert Cowles,
Stanford Linear Accelerator Content, USA

Who has control of your machine? Most networks today are very insecure, send all info and often even passwords in the clear. Example: HTTP, SMTP, POP, IMAP, FTP and TELNET.

Wireless networks are especially insecure, anyone can usually easily listen in.

Faked service providers are easy to build. Who can you trust? DHCP servers are wonderful ways of cheating you.

Those "I have forgotten my password, mother's maiden name-questions" if answered on one server, can be misused to access another server which is using the same questions.

Public access servers like kiosks, hot spots, etc. can collect your secret information.

He continued talking about all kinds of risks and how easy it is to harvest your secret info with lots of more examples.

SSH and other compromises

Attacker installs trojaned sash w/keylogger.

He then talked about security risks with bluetooth (someone else making a phone call on your phone), RFID, VoIP, iPod, Caller ID - all are every unlearnt.

His talk contained a large number of URLs to pages which tell you how to enact different kinds of security break-ins.

United Nations on Fighting Cybercrime

All operating systems, all browsers are insecure. You cannot be secure, only "more secure". There is no simple solution, a combination of many activities are needed to increase security.

Create culture of cybersecurity, prevent and prosecute cybercrime, address needs of developing countries, coordinated efforts to facilitate practical research, global approaches to avert and minimize risks.

(In fact, the DHCP server on the wireless network at the conference was attacked by a denial-of-service attack from one of the computers brought by the conference participants. So they had to give static IP addresses to all conference participants!)

Service providers should only support secure protocols. A good example is Google, which only supports secure IMAP access.

Back to table of contents » Other meeting notes

 

Grid computing

 

Ralph Niederberger: The DEISA Project – Network Operation and Support - First Experiences

Strong, tight coupling of large supercomputers, to enable new scientific applications. They will promote cluster software, global file systems, load balancing between supercomputers on a European scale.

Latency (turn-around-time) is a problem, solved by having a dedicated network, so that firewalls are not needed. But then he talked about the need of high-speed firewalls, so apparently dedicated networks was not enough, because all people who wanted to use the services did not have access to the dedicated network.

Ariel Oleksiak: Unified Access to Grid Infrastructures

Grids provide environment for collaboration and advanced computations, but should be transparent and easy to use, even if they are heterogeneous. Also from mobile devices.

Back to table of contents » Other meeting notes

 

Security

 

John Larmouth: Biometrics Standardisation

BDB = Biometric Data Block. Lots of people have their own proposal for a new biometric measurement which they think is the best of all for identification.

There are lots of working groups on biometric standardization. Lots of people come to these meetings. There are between 29 and 40 standards under development in this area. BMB provides meta-data for the classification of biometric measurements. There are also security issues of delivery of these blocks. Fingerprints are either stored as simple pictures, or as logical description of the whorls and ridges, since people could not agree, they developed two standards. Similar for faces, iris images, vascular image, hand geometry, signature. People want more and more standards, believe that more is better.

Related is capturing of biometric data, processing to extract features, storage, matching.

There is also a need for a low-level interface between biometric measurement equipment.

There is also, of course, conformance testing and certification entrees, as part of the biometrics area and APIs. There is a need to identify trusted software, distribute digital certificates, etc.

Privacy concerns: Anything that has the potential of detecting a medical condition.

Another issue is e-authentication across a network.

Torgny Hallenmark: Control Spam by Use of Greylisting

90-95 % of all spam was stopped, without having to make any decisions on what is spam or not spam. Just one small change had a large effect.

Method: Check IP address, sender, recipient. If this triplet has not been seen before, send SMTP 451 failure code. Accept the same message if it comes back more than 5 minutes later. Regular SMTP senders can resend in this case, spam senders cannot.

Attributes:

  • Time to accept triplet, default 1 hour, but 5 minutes works as well.
  • Lifetime of new triplets that have been accepted: Default 5 hours, his value 30 hours.
  • Lifetime of auto-whitelisted triplets that have been allowed mail to pass. His setting 36 days.

Some odd SMTP senders which cannot handle this have to be whitelisted explicitly. But why not fix those servers instead? Example: Some mobile phone operators.

Problems:

  • First delivery is always delayed.
  • Some mail servers do not follow standards.
  • Some mailers have too long spool queues
  • Spammers may learn and adapt.

Question from the audience: Why have spammers not adjusted to this yet?

Jose-Marcio Martins Da Cruz: SPAM Filtering on Huge Mail Servers with j-chkmail

This paper was also about greylisting, and how to manage a large data base to control when to greylist. Greylisting can be improved by some other information handling, such as restricting the number of connects from a certain mail server during a certain time period.

Back to table of contents » Other meeting notes

 

Sensor Networks:
The Next Step in Networking

 

Jochen Schiller, Free University of Berlin

98% of all computers in the future will be embedded, not immediately visible as computers to their users. Such nets will create information, which may need to be compiled.

Examples:

  • Electrical power meters in every home, who report automatically the consumption.
  • Meteorological sensors.
  • Salt water monitoring.
  • Traffic sensors.
  • Traffic lights control.
  • Wildlife observation.
  • Agricultural measurements and control.
  • Waste dumps control.
  • Fire alarms and fire fighting.
  • Monitoring of medical parameters without forcing the patient to stay in a bed in the ICU all the time.
  • Temperature leakages in buildings.
  • Earthquake prediction, surveillance, military applications.
  • Disaster recovery.
  • Private home control.
  • Gaming.

Typical: Low power, low volume for each device, but large volume together. The cost for the end units should be low.

Measures information, sometimes influences information.

Self-charging batteries, robust technology, self-healing networks. Crashes are not acceptable.

Not a replacement for fast fixed networks, but complementing this with simple, cheap monitoring devices.

Those nodes which have ample power serve as relayers, this should be automatically managed.

Extreme future: Intelligent "dust".

Back to table of contents » Other meeting notes

Networking within the law

Andrew Charlesworth: Copyright Strategies in the Networked Environment

When the radio came, the music industry complained that now people won't buy any records again. The actual result was the opposite.

When the tape recorder came, they said the same.

"Fair use" is being reduced.

Important:

  • Rights clearance mechanism. This stops people taking rights without getting the clearance they should legally ask for.
  • Keeping works publicly accessible.
  • Standardized rights metadata for digital objects.
  • Uniformity of terms of licensing agreements.
  • A simple rights signaling system for end-users.

Marko Bonac: Rules for registration of names under the .eu TLD

www.euric.eu will give a list of registrars.

You have to register an owner e-mail address. If this address does not work, you may lose your domain name.

At the beginning, a four-month time will be open for those who have prior rights to register their domains. After that, a first-come method of distributing domain names will be followed.

Sunrise period:

phase 1: Only government agencies and holders of trademarks.

Phase 2. Other rights protected under national law.

An additional fee will be charged during the sunrise period.

For more info, see http://www.eurid.eu/.

Back to table of contents » Other meeting notes

Transport protocol

Doug Leith: Fair & useful comparisons: how should we evaluate new TCP proposals ?

At very high speeds, existing congestion control tool can lead to problems. There are a range of proposals to extend TCP, there is a need to evaluate them and see which are best.

None of the sources are aware of the available bandwidth. When queues of packets are full, should the tail or the front of the queue be dropped? Reports of drops can provide feedback to the sender that the network is overloaded. But these reports can come too late, it might be better if the sender got knowledge of congestion before packets begin to be dropped.

Important is the factor α of how the window size is increased when a drop is observed.

Live experiments are expensive and time-consuming. Can a model replace experiments?

Measures must be made on a range of different bandwidths, propagation speeds and queue sizes.

Bartosz Belter: Performance Assessment of Distributed SAN Systems

How to integrate remote, separated HPC centers in a single, distributed scalable performance system? Problem is that different centers use different technologies.

Some vendors have special effects, like "write acceleration" from Cisco, which influences writing but not reading.

Back to table of contents » Other meeting notes

Plugging in the nervous system

Kevin Warwick: Plugging the Human Nervous System into the Network: Experiments and Possibilities with Brain-computer Interfaces

Humans are pretty limited beings, with limited sensors, connecting to networks could give us new understandings of the world. And it would be very nice to be able to do searches and computations as fast as computers can do.

Via the network we can have sensors at remote places.

Much research has been with connecting different kinds of animals, like fish or rats, to computers, but the same thing could be done with humans.

Four out of six rats could learn that just thinking of pulling the lever could give them sugar, without actually pulling it. But two rats continued to pull the physical lever.

Rats have been connected to computers, so that the computer tells the rat to go left and right and do other things. Example of uses: Defusing bombs without risking the life of humans.

Current uses: Helping disabled people. The artificial arm can be controlled by movements in other muscles, and these movements are converted to movements of the artificial arm. So there is no direct connection from the brain to the artificial arm.

Can be either output: Sending signals from brain to external devices, or input: Getting external signals to fire up nerves.

Existing applications:

  1. Electronic stimulation of the nerve system to help people with parkinson's disease will give spectacular increase in capabilities and control of the nervous system.
  2. Stroke patient controlling the outside. He cannot move his limbs, but he can by thought control a computer to spell letters for him.
  3. Demo: How he could cause a robot hand to open and close by thinking of doing the same things with his own hand. He could do this with a local robot hand, but also through the Internet control a robot hand on another continent. He could also feel,with his nervous system, the force on the robot hand when pressing an object. He also showed how he could control a computer mouse by thinking of for example double-clicking on the mouse.
  4. Experiment: Connecting together the nervous system of two people (the speaker and his wife).

Think of the world before the invention of the telephone, to understand what changes will happen in the future, he said.

Back to table of contents » Other meeting notes