hi_networks_rev3.2 - Distributed Systems Group

Download Report

Transcript hi_networks_rev3.2 - Distributed Systems Group

Diploma in Health Informatics
Networks
Mark Gleeson
[email protected]
(01) 896 2666
Distributed Systems Group,
Trinity College, Dublin
14.02.2009
1
Objectives
• Understand some network terminologyenough to be able to read further on the
topic.
• Understand some issues of network design.
• Issues concerning application of networking
to health.
• Emphasis on practical aspects
2
Introduction to Networks
1. Introduction
2. Network characteristics
3. Network Software
4. Network Hardware
5. Security
6. Internet and the World Wide Web
7. Telemedicine
3
Section 1 – Introduction - Network Basics
• What is a network?
• What does it do?
• How useful is the network
• Various key attributes
4
Introduction (1/2)
• In the 20th Century key technologies were
employed for information gathering, processing
and distribution.
• Some developments include
– worldwide telephone networks
– the invention of television and radio
– the unprecedented growth of the computer
industry
– launching of communication satellites
• These areas are converging. The convergence
of computers and communications is very
significant.
5
Introduction (2/2)
• Initially computers were highly centralized,
usually within a single room. Computers
were physically large.
• The development and advances made in the
computer industry are huge.
• Now – lots of small independent computers
communicating to do a job. These are called
Computer Networks
6
What is a Computer Network? (1/2)
• An interconnected collection of computers
which are:
– Co-operative
• Co-operative action is required between the
components
– Autonomous
• All components are capable of independent
action
• Any resource is capable of refusing requests
– Mutually Suspicious
• Components verify requests
7
What is a Computer Network? (2/2)
• Any computer connected to a network is
known as a host.
– Local host
• Your own computer
– Remote host
• The computer elsewhere you are in contact with
• There are hardware and software aspects to
computer networks
8
(Digital) Bandwidth
• The amount of data per second a
communications link can carry
• Typically referred to in bits per second
– Note 1 byte == 8 bits
• The actual amount of useful data you can
send will be less than the actual capacity
– Overheads for
• Addressing
• Routing
• Error detection
• Medium access
9
Latency / Delay
• Measure of the delay from sending a piece of
data or request until it is processed at the
destination
– Exceptionally important for
• Video and audio
– Voice over IP, Skype, Video conferencing
• Interactive systems
– Inquiry based systems – patent records
– Booking systems
• Needs careful investigation to determine the
weak points
– Is it the network or the computer?
10
More Terminology
• Attenuation
– Measure of how much a signal degrades per
distance in a certain medium
• Different cable types have difference values
• Attenuation limits the distance you can
communicate over
• Electro Magnetic Interference - EMI
– Electrical noise artificially generated
• Watch out for high powered electrical equipment
– MRI machines, Trams, Electric trains, Microwaves
• Of particular concern in wireless networks
– Microwaves operate at a frequency used by 802.11b/g
11
Section 2 - Network characteristics
• What Are Networks
• Network Types and Topologies
• Communication concepts
• Basic Message Types
12
What are Networks?
• Tanenbaum’s definition:
"A network is an interconnected collection
of autonomous computers"
???
OSPF
13
Types of Networks
• Bus-based networks
– Original Ethernet (802.3)
• Star-based networks
– Switched (Modern) Ethernet (802.3ab)
• Ring-based networks
– FDDI
– Token Ring (802.5)
• Wireless networks
– WiFi (802.11a/b/g/n), Bluetooth, Hyperlan
IrDA, WiMax, GSM, EDGE,3G
14
LAN Topologies
Bus architecture (Ethernet)
Ring architecture (Token Ring)
FDDI Ring
Star architecture (switched Ethernet)
Double ring architecture (FDDI)
15
Types of Networks
• Classification based on diameter:
1 m System
10 m Room
Multi-processor
PAN (Personal Area Networks)
100 m Building
1 km Campus
10 km City
LAN (Local Area Networks)
MAN (Metropolitan Area Networks)
100 km Country
WAN (Wide Area Networks)
1,000 km Continent
10,000 km Planet
The Internet
16
Local-Area Networks (LANs)
* Figure is courtesy of B. Forouzan
17
Wide-Area Networks (WANs)
• Latency
• Administration/Jurisdiction
* Figure is courtesy of B. Forouzan
18
Simplex
* Figure is courtesy of B. Forouzan
19
Duplex
Half-Duplex
Full-Duplex
* Figure is courtesy of B. Forouzan
20
Point-to-Point & Multipoint
* Figure is courtesy of B. Forouzan
21
Basic Message Types
• Three basic message types
– 1. Unicast - one sender to one receiver
Sender
Receiver
22
Basic Message Types
• Three basic message types
– 1. Unicast - one sender and one receiver
– 2. Broadcast - one sender, everybody
receives
Sender
• Broadcast addresses:
– network ID +
– all bits of host ID set
– e.g. 134.226.255.255
23
Basic Message Types
• Three basic message types
– Unicast - one sender and one receive
– Broadcast - one sender, everybody receives
– Multicast - one sender and a group of
Sender
receivers
Receivers
24
Section 3 - Network Software
• Originally hardware matters were the main
focus when building networks the software
was an afterthought.
• Key Network Software concepts:
–
–
–
–
Layers
Protocols
Interfaces
Services
25
Layers
• The idea of introducing layers of software
reduces the design complexity. It divides
the large problem into smaller ones.
• The number, name, contents and function of
each layer vary from network to network.
• However for each network the idea is that
one layer offers something to a second layer
without the second layer knowing how the
first layer is implemented.
26
Protocols
• Provided two networks adhere to the same
set of layers layer n on one machine can
(virtually)communicate with layer n on
another machine.
• The rules and conventions used in this
conversation are known as the layer n
protocol.
• A protocol is an agreement between the
communicating parties as to how the
communication proceeds.
27
Interfaces
• Interfaces exist between adjacent layers.
• The interface specifies what one layer is offering
to the other layer.
• Analogous to Object-Oriented concept of
Encapsulation
• One of the most important aspects of designing the
network software is to provide clean, well
understood interfaces. Minimise the amount of
information that has to be passed from layer to
layer.
• Once a layer’s interface is defined many
implementations of that layer can exist. The only
stipulation is that the interface is adhered to.
28
Design Issues for the layers
• Addressing – identifying senders and receivers.
• Data transfer rules- Simplex, half duplex, Full duplex.
• Error control - Agree on a protocol. Implementation of
the protocol.
• Order of the messages
• Fast sender swamping a slow receiver - feedback or an
agreed size is required.
• Length of messages - Too large/too small.
• Multiplexing - use the channel for multiple unrelated
conversations.
• Multiple routes - How to choose the route. Physical and
logical choices.
29
Reference Models
• Two reference models are considered
– The OSI (Open Systems Interconnection)
Reference Model –initiated in the 1970s
matured in the late 1980s and early 1990s
– TCP/IP initiated through work carried out in
the late 1960s, matured and adopted in early
1990s
30
Open Systems Interconnetion Model
•
Developed by the International Standards Organisation (ISO)
•
The model deals with connecting open systems i.e. systems that
are open for communication with other systems.
Application
Application
Presentation
Presentation
Session
Session
Transport
Transport
Network
Network
Datalink
Datalink
Physical
Physical
Medium
31
Principles used to arrive at the Seven
Layer Architecture
• A layer should be created where a different
level of abstraction is needed.
• Each layer should perform a well defined
function
• Standardisation issues.
• Minimise data that has to travel between
the layers
• Large enough number of layers to support
distinct functionality but not too large a
number to create an unwieldy architecture
32
Network Protocols
• Common “language” on the network
• Define network components’ interactions
– Actions/requests
– Responses
• Defined in standards
–
–
–
–
ISO Standards
IEEE Standards (mainly at physical and mac)
ITU Recommendations
IETF Request For Comments (RFC)
33
The TCP/IP Reference model
• The grandparent of all computer networks the Arpanet –
research network sponsored by the Department of
Defence (DoD) in America.
• The network used leased lines to connect government
offices and universities together. When satellite and radio
networks appeared there were problems. The thinking for
TCP/IP began. TCP/IP is named after its two primary
protocols.
– TCP- Transmission Control Protocol
– IP- Internet Protocol
• A layered architecture used to connect multiple networks
together in a seamless way was one of the design goals
from the very beginning
• Connections should remain intact even if there was some
subnet damage.
34
The Physical Layer
• The Physical Layer is the lowest layer and is concerned
with wiring and electrical standards. The design issues
have to do with making sure that when a sender sends a 1
bit that the receiver receives a 1 bit and not a 0 bit.
• Example issues to be agreed when building this layer
– How many volts to represent a 1
– How many volts to represent a 0
– How many microseconds a bit lasts.
– Does transmission proceed simultaneously in both
directions
– How are connections established and torn down
– How many pins are on connectors and what each pin
does.
– What kind of transmission medium, wired, fiber optic
35
Communication between End-Systems
* Figure is courtesy of B. Forouzan
36
Data Link Layer
* Figure is courtesy of B. Forouzan
37
Duties of the Data Link Layer
The data link layer is responsible for transmitting frames from one
node to the next on the same network.
* Figure is courtesy of B. Forouzan
38
Packetizing & Addressing
• Packetizing: Encapsulating data in frame or
cell i.e. adding header and trailer
• Addressing: Determining the address of the
next hop (LANs) or the virtual circuit
address (WANs)
* Figure is courtesy of B. Forouzan
39
Error Control & Flow Control
• Error Control: Detect errors in received
data and attempt to correct them
– Error Detection
– Error Correction
• Flow Control: Prevent the sender from
overwhelming the receiver
– Go-back-N
– Sliding Window
40
Medium Access Control
• Control the access to a shared medium to
prevent conflicts and collisions
– Aloha
– CSMA/CD or CSMA/CA
* Figure is courtesy of B. Forouzan
41
Analogy: Point-to-Point Communication
• Simple Synchronization
Phone conversation
Alice
Bob
42
Analogy: Shared Medium
• Synchronisation is more complex
43
Asynchronous Systems
• Round robin
– Good if many stations have data to transmit over
extended period
• Reservation
– Good for stream traffic e.g audio, video
• Contention
–
–
–
–
–
–
Good for bursty traffic
All stations contend for time
Distributed
Simple to implement
Efficient under moderate load
Tend to collapse under heavy load
44
Multiple-Access Protocols
* Figure is courtesy of B. Forouzan
45
LAN Technologies - Ethernet
• Developed by Metcalfe 1972/3 while at Xerox PARC
• Standards in 1978, 1995, 1998
• Types of Ethernet
– Original Ethernet
– Switched Ethernet
– Fast Ethernet
– Gigabit Ethernet
Metcalfe’s Ethernet sketch
• Medium Access Control
– CSMA/CD
• IEEE 802.2: Logical Link Control
46
LAN Technologies - Evolution of Ethernet
• 1972/73 defined for coaxial cable
• Fast Ethernet used mainly unshielded twisted
pair (UTP)
• Gigabit Ethernet now common in desktops and
laptops
• 10GB Ethernet used mainly for backbone
47
802.3 MAC Frame
• 64-bit frame preamble (10101010) used to
synchronize reception
– 7 bit preamble (10101010) + 1 start flag
(10101011)
• Maximum frame length: 1518 bytes
 max 1500 bytes payload
• Minimum frame length: 64 bytes
 min 46 bytes payload
* Figure is courtesy of B. Forouzan
48
Ethernet Addresses – The ‘MAC’ Address
• A unique 48 bit long number
– Eg 00:A0:4A:21:19:13
vendor-specific
• Types of Addresses:
– Unicast – delivered to one station
– Multicast – delivered to a set of stations
• 01-80-C2-00-00-00
• 03-00-00-00-00-01
Spanning tree (for bridges)
NETBIOS
– Broadcast – delivered to all stations
• FF-FF-FF-FF-FF-FF
49
Non-bridged and Bridged Networks
• Extension of Networks:
– Repeaters, Hubs
- Physical Layer
– Bridges, Switches
- Data Link Layer
– Routers
- Network Layer
• Collision domains:
– Collision affects all machines in one segment
* Figure is courtesy of B. Forouzan
50
Switched Ethernet
• Switch delivers packets to individual
machines
– Without affecting communication with other
machines
• Collisions only occur on individual links
* Figure is courtesy of B. Forouzan
51
Full-duplex Switched Ethernet
• No collisions
– One line to send
– One line to transmit
* Figure is courtesy of B. Forouzan
52
Comms Rooms
53
Switches in Comms Rooms
54
Wireless (1/2)
• IEEE 802.11 standard of 1997 started the revolution
with 2Mbps top speed
–
–
–
–
Now on 802.11g with 54Mbps
802.11n to promise 150+Mbps
Referred by some as Wireless Ethernet
Shares significant similarities with original bus style
Ethernet
• Reliability and Performance much less than wired
network
– Current max speed 54Mbps shared by all on same
base station
– Prone to interference and poor reception
– Speed drops under poor conditions to reduce errors
– Range 100m+ in open much less in office situation
55
Wireless (2/2)
• Star like network
– Your laptop talks to a ‘access point’ which connects
to your wired network
– Laptop which move been access points to keep the
strongest signal
• Uses the Industrial, Medical and Scientific Band
– No licence needed
– Healthcare staff should be aware this shared use and
verify before installation that there won’t be a
conflict
• Advantages
– No need to install ethernet cabling everywhere
– Network access everywhere in range
56
The Network Layer
• The Network Layer is concerned with
controlling the operation of the subnet. A key
design issue is determining how packets are
routed from source to destination. They can be
static, dynamic.
• Example issues to be agreed when building this
layer
–
–
–
–
–
Routing mechanisms
How is subnet congestion to be dealt with
How are costings included- national boundaries
Addressing mechanisms.
In broadcast networks the network layer may be
very thin or non-existent.
57
Position of the Network Layer
• Sends frames through data link layer
• Accepts data from transport layer
58
Duties of Network Layer
• Problems the Network Layer needs to address:
– Transfer over networks of various architectures
– Addressing on a “global” scale
– Adjusting to maximum transmission units
• Hop-to-hop delivery provided by data link layer
• Transfer of packets between end systems
provided by network layer
59
Switching in the Internet
• Connection-oriented communication
– Connection exists between sender and receiver for
duration of communication
• Connection-less communication
– Data between sender and receiver
60
The Scenario
Computer A
Computer B
• Computer A establishes IP address of Computer B
• Computer A creates IP packet with address of
Computer B as destination and its own IP address
as source
• Routers are responsible to direct packet towards
destination
61
The Scenario
Computer A
Computer B
• Best route: Smallest number of hops?
62
The Scenario
Computer A
Computer B
• Best route:
– Fastest round-trip time?
– Highest Bandwidth?
63
Routing Basics
node1 node3
node2 node8
node1 node8
node3 node5
node2 node3
node3 node5
node1 node1
node2 node2
Computer A
Computer B
node3 node3
node1 node6
node2 node5
node1
node1
node2
node2
node3
node3
node1
node1
node2
node2
node3
node3
node3 node7
node1 node3
node1
node1
node1
node1
node2
node2
node2
node2
node3
node3
node3
node3
node2 node4
node3 node5
node1
node1
node2
node2
node3
node3
• Routing Tables
– Creating tables
• Dynamic vs. Static
– Maintaining tables
• Periodic vs. Aperiodic
64
Structure of the Internet
Autonomous Systems
• Autonomous Systems
– e.g. Companies, ISPs, 3rd-level Institutions
65
Autonomous Systems
Stub Network
Transit
Network
Point-to-Point
• Stub network
– Network that does not forward to other network
• Transit network
– Network that forwards traffic between other
networks
• Point-to-point link
66
Yet another Layer ?!?
• Transport Layer – TCP
• Why should you care?
• Applications use TCP as main communication
mechanism
– HTTP
– Remote procedure calls (RPC)
• File Transfer
67
Network Layer vs Transport Layer
Network Layer
Transport Layer
• Communication between • Communication between
two nodes
processes
• Best effort delivery
• Ordered, guaranteed
delivery
• Connection-less
communication
• Connection-oriented
communication
68
Transport Layer
• Process-to-Process Delivery
69
IP Addresses & Port Numbers
• IP Addresses
determine the host
• Port Numbers
determine the
application
70
Communication at Transport Layer
• Comms at
Transport Layer
from port to port
• IP
implementation
multiplexes
depending on
protocol field in
IP header
71
Client-Server Paradigm
Port
Port
14430
Client A
80
Server
Port
Port
14
12420
Client B
72
Problems
•
•
•
•
•
•
•
Connection establishment
Connection termination
Ordered Delivery
Retransmission strategy
Duplication detection
Crash recovery
Flow control
73
Section 4 - Network Hardware
• Connecting hosts and networks require
hardware devices which include..
• Networking and Internetworking Devices
–
–
–
–
–
–
–
Repeaters
Bridges
Hubs
Switches
Routers
Gateways
Brouters
• Modems
• Transmission Media
74
Networking and Internetworking Devices
• These devices can be divided into 3
categories
– Repeaters,
– Bridges,
– Routers and Gateways.
• Repeaters and Bridges are used at the
Networking of hosts
• Routers and Gateways are used for
Internetworking
75
Repeaters and Bridges
• Repeaters
– Operate at the physical layer. They
regenerate signals.
• Bridges
– Operate at the physical and data link layers.
– They are used to divide a network into
segments and can control traffic flow and
are useful for securing the network.
– They can also regenerate signals.
76
What is a Switch
• A layer 2 device – Data Link Layer
• Builds a table of the MAC addresses of devices
attached on each port
• ‘Store and Forward’
–
–
–
–
Switch receives a packet
Verifies it is error free
Looks at its destination MAC
Sends the packet on
• ‘Cut Through’
Photo thanks to Cisco Systems
– Starts to forward packet once it reads the
destination address
– No error checking
• Improved performance
77
What is a Router
• A layer 3 device –
– Works at physical, data link and network layers e.g.
Internet Protocol (IP) level
– Is a bridge between a number of distinct networks
• Example your internal network and the internet beyond
• Range from simple devices
• ADSL router for home users
– To
• Extremely complex enterprise level
• Looks at the destination of each IP packet and
determines where it would be sent on for its next
hop
– Tries to select the best route
78
Other Devices
• Hubs
– A central device that acts like a multiport
repeater
– Date mainly from the time of non switched
ethernet
• Brouters
– A single or multiprotocol router that
sometimes acts as a bridge and sometimes as
a router
79
Connecting Devices and the OSI Model
80
ADSL – Modem for the 21st Century
• Normal telephone lines support only a subset of
the frequencies found in human speech
– This limits the available bandwidth
– ADSL uses part of this untapped bandwidth
– Download bandwidth typically greater than
upload, hence the A for Asynchronous
• Suits the needs of the consumer market
• Business users may wish to get equal
– Quite vulnerable to noise
• Limits on your distance from exchange
– Further away the slower the available speed
• Combined with VPN a true work from home
solution
81
Transmission Media
• Transmission Media Characteristics
– Bandwidth
– Response Time for a request
• Transmission Media Types
–
–
–
–
Twisted Pair
Coaxial cableFiber Optics
Wireless Media – Radio, Microwaves,
Infrared, Lightwave
82
Twisted Pair
• The wire consists of two insulated copper wires
about a mm thick, normally 24 gauge solid core
copper.
• The purpose of twisting the wires is to reduce
electrical interference. (two parallel wires would
act as an antenna). Various categories of cable
• Many twisted pair cables can be bundled together,
typically 4 pairs
• They can be used for analog and digital
transmission.
• The bandwidth depends on the thickness of the
wire and the distance travelled.
• Shielded Twisted Pair (STP) and Unshielded
Twisted Pair(UTP)
83
Twisted-Pair Cable
84
Effect of Noise on Parallel Lines
 The McGraw-Hill Companies, Inc.,
1998
85
Noise on Twisted-Pair Lines
 The McGraw-Hill Companies, Inc.,
1998
86
Unshielded Twisted-Pair Cable (UTP)
• Most common type of cable used in computer
networks
• 8 wires forming 4 pairs
• Different qualities
– Cat 3 – for 10Mbps
– Cat 5 - for 100Mbps
– Cat 5e – for 1Gbps
• Most common in current use
– Cat 6 – better for 1Gbps may allow 10Gbps
• Best to future proof to avoid pain later
• Cables of different types look identical
– Cable type is printed on the side
87
Shielded Twisted-Pair Cable
 The McGraw-Hill Companies, Inc.,
1998
88
Fiber Optics
• An optical transmission system has three components
– The light source
– The transmission medium
– The detector.
• A pulse of light indicates a 1, lack of light indicates a 0.
• The transmission medium is a unidirectional ultra thin
fibre of glass or plastic
• The aim is to get the angle of incidence of the light at
such a point to make the light refract back into the
medium. In the case of a fibre optic cable this means the
light is trapped within the cable.
• At the centre of the cable is the glass/plastic core which
is surrounded by a glass cladding and then a plastic
coating.
89
Transmission Media Performance
Medium
Cost
Speed
Attenuation
EMI
Security
UTP
Low
1-100Mbps
High
High
Low
STP
Moderate 1Mbps-1Gbps
High
Moderate Low
Coax
Moderate 1Mbps-1Gbps
Moderate
Moderate Low
Optical
Fibre
High
Radio
Moderate 1-54Mbps
10Mbps-10Gbps Low
Low
High
Low-High
High
Low
Microwave High
1Mbps- 10Gbps
Variable
High
Moderate
Satellite
High
1Mbps- 10Gbps
Variable
High
Moderate
Cellular
High
9.6-19.2Kbps
Low
Moderate Low
90
Example Sizes of Medical Images
Scan Type
General Radiographs
Ultrasound
Doppler Ultrasound
Bariums
ERCP's
CT
MRI
Nuclear Medicine
Cardiac Angios
Daily Totals
Yearly Totals
Number of Exams per
day
200
20
30
5
5
12
10
10
10
Total (MB)
9600
60
90
400
400
1800
1500
30
8000
302
78,520
21,880
5,688,800
91
• Network Users
– Developers
– Administration staff (software and hardware)
– End users (specialised users, general public)
• Uses of Networks
– Resource Sharing- locally or over
considerable distance.
– High Reliability- multiple CPUs, replication of
files.
– Saving money- Price of PCs compared to
mainframes.
92
• Scalable solutions- The network can grow as
the needs do
• Communication medium- supporting team
work
• Accessing remote information- banking,
health issues, hobbies, shopping
• Person to person communication- e-mail,
instant messaging, video conference
• Interactive entertainment- films, games,
live shows.
93
Uses of Networks in Healthcare?
• Communicating into/out of and between
hospitals
• Paging Staff
• Networking instrumentation
• Maintenance of instrumentation
• To aid communication
– Professional to professional.
– Professional to patient.
– Patient to patient.
• Sharing Information of all types
94
Network and Distributed Systems
• There is some confusion over these two terms.
– Hardware is required for both to operate
• The distinction is in the software.
– In a distributed system the existence of the
autonomous computers is transparent.
– The system is concerned with doing a job and not
with how the connections are established and
managed.
• A distributed system refers to software built on top
of a network.
• With a network the user needs to explicitly deal
with the network in terms of logging on, deciding
which computer to use and managing the network.
95
Section 6 - Security
• Security Issues
• Virtual Private Networks
• Issues with wireless networks
• Methods of attack
• Risks
96
Security Issues
• Secrecy
– Keeping information out of the hands of
unauthorised users.
• Authentication
– Making sure you are talking to the right
person.
• Data Integrity control
– Making sure the data is correct.
• Security effects each layer in the network
design.
97
No Network Is Secure
• Original Ethernet
– Every host on the bus could see and capture every
transmission made
• Trivial to recover passwords, web pages you viewed
• The physical network itself cannot be considered to
be secure
– Wires can be tapped
• Wireless communications available to all within
range with a suitable receiver
• Need to trade off the strength of security with the
practicality of the measures
– Users when faced with a complex process may
attempt to undermine the system
• Sharing of passwords or not logging out
98
Wireless Networks
• Extremely vulnerable to attack
– Anyone with a suitable radio can listen
• IEEE 802.11 originally used a 40 bit WEP key
– Shared encryption key by all users of the
network
– Later versions supported a 104 bit key
– Proved to be very easy to crack in both versions
•
WiFi Protected Access (WPA/WPA2)
–
–
Based on 802.11i standard
EAP extensible Authentication Protocol
» Authentication framework not a protocol
» Can integrate with existing authentication systems
» 802.1x
99
• Best practice in Network Management is to
heavily restrict access to external users or
to block it totally
– Avoid potential security issues
– Protect from hackers
• What of legitimate users
– People who work at other locations
– Particularly relevant concerns in the
Healthcare Domain
100
VPN – Virtual Private Network
• Not strictly a security solution
• Two implementations
– Connecting you to a remote network
– A network within a network
• Allows you to access resources on another
network as if you where connected directly
• A secure encrypted tunnel between your
computer and others on the same network
• Typically requires a dedicated ‘VPN box’ on the
office end network to provide the service
101
VPN - Connecting you to a remote network
• Ideal for a single user
– Work from home, on the road, other
institution
• User needs VPN client software
– Setup can be complex for users
– Need to implicitly log in to access the
network
• Not transparent
– Potential security risk if users computer is
breeched
• Hacker may have access into network
102
Methods of Attack (1/3)
• Impersonation
– Using someone else’s password or a terminal that is
already logged on.
• Active wire-tapping
– Connecting a device(authorised/unauthorised) to a
communication link to obtain access to data through the
generation of false messages.
• Passive wire-tapping
– Monitoring data coming over a communication link.
• Traffic flow analysis
– Analysing the frequency of data traffic, seeing which data
is encrypted and which is not.
• Eavesdropping
– interception of information
103
Methods of Attack (2/3)
• Replay
– Play back a recording of a communication
• Routing Table modification
– Sending messages to the wrong address or multiple
addresses.
• Audit Trail Information Modification
– To cover up an attack.
• Operational Staff Table Modification
– To change access rights.
• Bogus Frame insert
– Inserting bogus information as a frame.
• Data Portion Modification
– Modify the data portion of a message.
• Viruses
104
Methods of Attack (3/3)
• Sequencing Information Modification
– Change the order of the pieces of information.
• Message Deletion
– Removing the message completely
• Protocol Control Information modification
– To send data to a different location.
• Misuse of resources
– Swamping communication lines – Denial of service
• Interruption of power supply
– Denial of service
• Malicious physical damage
– Denial of service
• Theft
– Parts of computers or entire computers could be stolen.
Confidentiality issues arise.
105
Disposal of computer hardware
• You typically contract a third party to securely
shred paperwork, but you skip a used computer.
– Computer can store a virtually unlimited amount of
data in a easy to search format
• Serious privacy issues concerning medical records
• Computer may have no confidential information
but!
– Usernames, passwords, security certificates and so
on for networked information may be stored on the
computer, thus allowing access
• Essential the contents of the hard disk be wiped
not just deleted
– Most operating systems have the ability to do this
– Or remove hard drive and use a sledgehammer
106
Section 6 - The Internet and the World Wide Web
• Addressing and Domain Names
• Who is in charge
• Relationship between IP address and
hostnames
• Arrangements for .ie domains
107
Internet Addressing and Domain Names
• To be able to identify a host on the internetwork, each
host is assigned an address
– Internet Protocol address.
• Addresses are assigned in a delegated manner.
• The Internet Corporation for Assigned Names and
Numbers (ICANN) has responsibility for Internet Protocol
(IP) address space allocation
• What is ICANN?
• As a private-public partnership, ICANN is dedicated to
– preserving the operational stability of the Internet;
– to promoting competition;
– to achieving broad representation of global Internet
communities
– to developing policy appropriate to its mission through
bottom-up, consensus-based processes.
108
Internet Addressing and Domain Names
• ICANN are the top body. They comprise IANA
http://www.iana.org/
• Users are assigned IP addresses by Internet service providers
(ISPs). ISPs obtain allocations of IP addresses from a local
Internet registry (LIR) or national Internet registry (NIR), or
from their appropriate Regional Internet Registry (RIR):
• APNIC (Asia Pacific Network Information Centre) - Asia/Pacific
Region
• ARIN (American Registry for Internet Numbers) - North America
and Sub-Sahara Africa
• LACNIC (Regional Latin-American and Caribbean IP Address
Registry) – Latin America and some Caribbean Islands
• RIPE NCC (Réseaux IP Européens) - Europe, the Middle East,
Central Asia, and African countries located north of the
equator
109
Internet Addressing and Domain Names
• The .org domain is operated by Public Interest Registry. It
is intended to serve the noncommercial community, but
all are eligible to register within .org.
• The .com domain is intended to serve the commercial
community.
• The .gov domain is reserved exclusively for the United
States Government. It is operated by the US General
Services Administration.
• The .edu domain is reserved for postsecondary
institutions accredited by an agency on the U.S.
Department of Education's list of Nationally Recognized
Accrediting Agencies and is registered only through
Educause.
• The .net domain is reserved for networks; usually
reserved for organizations such as Internet service
providers
110
IP and Internet Addressing
• Currently there are two types of Internet Protocol
(IP) addresses in active use:
– IP version 4 (IPv4) and IP version 6 (IPv6).
• IPv4 was initially deployed on 1 January 1983 and is
still the most commonly used version.
• IPv4 addresses are 32-bit numbers often expressed
as 4 octets in "dotted decimal" notation (for
example, 192.0.32.67). Can cater for 4.4 billion
addresses
• Deployment of the IPv6 protocol began in 1999.
IPv6 addresses are 128-bit numbers and are
conventionally expressed using hexadecimal strings
(for example, 1080:0:0:0:8:800:200C:417A).
111
IP Addresses
• 32-bit number in IPv4
– 4,294,967,296 addresses
• IP addresses are unique and universal
– with some exceptions
• Dotted decimal notation:
– Bytes of binary notation represented as
decimal separated by dot
• Internet hosts have both IP addresses and
hostnames
– wilde.cs.tcd.ie == 134.226.32.55
112
Sending IP datagrams over Ethernet
• When the network layer wishes to send data
across the data link layer
• IP address needs to be mapped to an
ethernet address
IP Implement.
172.16.1.1
Card driver
Ethernet card
AA.BB.CC.00.00.11
113
Mapping Domain Names
– Hostname
- wilde.cs.tcd.ie
– Internet Address - 134.226.32.55
• How does a machine translate a fully
qualified hostname into an IP address?
• It consults its nearest Domain Name Server
(DNS)
• The local Nameserver knows the mappings
for local machines and
– At least one root nameserver which knows all
nameservers for the top level domains.
114
.ie domains
• All registrations handled by the IE Domain
Registry - www.iedr.ie
– Was based in UCD until 2000, now a
independent non profit making body
– You are required to prove a connection to
the domain name sought
• 10th Feb 2008
– Total number of domains 118,515
• In Jan 1995
– Total domains 347
115
Growth in .ie domains
116
Section 7 – Telemedicine
• What is it?
117
Definitions
• Telemedicine is the rapid access to shared and
remote medical expertise by means of
telecommunications and information
technologies, no matter where the patient or
the relevant information is located. (CEC 1993)
• Telemedicine has been defined in General
Terms as “Medicine practiced at a distance”
and as such, it encompasses both diagnosis and
treatment, as well as medical education.
(Journal of Telemedicine and Telecare, 1995)
118
Definitions
• Telemedicine is the delivery of healthcare
services, where distance is a critical factor, by
all healthcare professionals using information
and communications technologies for the
exchange of valid information for diagnosis,
treatment and prevention of disease and
injuries, research and evaluation, and for the
continuing education of healthcare providers,
all in the interests of advancing the health of
individuals and their communities. (World
Health Organisation 1998)
119
Telemedicine
• Many different definitions of Telemedicine. Be
aware of this.
• Telemedicine is a process not a technology. Can
be applied to many different domains.
• Can be used for patient/clinician,
patient/patient, clinician/clinician
communication.
• Can be used to support training
• As with all applications of technology,
appropriateness is the key. The application
should be clinically driven.
120
Definition
• The WHO offers a holistic definition of telemedicine: “The
delivery of healthcare services, where distance is a critical
factor, by all healthcare professionals using information and
communication technologies for the exchange of valid
information for diagnosis, treatment and prevention of disease
and injuries, research and evaluation, and for the continuing
education of healthcare providers, all in the interests of
advancing the health of individuals and their communities”
(WHO 2004)
• Telecare, a term often associated with telemedicine, can be
defined as: "...the use of information and communication
systems to give patients with or without their healthcare
professional or informal carer access to information sources
wherever they are located… frequently…within patients' place
of residence” NHS (2004)
121
Characteristics of Telemedicine systems
• Interaction style- Real Time, Store and
Forward.
• Data types- Text, Images, Sound, Video
• Equipment
• Action – Direct Intervention, Advice
• Patient numbers – one patient, multiple
patients
• Duration
122
Some Advantages and Obstacles of
Telemedicine
• Advantages
– Improved use of resources
– Continuing professional
development
– Reduces unnecessary
patient transfers
– Facilitates homecare for
the elderly and the
chronically ill
– Equitable access to care!
– Links doctors with remote
centres of excellence
– Wireless links can be used
in cases of lack of
infrastructure
• Obstacles
– Patient and
professional
dissatisfaction in some
specialities
– Lack of standards
– Security issues
– Legal and ethical
implications
– Equipment failure
– Lack of protocols of
care for these new
types of interactions.
123
History
• Pre-electronic telemedicine
– Accounts from the middle ages of a physician examining a
patient for plague- the patient and the physician were on
opposite sides of the river.
– Prescribing by post was practised well before national
postal systems were in place.
• Electronic telemedicine
– Telegraphy- equipment was developed to send an X-ray
– Telephony- voice communication, computer networks
– Radio- initially by morse code and later by voice.
– Television- closed circuit television, video conferencing
– Wireless communication- use of mobile phone
technologies and satellites.
124
Research
• Why is Telemedicine not in widespread use?
• The technologies exist but the organisational
and personal problems exist.
• Lots of funding has been allocated and has been
spent on projects analysing, testing and
evaluating technical requirements.
• More projects/research should be funded to
show cost-effectiveness and evaluation of new
Telemedicine applications.
125
Ethical and Legal Issues
• Some projects in Europe have looked at certain
aspects of this area (SEISMED, ISHTAR,
TrustHealth and SIREN). They have mainly been
concerned with the security and
confidentiality.
• More work needs to be done to research other
aspects including accountability, responsibility,
licensure, reimbursement, intellectual property
rights, changes in consultation and referral
patterns, defining the ‘owner of patients’,
defining geographical catchment areas.
126
Economics/Evaluation
• Need to compare the new technology with an
alternative way of working. What is the system
costing at the moment?
• How to asses the cost of the new technologyequipment, software, installation, training,
maintenance, legal, utilisation rates.
• How do we asses the benefits- people getting well,
shorter stays in hospital, less time spent with the
expert, patient not having to travel, expertise
experienced by the remote healthcare
professional.
• Methods are required if economic evaluation is to
take place. Care should be taken when comparing
costs across, domains, environments and time.
127
Practice
•
•
•
•
•
•
•
•
•
•
Teleradiology
Telepathology
Teledermatology
Telecardiology
Telepsychiatry
Teleorthopaedics
Surgical Consultations
TeleENT
Tele-EEG
Minor Injuries
• Mobile Telemedicine
• Maritime
Telemedicine
• Teleopthamology
• Home Care
• Telephone Services
• Education
• Telesurgery
128
Using Networks to Provide Equality of
Care?
• Network Infrastructures- Network hardware
and network software
• Network users
• Software applications
• Legislation
• Standards
• Delivering care (need experts on site)
129
Network Infrastructure
• In order to avail of networked healthcare a
network infrastructure must be in place.
• This infrastructure requires an initial
investment, maintenance investment and
investment to keep it up to date
• It is hard to see therefore even at the
technology end how equality of care can be
achieved.
130
Network Users
• In various countries, regions and hospitals
different levels of technical skill exist.
• If we assume that all places have the same
network infrastructure it still doesn’t allow
us achieve equality of care
131
Software applications
• On top of the network infrastructure
software applications.
• Depending on economics, skill and
awareness of users differences can exist.
• Not everyone will be aware of the software
applications that exist and the implications
of choosing particular software e.g. from
standards point of view
132
Legislation
• Be aware that using networks allows the
user to bypass physical boundaries thus
enabling a specialist in Ireland to
communicate with a patient in England.
There are legal implications to this that
haven’t been addressed.
• Equality of care may not be possible due to
these legalities. The closer you live to the
specialist the better.
133
Standards
• In order to have healthcare delivered to all
areas standards are required.
• Communication standards
• Coding standards e.g. for diagnosing,
prescribing.
• Data set format standards
• Semantic standards
• If all areas do not agree to the standards
then equality of care is not possible.
134
Experts on site
• Even if all the infrastructure, software
applications, standards, legislation and skills
are equal is it possible to get equality of
care?
• Remember healthcare is ultimately
delivered by human experts.
• Technology can only be used to support the
current processes of healthcare delivery or
to make new processes possible.
135
TIE
• Telemedicine Information Exchange (US)
• http://tie.telemed.org/
• Covers:
–
–
–
–
–
Extensive bibliography (>14,000 entries)
Projects
Events calendar
Funding sources
News
136