Security - Educause
Download
Report
Transcript Security - Educause
The Co-mingled Universe of R&E
Networking
Ken Klingenstein
Director, Internet2 Middleware and Security
Topics
• Three things somewhat related
• Reconnections scene setting
• Reconnections outcomes
• High level
• Rich issues
Three things somewhat related
• The original reinvention ideas
• M. Blumenthal and D. Clark. Rethinking the design of the
Internet: The end to end arguments vs. the brave new
world. To appear in ACM Trans. Internet Technology. Also
to appear in Communications Policy in Transition: The
Internet and Beyond. B. Compaine and S. Greenstein,
eds. MIT Press
• Reconnections: Managing Academic Networks
• An Internet2 workshop for integrating new networking
approaches with current already complex mesh
• The new NSF GENI effort
• www.geni.net
• Conceptual design effort; test-bed to follow
The original reinvention
• Began as an IETF WG on new
architecture
• www3.ietf.org/proceedings/05nov/slides/R
RG-9/RRG-2.ppt
• Broad set of new requirements –
security, wireless, massive scale (e.g.
sensor nets), changing economics, etc.
• Clark, Braden, Chiappa etc. as
principals
Reconnections
•
•
•
•
•
Internet2 workshop held at O’Hare in
October 2005
Brought together academic CTO and
networkers, network researchers,
corporations, etc.
Goal was to rethink management and
integration of networks (both commodity
and advanced) in universities and
enterprises
http://security.internet2.edu/rtp/
Report now in draft and due out shortly
The new NSF GENI program
• NSF program in CISE to create and test
new network architectures responsive to
new requirements
• Not specific to R&E networks
• Based on original reinvention energy
but coupled with additional concerns on
management and transitions, as well as
budget realities
• www.geni.net
Reconnections Scene Setting
•
•
•
•
•
A brief history from a good seat…
Going forward “opportunities”
Characteristics of R&E networking
Relating to corporate requirements
What does comingled mean?
• To the current commodity
• To the future clean slate…
7
A Brief History …
• Getting onto Arpanet…
• The mid ’80’s
• JVNC, NSFnet, ESNet, BITnet, CSNet
• On-campus, the shift from TN3270 to campus
nets
• The mid ’90’s
• vBNS, Abilene, etc
• The emergence of the border router
• On-campus, from multiprotocols to TCP/IP
8
And now…
• A major R&E institution has several external
connections, with distinct characteristics
(performance, AUP’s, etc.)
• Complex campus networks, with highperformance meshes, lower-speed
extensions, clusters of advanced nets, etc.
• Distributed management of networks and
desktops
• Lots of special cases, like Medical Schools,
Engineering Colleges, Dormitories
9
And now…
• Security challenges
•
•
•
•
The demise of the fictitious perimeter
Roaming devices
Wireless
Slow to deploy DNSSec and problematic IPSec
• The prospect of new types of external non-IP
connections
• Complex, undiagnosable deployments
• Policy drivers for technology
10
Going Forward “Opportunities”…
•
•
•
•
The prospect of on-demand personal “lambdas”
Infocard
Federated identity and trust
Uneven economics
11
Characteristics of R&E Networking
• Enterprise centric
• Networking is part of an infrastructure provided to
members. Operated often as a common good
• Often run to a building or POP in a sub-unit; often some
wall-plate services as well
• Desktop autonomy
• Heterogeneity of platforms
• Loose desktop management
• Leading edge
• Early developers/adopters of new technologies
• Regulatory complexity
• HIPAA, FERPA, AUP, DMCA
12
More characteristics
• Demanding applications
• Bandwidth, latency, jitter, transparency
• Strong inter-institutional requirements
• Multiple external links
• AUP’s
• Performance distinctions
• Funding that favors one-time versus
continuing costs
13
Relating to corporate needs
• From the Jericho forum:
• Can no longer assume that an organization owns, controls
and is accountable for the ICT infrastructure it employs
• Should not assume that all individuals sit within
organizations and are managed by a single IdM
• Vision statement:
• Cross-organizational security processes and services
• Open standards
• Assurance processes that when used in one organization
can be trusted by others
14
Network Applications Consortium
• NAC - a group of 25-30 major companies (Boeing,
Bechtel, GlaxoSmithKline, PG&E, etc.) with intermingled
research and operational environments
• Welcome to the Network Applications Consortium
"where membership radically improves the delivery of
agile IT infrastructure in support of business
objectives"
• Original focus was on middleware, where Internet2 and
NAC members have had meaningful if sporadic
interactions
• Added focus over the last year on network security
• http://www.netapps.org/
15
NAC Enterprise Security Architecture
Key Concepts:
• Security by design
• Usability and
manageability
• Defense in depth
• Simplicity
• Enforced policy
Key leveraging
technologies:
• Identity
Management
• Directory Services
• Border Protection
• Reusable tools
• Desktop
management
16
Comingled with the commodity
• The commodity Internet is a part of the R&E
network environment
• With its security issues
• With its packet disruption appliances
• With its legacy requirements
• True to being the original crucible, new
deployments in commodity often begin in
R&E
• Multicast, IPv6, DNSSec
17
Co-mingled with the future
• It is likely that any advanced network
initiatives will have presence on campuses
and require integration.
• Forces may drive management of long
distance networking to the end points
• Layers of invention that new networking
approaches could leverage are being
developed in the R&E community
• Trust fabrics
• Manageability discussions
18
Distinctions?
• This workshop is more on architectures than
protocols
• We have steep requirements around policy
• We are driven by researcher needs as much
as by economics, capabilities, security, policy,
etc.
19
Questions -1
• Role of enterprise vs role of VO vs role of
individual
• In authn/z
• In provisioning networking
• In resource discovery, etc…
• What role will the enterprise have in personal
lambdas?
• What parts of the infrastructure will the
enterprise own? Manage?
20
Questions -2
• What parts of manageability matter? Costs,
downtime, security, privacy…
• Does the control plane/data plane distinction
continue to matter? Do we need more planes
or less? (remember dynamic networking…)
• How will diagnostics happen in the face of
complexity, higher levels of performance,
scale, etc?
• How will resource discovery be addressed at
so many layers?
21
Questions - 3
• How important is e2e transparency? How
important is innovation in the face of
security?
• What will drive change?
• How will devices and appliances on the net
change the problem?
• Will outsourcing, offshoring etc affect R&E
nets?
22
Reconnections Outcomes
• Marginal improvements have had marginal results
• The rising cost of manageability and diagnostics
• Many insurmountable opportunities for revolutionary
change
• The deck is stacked in the arms race
• Firewalls ->
• “Firewall Friendly” port 80 world ->
• Deep packet inspection ->
• Encrypted traffic: Queen of Spades
23
Some Tracerouting
• We did a good job of network engineering
• But forgot the social engineering
• And economic engineering
• Private pipes: can it be avoided?
• Through virtualization?
• Through market forces?
• The banes of silent failure and vanishing
transparency
24
Some Tracerouting
• Network adaptations rapidly being added
• Disruptive introductions
• DRM in the network
• Firewalls
• People want this functionality, which leaves
two choices
• Implement it wrong
• Implement it right
25
The Next Hop
• Look to the application layer for wisdom
• “Victorian” instant messaging
• Visibility
• Security by Indirection
• Federated Identity: Federated Security?
• SAML
• Shibboleth
26
Reconnections Outcomes
• May also change the way applications and
devices relate to the network
• Devices joining the network getting dumber
• Boxes in the network getting smarter
• Can we compress the protocol stack; eliminate
IP?
• URL-based routing
• e.g. Can the network be told, “establish an
encrypted, authenticated VoIP connection
with [email protected]”?
27