federal plan for advanced networking research and development

About the National Science and Technology Council

The National Science and Technology Council (NSTC) was established byExecutive Order on November 23, 1993. This Cabinet-level Council is theprincipal means for the President to coordinate science and technology acrossthe diverse parts of the Federal research and development enterprise. Chaired bythe Director of the Office of Science and Technology Policy (OSTP) on behalf ofthe President, the NSTC membership consists of the Vice President, Cabinetsecretaries, agency heads with significant science and technologyresponsibilities, and other White House officials.

An important objective of the NSTC is the establishment of clear national goalsfor Federal science and technology investments in areas ranging from informationtechnologies and health research, to improving transportation systems andstrengthening fundamental research. The Council prepares research anddevelopment strategies that are coordinated across Federal agencies to forminvestment packages aimed at accomplishing multiple national goals.

About this Report

This report was developed by the Interagency Task Force on AdvancedNetworking, a 40-member ad hoc group established pursuant to a charge fromthe Director of OSTP. The charge called for a strategic vision and plan to guidethe Federal government’s portfolio of advanced networking research anddevelopment investments. The report is published by the National CoordinationOffice (NCO) for the Federal Networking and Information Technology Researchand Development (NITRD) Program.

To Request Additional Copies

To request additional copies of the Federal Plan for Advanced NetworkingResearch and Development or other NITRD publications, please contact:NCO/NITRD, Suite II-405, 4201 Wilson Boulevard, Arlington, Virginia 22230; (703) 292-4873; fax: (703) 292-9097; email: [email protected]. Electronic versions ofthis report and other NITRD documents are also available on the NITRD Web site:http://www.nitrd.gov.

Copyright Information

This is a work of the U.S. government and is in the public domain. It may befreely distributed, copied, and translated; acknowledgement of publication by theNational Coordination Office for Networking and Information TechnologyResearch and Development is requested. Any translation should include adisclaimer that the accuracy of the translation is the responsibility of the translatorand not the NCO/NITRD. It is requested that a copy of any translation be sent tothe NCO/NITRD at the above address.

Federal Planfor

Advanced NetworkingResearch and Development

National Science and Technology Council

Interagency Task Force on Advanced Networking

September 2008

EXECUTIVE SUMMARY ......................................................................................... vii

1. ADVANCED NETWORKING R&D: FOSTERING LEADERSHIP IN THE 21ST CENTURY .. 1

Introduction ............................................................................................................ 1A Strategic National Priority .................................................................................. 2

The Internet Today: Successes, Limitations, and Vulnerabilities ................ 2Plan’s Accelerated Networking Security Focus Option ............................ 4Plan’s Strategic Vision: New Capabilities by Mid-Decade ........................ 4Strategic Vision’s Technical Goals ........................................................... 5Framework for Federal R&D Agenda ...................................................... 7

Mid-Decade Advanced Networking Scenario #1: Civil-Military Crisis Response ...................................................... 8Mid-Decade Advanced Networking Scenario #2:Large-Scale Scientific Research ................................................... 10

2. TECHNICAL DISCUSSION OF THE PLAN’S STRATEGIC VISION GOALS ................... 12Goal 1: Provide Secure Network Services Anytime, Anywhere ........................ 12Goal 2: Make Secure, Global, Federated Networks Possible ............................ 13Goal 3: Manage Network Complexity and Heterogeneity ................................ 13Goal 4: Foster Innovation Among the Federal, Research, Commercial,

and Other Sectors Through Development of Advanced Network Systems and Technologies ........................................................................ 14

3. ACCELERATED NETWORKING SECURITY FOCUS .................................................. 16

4. RESEARCH PRIORITIES AND FEDERAL AGENCY RESEARCH INTERESTS ..................... 18

5. CONCLUSIONS ............................................................................................... 20

APPENDICES ....................................................................................................... 23

Appendix 1: Charge by Director, Office of Science and Technology Policy ..... 23Appendix 2: Network Research Challenges, by Goal ......................................... 25Appendix 3: Recent Federal Networking Research Programmatic Areas,

by Agency .......................................................................................... 55Appendix 4: Existing Findings and Workshop Results ........................................ 59Appendix 5: Membership of the Interagency Task Force on

Advanced Networking ..................................................................... 61

ACRONYMS/ABBREVIATIONS ................................................................................ 62

Federal Plan for Advanced Networking Research and Development

v

Table of Contents

In the four decades since Federal research firstenabled computers to send and receive data overnetworks, U.S. government research anddevelopment (R&D) in advanced networking hasfueled a technological, economic, and socialtransformation. Today, networking is woven intothe fabric of our society, a fundamentalinfrastructure for government operations, nationaldefense and homeland security, commerce,communication, research, education, and leisure-time activities.

The Internet’s phenomenal growth andelasticity have exceeded all expectations. At thesame time, we have become captive to thelimitations and vulnerabilities of the currentgeneration of networking technologies. Becausevital U.S. interests – for example, national defensecommunications, financial markets, and theoperation of critical infrastructures such as powergrids – now depend on secure, reliable, high-speed network connectivity, these limitations andvulnerabilities can threaten our national securityand economic competitiveness. Research anddevelopment to create the next generation ofnetworking technologies is needed to addressthese threats.

This critical R&D challenge was recognized bythe Director of the Office of Science andTechnology Policy (OSTP), who formed theInteragency Task Force on Advanced Networkingto provide a strategic vision for future networkedenvironments (see Appendix 1 for the charge tothe Task Force). The Task Force, establishedunder the Networking and Information TechnologyResearch and Development (NITRD)Subcommittee of the National Science andTechnology Council (NSTC) and comprisingrepresentatives of 11 Federal organizations,developed this Federal Plan for AdvancedNetworking Research and Development.

This plan is centered on a vision for advancednetworking based on a design and architecture forsecurity and reliability that provides forheterogeneous, anytime-anywhere networkingwith capabilities such as federation of networksacross domains and widely differing technologies;dynamic mobile networking with autonomousmanagement; effective quality of service (QoS)management; support for sensornets; near-real-time autonomous discovery, configuration, andmanagement of resources; and end-to-endsecurity tailored to the application and user.

Four goals are set forth for realizing this vision:

Goal 1. Provide secure network services anytime,anywhere.

Goal 2. Make secure global federated networkspossible.

Goal 3. Manage network complexity and heterogeneity.

Goal 4. Foster innovation among the Federal, research,commercial, and other sectors throughdevelopment of advanced network systems and technologies.

The capabilities needed to achieve these goalsare set forth in terms of the following fivedimensions of networking research:

• Foundations

• Design

• Security

• Management

• Usability

The overall conclusions of the Task Force canbe summarized as follows:

1. Improved networking security and reliability arestrategic national priorities.

2. New paths to advanced networking are required.


vii

Executive Summary


viii

3. Federal R&D efforts will support a spectrum ofadvanced networking capabilities.

4. Close cooperation is needed to integrate Federal R&Defforts with the full technology development cycle.This cycle includes basic and applied research, andpartnerships with researchers, applicationdevelopers, users, and other stakeholders

5. Testbeds and prototype networks enable research onnetwork challenges in realistic environments.

Responding to both the charge for a strategicvision of future networked environments and theNation’s urgent needs for enhanced networkingsecurity and reliability, this Federal Plan forAdvanced Networking Research and Developmentprovides dual, nested timeframes for the requiredcapabilities. Appendix 2 (page 26) presents, intabular form, detailed results of the Task Forceanalysis of Federal networking research needs.The table is designed to provide a range of policyand planning options for nested near-term andlong-term timeframes. The near-term networkingsecurity timeframe highlights capabilities that canhave substantial impact on improving security inthe current networking environment. Thesecapabilities for shorter-term impact are indicated

by highlighting in the Appendix 2 table. (See also,“Accelerated Networking Security Focus” onpage 16.)

The longer timeframe focuses on the middle ofthe next decade and has as its goal fundamentaladvances in the networking landscape. TheAppendix 2 table provides two categories oflonger-term targets: those that are accessibleunder existing or planned programs (column 3)and those that require a more intensive effort(column 4). The magnitude of the changedepends, in large part, on the category of targetsselected. Selecting a mix of targets from the twocategories can create a range of longer-termoptions.

Advanced networks, as referred to in thisreport, include heterogeneous, anytime-anywherenetworking and capabilities such as federation ofnetworks across domains and widely differingtechnologies; dynamic mobile networking withautonomous management; QoS; support forsensornets; near-real-time autonomous discovery,configuration, and management of resources; andend-to-end security tailored to the application anduser.

In the four decades since Federal research firstenabled computers to send and receive data overnetworks, U.S. government R&D in advancednetworking1 has fueled a technological,economic, and social transformation. Federal R&Dinvestments led the way to the Internet, wirelessmobile and optical networking, and an array ofnetwork-based applications that continue toreshape not just our society and economy, butsocieties and economies around the globe.

Across the United States and throughout theworld, the fabric of interconnectivity linking data,devices, and applications to users on the movehas become pervasive. Today, this informationtechnology (IT) infrastructure is a fundamentalinfrastructure for innovation in governmentoperations, commerce, communication, research,education, and leisure-time activities. Reliablehigh-speed networking – enabling nearlyinstantaneous communication as well astransmission, storage, and retrieval of vastquantities of data (e.g., text, images, sound,multimedia, signals) – is now indispensable toprivate-sector enterprises of every kind and tohigh-priority Federal missions such as national

defense, homeland security, and advancedscientific research.

The economic impacts of networking rangefrom contributions to robust growth of GDP andproductivity to the rise of new multibillion-dollarcorporations in networking equipment andservices, the e-commerce sector, and innovativesocial-networking applications. Economists and ITexperts predict a continuing rapid pace fordevelopment and deployment of new networkingtechnologies, services, and applications over thenext 10 years and beyond.

Many of these developments will reflect theconvergence of networking with othertechnologies. Advanced networking technologies,in tandem with innovations in other ITcomponents (e.g., miniaturization, automation,sensors, intelligent systems), radically expand therange of current and potential uses for computingsystems and devices. Unmanned aerial vehicles,for example, became feasible through advancesin both networked computing systems embeddedin the physical structure and wireless technologiesfor remote command and control. Such emergingnetwork-based applications have profound


1

Advanced Networking R&D:Fostering Leadership in the 21st Century

Introduction

1 Advanced networks, as referred to in this report, include heterogeneous, anytime-anywhere networking and capabilities suchas federation of networks across domains and widely differing technologies; dynamic mobile networking with autonomous man-agement; quality of service (QoS); support for sensornets; near-real-time autonomous discovery, configuration, and managementof resources; and end-to-end security tailored to the application and user.

importance for the Federal government and theNation’s global economic competitiveness.Examples of networking application domains thatrepresent strategic U.S. interests include aviationand transportation; the battlefield of the future;critical infrastructure management; emergencypreparedness and response; environmentalmonitoring; large-scale, data-intensive, anddomain-specific scientific research; medicine andhealth care; and national security.

A Strategic National PriorityThe President’s Council of Advisors on

Science and Technology (PCAST), the high-levelprivate-sector panel that provides independentguidance to the President on key scientific issuesfacing the country, has recognized the central andcritical role that advanced networking now playsin sustaining the Nation’s military, scientific,economic, and technological preeminence. In itsAugust 2007 report entitled Leadership UnderChallenge: Information Technology R&D in aCompetitive World, the PCAST states that “U.S.leadership in advanced networking is a strategicnational priority.”

Recognizing the strategic importance ofadvanced networking, on January 30, 2007 theDirector of the White House Office of Science andTechnology Policy (OSTP) established theInteragency Task Force on Advanced Networkingand tasked it with: providing a strategic vision offuture networked environments; identifying thechallenges in supporting such environments withexisting and developing technologies; andproviding recommendations on a roadmap forresearch and research infrastructure to enablethose future environments (see charge inAppendix 1, page 23).

In the Federal Plan for Cyber Security andInformation Assurance Research and Devel-opment of 2006, Science Advisor to the PresidentJohn H. Marburger writes:

“The Nation’s Information Technology (IT)infrastructure – the seamless fabric ofinterconnected computing and storage systems,mobile devices, software, wired and wirelessnetworks, and related technologies – has becomeindispensable to public- and private-sector activitiesthroughout our society and around the globe. ...The interconnectivity that makes seamless deliveryof essential information and services possible,however, also exposes many previously isolatedcritical infrastructures to the risk of cyber attacksmounted through the IT infrastructure by hostileadversaries. ... Safe-guarding the Nation’s ITinfrastructure and critical infrastructure sectors forthe future is a matter of national and homelandsecurity.”

Research and development are urgentlyneeded to enable secure and reliable networkingenvironments that can meet our Nation’s needs.

Responding to both the charge for a strategicvision of future networked environments and theNation’s urgent needs for enhanced networkingsecurity and reliability, the Federal Plan forAdvanced Networking Research and Developmentprovides dual, nested timeframes for the requiredcapabilities. This Plan is intended to guide bothinternal prioritization of agencies’ networkinginvestments and coordinated multiagency R&Dactivities.2

The Internet Today: Successes, Limitations, and Vulnerabilities

The researchers whose technicalachievements made the Internet possible couldnot foresee the emergence of a wholly new,


2

2 While the focus of this plan is on long-term advanced networking research, it is understood that such programs are developed

and implemented in the context of the agencies’ overall mission requirements and needs for operational networking capabilities including IPv6, Trusted Internet Connections (TICs), and IT Infrastructure Line of Business.

ultimately global, infrastructure able to support awide range of human activities. The Internet’sphenomenal growth (to more than a billion usersworldwide) and elasticity (for example, enablingthe World Wide Web, grid computing, andwireless connectivity) have exceeded allexpectations. At the same time, we have becomecaptive to the limitations and vulnerabilities of thecurrent generation of networking technologies.

Because vital U.S. interests – for example,national defense communications, financialmarkets, and the operation of criticalinfrastructures such as power grids – now dependon secure, reliable, high-speed networkconnectivity, these limitations and vulnerabilitieshave national security implications. Moreover, thelimitations and vulnerabilities inhibit developmentof next-generation networking technologies andapplications that can serve the anytime-anywhere,ubiquitous, ad hoc broadband connectivityneeded to carry out critical Federal missions, spureconomic innovation, and maintain a U.S.competitive edge in networking.

The original Internet design presupposed thatnetwork access would come through trusted hostmachines at the edges of the network. A singlenumber – the Internet Protocol (IP) address – bothidentified the end system and described thetopology of the network, which providedimportant transmission efficiencies. Further, theInternet end-to-end protocols assigned deliveryassurance and congestion control to the edges ofthe network. These features have resulted insignificant network security and manageabilityproblems, which will only become morepronounced as the types and scale of Internettraffic expand. Today, increasing requirements tosupport wireless services and multihop relays forusers on the move severely stress the edgeprotocols. Users increasingly connect to theInternet through mobile devices where the samenumber cannot be used to describe both theidentity and location of the device because the

location constantly changes. Providing securityand QoS in Internet connectivity for mobile usersremains a formidable technical challenge.

The early Internet design philosophy presumedgood will. Network security was not a majorconsideration. Today, the Internet and thenetworks connected to it are constantly underattack by worms, viruses, other forms of malicioussoftware, and denial of service. The sameprinciple that relieves users of the need to knowthe location of their data sources enablesanonymous individuals or groups anywhere in theworld to mount attacks that cannot be traced bynetwork administrators and law enforcement.Defending against and recovering from networkattacks cost government, the private sector, andcomputer users many billions of dollars annually.

To date, mobile networking, security,addressing, and other mechanisms for dealingwith Internet limitations have been implementedthrough technical patches to the basicarchitecture. In many cases, these specializedpatchwork extensions of the Internet havereached a practical limit, while increasing theoverall fragility of the network. For example, vastlyexpanding the number of available fixed-nodeaddresses through implementation of InternetProtocol version 6 (IPv6) will not diminish Internetsecurity problems or foster new networkingapplications, such as multicast and distributedcollaboration, that require stable, secure,uninterruptible high bandwidth from end to end. Infact, in the absence of significant advancesthrough networking R&D, the various pressuresnow building on the Internet are highly likely todecrease transmission speeds and increaseoutages and interruptions in the years ahead.

Indeed, the current Internet’s global-scalecomplexity has itself become an overarchingintellectual and technical challenge for bothnetwork operators and researchers. Thecomplexity is multidimensional, including vastamounts of heterogeneous hardware, software,


3

and devices interconnected through vast numbersof large-scale autonomous networks andsubnetworks operated by organizations andindividuals with diverse interests and constantlychanging degrees of cooperation andcompetition. Currently, we lack adequate theoriesand models to understand and manage thiscomplexity. New scientific foundations – includinginnovative approaches to achieve simplicity andtransparency – are needed to provide insight intoInternet design requirements (such as scalability,security, and privacy) and to enable researchersand policy makers to address means of improvingservices (such as Web searching, content delivery,and Web-mediated community formation).

Government-sponsored and private-sectorR&D address different aspects of networkingdevelopment. The private sector is frequentlyfocused on near-term product development, withlimited incentive to invest in long-term and high-risk networking research and massive infra-structure investments with multidecadeamortization (e.g., fiber optic networks);government-sponsored R&D, less constrained bynear-term return on investment, can address alonger-term vision. Working together, networkingresearchers spanning government, industry, thenational laboratories, and academia have forged abroad community that engages in ongoinginformation-sharing and collaborative activitiesthat foster commercial uptake and productdevelopment for networking innovations. Thisbroader community has participated in thedevelopment of the Federal Plan for AdvancedNetworking R&D and will be encouraged to join inimplementation activities under the Plan.

Plan’s Accelerated Networking Security Focus Option

This Plan provides two timeframes to addressdistinct needs. The core of the Plan – outlined inthe text immediately below – focuses on themiddle of the next decade with a comprehensive

R&D plan for achieving a dynamic, newnetworking landscape. In addition, the Planprovides the option for an accelerated focus oncapabilities to meet today’s urgent nationalrequirements for increased networking security,reliability, and cyber defense. The features of thisnested, accelerated Plan component – describedbelow beginning on page 16 – align closely withthe strategic Federal R&D objectives set forth inthe April 2006 Federal Plan for Cyber Security andInformation Assurance Research andDevelopment.

Plan’s Strategic Vision: New Capabilities by Mid-Decade

U.S. leadership in advanced networking beganwith Federal requirements for capabilities thatwere not available commercially. Today,networking requirements for Federal missionsrange from the highest-bandwidth opticalnetworks to low-power sensor networks deployedon battlefields. These requirements are far morecomplex and technically challenging than before,and far greater national interests are now at stake.This Federal Plan for Advanced NetworkingResearch and Development describes anambitious program of R&D to achievefundamental advances that would meet futureFederal needs and thus help sustain the Nation’slong-term leadership in networking technologiesamid growing international competition.

In the Plan’s strategic vision, by the middle ofthe next decade advanced networks will be usedin powerful new ways to support critical Federalmissions including crisis response, the electronicbattlefield, collaborative and domain-specificscience, electronic health care, environmental andclimate monitoring, and other areas. Suchadvanced networks will range from wirelesssensors deployed in remote environments, towireless connections linking supersonic aircraft, tofixed networks capable of transmitting exabytes(billions of gigabytes) of scientific data globally.


4

To enable such capabilities, the Plan envisionsa new, dynamic networking infrastructure that willuse wavelength-routing optical switches withswitching times on the order of a few nano-seconds. The infrastructure will span sub-wavelength circuits, wavelengths, and entirewavebands and fibers. Higher-layer nodes willprovide interoperability among heterogeneousservices (IP, MPLS, SONET, MSPPs, etc.).Distributed users of the network will be able toconfigure resources (networking, compute,storage, security, management, etc.) to createdynamic virtual private networks. Connectivity tothe infrastructure will be supported across networkdomains and heterogeneous technologies.

Recognizing the growing importance ofcommercial mobile radio technologies andapplications, the Plan envisions the integration ofexisting wired, wireless, and IP-basedinfrastructures into a Next Generation Networkfabric supporting secure, end-to-end, hetero-geneous, multimedia networking.

While this Plan focuses on new capabilities bymid-decade, it is understood that Federalagencies with advanced networking R&Dprograms will continue to update their researchprograms as visions and needs change and asresearch results are integrated into deployednetworks. Domain-specific science researchers,advanced networking researchers, programmanagers, commercial sector users anddevelopers, and others with interests in advancednetworking capabilities and research will continueto provide guidance on their changing needs andthose of the larger society.

Strategic Vision’s Technical Goals

Examples of mission-critical Federalapplications that require revolutionary changes inour approach to networks are described in theaccompanying boxes. An analysis of these andother applications across the Governmentresulted in an interagency consensus on high-

priority Federal capabilities that need to be inplace by the middle of the next decade. Realizingthe strategic vision will require R&D advancestoward four technically challenging goals:

Goal 1. Provide secure network services anytime,

anywhere.

Today’s Internet cannot provide users withtrustworthy (secure, private, and reliable) servicesanytime and anywhere they are needed. A newgeneration of concepts, technologies, andsystems is needed to leapfrog current limitations.The new services would cover the range of criticalFederal and other user needs, from tailoredintermittent messaging to soldiers in theatre tohigh-bandwidth data transfers in large-scaledomain-specific scientific research collaborations.The services would be able to hide from users thecomplexity of the underlying infrastructure, whichcould include wired, wireless, static, and ad hocnetworks deploying a wide variety ofheterogeneous technologies. Today, operationand management of services across suchnetworks is challenging. New technologies to


5

Illustrative Goal 1 Application

A multinational group of task forces responding to alocal conflict in an area with limited networkingresources is able to coordinate information, resources,and command and control across the task forces. Theyestablish an ad hoc wireless network federated acrossthe heterogeneous technologies and equipment of eachtask force to provide support for: inputs from sensornets,sensors on personnel, and dynamic airborne and satellitesensors; adaptive data and voice networks that maintainconnectivity to enable command and control during adynamic mission; security and privacy tailored toindividual components; location-independent addressing;QoS management for priority mission needs; anddistributed autonomous self-organization among thediverse entities with centralized oversight to provideresponsiveness, avoid chaotic behavior, and improvenetwork performance and reliability.

manage trust and authentication in theseenvironments, sophisticated middleware thatenables cooperative control and fault diagnosis,and next generations of wired and wirelessdevices are required to make anytime-anywhereadvanced services a reality.

Goal 2. Make secure, global, federated networkspossible.

Fundamental research breakthroughs areneeded to enable networks with differingcapabilities and architectures to be linkedtogether around the world to deliver end-to-endservices that can meet users’ requirements forperformance, cost, privacy, security, andadvanced services. This research must alsoenable multivendor, multicarrier, multinationaldeployment of end-to-end services withappropriate authentication, authorization, andaccounting linkages.

Goal 3. Manage network complexity and heterogeneity.

Future networks will be more complex andheterogeneous than the current Internet. They willlink circuit-switched and packet-switchednetworks, high-speed optical paths, intermittentplanetary-scale paths, sensor networks, and

dynamic ad hoc networks. These varied networkforms will involve millions or billions of interfacesthat will change dynamically. Understanding thebehavior of such systems remains, in itself, anenormous technical challenge. Intensiveinvestigations are needed to discover appropriatescientific methods for modeling and analyzingunprecedented levels of network complexity.Such methods are a prerequisite for developingthe critical tools that will enable networkadministrators to manage and control thesenetworks, diagnose their faults and failures, andrecognize and respond to attacks. Emphasis isneeded on technical approaches to attainsimplicity and transparency of design.

Goal 4. Foster innovation among the Federal, research,commercial, and other sectors throughdevelopment of advanced network systemsand technologies.

Key research, development, and engineeringareas must be nurtured to assure continuousimprovement of advanced network systems thatmeet the needs of applications. Researchaddressing barriers to commercialization also isneeded to facilitate uptake of emergingtechnologies and broad user adoption.


6


A scientist at any university in the United States isable to request a massive dataset from an experimentin Europe and have the networks across his campus,his region, the Nation, and Europe negotiate the bestway (federated across heterogeneous internationalnetworks) – including, for example, transmissionprotocols, network resources, federated networkpolicies, QoS prioritization, and security – to deliverthe data and provide all of the networks theinformation they need to manage the transfer andaccount for resources used.


A new type of attack, capable of causing massivesystem failure and release of sensitive data, is launchedagainst a networked system. The attack hits the kernelof the operating system and hardware, making itresistant to re-booting. With new technology designedto manage a response automatically across a complexsystem, the attack is quickly detected; a signature tostop it is synthesized, distributed out of band, andapplied throughout the network, slowing the spread ofthe attack; the attack code is reverse-engineered sothat a patch can be synthesized and distributed; thepatch is installed to eliminate the vulnerability andrestore all systems to an operational state.

The Federal government and its private-sectorpartners should enhance existing researchprograms to carry out comprehensive,complementary, and synchronized actionsfocused on attaining these high-priority goals. Asnetworking visions, capabilities and researchneeds advance as a result of these actions, theFederal government and its private-sectorpartners should coordinate to focus their effortson the changing research needs. Federal R&Dprogress toward the goals, in conjunction withcomplementary private-sector efforts, shouldaccelerate the evolution of advanced networksincluding the Internet, as have previous FederalR&D advances.

Framework for R&D AgendaThe framework for this Plan is the Federal R&D

in advanced networking needed through themiddle of the next decade to achieve the strategicvision of new government capabilities describedabove. This R&D includes a subset of the agencyactivities described in the Networking andInformation Technology Research andDevelopment (NITRD) Program’s Supplement to

the President’s Budget plus additional networkingresearch programs not reported under the NITRDProgram. The NITRD Program in advancednetworks (as defined in the budget supplement) isfunded at approximately $462.4 million (FY 2008Estimate); the activities included in the Planrepresent fundamental networking researchprograms of about $204 million of this total.Operational issues, application-specific software,the deployment of advanced networks to supportcurrent Federal research and engineering efforts,and commercial development and deployment ofnew capabilities are considered to be outside thePlan’s framework.

The Task Force analyzed the research neededto achieve each of the Plan’s strategic vision goalsby the 2015-2016 time frame, from the startingpoint of the current knowledge base and Federalcapabilities for mission-critical objectives. For eachof the Plan goals, the following five dimensions ofnetworking research are considered:

Foundations: Develop architectural principles,frameworks, and network models to deal with:complexity; heterogeneity; multidomainfederation, management, and transparency;end-to-end performance; and differentiatedservices.

Design: Develop secure, near-real-time, flexible,adaptive services with built-in intelligence tofacilitate discovery, federation, and manage-ment of resources across domains and toincrease the application robustness andresistance to attack even in extraordinarilycomplex systems; develop new ways ofinterconnecting networks to provide thoseservices.

Security: Achieve a high degree of security even incomplex, heterogeneous federation and policyenvironments, especially in the face ofcomponent failures, malicious activities, andattacks, while also respecting privacy andmaintaining usability.


7


Residents in an urban mountain communitybecome aware of a serious fire but do not know thebest escape route, or even if they should remain inplace. They lose power, so have no access tocomputers but do have access to cell phones.Sensors previously placed in the hills help track thefire. New technologies fostered by advancednetworking research programs (“smart” cell phonesconnected through an ad hoc network), enable theresidents to access each other, the sensors that trackthe fire, and central intelligent information serversthat help them plan a route to safety. The systemcontinues to work in the face of sensors andtransmission towers destroyed by the fire.

In a major crisis, critical infrastructures aredestroyed, disrupted, and seriously degraded,including those supporting communication,transportation, health care, electricity, and otherresources. Responders must establishinformation services to coordinate operationswithin and across their diverse organizations asthey tend to human and environmental needsand restore the damaged infrastructure. Re-establishing communications is a challenge innatural disasters and accidents such as anexplosion at an oil refinery; but when the crisisinvolves terrorism or other hostile actions, theresponse also must contend with potentialadversarial activities.

Heavy military support for transportation,logistics, and infrastructure augmentation arelikely to be required, and military command andcontrol and information systems will potentiallybe the mainstays of the operation in the earlystages, before other capabilities can be broughtto bear. In adversarial situations, military andintelligence organizations will also contend withhostile activities and provide informationcollection and analysis capabilities to help informthe decision makers and the first responders.

First responders will need to assess thesituation quickly and thoroughly to determine thelocation and status of local resources, identifyadditional resource needs, and plan and manageresponse actions. Distributed sensors andforward-deployed personnel will provideinformation on the status of the local population,roads, health care facilities, and weather, and onthe ability of local personnel and agencies toparticipate in the response. Networks will link

these sensors, systems, and individuals to oneanother and to systems that provide situationassessment and command and control at thelocal, regional, and national levels. Intelligence,surveillance, and reconnaissance (ISR) systemswill operate on the ground and in the air tosupport a full range of activities, such asidentifying, tracking, and targeting hostile entities.

The military, commercial, and non-governmental organization networks will beinterconnected to establish an ad hoc federationusing the best available resources. Adaptive QoSand the ability to coordinate management ofnetwork resources will support reliable,responsive, and pervasive network-centricoperations from the highest-level command andcontrol locations to the forward-basedresponders. The federated network will be builtfrom an ad hoc assembly of radio and free-space optical equipment to support dynamicrequirements of personnel and devices on themove. It will extend into buildings, tunnels, andother locations where line-of-sight communi-cations are obstructed, and it will providegateways to national and global networks viaairborne relays and satellites. It will support bothdata transfers and voice, often configured asdynamically changing multicast groups or voicenets. Contention for radio spectrum will bemanaged across the network and ISR systems toassure that information collection/disseminationrequirements can be met.

Responders will be able to receive andtransmit appropriately filtered and formattedrequests for transportation, medical support, andlogistic support with assured security.


8

Mid-Decade Advanced Networking Scenario #1: Civil-Military Crisis Response

Management: Develop management methods andtools that enable effective deployment, control,and utilization of networks and resources indynamic environments and across domains,despite ever-increasing network and applicationcomplexity.

Usability: Develop adaptable, user-centeredservices and interfaces that promote efficiency,effectiveness, and fulfillment of user needswithout overwhelming users with unneededdata – while maintaining appropriate security.

Appendix 2 (page 25) presents, in tabular form,detailed results of the Task Force’s analysis ofFederal networking research needs. The table’sfour columns identify: (1) specific capabilitiesneeded to achieve each of the Federal Plan’s fourgoals; (2) the current state of practice in eachcapability; (3) the expected results of the Federalagencies’ existing and planned researchprograms, which are designed to satisfy theagencies’ mission needs through the middle ofthe next decade; and (4) some of the significantchallenges that could remain.

The Appendix 2 table is designed to provide arange of policy and planning options for twodifferent timeframes. The accelerated networkingsecurity timeframe highlights capabilities thatcould have substantial impact on improvingsecurity in the current networking environment.These capabilities for near-term impact areindicated by highlighting in the table. (See also,“Accelerated Networking Security Focus” on page 16.)

The core Plan focuses on the middle of thenext decade and has as its goal fundamentaladvances to transform the networking landscape.The table provides two columns listing longer-term research targets: those that are accessibleunder existing or planned programs (column 3)and those that require a more aggressive effort(column 4). The magnitude of the transformationdepends, in large part, on the column from which

targets selected. Selecting a mix of targets fromthe two columns can create a range of options.

The increased complexity of future networksrequires thinking beyond traditional models fornetwork research (i.e., focused on specifictechnologies). R&D should target the developmentof architectures and frameworks that canintegrate many technologies to deliver theservices needed for mission accomplishment.While incremental engineering advances arenecessary in the near- and mid-term timeframes,R&D also must address the basic and appliedresearch to build a more robust science base andto enable more effective engineering for the longerterm. To maintain that focus, the coordinatedFederal research efforts carried out under thisPlan should especially emphasize three keyaspects of the technology development andcommercialization cycle:

• Basic and applied research in the full range ofnetwork hardware, software, security, andmiddleware needed to support the nextgeneration of uses for networks and explorenew paths to develop capabilities that cannotbe supported on the current evolutionary path.

• Partnerships with application developers, users, andstakeholders to test basic research ideas on realproblems in areas including national security,support of scientific leadership, and humanhealth.

• A range of testbeds and prototype networks thatenable understanding of the effects of, forexample, scale and complexity on the entirenetworked system.

A balanced basic and applied research thrustis necessary to fill the intellectual pipeline withvisionary ideas and concepts that push beyondincremental change to suggest fundamentally newnetworking approaches. The second twoemphases are essential to address the enormousand growing complexity of networks, which


9


10

Many domain-specific science instruments,applications and grids – including the LargeHadron Collider (LHC) at the EuropeanOrganization for Nuclear Research (known asCERN), high-resolution multiscale climatemodeling, fusion energy (the international ITERproject), nuclear physics analysis (the RelativisticHeavy Ion Collider [RHIC]), and the OpenScience Grid (OSG)3 – will be implemented withrequirements to move petabytes (one petabyteequals one million gigabytes) of data in near realtime among distributed analysis and storagesites. Physicists using the LHC, for example, willmove unprecedented amounts of data amongdistributed analysis sites throughout the world toincrease the portion of data that can beanalyzed from less than 10 percent to over 90percent.

Reliable, near-real-time movement of thesedata will require moving an exabyte (one billiongigabytes) per year among worldwide sites. Thiswill rely largely on ultrareliable, high-capacitynetworking, requiring new transport protocols tomove hundreds of gigabits per second of datatransparently over networks among worldwide

sites crossing political and network providerboundaries. Advanced networking capabilitieswill be needed to provide transparency acrossheterogeneous security policies (includingidentity management) and network providertechnologies.

The development of dynamic networkmanagement will enable optimization ofinternational high-capacity network links toassure priority data transport when needed,while allowing other uses at less demandingtimes. In an era in which large science projectsare increasingly international, advancednetworks will be critical to enable the Federalgovernment to reap the benefits of itsinvestments in the the networked majorscientific facilities. In addition, advancednetworks will enable the best researchers to usethe most important data to do the best scienceindependent of the location of their institutions.All domain-specific scientists will be integrallyinvolved in identifying user requirements andresearch needs and in developing and testingnew capabilities.

Mid-Decade Advanced Networking Scenario #2: Large-Scale Scientific Research

3 Other domain-specific research networks include:

– Laser Interferometer Gravitational-wave Observatory (LIGO)– Network for Earthquake Engineering Simulation (NEES)– Collaborative Large-scale Engineering Analysis Network for Environmental Research (CLEANER)– National Nanotechnology Infrastructure Network (NNIN)


11

cannot be understood or evaluated effectively inlimited-scale explorations. Partnerships withapplication developers provide the most powerfulmeans of increasing understanding and analysisof network dynamics in real interactions withmission-critical applications such as largescientific collaborations or disaster recovery.

Similarly, testbeds provide real networkenvironments at realistic scales and with the adhoc dynamics that researchers can use forexperimentation, research, and development onboth networking technologies and applications. Inaddition to advancing understanding, researchersin network environments at realistic scales canengage in “clean slate” research to developcompetitive new approaches to the mostchallenging technical problems – such as how tomake extreme network complexity manageable.Such at-scale foundational advances shouldaccelerate adoption of useful new technologies.Further, testbeds enable demonstrations of thevalue of innovative applications as well asdevelopment of the networking standards that will

drive future communications industries. Testbeddemonstrations can include commercialparticipation to assure that new capabilities canmeet standards and economic criteria foradaptation to the marketplace.

Federal work in scientific foundations foradvanced networking is particularly importantnow to drive development of a new generation ofapproaches and technologies. These are neededto provide flexible network resources to enabledynamic scheduling, co-scheduling, allocation,configuration, and use based on user require-ments, as well as to increase the overall security,reliability, flexibility, and end-to-end performanceof the Nation’s networking infrastructure. ThisPlan also directly supports the AmericanCompetitiveness Initiative’s (ACI’s) call forincreased Federal investment in physical sciencesresearch and in the tools of science – includingadvanced networking – to enhance U.S.leadership in scientific and technologicalinnovation.

Each of this Plan’s strategic vision goalspresents challenges that require significantenhancements to the architectural, scientific, andengineering basis for networking. Meeting thegoals will require increased understanding of howcomplex, dynamic, heterogeneous networksbehave and how they can be managed andcontrolled. Advances will enable delivery ofincreased levels of service within naturalconstraints (such as the speed of light) oradministrative constraints (such as limitations ofthe available radio spectrum). The followingdiscussions briefly describe the technicalchallenges to be overcome.

Goal 1 is to provide reliable, secure networkservices, unimpeded by user mobility and able todraw upon all available transport means insupport of any application or service demand.Network resources can be managed to meet userneeds and priorities, with a robust ability fordistributed, real-time resource control and a mixof management and monitoring (some partscentralized with some parts distributed to endusers so different monitoring and fault diagnosistools tailored to the management and applicationneeds can be used) to assure stability andresponsiveness. Resource management contendswith requests for scarce resources such as

spectrum for radio links or QoS within an overallnetwork that also includes optical and land-linelinks. Networks can support a mix of high-throughput and low-throughput needs and cantolerate delay and disruption. Security and serviceprotection can contend with adversarial actions,natural disasters, and unintentional interferenceand can maintain and restore services based onoperational priorities as well as customer serviceagreements. The questions below suggest theresearch areas in which significant challengesneed to be addressed.

Foundations: How do we develop frameworks,architectures, and policies for protocols,services, and management that enable diverseapplications over heterogeneous networktransport technologies to provide end-to-endperformance and differentiated levels of QoSand security?

Design: How do we enable secure, near-real-time,flexible, adaptive end-to-end services fordynamic, heterogeneous environments? Forexample, a system to support medicalinterventions in a disaster area might requirehigh bandwidth to send X-ray data and lower-bandwidth, ultralow-jitter services for medicaldevice control, both services preemptivelyscheduled and using wired and wirelesstechnologies including ad hoc networks.Engineering such a system will require tools tofederate heterogeneous capabilities to providethe necessary levels and guarantees of service.


12

Technical Discussion of the Plan’s Strategic Vision Goals

Goal 1. Provide secure network servicesanytime, anywhere.

Goal 2. Make secure, global, federatednetworks possible.

Security: How do we provide multidomain identitymanagement and secure access to services inthe face of natural faults and attacks,particularly those that are previously unseen,can impact many components, that spreadrapidly, and that modify themselves in transit?Mitigation methods must respect policy andprivacy, particularly when sensors associatedwith humans are involved.

Management: Can we develop techniques andtools to manage services that rapidly adapt topolicies and changing availability of serviceswith a high degree of automated functioning?

Usability: Can we develop services that adapt tothe rapidly changing needs and contexts(including social, economic, and legal) of users,deliver high performance, and hide complexity?

Today’s Internet is a federation of literallythousands of major independent networksoperated by all types of entities, from commercialtelecommunications providers to small companiesand non-profit organizations, worldwide. Thecurrent Internet approach to linking thesenetworks together through the Border GatewayProtocol and Layer-3 peering has resulted inglobal connectivity; however, it does not supportmany of the advanced services or levels ofassurance that will be required in the future. Inaddition, the federations of the future will includenetworks (e.g., wireless, mobile, ad hoc) withnovel characteristics that must be integrated. Thequestions below highlight some of the criticalareas of research in global federated networksthat need to be addressed.

Foundations: How do we develop architecturalprinciples, such as design principles fornetwork-to-network interfaces capable oflearning, that will enable federations of

networks to reliably provide a rich set of end-to-end services on demand? How can suchfederations share enough data across networkboundaries to provide these services withoutcompromising the integrity of the individualmembers of the federation?

Design: How do we enable users to discover,schedule, and monitor resources across afederation without requiring them to becomenetwork wizards?

Security: How do we provide protection of privacy,confidentiality, and intellectual property rightsacross varying technical, legal, and regulatoryframeworks cooperatively among networks tocope with natural faults and attacks, given thateach network has its own policies withattendant security and privacy needs? Thiscooperation must respect the needs of theindividual networks but also be effective tostem attacks, especially previously unseenattacks.

Management: How can networks work togetheracross a federation to optimize their joint abilityto deliver services to users in a way that scalesto federations with hundreds of members? Howdo we provide out-of-band managementchannels to help diagnose and correctproblems in the event of catastrophic failures?

Usability: How do we build federations thatseamlessly link different technologies, types ofnetworks, and network administrations toenable users to develop new services flexiblyand researchers to test new ideas rapidly?

Communications networks are among themost complex structures that have ever beendeveloped. Billions of end nodes areinterconnected by millions of devices scatteredacross the world and in some cases the solar


13

Technical Discussion of the Plan’s Strategic Vision Goals


Goal 3. Manage network complexity andheterogeneity.

system. In addition, only small islands within thisvast structure are controlled by a single entity.These structures can change their position inspace and their topology of interconnection intime, sometimes rapidly. Often, the networks at alllayers comprise multiple simultaneous topologiesthat interact and change during the course oftransactions. The result is a highly complex andinteracting ensemble of dynamic, nonlinearprocesses that will exhibit chaotic and complexemergent behaviors and must be treated as such– not as the more stable and disciplined networksof the past. Understanding the behavior of suchdynamic systems is a critical prerequisite fornetworking advances, as is determining how toexercise an appropriate level of control. Thequestions below highlight some of the criticalareas of research in complexity and heterogeneitythat need to be addressed.

Foundations: Is there a theory for complexity innetworks that can lead to optimal architecturalchoices and enable us to describe, predict, andcontrol the networks of the future?

Design: How do we build new types of networksthat integrate network devices and end systemsin a way that adapts to the resources of all ofthe devices in real time and increases therobustness of these complex systems? Whatabstractions and principles of design canreduce complexity and provide moremanageable systems?

Security: Can we develop new theories and modelsfor security in massive, complex networksincluding a control model of security;implementation of diversity, randomness, anddeception to foil an attacker; and game theoryto model an attacker and the defense?

Management: How do we develop managementtools and models that enable small groups ofpeople effectively to deploy, control, andmanage networks with exponentially increasingcomplexity?

Usability: How do we build tools that enableautomation of much of the management ofcomplex networks and provide humans withthe right information at the right time to enablehuman intervention when it is needed? Forexample, research is needed on a nationalpublic safety network using complex, tightlycoupled networked systems to respond toterrorist attacks, natural disasters, andcatastrophic accidents.

Advanced networks are built on a number offundamental technologies including softwareprotocols, optical switching devices,semiconductor designs, and adaptable radio-frequency (RF) technologies. New technologiesare continually developed and implemented toenable new applications. Each fundamentaltechnology must be integrated into the overallnetwork. This integration is expected tosignificantly impact each of the first three goals –in some cases, in a truly disruptive way. Thequestions below highlight the areas in whichsignificant challenges need to be addressed.

Foundations: Can we develop automated, adaptive,and dynamic technologies to provide routing,transport, and management acrossheterogeneous network transport technologies,protocols, and policy domains?

Design: Can we build technologies with a highdegree of automated intelligence for dynamicadaptive interoperation of components andservices across heterogeneous networktransport technologies, protocols, and policydomains even while they are under attack?

Security: Can we develop new security devicesand technologies, including quantum


14

Goal 4. Foster innovation among the Federal,research, commercial, and other sectorsthrough development of advanced networksystems.

cryptography and key distribution, tamper-resistant co-processors that enforce securitypolicies or monitor other processors, trustedchips, minimal- or zero-kernel operatingsystems that are provably secure, newevaluation methods (including methods toanalyze complex programs) for security, andhardware techniques that enforce separation ofprocesses?

Management: To what extent can we developtechnologies to manage services and resources

(including power) automatically across domainsin heterogeneous environments? For wirelessservices, can we reduce system size anddynamically manage spectrum and powerusage?

Usability: How do we provide integrated photonicand electronic circuits to support high-capacity,high-data-rate functionality? How do we enableusers to relearn, retrain, and adapt to therapidly changing technologies?


15

While the longer-term goals in this Plan havetargeted timeframes in the middle of the nextdecade, the Task Force recognized that somespecial focus and prioritization are needed torespond to current national networking securityconcerns. The networking security component ofthe Plan provides the option for accelerated R&Din certain areas to meet the national requirementsfor increased networking security, reliability, andcyber defense. The special focus could helpprotect critical infrastructure and strengthenstrategic networks in both routine and crisissituations.

Each of the Plan’s four goals areas includescapabilities that could accelerate progresstowards a secure and reliable networkinglandscape. The selected capabilities are listedunder each goal below. These capabilities –described in greater detail in the table ofAppendix 2, where they are identified byhighlighted text – align closely with the strategicFederal R&D objectives set forth in the April 2006Federal Plan for Cyber Security and InformationAssurance Research and Development.

The accelerated networking securitycomponent of this Plan embraces the same visionand framework as the overall Plan and comprisesa subset of the same capabilities. Thus, pursuingthe accelerated networking security focuseffectively accelerates progress on the overallPlan.

Assure network, device, and informationsecurity, reliability, and availability for all types ofusers, network implementations (wired andwireless), and physical and logical topologies.R&D in:

Survivable services

• Shared situational awareness

• Minimized effect of denial of service

• Correct routing and forwarding of traffic in theface of attack

• Security for survivability

• New adaptive transport protocols

• Dynamic negotiation of QoS

Protection of information

• Identification, authentication, and authorizationacross heterogeneous policy domains

• Fine-grained protection of data distributedacross a network

• Alerts when information protection isthreatened by attacks

• New models for detection and prevention ofrelease, accidental or otherwise, of proprietaryand private information (exfiltration)


16

Accelerated Networking Security Focus



Goal 1. Provide secure network servicesanytime, anywhere.

Assure all members of an ad hoc federationthat their systems and data are protected to thesame degree as within their own domains. R&D in:

Multilevel identity, security, and privacy across domains

• Support of access control at a fine-grained level

• Ability to move data and processes acrossdomains while respecting security, privacy, andregulatory concerns

Policy-enabled security management and real-timeadaptation

• Ability to enforce policies in real time underthreat situations

Cooperative defense against cyber attacks

• Ability to operate normally through attacks

• Automated protection adapted to environmentand policy

Provide capability to understand and manageservices and assure security and availabilityacross complex, self-organizing systems. Improvethe usability of security and privacy applicationsto reduce human risks. R&D in:

Trust in complex environments

• Trust models that accurately reflect the securitystate of nodes in a network and permit theautomatic association of trust with nodes

• Metrics to support quantitative assessment ofthe trustworthiness of complex networks andsystems

• Engineering methodologies, design principles,formal techniques, and modeling tools that canbe used to facilitate the construction of securenetworks of unprecedented complexity

Improve ability to produce and verify trustedtechnologies, including software and devices;assure development partners that their productsand data are protected. R&D in:

Secure hosts and devices

• Secure development environments includingthe authentication of developers and thepedigree of code

• Design trustworthy hosts and devices such asvirtualized, high assurance platforms

• Establish composability of system securityproperties

• Enable trustworthy execution of mission onpotentially compromised networks/systems


17

Accelerated Networking Security Focus



Goal 4. Foster innovation among the Federal,research, commercial, and other sectorsthrough development of advanced networksystems and technologies.

Networking Research PrioritiesThis Plan envisions new, dynamic networking

capabilities including wavelength-routing opticalswitches with switching times on the order of afew nanoseconds, transparent interoperabilityamong heterogeneous services (IP, MPLS,SONET, MSPPs, etc.), and the creation ofdynamic virtual private networks. It supports thefuture ability to integrate existing wired, wireless,and IP-based infrastructures into a NextGeneration Network fabric supporting secure,end-to-end, heterogeneous, multimedianetworking. Appendix 2 identifies many of thecapabilities needed to support this vision that willbe enabled by the middle of the next decade as aresult of the current priorities and researchprograms of the Federal agencies. Theseprograms are focused on the networking needs ofthe agencies to address their agency missionsand are among their current priorities. Federalagencies with advanced networking R&Dprograms will continue to update their prioritiesand research programs as visions and needschange and as research results are integrated intodeployed networks. These updates will be guidedby input from domain-specific science andadvanced networking researchers, programmanagers, commercial sector users anddevelopers, and others with interests in advancednetworking capabilities and research.

The NITRD program provides a forum forcoordination among the Federal agencies on

networking and information technology researchand development. In the NITRD Program’s LargeScale Networking Coordinating Group (LSN CG),the Federal agencies present their networkingresearch priorities, programs, and agendas toprovide a common view across the agencies ofthe full spectrum of Federal networking prioritiesand research. This common view enables theFederal agencies cooperatively to developresearch policies, priorities, and programs toaddress the dynamic, changing needs fornetworking research. Thus, research priorities aredeveloped on a continuing basis in consultationamong the Federal networking R&D agencies.

Appendix 2 of this document identifiesprojected networking capabilities in the mid-next-decade time frame given the current Federalagency networking research programs. Theappendix also identifies remaining networkchallenges and capabilities by mid-next-decadethat are needed to empower the networkingvision. These empowering capabilities couldaccelerate progress toward a secure and reliablenetworking landscape. They are near-termpriorities for networking research investments.

Agency Research InterestsFederal agency research programs are

designed to address the networking researchneeded to support the agencies’ missionrequirements. The Federal agencies have currentnetworking research programs, presented in


18

Research Priorities and Federal Agency Research Interests

Appendix 3, to address the current priorities andneeds of the agencies. Representative currentresearch areas for the agencies include:

DARPA: Dynamic secure wireless technology,heterogeneous networking, trustworthysystems, management of dynamic complexnetworks

DoD: Dynamic secure wireless technologies,sensornets, secure networking in challengingenvironments

DOE/Office of Science: Petascale data transport,QoS, distributed large-scale sciencecooperation, secure grid environments

NASA: Large-scale data transfer, disruption-tolerant networking, multicast

NIH/NLM: Access to large data sets, disasterresponse, applications (BIRN, caBIG, VisibleHuman, MedlinePlus)

NIST: Architecture and standards forresilience/robust/secure networks, resilient

mobile wireless, performance measurement

NOAA: Applications, data transport, andcollaboration environments

NSA: Cognitive radio technology, delay -tolerantnetworks, control plane

NSF: Theoretical foundations, cyber trust, sensorsystems, and applications support

USDA: Rural telecommunications technologies,sensornet testbeds

These basic interests, supporting the missionsof the agencies, are expected to continue in thefuture. However, in the dynamic networkingenvironment (where technical capabilitiesadvance, new and changing applications neednew types of network support, and new securitychallenges need responses) agency researchstrategies and priorities must be responsive toopportunities presented by the changinglandscape.


19

The overall conclusions of the Task Force canbe summarized as follows:

Advanced networking research not onlyempowers key Federal missions – nationaldefense, homeland security, including emergencyand disaster response, and leading-edgescientific research – but drives U.S. economiccompetitiveness and innovation throughout theprivate sector. This conclusion is consistent withthat of the President’s Council of Advisors onScience and Technology (PCAST) in its recentassessment of the NITRD program:

“U.S. leadership in advanced networking is astrategic national priority.”

The current generation of networkingtechnologies has inherent limitations andvulnerabilities. A research and developmentstrategy is required that ensures: first, theemergence of new technologies, tools, andcapabilities to strengthen network security andreliability; and second, support for the transfer of

these technologies to the commercial sector. Thepath described in this Plan focuses on thenetworking research dimensions of Foundations,Design, Security, Management, and Usability.

A spectrum of capabilities will create theadvanced networking landscape of the future.Such a spectrum of capabilities requires a broadFederal R&D effort. These capabilities includeeffective security, anytime-anywhere networking,the ability to manage network complexity andheterogeneity, and continuing innovation for U.S.leadership in advanced networking.

Close cooperation is needed between Federalresearch managers and public- and private-sectorresearchers, application developers, users,stakeholders and international partners todevelop and test basic research ideas on “realworld” applications. Vital areas of the nationalinterest include national security, support ofscientific leadership, and human health.


20

Conclusions

1. Improved networking security andreliability are strategic national priorities.

2. New paths to advanced networking areneeded.

4. Close cooperation is needed to integrateFederal R&D efforts with the full technologydevelopment cycle.

3. Federal R&D efforts will support a spectrumof advanced networking capabilities.

Testbeds and prototypes offer a variety ofsettings ranging from the disruptive and unstableto production and realistic-scale environments.Some network R&D advances will necessarily bepursued on testbeds that must be disconnectedor in a restrained environment to allow fordisruptive network experimentation. Other formsof prototyping and trial network testing will occur

with more mature ideas and development, inrealistic-scale settings that may even blend into aproduction network environment. A number oftestbed facilities – over a range of dimensionsincluding size, connectivity, and ability to integratewith applications – would support the diversetypes and scales of experimentation andprototyping that, in the end, will achieve keyadvances in networking. Public-privatepartnerships can also leverage such Federalresearch resources for the development,adoption, and commercialization of researchresults and standards.


21

5. Testbeds and prototype networks enableresearch on network challenges in realisticenvironments.


23

January 30, 2007

Dear Committee on Technology Members,

I am writing to inform you of the establishment of the Interagency Task Force on AdvancedNetworking under the Networking and Information Technology Research and DevelopmentSubcommittee. As detailed in the attached terms of reference, this group is charged withdeveloping an interagency Federal Plan for Advanced Networking Research and Development.

The Federal government depends upon fundamental advances in networking technology forenhancing a wide range of applications including emergency response, national security andemergency preparedness communications, defense mission support, health care informationtechnology, secure economic transactions, distributed intelligence applications, and advancedscientific computing. These applications share a need for faster, more secure, more reliable, andmore robust networks than are currently available. Federal basic research investments enableaccelerated development of these networks to support government needs, and can also lead tosubstantial improvements in commercially deployed networking that is an important driver of theU.S. economy.

The agency representation on the Task Force should, to the extent possible, reflect the full rangeof relevant Federal activities, missions, needs, and perspectives. Agency participation in thedevelopment of the Plan should be followed by full commitment to its implementation. Taskforce members are asked to produce a draft Plan by May 2007, to be followed by a final Plan assoon as possible thereafter. This schedule will allow timely input during the FY 2009 budgetplanning cycle and will require substantial time commitment by agency representatives.Department and agency leaders are asked to encourage and support the participation of their staffin this important activity.

Sincerely,

John H. Marburger, III Director

APPENDIX 1

Charge by the Director, Office of Science and Technology Policy

TERMS OF REFERENCE


The Interagency Task Force on Advanced Networking (ITFAN) is hereby established under theNetworking and Information Technology Research and Development Subcommittee of the Na-tional Science and Technology Council. The ITFAN is charged with developing an interagencyFederal Plan for Advanced Networking Research and Development that will lay out a compre-hensive research and development strategy necessary to facilitate the successful development ofand transition to future network architectures. The Plan should include the following compo-nents:

1. A strategic vision for advanced networking that addresses the current and future net-working needs of Federal agencies, the commercial sector, and the academic community.

2. Recommended scope and objectives for Federal advanced networking R&D to appro-priately support the defined needs, and how these objectives relate to those of the private sector.

3. Identification of existing networking R&D programs and investments, a gap analysisof existing versus needed advanced networking R&D, and prioritization of advanced networkingR&D needs.

4. Identification and prioritization of advanced networking R&D needs, including archi-tectures, systems, services, R&D infrastructure, and technology transfer that must be advanced tostrengthen the foundation for advanced networking technologies.

5. A process for developing an implementation roadmap that will guide future advancednetworking R&D activities, including individual Federal agency and coordinated multiagencyactivities. The process should ensure that the implementation roadmap will represent the fullbreadth of relevant agency activities, will identify specific agencies best able to carry out both in-dividual and multiagency activities based on expertise and facilities, and will reflect the relativepriorities identified by the Task Force.

The Plan should also include an analysis of the appropriate roles for Federal investment in R&Dto address the networking needs of the Federal government that are unlikely to be met by exist-ing or future commercial networks. In particular, the advanced networking requirements of Fed-eral agencies with a scientific research and development mission and Federal agencies with ahomeland and/or national security mission should be recognized, particularly where agency mis-sions are likely to be adversely affected by a lack of progress in advanced networking technolo-gies.

John H. Marburger, III Director, Office of Science and Technology Policy


24

25

Servicevirtualization

• Programmability onlyavailable on small-scaletest beds

• Concepts for servicevirtualization are known, butnot yet widely tested ordeployed

• Programmability in thesoftware is available atdistinct levels

• Progress in self-configuration and dynamicadoption

• Virtualization for large-scalenetworking; wirelessnetworks; security, and e-science research

• Minimal-size resourcecontrollers, programmablehardware and software, andoptimized resource andscheduling models


APPENDIX 2

Network Research Challenges, by Goal

This appendix presents in tabular form the results ofthe Task Force analysis of the Federal networkingresearch program. For each of the Plan’s strategic visiongoals (subdivided into the research dimensions ofFoundations, Design, Security, Management, andUsability), the table shows four categories of information.The first column of the table identifies a specificcapability. The second column summarizes the currentstate of practice in that area. The third column displaysthe expected results of the Federal agencies’ existing andplanned research programs, which are designed to satisfythe agencies’ mission needs through the middle of thenext decade. The table’s fourth column lists some of thesignificant challenges that could remain.

The table is designed to provide a range of policy andplanning options for two different timeframes. A near-termtimeframe highlights capabilities that could havesubstantial impact on improving security in the current

networking environment. These capabilities for near-termimpact are indicated in the table with highlighted text.

The longer timeframe focuses on the middle of thenext decade and has as its goal fundamental advances inthe networking landscape. The table provides twocategories of longer-term targets: those that areaccessible under existing or planned programs (column 3)and those that require a more intensive effort (column 4).The magnitude of the change depends, in large part, onthe category of targets selected. Selecting a mix oftargets from the two categories can create a range oflonger-term options. The Task Force strongly supports amore aggressive effort to leap ahead to a new, secure,reliable, and dynamic networking landscape.

The illustration below shows the table’s format foreach of the vision goals and research dimensions. Thetable itself begins on the next page.

Goal 1: Secure network services anytime, anywhere.

Capabilities for Design Goals

Current Practice

Middle of Next Decade:Projection

Remaining Challenges

Capabilities for Foundations Goals

Current Practice

Middle of Next DecadeProjection


Vision Technical Goal

R&D Dimension

R&D Dimension

Capability

Today’s state of the art in capability

Projected R&D advances in capability by mid-decade

Remaining technicalchallenges in capability

Accelerated networkingsecurity focus option(illustration example only)

Sample Showing How To Read the Network Research Challenges Table

26

Servicevirtualization

Multicasting

Quality of service(QoS)

Architectures forfuture services

• Programmability availableonly on small-scale testbeds

• Concepts for servicevirtualization are known, butnot yet widely tested ordeployed

• Dynamic and heterogeneousmulticasting demonstratedwith limitations on scalabilityand cross-domainfunctionality for the generalInternet

• QoS is primarily static,prearranged, and constrainedto single domains

• Commercial capabilitiesprovide setup of point-to-point services withguaranteed QoS within asingle domain

• Some applications can setthe QoS field per theapplication requirement

• Collections of mechanismsand schemes, but no holisticview in operational systems;some progress in research

• Programmability in thesoftware is available atdistinct levels

• Progress in self-configurationand dynamic adoption

• Developing ability fordynamic and heterogeneousmulticast

• Wireless users can changephysical position yet remainconnected

• Automated management ofgroup connectivity

• High utilization of availablelink bandwidth over sporadiclinks

• Emerging ability for timelyadaptation of QoS

• QoS based upon missionparameters and developedautomatically

• New architectures revealimportant functions such aslocation and performance

• New protocol stack andnetwork managementsupport robust mobileoperations, higher data rate,less overhead and repetition

• Virtualization for large-scalenetworking; wirelessnetworks; security; and e-science research

• Minimal-size resourcecontrollers; programmablehardware and software; andoptimized resource andscheduling models

• Context-, time-, and location-aware multicasting

• Scalability and resourceoptimization for groups thatspan domains, changemembership frequently, andinvolve heterogeneoustechnologies

• Delivery assurancecontending with diverserequirements, throughput anddelay constraints

• See also security challenges

• Dynamic and on-demandend-to-end resourcescheduling and allocationwith guarantees

• Unicast, multicast, andbroadcast messaging withdiverse levels of QoS

• Reference framework withnew layers better adapted toheterogeneous, on-the-movenetworking; multimediamessaging; distributedcontrol; network churning

• Network protocols, services,management concepts thatallow diverse applications


Goal 1: Secure network services anytime, anywhereCapabilities for

Foundations GoalsCurrent Practice



27

Architectures forfuture services

Distributed, self-organizing services

Always available

• All current adaptive, self-organizing processes,including mobile ad hocnetworks (MANETs) havescalability and availabilityissues.

• Local algorithms can providesome “self-correcting”behaviors but they arecurrently limited in scalabilityand stability

• Lack of formal mathematicalprinciples for understandingcomplex, adaptive behaviors

• Best-effort delivery withpotential for differentiatedservices on a prearrangedbasis

• Domain access andinterconnect prearranged byservice agreements

• Heterogeneous inter-networking with satellitecommunications backbonesubject to satcom availabilityand cost

• Scalability to tens ofhundreds of nodes andstability improvements foradaptive, self-organizingprocesses

• Emerging ability tounderstand state of complexsystems sufficiently toestablish mixed distributedand centralized monitoringand control processes

• Near-real-time managementof spectrum contention

• Wireless users can changelocation yet remainconnected

• Intelligent network maintainsconnectivity and messagedelivery


• Improved data rates in urbansettings by exploiting multiplepathways (multipath)

over diverse transportnetwork technologies, withdifferent levels of QoS andsecurity along an end-to-endpath

• Understanding and modelingof complex systems willimpact all aspects ofdynamics, scalability,topology, and heterogeneity

• Ability to respond to attacksor to contend with undesiredemergent behaviors

• Use of semantic webtechnologies to enableintelligent control, includingtagging and federation ofservices acrossheterogeneous domains andsemantics

• Adaptable wireless networksthat trade off programmabilityand dynamic optimization ofspectrum use

• Capability for scalability, self-interference (co-site, near/far)and adversarial interference

• Capability to operate whileunder attack and in face ofnatural faults

• Higher-layer processes,protocols, and APIs tocontend with network churn,disruptions, and outages

• Dynamic inter-domainconnectivity and resourcemanagement that accountsfor variations in userdemands and network state

• Services where infrastructureis lacking or damaged


Goal 1: Secure network services anytime, anywhere


Current Practice




Current Practice



28

Always available

Reliable services onthe move

• Adaptation of Internetprotocols to support nomadicand limited on-the-moveservices, but all MANETssuffer scalability limitationsdue to frequency availability

• Movement across domainswithout manual intervention,but not without briefdisruption of service

• Adaptive power control inwireless networks

• MANET ability to supportclusters at medium scale

• Smooth mobility withinwireless clusters in onedomain

• Direct-sequence spreadspectrum improvesrobustness and capacity formobile, tactical wirelessnetworks and reducesdependence on infrastructure

• Improved data rates in urbansettings by exploitingmultipath

• Hybrid, free-space optical/RF link and networkingscheme that yields highavailability and data rate

• Wireless network scalabilityincreases at least one orderof magnitude

• Networks adapt to loss ofnodes and other topologychanges

• On-demand QoS perconnection, session, or byreservation

• Adaptive services (includingsecurity, privacy, and QoS)that reflect priorities withminimal disruptions duringtransitions

• Wireless ability to movesmoothly across domains

• Adaptive solutions throughnew protocols to providescalability, stability, and real-time response for auto-(re)configuration andmaintenance of servicesacross all users and networkdomains

• RF issues including spectrumconstraints, co-siteinterference, near/farinterference, and adversarialintrusion and disruption inwireless portions of thenetwork

• Relays to contend with line-of-sight limitations

• Develop models, policies,and management structuresfor adaptive mobile networks

• Common interface standardsfor protocol conversion

• Programmable and self-configurable networkinterfaces and protocols(including link and physicallayer) for roaming throughvery diverse domains

• Mobile user services adaptedfor individual users based onlocation, user tasks and/orinterests, and current context

• Individual privacy against




Current Practice



29

Reliable services onthe move

Information at yourfingertips

Transport forheterogeneous mixof demands

• Network status information isavailable primarily atcentralized networkoperations facilities

• Minimal ability for users orgateway/cluster-head nodesto view and interpret statusor automatically insertmanagement changerequests

• Other types of information indata bases distributed acrossnetworks are accessible withthe aid of web crawlers andbrowsers, but tailoring touser needs is not supportedin most cases

• Limited demonstration ofmulticast network manage-ment enabling any node toaccess management services

• Routing, switching, andservice delivery protocols arepredefined and optimized foreither packet-switched orcircuit-switched services

• High-data-rate, long-durationtransport over packetswitching supportable byreservation protocols, butlittle ability to adapt in nearreal time for a changing mixof diverse services demands

• Emerging ability for high-levelnodes (gateways, cluster-heads) as well as formalnetwork operations centersto view network status andinsert change requests

• Initial ability of agents toidentify and tailor data to user

• Hybrid packet and circuitswitching improves transportefficiency by an order ofmagnitude

• Knowledge-value-orientedtransport improves “effectiveQoS” and ability to adapt todiverse demands

• Proactive link selectionmechanisms optimize use ofavailable diverse link typeson platforms while adaptingto environment and userdemands

• Hardware and softwaremechanisms increasethroughput by a factor of 10

intrusive tracking while on themove

• Distributed network/storageto assure continuity ofservices under adversarialconditions

• Complete network statusinformation available andsharable across networkentities end to end

• Embedded measurement inlarge-scale testbeds withability to support users atvarious levels of securityduring simultaneousexperiments

• State information at a level ofabstraction suitable forunderstanding of status andwith drill-down capability forproactive and reactivenetwork management,diagnostics, and forensics

• Intelligent data collection,storage, and movement foruse by applications and users

• Architecture and protocols tooptimize transport accordingto message type and QoSrequirements in real time

• Knowledge-value-basedmulticast messaging adaptedin real time to widelyheterogeneous networkstates and individual userrequirements

• Optimize performance for adhoc networks with diverse,unpredictable traffic loadingand with uncertainties at thenetwork physical level

• Simultaneous, adaptivemultiplexing of services




Current Practice



30

Transport forheterogeneous mixof demands

Survivable services • Network defense mainlyreactive, with forensicanalytical ability but littleproactive defense

• Restoration relies mainly onmanual processes

• Emerging mobile, tacticaltechnologies provideautomated survivabilityservices

• Scalability, dynamic range,and potential adversarialimpacts are beinginvestigated

• Ad hoc coordination ofdisaster response and public-safety networks

• Architecture, protocols, andcontrol and managementsoftware for highly dynamic,multiterabit global core fiber-optical networks

• Shared situational awarenessimproves ability to containdamage to networks

• Automated ability to adaptproactively to attacks and toassist manual restorationprocesses

• Minimized effect of denial-of-service (DoS) worm-basedattacks (to include zero-dayexploits). Objectives areautomatic detection,quarantine, and recovery;containment to 1% ofnetwork functioning; recoveryin minutes; high probability ofdetection /low probability offailure

• Hybrid, free-space optical/RF link and networkingscheme for high availabilityand data rate, with physicalmedia diversity to contendwith attacks

• Policies and self-organizingtechnologies for disasterresponse and public-safetynetworks

• In the face of attack, maintaincorrect routing andforwarding of traffic; providedifferentiated services andpreemption where needed

• Assurance for critical servicesin face of attacks and naturalfaults

• Security for survivability; self-healing and disruption-tolerant mechanisms

• Contend with adversarialactions targeting distributed,self-organizing processes

• Multilevel cross-domainsituational awareness andcontrol for cooperativedefense

• Affordable architectures forwide-scale deployment oflarge-scale network defense

• Virtualization technologies foractive network defense, toobserve network servicesunder stress or attack, and to“disinform” and confoundmalicious actors

• New transport protocols thatcan adapt to differentapplications and transportmedia

• Dynamic negotiation of QoSwhen under attack or subjectto natural degradation ordisruption


Current Practice





Current Practice



Capabilities for Security Goals

ranging from high-throughput,long-duration transmissions toshort-burst traffic

31

Protection ofinformation

• Over-the-air key distributionbut based largely onpredetermined useraddresses and locations

• Severely limited ability formultilevel security andprivacy

• Multilevel access controlswithin prearranged secureenclaves that can cross somedomains

• Information protection fordiverse needs (beyondmultilevel security andcompartmentalization)

• Identification, authentication,and authorization of networkdevices/users across multipleheterogeneous policydomains, including devicesecurity posture, reputation,and geographic location

• Fine-grained protection ofdata distributed across anetwork

• Alerts when informationprotection is threatened byunknown attacks

• New models for detectionand prevention of release,accidental or otherwise, ofproprietary and privateinformation (exfiltration)

• Protection in face ofexploitation of covert orcryptographic side channels

• Identification of potentialinformation-flow channels butcombined with dynamicanalysis to have the potentialto identify all flows inviolation of a protectionpolicy

• Multilevel access privilegesfor heterogeneous multicastgroups

• Encryption while maintainingpolicy enforcement pointsand associated securityservices, e.g., intrusionprotection and access controlvia firewalls


Goal 1: Secure network services anytime, anywhereCurrent Practice




32

Topology and policymanagement

Resource controland assignment

• Minimal ability to changeQoS policies and topologiesover time or to coordinatepriorities across domains

• Different types ofmanagement systemsavailable that do notinteroperate

• Identity management inlimited domains

• Predetermined QoS andresource control policies

• Management and control relymainly on static view ofnetworks, throughput rates,and queues

• Automated assistance formanagement of priorities forclasses of users withindomains with manualenactment aided bypredefined templates

• Manual network tuningreplaced with automatedadaptation

• Identity managementfederated across multipledomains

• Near-real-time QoSmanagement for selectedusers using manual control

• Network and transport layerpolicy management tocontend with hot spots andchoke points

• Application of networkscience to assist inmonitoring of state andcontrol of resources

• Dynamic allocation of RFspectrum in frequency,space, and time for increased

• Automated policy adaptationto rapidly changing contextsto reflect availability of criticalresources and mission needs

• Delegation of managementauthority to the edges of thenetwork; negotiation ofauthority; and managementactions at boundaries ofother domains

• Distributed sharing ofknowledge of network state,projected needs, and otherbasic factors, with cross-domain access policiesadapted to the currentsituation

• Local decisions based onnetwork service objectives

• Optimize networkmanagement to prevent aneed for over-provisioning

• Fully integrated networkoperations capabilitiesincluding: fault management,information assurancemanagement, and proactive(near-real-time) managementof routing and switchingtopologies and protocols

• Proactive, real-timeassignment of resources tosatisfy current policies andQoS agreements

• Mixed-initiative (human andautomated) supervision ofdistributed, self-organizing,autonomous processes toassure stability, robustness,optimized use of resources

• Improved scalability andprocessing loads for large-domain and cross-domainapplications


Current Practice




Capabilities for Management Goals


Current Practice




33

Resource controland assignment

Services adapt toneeds and contexts

• Services unable to adapt tonear-real-time needs and arepredefined by service-levelagreements and networkthroughput availability

utilization, robust dynamicconnectivity; reducedspectrum management setuptime and increased spectrumaccess

• Hybrid, adaptive free spaceoptics/RF networking for highavailability and data rate

• Networks are co-scheduledwith other resources, such ascomputers and instruments

• Emerging ability forinformation tailoring based onuser needs

• Initial ability for adapting QoSobjectives to respond toneeds and constraints forhighest-level users and withinindividual advanced networkdomains

• Dynamically allocate RFspectrum in frequency,space, and time to increaseeffective use of spectrum andreduce spectrummanagement setup time

• Real-time feedback tonetwork management systemto drive adaptation of policiesand QoS agreements withinand across domains

• End-to-end, near-real-timeadaptation of resourcecoordination across domainsfor point-to-point andmulticast services

• Dynamic allocation of RFspectrum in frequency,space, and time amongheterogeneous wirelessnetworks

• Provide all users withinformation related to serviceavailability

• Allow all users to request andreceive services based onneeds, priorities (both localand global), and networkcapabilities

• Capability for cross-domainadaptation for QoSobjectives

• Dynamic service-levelagreements and informationtailoring for inter-networkQoS

• Architecture, standards, andprotocols for applications tonegotiate with the networkfor QoS adaptation

• Adaptive handling of traffic inheterogeneous multicastgroups and acrossheterogeneous networks

• Function through networkchurning, delay, anddisruption


Current Practice



Capabilities for Usability Goals

34

Services adapt toneeds and contexts

Complexity hiddenfrom users

High-performancemiddleware

• User is aware of networklimitations only in terms ofservice delays anddisruptions

• Initial development of high-performance middleware

• Commercial approaches toservice-oriented architectureare informed by but not builton standards

• On-screen advisories ofcurrent status

• Ability to view projectedstatus based on intent toestablish sessions that implyheavy use (e.g., videoteleconference)

• Expanded discipline sciencesupport by grid technologieseffectively

• Middleware supports specificapplication domains andcommunities of interest

• Provide users with informa-tion at a level of abstractionand with visualization suitableto their needs and capabilities

• Automatically identify usercapabilities and needs basedon behaviors and context

• Fault correlation fordistributed, near-real-timediagnostics

• Intuitive, user-friendly abilityfor non-expert users tocorrect problems with abutton click

• Middleware and services tosupport rapid applicationdevelopment and deploymentacross domains andcommunities of interest

• Real-time access tonetworked resources on aglobal scale

• Combined managementplane and middlewareservices for real-time accessto networked resources on aglobal scale

• Policy management to enableend-user access to networkresources

• Anticipate users’ need fordata and pre-fetch criticaldata based on AI projectionsof context and demand

• Real-time adaptation ofpresentations andapplications for end-to-endQoS optimization

• Automatic translation andsemantic mediation


Current Practice





• Automatic adaptation ofupper-layer protocols andprocesses in near real time

Goal 1: Secure network services anytime, anywhereCurrent Practice




Current Practice




Goal 2: Secure, global, federated networks

35

Completetransparency

• Transactions requireknowledge of IP address,URL, or formal user ID

• Emerging semantic webcapability relievesrequirement for specific IPaddress, URL, or user ID

• Semantic web capability andability for addressing basedon location, context-basedcategories, as well asstandard address, URL, anduser ID


Architecture forglobal federatednetworking

• Seven-layer model focusedon relatively stable topologies

• Adaptation for mobile,dynamic users requiressignificant cross-layerinteraction with manualcoordination andconfiguration

• No vertical integration ofapplication (grid reservationand scheduling systems)

• Continued use of IP andseven-layer model for mostapplications

• New protocol stack andnetwork management forrobust MANET operations

• Services utilizing mobility,security, and adaptability inmassive, dynamic, hetero-geneous network federations

• Enabling distributed networksystems to discover, self-organize, and share criticalinformation to supportfederated e2e networkservices such as control anddata planes signaling,signaling for security andQoS policies, and networkmanagement

• Improved ability to coordinatemultiple control-planearchitectures

• Secure control-planearchitecture and protocolsthat integrate differenttechnologies (QoS, MPLS,GMPLS, etc.)

• Out-of-band managementchannels for diagnosing andcorrecting problems aftercatastrophic failure; the abilityto probe a failed networkfrom a separate infrastructure

36

Theory, techniques,and tools

Enable users todiscover, schedule,and monitorresources acrossfederations

• Network control-planetechnologies (QoS, MPLS,GMPLS); MPLS-based QoScontrol plane accessible onlyby individual networks

• Inter-domain services asbest-effort IP peeringarrangement limited toreachability information

• QoS obtained with over-provisioning

• Phone-based and emailexchanges to coordinatesharing of information amongusers

• Limited sharing of stateinformation across domainsto enable user services

• Multicast and full sharing

• Domain-specific reservationsystems

• Inter-domain reservationaccomplished via email andvoice

• Custom/domain-specificimplementation of QoS,MPLS, and GMPLS

• Phone-based and emailexchanges to coordinatesharing of information amongusers

• Search engines withadvanced AI will improveability to focus on relevantinformation

• Performance models forcomplex adaptive networks,including interactions amongnetworks of varying degreesof complexity

• Performance models basedon multiscale analysis

• Virtualization models andarchitectures for federatednetworks

• Protocols that scale tosupport diverse applications(e.g., real-time, streaming,mobile services, video,visualization) and transporttechnologies (e.g., wireless,optical, sensor-net, andsatellite)

• Automated and seamlesscoupling of federatednetwork services to endapplication to make effectiveuse of host software stackand network resources

• New mathematical theories tomodel and simulate trafficengineering processes inlarge-scale federatednetworks

• Interoperable multidomainMPLS and GMPLS

• Control- and signaling-planetechnology that can assistthe end users by seamlesslyintegrating diversetechnologies (wireless,optical, packet-switched,circuit-switched, etc.) tocompose e2e path with user-defined characteristics


Current Practice




Current Practice





Current Practice





37

Enable users todiscover, schedule,and monitorresources acrossfederations

End-to-end services

Multilevel identity,security, and privacyacross domains

across heterogeneousnetworks subject to securityand policy restrictions

• Web crawlers, directories,and other methods that placethe burden on the user to findthe right sources among amassive set

• Minimal ability for individualusers to schedule andmonitor resources

• Best-effort IP network

• Significant overhead whenconditions are dynamic

• Limited capability, mainlyrelying on manual processes

• Reliable certificate revocationnot possible

• Trusted switches, sanitizationguards, and low-high pumpsprovide limited ability to dealwith multiple securities, buttransport requiressegregation into virtualprivate cryptonets

• Higher data rate, lessoverhead and repetition, lessfragile communications indynamic mobile environments

• SLAs and scienceapplications with modestend-to-end performanceenforcements enabled

• Increased automatedcapability in specific domains

• Routers, switches, and end-user equipment supportmultiple security levels at themessage or database entrylevel

• PKI and related technologiessupport subcompartmentali-zation within individualsecurity domains

• Tools to allow the users toview network monitoring,status reporting, and controlinformation

• Enable users to interact withnetwork management tooptimize performance tomeet local demands whileremaining globally consistent

• Distributed policies enginesto support multidomain end-to-end QoS, securitycertificates, SLAs, etc.

• End-to-end serviceoptimization of traffic acrossautonomous domainboundaries

• Multidomain control-planesignaling technologies thatprovide services such ascircuit/bandwidth reservation,resource discovery andscheduling, and network faultisolation across end hostlayers and federated domains

• Cross-autonomous systemmulticast synchronization

• Traffic engineering of hybridnetworks

• Multilevel security andaccountability: support ofaccess control at a fine-grained level

• Ability to move data andprocesses across domainswhile respecting security,privacy, and regulatoryconcerns

• Moving data and applicationsin a virtual machine (VM)


Current Practice




38

Multilevel identity,security, and privacyacross domains

Policy-enabledsecuritymanagement andreal-time adaptation

• Limited capability, mainlyrelying on manual processes

• Policy is mostly static andpredefined

• Limited ability to preservepolicies, privacy, security forusers moving acrossdomains

• Increased automatedcapability for a limitednumber of domains

• Emerging capabilities formanagement and dynamicimplementation of securitypolicies for ad hoc situations

package across platforms/domains, securing theidentity of the VM, andproviding access

• Security of information flowsdetermined by static analysisof program code andhardware and by dynamicanalysis

• Automatic transformation ofdata (e.g., downgrading) thatcrosses domains

• End-to-end securityoptimization acrossadministrative domains

• Distributed IDs andcoordination of certificateauthorities

• Methods to address insiderattacks and forensics

• Transform networkingsecurity into an engineeringproblem/solution bydeveloping formalmethodologies for specifying,developing, and testing cybersystems, and a formallanguage to specifynetworking security policies

• Techniques to enhancecapability of cyber tools

• Concept of quality of cyberprotection (QoCP)

• Ability automatically tocreate, transform, and reasonabout policies that govern themovement of data andprocesses across domains

• Ability to enforce policies inreal time under threatsituations; mediation occursat the network interfaces


Current Practice





Current Practice





39

Policy-enabledsecuritymanagement andreal-time adaptation

Cooperative defenseagainst cyberattacks

Enable inter-domainexchange ofmanagementinformation

• Very limited capability, mainlyrelying on manual processes

• Phone-based and emailexchanges of networkmeasurement

• Management centralizedwithin domains

• Limited ability for visibility ofnetwork status acrossdomains

• Improved state awarenessand ability to interceptattacks and prevent totalcollapse; processes rely onmanual interventionsupported by improvedautomated monitoringcapabilities

• Minimize effect of worm-based attacks throughautomatic detection,quarantine, and recovery;containment to 1%; recoveryin minutes; high probability ofdetection/low probability offailure

• Transform isolated,vulnerable programs into self-defending teams

• Commercial-off-the-shelf(COTS) software applicationscollaboratively diagnose andrespond to problems(attacks, bugs)

• Improved cross-domaincoordination with limits forend-to-end serviceoptimization and in near realtime

• Reductions in federationoverhead

• Manual network tuning

• Pre-need negotiation:adaptive to changingcontexts and threats

• Automatic determination ofreleasability based oncontent and context asdetermined by a policy that islearned automatically

• Ability to mitigate attacks(known and unknown) in acoherent and effectivemanner

• Cooperative, distributedinformation management thatpermits sharing of earlyindications data and alerts forreal-time, distributed,automated reasoning onthreats and responses

• Ability to filter unencryptedinformation at line rate;correlate in-flight monitoringdata in real time with archivedlogging information totroubleshoot anomalousbehavior

• Interfaces that automaticallydetermine releasability ofsensitive data, butreleasability changes withcontext as determined by apolicy that is learnedautomatically


Current Practice




40

Enable inter-domainexchange ofmanagementinformation

Enable inter-domaincooperation ofnetworks to provideservices

Evolvable platformfor innovation

• Cooperative but not fullycollaborative

• Best-effort network servicespredominate

• Limited inter-domain MPLS-based QoS using customphone and email exchanges(issues for emerging IPtelephony, IPTV, etc.)

• No inter-domain reservationsystems

• Little or no ability for end-to-end management and controlother than prearranged policyagreements

• Inability to deal withheterogeneous QoS policyagreements

• Inability to address thespecial needs forinterconnecting newcomputing and networkingtechnologies such as sensornetworks with the Internet

• Networks depend ontraditional IP inter-domainrouting exchange

replaced with automatedadaptation with remainingissues for cross-domain,cooperative managementand control

• Emerging distributed self-organization across domains

• Advanced bandwidth/QoSguaranteed services overmultiple networks for 10s to100s of QoS channels orvirtual local area networks(VLANs)

• Progress extending sensorapplications across the coreof the Internet partitioned atthe level of the sensor net

• Hybrid, free-space optical/RFlink and networking schemethat provides high availabilityand data rate in challengingenvironments

• Shared awareness anddistributed adaptation,subject to near-real-timecontrols on releasability ofprivate and/or proprietarydata and cross-domaincontrol actions

• Standards for publishingnetwork managementinformation

• GPS and out-of-banddistribution of networkmanagement information

• Automated end-to-endservice-level optimizationacross administrativedomains

• Judicious combination ofpre-need negotiation withadaptivity to reflect changingcontexts and threats

• Federated networkmanagement systems thatenable local networkmanagement systems tocollect and share criticalinformation for diagnosingend-to-end faults

• Intelligent networkmanagement systems

• Seamlessly link wireless,sensor, and supervisorycontrol and data acquisition(SCADA) control networks towired networks

• Enable applicationdevelopers to test and deploynovel services rapidly across


Current Practice





Current Practice




• Adaptation subject toindividual domain policiesand procedures

Current Practice





41

Evolvable platformfor innovation

Understandingcomplexity

• Complexity of global networkis a barrier to newapplications and services

• Minimal capability tounderstand behavior of highlydynamic, complex, adaptivenetworks

• No well-tested experimentalparadigms to measurecomplexity

• Simulations cannot bevalidated due to lack oftestbeds at scale

• Understanding of systemstate is based on networkswith fixed topologies andwith "snapshots" of staticstatus with littleunderstanding of the effectsof derivatives or statisticaldistributions andrelationships

• Hybrid circuit/packet serviceswill be available in selectresearch and educationdomains

• Developing capability torecognize emergentbehaviors early enough totake action; main reliance ison manual actions based oncomputer-generated displays

• Developing understanding ofcomplex, adaptive processeslimits the degree ofdynamics, scalability, andheterogeneity for mobile adhoc networking

• Network state is estimatedmainly based on"snapshots"; some degree ofprediction and reasoningbased on derivatives andstatistics will emerge

multiple administrativedomains

• Enable network managers toenter into service-levelagreements and tracksuccess in meeting theseSLAs across domains

• Enable researchers rapidly todeploy multiple technology/administration environmentsto test new ideas in networkscience

• Understanding of highlycomplex networks andinterconnections of networksof varying (and time-dependent) degrees ofcomplexity

• Temporal and spatialbehavior models

• Validated simulation/emulation environments thattake network andenvironmental effects intoaccount with a high degree ofconfidence in accuracy

• Fundamental science toenable models that candescribe, predict, and controlthe behavior of next-generation networks

• Improved mathematical basisfor complex, adaptivesystems to address


Current Practice




Goal 3: Manage network complexity and heterogeneity

42

Understandingcomplexity

Architectures forfuture networks

Advanced networkdesign

Networks withoutborders, beyondgateways

• Architectures are based ontraditional network theoryand are fragile and unsuitablefor many of the new,dynamic, ad hoc situations

• Current architecturalprinciples, standards, andprotocols provide systemdesigners and networkmanagers with little supportto contend with real-time andnear-real-time behaviors incomplex, adaptive networks

• Lack of good theoreticalrepresentations

• Limited basis in networkscience leads to ad hoc,incremental changes to dealwith problems as they arise

• Designs are mainly anextension from initial Internet;protocols and concepts, withmobility and securityaccommodated asmodifications constrained bythe basic architecture

• Disruption or delay toleranceand delivery assurance inheterogeneous, multihoprelays are major issues

• Islands of different networksconnected through gateways

• Small research programsfocus on different types ofnetworks (sensor, wireless,etc.)

• Introduction of a richer andmore advanced set ofapplication-support features

• New IP protocol stack withrobust MANET operations willsupport higher data rate, lessoverhead and repetition, lessfragile communications indynamic mobile settings


• Beginning of cross-layertraffic engineering based onformal mathematicalprinciples

• Improvement for mobility,security, and delay/disruptiontolerance

• Manual network tuningreplaced with automatedadaptation in diversenetworks

• Incremental improvements inLayer-2 and -3 devices

• More hybrid networks

• Larger programs for moreholistic research

interference, contention, andadversarial actions in mobile,ad hoc wireless networking

• Technical reference model formobile, wireless, complex,adaptive networks

• Architecture and protocols todeal with increasing cross-layer interactions as the"static" Internet evolves to amore dynamic andheterogeneous structure

• Network architectures withbuilt-in security,manageability, scalability,resiliency

• A theory of networkedcomputing addressing theincreasing complexity ofnetworks and interconnectionof multiple networks ofvarying and time-dependentdegrees of complexity

• Artificial diversity; holisticoptimization tools

• Application of physical-layertheoretical representationsfor network and protocoldesign

• Enabling integration ofdiverse types of end systemsinto the heterogeneous,complex network

• Continuous diagnosis withrouters, gateways, etc., that


Current Practice





Current Practice




Current Practice





43

Networks withoutborders, beyondgateways

Trust in complexenvironments

• No guarantees of security orprivacy beyond highly secure,protected enclaves

• Concern about massivecollapse due to emergentbehaviors and adversarialexploitation of tendenciestoward chaotic behavior

• Insufficient ability to view andmanage security and privacyin mobile/dynamic networksituations

• Denial of service DoS) is acritical problem, handledmainly through reactive andforensic measures

• Layers 1 and 2 provide abilityfor increased mix of wirelessservices and mix ofbroadband and narrowbandtransport

• Enable wireless users tochange physical position yetremain connected

• Network assumesresponsibility for messagetraffic

• Improved utilization ofavailable link bandwidth oversporadic links

• Improvement for bothsecurity and privacy withsafe, "gated" communities

• Cryptonet and application-layer visibility improved withmanual processes formanagement and control

• Emerging ability to anticipateand respond to threats beforedamage spreads throughoutnetwork. Minimize effect ofDoS worm-based attacks;automatic detection,quarantine, and recovery;containment to 1%degradation of the network

can deal with threats to thenetwork core

• New mechanisms forheterogeneity to support anincreased mix of wirelessservices and mix ofbroadband and narrowbandtransport

• Improved ability to serviceincreasing demands forheterogeneous worksessions, multicast groups,and other uses of groupservices where membershave different capabilitiesand needs

• Protocols and technology toachieve high-performance/throughput

• Inter-domain technology toincrease stability anddecrease vulnerability ofcomplex systems to maintainuser services (including QoSand multicast) in adversarialenvironments

• Models of security andprivacy that reflect thecomplexity of networks

• Cryptologic-based methodsto achieve revocableanonymity

• Architectures to increaserandomness to potentialattackers, e.g., throughartificial diversity

• Trust models that accuratelyreflect the security state ofnodes in a network and thatpermit the automatic asso-ciation of trust with nodes


Current Practice




44

Trust in complexenvironments

Managing andcontrolling networksin the face ofcomplexity

• Depends on skilled operators

• Relatively slow andcumbersome for adapting tonear-real-time changes

• No significant ability to dealwith the special needs forcontrolling mobile ad hocnetworks

• Initial demonstrations ofcapabilities for limiteddegrees of heterogeneity,dynamics, and complexity

functionality; recovery inminutes; high probability ofdetection/low probability offailure

• Automated channel-switchingcapability in response toadversary jamming attack

• Transform isolated,vulnerable programs into self-defending teams

• COTS software applicationscollaboratively diagnose andrespond to problems(attacks, bugs)

• Increasing ability tocharacterize complexnetwork states

• Improvement in availablemanagement tools

• Developing ability forautomated agents to supporthuman decision-making

• Policy-based managementbuilt to allow for QoS andother resource managementchanges in dynamic networks

• Prearranged managementand control of distributed,autonomous, adaptivenetworks

• Presence of stable backbonenetworks will be needed tosupport relatively small ad

• Ability to understand andrespond to emerging threatsincluding anticipating thethreat posed by wellresourced bad actors

• Metrics to supportquantitative assessment ofthe trustworthiness ofcomplex networks andsystems

• Engineering methodologies,design principles, formaltechniques, and modelingtools that can be used tofacilitate the construction ofsecure networks ofunprecedented complexity

• Network managementoperations that allowautomated self-organizationwith ability for manual and/orcombined human andautomated (mixed-initiative)intervention supported bynetwork visualization tools

• Methods to gather, coalesce,process, and store dataabout the current state ofincreasingly complexnetworks

• Improved ability formanagement and control ofdistributed, autonomous,adaptive networks to respondto dynamics, disruption, andchanges in QoS requirements


Current Practice





Current Practice




Current Practice





45

Managing andcontrolling networksin the face ofcomplexity

Adjustableautonomousnetworks

Human factorscategory

• Adaptation and changerequire humans in the loop

• Responses to disasters andmilitary operations willcontinue to need heavyinfrastructure

• Mismatch between theservice of the Internet, interms of physical devices,and the needs of users,defined in terms of services

hoc clusters and other userson the move

• Response to disasters andmilitary expeditionaryoperations will rely onbroadband long-haul supportinfrastructure

• Wireless networktechnologies will supportnetworks with scalabilityincreased by at least oneorder of magnitude and withcapability that adapts tomitigate hardware shortfallsand environmental conditions

• Exploration of intelligenttechnologies for autonomicbehavior

• Network wireless node basedon commercial productssupports network adaptation,scalability, and mitigation ofhardware shortfalls andenvironmental conditions

• Emerging improvements inusability and usercomprehension

• Control of massive, complex,autonomous networks

• Networks that automaticallyaccommodate to changingcontexts and threats in apolicy-aware manner

• Mixed-initiative (human-automated) intervention tooversee and stabilizedistributed self-organizedprocesses

• Information visualization tohelp users understand thestate of complex networks

• Active visualization methodsto suggest operational goalsusing visual metaphors

• Social networking, gametheoretic principles, andcooperative networkingconcepts


Current Practice




46

Routing schemes

Transport protocolscategory

Network sciencecategory

• Circuit or packet, but notboth at the same time

• IP, with Transmission ControlProtocol (TCP) and UserDatagram Protocol (UDP)dominates, with link-layerswitching for wireless accessto backbones

• Rudimentary, based largelyon queuing theory androuting protocols

• Limited ability to operateadaptive, self-organizingnetworks beyond tens ofnodes and in dynamicallychanging situations

• Merger of cellular andInternet routing and switchingschemes and adaptation ofprotocols to incorporate bestfeatures

• Continued emphasis on IP,with increased influence ofwireless protocols

• Enhancements to IP and newprotocols enable wirelessusers to change physicallocation yet remainconnected

• Network assumesresponsibility for messagetraffic


• Increased use of graphtheory to develop improvedrouting and transmissioncontrol protocols

• Increased throughput,responsiveness, andreliability through thecombined application of

• Context-awarecommunication devices

• Transparent interoperabilityacross heterogeneoustechnologies (packet-switched, dynamicmobile/wired, satellite, anddelay-tolerant networking)

• Application-basednetworking optimization

• Technologies andmechanisms independent ofassumptions andcharacteristics basedprimarily on wire-linenetworks

• Efficient wavelengthconversion

• Adaptive cryptographicprotocols supporting newarchitectural models

• Dynamic transport-layertechnologies utilizing cross-layer information

• Reduce dependence on TCPfor assurance of delivery overwireless networks,particularly for multihoptransport over links of varyingquality and stability

• Transport protocols that canadapt and coordinate acrosslayers in real time to optimizethroughput

• Understanding manmade andnatural networks to reflect amore comprehensive set ofinteractions, includinginteractions among networksof varying degrees ofcomplexity and dynamics

• Improved ability to address


Current Practice




Goal 4: Innovation through advanced technologies

Current Practice





47

Network sciencecategory

Optimization ofsignaling andprocessing,includingmodulation, coding,and transmissioncontrol

• Current research on wirelessmodulation, coding, andtransmission control tocontend with channel errormechanisms and spectrumconstraints and to allowdesign of small, low-power,low-cost equipment

information theory andcontrol theory to nodal andnetwork design andoperation

• All aspects of messageformation, coding,modulation, spectrum use,and delivery assurancepredetermined

• Hybrid cellular telephony andwireless LAN air-interfaceprotocols to improveefficiency

• Order of magnitudeimprovement in dynamicallyallocating RF spectrum infrequency, space, and time toincrease utilization, reducedynamic connectivityspectrum management setuptime, and increase spectrumaccess; spectrum limitationsincrease for wireless servicesas data throughput andmobility demands increase

• Gateways deal withtransitions across media

scalability and stability issuesfor self-organizing networks

• Technologies andmechanisms independent ofassumptions andcharacteristics

• Distributed control-systemstheory to be deployed innetworks

• Understanding when toaggregate traffic, when to usemultiple channels for trafficstreams, and when to usecomplex modulation

• Interference avoidance andmitigation: both co-site andexternal, and scalable tomassive, dynamic situations

• Energy optimization

• Spectrum agility: additionalorders of magnitudeimprovement in spectrum useand adaptation to states atphysical and link layers whilemaintaining service quality

• Optimized, coordinated useof multidomain radio and filesystem object (FSO) links


48

Integration ofheterogeneoustechnologies

Adaptability,survivability,interoperability,scalability,availability,manageability,reliability,securability,usability

• Mediators constructedmanually based onpublication of ontologies,standards, protocols, APIs,etc.

• Interoperability requiresadherence to predefinedstandards, protocols, andformats

• Reliability generally limited tobest effort

• Availability relies onpredeployed infrastructure orpreplanned mobile services

• Survivability under physicaland electronic attack is notbuilt-in for most services

• Current research projectsaddress wide range of "-ilities" to support reliablead hoc mobile servicesindependent of predeployedinfrastructure, e.g., QoSbetter than "best effort,"adaptive data rate on a link-by-link basis, autonomousadaptation for both

• Non-real-time automatedconstruction of mediators

• Gateways designed forinterfacing multiple types ofnetworks and end-userequipment and servers

• National-scale testbeds thatprovide control andmeasurement supportingsimultaneous experiments atdifferent levels of security andconfidentiality managementand coupled toheterogeneous applications(IP, circuit-based, wireless,all-optical, sensors, satellites,etc.)

• Cross-layer capacitymanagement to assureaggregation of IP services inthe optical layer

• Interoperability based onpredefined standards andprotocols with formats andcontents managed in nearreal time to adapt toheterogeneity and changingsituations

• Predeployed infrastructure isthe primary basis foravailability; ad hocnetworking and airborne relayoffer services for high-priorityusers

• Advanced military systemsprovide order-of-magnitudeincrease in scalability,robustness, and adaptationfor ad hoc dynamics andspectrum limitations

• Developing proactive linkselection mechanisms thataddress survivability andreliability by optimizing use of

• Flexible network architectureand technical approaches toenable plug-and-play of newcomponents

• IP and WebSphere PlatformManagement (WPM) protocolintegration, primarily at thecontrol-plane level

• Near-real-time mediation andadaptation of gateways

• Increased intelligence in thenetwork and at edges formediating heterogeneity

• Interoperation of componentsand services at a levelcapable of supportingnetworking services overtraditional, nonstandard, andnew system-widearchitectures

• Interoperability with in-network intelligence to adaptprotocols for routing,switching, and informationpackaging

• Dynamic and distributedservice resource control andpooling

• Utilization of multipletopologies (logical andphysical) to increase networkrobustness

• Tradeoffs in security vs.throughput (with complexityand/or resource consumptionas constraints)


Current Practice





Current Practice





49

Adaptability,survivability,interoperability,scalability,availability,manageability,reliability,securability,usability

Technologies forextremeenvironments

robustness and maximumthroughput, contention withadversarial RF interference

• Spam is proliferating anduncontrolled

• Increased survivability androbustness of wirelessservices, e.g., adaptive Layer-1 and -2 technologies andcross-layer coordination ofmessage packaging and errorcontrol

• Adaptive relays to contendwith line-of-sight limitations

• Small sensors with fixedcapabilities

• May not work in extremeenvironments

• Long time for disasterrecovery

• Smart antennas

available diverse link typeson platforms while adaptingto environment and userdemands


• Hybrid, free-space optical/RFlink and networking schemethat yields high availabilityand data rate

• Low-cost handheld wirelessdevices based oncommercial technology

• Hardware and softwaremechanisms increasethroughput by a factor of 10

• Wavelength-division-multiplexing LAN that can beused universally in anyplatform and transmit inanalog and digital formats


• Enhanced performance,survivability, and securityover existing fiber; scalabilityfor increase in capacity

• Small sensors with integratedcapabilities

• Work in expected extremeenvironments

• Disruption- and delay-tolerant network capabilities

• Improved time for disasterrecovery

• Low-power, ultrawidebandsensors and communicationssystems

• Robust communications in

• Scalable services acrossdomains for ad hocnetworking and airborne relay

• Unattended operations forextended periods

• Small sensors respond tothreats and environmentalchanges

• Adapt rapidly to unexpectedenvironments

• Work through a disaster


50

Technologies forextremeenvironments

Trusted chips/components/systems

Quantumcryptography

• Trusted foundry for militaryand intelligence equipmentbut limited ability to assuretrust in general-purposedevices

• Quantum key distribution(QKD) demonstrated at 100kilometers

• Commercial systems are justbeing introduced, but theyare of limited functionality

• Short-distance functioningand low secure-key rate

• Engineering analysis andcharacterization arenonexistent; threat modelsstill need developing

• Limitations remain in range,bit rate, media, and security

• Service is inherently point-to-point

high-multipath environments

• Low-cost handheld wirelessnode based on commercialproducts: supports wirelessnetwork adaptation for up totens of thousands of nodes,and mitigates hardwareshortfalls and environmentalconditions

• Trusted foundry for military,intelligence, and commercialequipment

• Detection of security threats inchips, particularly those thatare outsourced; enhancedchip-level support forcryptography, keymanagement, secure booting,secure monitoring ofcomputations to detect subtleattacks, attestation ofprograms

• QKD interoperability, e.g., withsatellites

• Threat models with emergingquantum computing are welldeveloped

• Engineering analysis andcharacterization of quantumcryptography in large-scalenetworking are well developed

• Trust at systems level tosolve composability of trustproblems similar to thecomposability of securitysystems

• Standardization of protocolsand systems

• New quantum protocols tosupport networking amongquantum computers andconventional computers

• Quantum information andprecision tests of quantum-mechanical single-photonengineering: high data rate,guaranteed single-photonsources, low noise, highsensitivity, room- temperaturedetectors, ultralow-loss fibers

• Use of quantumentanglement in multipledimensions


Current Practice





Current Practice




Current Practice





51

Quantumcryptography

Algorithmiccryptography

Secure hosts anddevices

Flexible chipdesigns

• Preliminary research results inpost-quantum cryptography

• No secure hosts and devices

• Limited protection

• Limited defense

• Defense against most attacks

• Protection set up andmanaged by humans

• Defense response initiatedautomatically

• Wrap email and web browserapplications with protectivelayer to prevent attacks onthem from compromisinghost machine

• Software to monitor integrityof operating system kerneldata structures to detectsophisticated rootkit attacks

• Systems that learn their ownvulnerabilities to improvesurvivability over time, andregenerate service afterattack; survivability throughredundancy, diversity, andcognitive immunity andhealing

• Multicast-capablearchitectures and associatedprotocols

• Cross-domain, multihopreach; long range at apractical key exchange rate

• Algorithmic cryptography thatremains secure even withquantum computing

• Guaranteed secure hosts anddevices

• Ability to operate normallythrough attacks

• Automated protectionadapted to environment andpolicy

• Secure developmentenvironments including theauthentication of developersand the pedigree of code

• Design trustworthy hosts anddevices such as virtualized,high-assurance platforms

• Establish composability ofsystem security properties

• Enable trustworthy executionof mission on potentiallycompromised networks/systems

• High-performanceprogrammable hardware withthe flexibility of an FPGA andthe complexity andperformance envelope of anASIC that can be loadedquickly with new codeprogrammed with high-leveltools


52

Spectrummanagement

Power and energymanagement

Size management

• Manual channel assignment

• Little or no interferencecontrol for unmanaged bands(e.g., Wi Fi bands)

• Mix of preset transmissionpower and near-real-timeadaptation

• Commercial cellular systemsautomatically adapt power atend nodes, switches, androuters to lowest powerconsistent with link qualityrequirements

• Devices at centimeter scale,including antennas andbatteries

• Order-of-magnitudeimprovement in spectrumutilization; emergingcapability for intelligentnetwork operations to adjustbasic assignments in nearreal time

• Hub-spoke networks,including cellular and MANETclusters, exploit hardware forlocal power control tominimize interference andpreserve battery life

• Two orders of magnitudelonger life for unattendedground sensors

• Efficient power-aware designand management for high-performance computing(HPC) clusters

• Devices at millimeter scale,including antennas andbatteries

• Range limitations addressedby larger antennas for largecells and ad hoc relaying withlinks greater than a fewhundred meters

• Dynamic allocation,management, and brokeringof spectrum while ensuringend-to-end QoS in the fullrange of networktechnologies

• Techniques for simultaneous,multifunction signaling, newmultiple access techniques,and cross-domaincoordination to provide order-of-magnitude improvement

• Tailor messaging to decreasedemand for spectrum

• Systems consume, adapt,and generate power andenergy to minimize energyconsumption

• Embedded hybrid devices ofsubmicron size that can benetworked adaptively tooperate in a range ofenvironments

• Antenna designs, e.g., spray-on, embedded, andself-organizing antennas toallow reduction in total unitsize and greater efficiency;embed networkingtechnology within equipmentcases and implant somedevices in humans


Current Practice





Current Practice





53

Hardware andsoftware to supportsmall-scale uses,disadvantaged users

End-to-endtroubleshooting

High-capacityintegrated photonicand electroniccircuits

• Small devices and users onthe move are seriouslyconstrained by powerrequirements, battery lifetime,and equipment costs

• Apertures are unsuited tomultimode, multibandapplications

• Devices do not adaptautomatically to environmentor service demands

• Ad hoc monitoring withindomains used fortroubleshooting

• Optical and electronic circuitsand functions on a singlechip

• New power sources, parasiticenergy capture, and powermanagement provide order ofmagnitude improvement

• High data rates requireproximity to backboneaccess points for radio links

• Software-configured devicesadapt in near real time todemands and constraints

• Direct-sequence spread-spectrum communicationstechnologies: improvedcapacity of robust, mobilewireless networks where onlyend-user equipment isavailable to support services

• Robust urban communi-cations to penetrate buildingsand underground facilities


• Increased cross-domainWAN monitoring

• Increased topology discovery

• Increase in publicly availablenetwork monitoring data toassist with troubleshooting

• Increased ability totroubleshoot multicastingnetworks, toolsets

• Photonic circuits fullyintegrated to support high-data-rate transfers

• Tunable transmitters andreceivers

• Low-bandwidth environmentsand environments involvingunobtrusiveness (and stealth)for use in medical andmilitary applications

• Conformal integration ofwireless devices into userplatforms, clothing, and othersubstrates

• Reduce power requirementsand increase powermanagement ability throughsoftware and firmwarearchitecture to provide order-of-magnitude improvement ofeffective lifetime

• Advances in energy capture,power generation, and powermanagement to enhancedevice lifetime by anotherorder of magnitude

• Protocols to locate hiddennetwork devices

• Ubiquitous topologydiscovery services

• Integration with end-host andapplication monitoring forcomplete end-to-endtroubleshooting

• Ability of end users totroubleshoot their networkpaths

• Higher-capacity networksthat are reconfigurable, moreflexible, and lower-cost

• Very high-index, low-lossoptical materials


Current Practice




54

High-capacityintegrated photonicand electroniccircuits

* Geo-location

* Hands-freeoperation

* Automaticnegotiation ofQoS across alllayers

* Cognitive human-system interfaces

* Technology Watch(adapt emergingtechnologies fromnon-networkingdomains)

• GPS, cellular location, timedifference of arrival (TDOA)RF processing

• Some degradation ofcapability in urbanenvironments

• Replace ring with meshnetworks

• Integrated, surface-emittingpanel architecture formillimeter-wave transceiverarrays

• Active electronically steerablearrays achieving high powerdensity and low layerthickness; vastly greater"functional density" withoutcompromising performancein other areas

• All-optical switching andcircuit-based grooming;ultrahigh-capacity, long-range transmission

• GPS enhanced while outsidein urban environments

• Selective precision oflocation

• Continuing: All-opticalswitching and circuit-basedgrooming; ultrahigh-capacity,long-range transmission

• Navigation within closedbuildings


Current Practice






55

APPENDIX 3

Recent Federal Networking Research Programmatic Areas,by Agency

DARPA

DoD Net-Centric Operations

Air Force Programs

Army Programs

Wireless technology: dynamic spectrum allocation, low-cost wireless hand-held nodesLink strategic and tactical networks: Optical linked to RF,spread spectrum, agile coherent optical, highlyconnected topologies top guard against failureGlobal network capability: core optical networksarchitecture, protocols, control and management; dataover optical links, control planes, trustworthy systems

Jam resistance, security, and information assurance

Transformational Communications AdvancedTechnology Study – Airborne Communications Layer;optical networking; RF optical communications; assuredaccess anti-jam communication; cognitive networknodes; Battlefield Air Targeting Network; IntelligentInformation Routing for Airborne Networks (I2RAN);network agent technology; on-board multiwavelengthoptical networking for air and space platforms; high-capacity, reliable RF and optical networking for airbornenetworking; mobile routing and networking of airbornetactical data links and radios; quantum key distributionand secure mobile quantum communications; high-capacity satellite user terminals for on-the-movecommunications; policy-based network management forairborne networks; integration and validation of wirelessnetwork, data-link, data-packet, network-nodecommunication satellite models and simulations;wavelength routing; cross layer optimization; flexible,secure, highly responsive, ad hoc networks; embeddedprocessing for networks

Adaptive networks, lab-scale testbed; informationassurance; network science (model, design, analyze,predict, control behavior of heterogeneous nets);network functioning in disparate environments; ad hocnetworks of imaging and non-imaging sensors;tactical wireless network assurance; antennas;COMPOSER (In-theater wireless network management);radio-enabling technology and network applications;encryption


56

Navy Programs

DOE Office of Science

NASA

NIH, NIH/NLM: Network support toapplications

NIST

Network application design (Web, grid, agent-based);middleware services (service discovery, security);infrastructure vs. ad hoc environments; cross-layerintegration for better performance; interoperablenetworks for secure communications; next-generationnetworking (MANET, autoconfiguration, collaborativeapproaches); interoperability approaches and standards;common coalition technology and evaluationmethodology; airborne networking; multiagent systemoperation in distributed ad hoc networks; battlefieldsensor systems; wireless underwater acoustic sensornetworks; protocols for reliable, efficient data delivery

Petascale data transportDistributed, large-scale science cooperationGrid infrastructure prototyping

Software-defined radioLarge-scale high-efficiency data transferHigh-performance intrusion detection/preventionDisruption-tolerant networking: ground/spacecraftMulticast data proliferationPlanetary networking/space networkingBandwidth on demandUbiquitous, anytime, anywhere networking

Large disparate data-set accessReal-time diagnostics with digital imagesAssisted surgery (priority, low latency, low jitter,trustworthiness)Security and privacyPrograms: BIRN, caBIG, Visible Human, MedlinePlus

Internet Infrastructure Protection – architecture andstandards for resilient/robust/secure networks.Public Safety Communications – requirements,standards, and measurement and test technologies Robust Mobility and Wireless Networks – standards,measurement technologies, and test tools Measurement Science for Complex Information Systems– define a systematic method to measure, understand,predict, and control macroscopic behavior in complexinformation systems Quantum Information Networks – engineering andmeasurement, quantum cryptographic algorithms,quantum key distribution systems


57

NOAA: Network support to applications

NSA

NSFCyber Trust

Dynamic Data Driven ApplicationSystems (DDDAS)

Engineering

Future Internet Design (FIND)

Global Environment for Network Investigation (GENI)

Information and Intelligent Systems

Network infrastructure

Networking Broadly Defined (NBD)

Emergency response (weather nowcasts/forecasts forfirefighting, deployable sensors, remote computing)Ecological monitoring (fisheries management)Leverage in situ sensorsAnytime, anywhere access by citizensCollaboration support (phased array radars, petascalecomputing,…)

Cognitive radio technology for global communicationsover a fractionalized spectrumDelay-tolerant networks (reliability with intermittentavailability)Evolution of the network coreControl-plane evolutionEvolution of wireless/mobile networkingNetwork tomography

Cryptography, formal methods, defense against large-scale attacks, applications (critical infrastructures, healthcare,…), formal models, hardware

Sensor networks and computer networks, emergencyresponse (wireless phone)

Integrative, hybrid, complex systems; electronics,photonics, device technologies; power, control andadaptive technologies

Clean-slate design: sensors, mobile wireless,supercomputer interfaces, all-optical, delay-tolerant/real-time, security, management, human factors,virtualization

Large-scale facility of programmable networkedsystems, wireless access networks, security/privacy,management, theoretical foundations

Data-centric, human-centric, autonomous/robust/flexiblesystems

International Research Network Connections, testbeds(Dragon, Cheetah, PlanetLab)

Non-wireless broad range of basic research


58

NSFNetworking of Sensor Systems (NOSS)

Theoretical Foundations

Wireless Networks (WN)

USDA

Protocols/algorithms, architecture, privacy/security,HW/SW, network programming/support, smart sensors:NEON (ecology), EarthScope, ORION (oceans)

Network optimization, cooperative networks, rateadaptation, security, reference models, MIMO nets,cognitive nets

Technologies (cellular, ad hoc, mesh, DTN,...),applications-based problems, architecture, phenomena,technology-oriented projects, programmable wirelessnetworks (ProWin)

Rural telecommunications technologiesTestbeds for real-time groundwater monitoringEnhanced net-centric warfare (NCW) networkcapabilities: chip-scale atomic clocks, disruption-tolerant networking, dynamic worm quarantine, self-regenerative (security-aware) systems

The Federal agencies recognize the criticalimportance of networking to support Federalagency missions, U.S. science research, e-health,e-commerce, and other applications. Theagencies have held a number of workshops overthe last several years to identify needs andrecommendations for networking research toassure the continued viability and growth ofnetworks and to improve their reliability, security,and robustness. Key findings of these activitiesare summarized in this appendix. Each finding isfollowed by numbers indicating the workshop orreport sources; the citation list is on the nextpage.

• Future networks need to provide architectureand runtime capabilities for the multilayer grid(7, 8)

• Future networks must provide a materiallyimproved level of security, availability andresilience, including provision of privacy andaccountability, in the context of diverse culturaland regional norms (2, 7, 8)

• Future networks must support ubiquitoussecure connectivity and computing usingwireless links and subnets (3, 7)

• Future networks need to be intelligent, dynamicand responsive to evolving situations. Theyneed to be self-organizing, dynamic, andresponsive to applications, to supportapplication responsiveness to networks, and toprovide automated network management andQoS (1, 7)

• Future networks need to support adaptive,network-centric computing (4, 7)

• Future network designs must have intrinsic

support for mobility at multiple levels (3, 7, 8)

• Basic research is needed to understandnetwork behavior; to study the complexity ofnetworked systems; and to deal with emergingcomplex, adaptive, network-centric systems (1, 4, 7, 8)

• Future network testbeds need to bring togethernetwork and application engineers; integratecomputer science and telecommunicationscommunities and academia-industry-government research teams; and providegovernment-leveraged industry funding,spanning the country (5, 7, 8)

• The design of a new scheme for location andidentity is a critical architectural requirement toaddress issues of security, mobility, routing, andregional autonomy (6, 7)

• A future Internet should be designed withoutthe requirement of a single address space (6)

• Future requirements for wireless networkinginclude (5):

o A clean-slate approach to wirelessarchitecture

o Location serviceso Self-organization and discoveryo Security and privacyo Decentralized managemento Support for sensor networkso Cognitive radio support


59

APPENDIX 4

Existing Findings and Workshop Results

Sources of Findings*1. Interagency Working Group (IWG) for Information Technology Research and Development (IT R&D),report of the Workshop on New Visions for Large-Scale Networks: Research and Applications, March2001, available at http://www.nitrd.gov/subcommittee/lsn/lsn-workshop-12mar01/index.html

2. Social and Economic Factors Shaping the Future of the Internet, workshop sponsored by NSF and theOrganisation for Economic Co-operation and Development, January 31, 2007; proceedings available athttp://www.oecd.org/document/4/0,3343,en_2649_34225_39046340_1_1_1_1,00.html

3. DARPA, Assurable Global Networking, Request for Information, December 21, 2006, available athttp://www.darpa.mil/STO/solicitations/AGN/index.html

4. D. Raychaudhuri and M. Gerla, Editors. New Architectures and Disruptive Technologies for the FutureInternet: The Wireless, Mobile and Sensor Network Perspective, Report of NSF Wireless Mobile PlanningGroup (WMPG) Workshop, August 2-3, 2005, available athttp://www.winlab.rutgers.edu/docs/faculty/documents/WMPG_draft_report_v2_9.23.pdf

5. Corporation for National Research Initiatives, The Gigabit Testbed Initiative, Final Report, December1996, available at http://www.cnri.reston.va.us/gigafr/index.html

6. David Clark et al. for DARPA/ITO, New Arch: Future Generation Internet Architecture, Final TechnicalReport, December 2003, available at http://www.isi.edu/newarch/iDOCS/final.finalreport.pdf

7. Interagency Working Group on Cyber Security and Information Assurance, Federal Plan for CyberSecurity and Information Assurance Research and Development, April 2006, available athttp://www.nitrd.gov/pubs/csia/csia_federal_plan.pdf

8. President’s Council of Advisors on Science and Technology (PCAST), Leadership Under Challenge:Information Technology R&D in a Competitive World; An Assessment of the Federal Networking andInformation Technology R&D Program, August 2007, available athttp://www.nitrd.gov/pcast/reports/PCAST-NIT-FINAL.pdf

* URLs last checked July 2008


60

DoDBrian Adamson NRLRobert Bonneau AFRLCary Chabalowski SAALTJames Cook DRENSantanu Das ONRCynthia Dion-Schwartz OSDAntonio Fiuza ARLBrendan Godfrey AFOSRGenevieve Haddad AFOSRMark Jacobs AFOSRHoward Marsh * OSDPaul Phister AFRL

DOE/SCDaniel Hitchcock *Thomas NdousseGeorge Seweryniak

NARARobert Chadduck

NASAKenneth FreemanKevin JonesTsengdar LeeCalvin RamonCharles Rush

NIH/NLMJules AronsonMichael Ackerman

NISTDavid Su

NSAWilliam Semancik

NSFFrederica DaremaDavid DuDarleen FisherSuzanne Iacono *Karl LevittAllison MankinPaul MortonGuru ParulkarSylvia SpenglerSirin TekinayKevin ThompsonRalph WachterJie Wu

OSTPCharles Romine *

USDOJVance HitchEric Olsen

Supporting NCO StaffNekeia BellTrudy E. Bell Sally HoweAlan InouyeMartha MatzkeErnest McDuffieGrant Miller *Virginia MooreDiane Theiss

* Members of the ITFAN Executive Committee


61

APPENDIX 5

Membership of the Interagency Task Force on Advanced Networking

ACI – American Competitiveness Initiative

AFOSR – Air Force Office of Scientific Research

AFRL – Air Force Research Laboratory

AI – artificial intelligence

API – application programming interface

ARL – Army Research Laboratory

ASIC – application-specific integrated circuit

BIRN – Biomedical Informatics Research Network

caBIG – cancer Biomedical Informatics Grid

CERN – European Organization for NuclearResearch

CLEANER – Collaborative Large-scale EngineeringAnalysis Network for Environmental Research

COMPOSER – Communications Planner forOperational and Simulation Effects withRealism

COTS – commercial-off-the-shelf

DARPA – Defense Advanced Research ProjectsAgency

DDDAS – Dynamic Data-Driven ApplicationSystems

DoD – Department of Defense

DOE – Department of Energy

DOE/SC – Department of Energy, Office of Science

DoS – denial of service

DREN – Defense Research and EngineeringNetwork

DTN – disruption-tolerant network

e2e – end to end

FIND – Future Internet Design

FPGA – field programmable gate array

FSO – file system object

GDP – gross domestic product

GENI – Global Environment for NetworkInvestigation

GMPLS – Generalized Multi Protocol LabelSwitching

GPS – global positioning system

HPC – high-performance computing

HW/SW – hardware/software

I2RAN – Intelligent Information Routing for AirborneNetworks

ID – identification

IP – Internet Protocol

IPTV – Internet Protocol TeleVision

IPv4 – Internet Protocol, version 4

IPv6 – Internet Protocol, version 6

ISR – intelligence, surveillance, andreconnaissance

IT – information technology

ITER – international fusion energy project at CERN

ITFAN – Interagency Task Force on AdvancedNetworking

ITO – Information Technology Office

IWG – Interagency Working Group

LAN – local area network

LHC – Large Hadron Collider

LIGO – Laser Interferometer Gravitational-waveObservatory

LSN CG – Large Scale Networking CoordinatingGroup

MANET – mobile ad hoc network

MIMO – multiple input, multiple output

MPLS – Multiprotocol Label Switching

MSPP – multiservice provisioning platform

NARA – National Archives and RecordsAdministration


62

Acronyms/Abbreviations

NASA – National Aeronautics and SpaceAdministration

NBD – Networking Broadly Defined

NCO – National Coordination Office

NCW – net-centric warfare

NEES – Network for Earthquake EngineeringSimulation

NEON – National Ecological Observatory Network

NIH/NLM – National Institutes of Health/NationalLibrary of Medicine

NIST – National Institute of Standards andTechnology

NITRD – Networking and Information TechnologyResearch and Development

NNIN – National Nanotechnology InfrastructureNetwork

NOAA – National Oceanic and AtmosphericAdministration

NOSS – Networking of Sensor Systems

NRL – Naval Research Laboratory

NSA – National Security Agency

NSF – National Science Foundation

NSTC – National Science and Technology Council

ONR – Office of Naval Research

ORION – Ocean Research Interactive ObservatoryResearch Network

OSD – Office of the Secretary of Defense

OSG – Open Science Grid

OSTP – Office of Science and Technology Policy

PCAST – President's Council of Advisors onScience and Technology

PKI – public key infrastructure

ProWin – programmable wireless network

QKD – quantum key distribution

QoCP – quality of cyber protection

QoS – quality of service

R&D – research and development

RF – radio frequency

RHIC – Relativistic Heavy Ion Collider

SAALT – Secretary of the Army Acquisition forLogistics and Technology

satcom – satellite communications

SCADA – supervisory control and data acquisition

SLA – service-level agreement

SONET – synchronous optical networking

TCATS – Transformational CommunicationsAdvanced Technology Study

TCP – Transmission Control Protocol

TDOA – time difference of arrival

TIC – Trusted Internet Connection

UDP – User Datagram Protocol

URL – Uniform Resource Locator

USDA – U.S. Department of Agriculture

USDOJ – U.S. Department of Justice

VLAN – virtual local area network

VM – virtual machine

VTC – video teleconference

WAN – wide area network

Wi Fi – wireless fidelity

WN – wireless network

WPM – WebSphere Platform Management


63

federal plan for advanced networking research and development

Documents