introduction to active networks stephen f. bush [email protected] bushsf/an ge global research...
TRANSCRIPT
Introduction to Introduction to Active NetworksActive Networks
Stephen F. BushStephen F. Bush
[email protected]@research.ge.com
www.research.ge.com/~bushsf/anwww.research.ge.com/~bushsf/an
GE Global Research CenterGE Global Research Center
2Copyright 2002 Stephen F. Bush
AcknowledgementsAcknowledgements
The volume of research in the Active Networking field is too The volume of research in the Active Networking field is too large to include references to all the excellent work in this large to include references to all the excellent work in this
area. We would like to extend our thanks and appreciation to area. We would like to extend our thanks and appreciation to all those whose work is cited in this presentation as well as all those whose work is cited in this presentation as well as
those whose work we were not able to cite for lack of time and those whose work we were not able to cite for lack of time and space.*space.*
*GE related research in this presentation has been funded by the Defense Advanced Research Projects Agency (DARPA) contract F30602-01-C-0182 and managed by the Air Force Research Laboratory (AFRL)
Information Directorate. Our thanks go to Doug Maughan, the Active Networks Program Manager and Scott Shyne, Air Force Rome Labs, for their generous support throughout our research.
Introduction
3Copyright 2002 Stephen F. Bush
Outline
1)1) Active Network FrameworkActive Network Framework
2)2) Active Network Execution Environments and Active Network Execution Environments and TestbedsTestbeds
3)3) Active Network Security ArchitectureActive Network Security Architecture
4)4) Data Versus Code Tradeoff: Kolmogorov Data Versus Code Tradeoff: Kolmogorov ComplexityComplexity
Introduction
4Copyright 2002 Stephen F. Bush
Three Points to RememberThree Points to Remember
Active Networks Are CoolActive Networks Are Cool
Active Networks Can Be At Least As Secure Active Networks Can Be At Least As Secure As Legacy Networks ;)As Legacy Networks ;)
Data and Algorithm Are Mutable and Fluid Data and Algorithm Are Mutable and Fluid Within Active NetworksWithin Active Networks
Introduction
5Copyright 2002 Stephen F. Bush
Motivation for Active NetworkingMotivation for Active Networking
Faster Hardware Not Fully Utilized Enables More Flexible Network De-couples Protocol From Transport Minimizes Requirements for Global Agreement Enables On-the-fly Experimentation Enables Faster Deployment of New Services
Introduction
• http://www.darpa.mil/ato/programs/activenetworks/actnet.htmhttp://www.darpa.mil/ato/programs/activenetworks/actnet.htm• Email List: [email protected] List: [email protected]
6Copyright 2002 Stephen F. Bush
DataHeader
Traditional Packet Network
Header Code Data
Active NetworkActive Network
Network-AwareDevices
Devices BecomeNetwork-aware and
Smart
Custom Code InjectedBy Applications/devices
Makes Network IntelligentReduces Protocol Deployment
Time From Years to Months
Adaptive Monitoring,
And Predictive Control
Active Networking: A Natural Active Networking: A Natural EvolutionEvolution
Introduction
7Copyright 2002 Stephen F. Bush
Change Is InevitableChange Is Inevitable
Internet Protocol Active and Programmable Networks
• Fossilized: Resistant to Change• Layers of Complexity O(4000) RFCs• Inability to Customize Quickly or Efficiently• Lack of Security Paradigm• Downward Side of the Innovation Curve
• Built for Change• Reduced Complexity
• Rapid, Efficient Customization• Security Paradigm Built-in
• Upward Innovation Path
Introduction
8Copyright 2002 Stephen F. Bush
Integrated Versus Discrete Integrated Versus Discrete ApproachesApproaches
Discrete ApproachDiscrete Approach Programs (P) Injected Programs (P) Injected
Into Active Nodes Into Active Nodes Separately From Passive Separately From Passive Data (D)Data (D)
Integrated ApproachIntegrated Approach Programs Integrated Into Programs Integrated Into
Every Packet Along With Every Packet Along With Passive DataPassive Data
D PD
P
P D PD
Introduction
Active Network Node
9Copyright 2002 Stephen F. Bush
Many Recent ExamplesMany Recent Examples Active Distributed Simulation
SANDS: Specialized Active Networking for Distributed Simulation, S. Zabele, M. Dorsch, Z. Ge, P. Ji, M. Keaton, J. Kurose, J., Shapiro, and D. Towsley, Proceedings of the 2002 DARPA Active Networks Conference and Exposition (DANCE 2002). IEEE Computer Society Press. pp. 534-553, ISBN 0-7695-1564-9. May 29-30, 2002. San Francisco, California, USA
Active Network Monitoring and Control Active Network Monitoring and Control: The SENCOMM Architecture and
Implementation, A. Jackson, J. Sterbenz, M. Condell, and R. Hain, Proceedings of the 2002 DARPA Active Networks Conference and Exposition (DANCE 2002). IEEE Computer Society Press. pp. 534-553, ISBN 0-7695-1564-9. May 29-30, 2002. San Francisco, California, USA
Self –Organizing Video Transcoding Resource Adaptive Netcentric Systems on Active Networks: A Self-
Organizing Video Stream that Auto Morphs Itself While in Transit… J. Khan, S. Yang, D. Patel, O. Komogortsev, W. Oh, Z. Guo, Q. Gu, and P. Mail, Proceedings of the 2002 DARPA Active Networks Conference and Exposition (DANCE 2002). IEEE Computer Society Press. pp. 534-553, ISBN 0-7695-1564-9. May 29-30, 2002. San Francisco, California, USA
Introduction
10Copyright 2002 Stephen F. Bush
““Active” ConferencesActive” Conferences
IWAN (http://www.iwan2003.org/)IWAN (http://www.iwan2003.org/) IEEE OpenArch (http://www.openarch.org/)IEEE OpenArch (http://www.openarch.org/) AMS Active Middleware Services (AMS Active Middleware Services (
http://www.caip.rutgers.edu/ams2003/http://www.caip.rutgers.edu/ams2003/)) Etc…Etc…
Introduction
Section 1Section 1
Active Network FrameworkActive Network Framework
12Copyright 2002 Stephen F. Bush
HostActiveRouter
Legacy Co-ExistenceLegacy Co-Existence
Host
ip_active
ActiveRouter
LegacyRouter
ip_active
Cut-through Cut-through
Sect. I: Framework
13Copyright 2002 Stephen F. Bush
Active Network FrameworkActive Network Framework
Active Application (AA)Active Application (AA) The active network applicationThe active network application
Execution Environment (EE)Execution Environment (EE) Analogous to a Unix shell in which to Analogous to a Unix shell in which to
execute a packetexecute a packet
Node Operating System (NodeOS)Node Operating System (NodeOS) Operating System support for Execution Operating System support for Execution
EnvironmentsEnvironments
EE 1
NodeOS
EE 2
Hardware
AAAA AA AA
Sect. I: Framework
14Copyright 2002 Stephen F. Bush
Active Network FrameworkActive Network Framework
Primary Focus Is Communication and Not Primary Focus Is Communication and Not ComputationComputation
Packet Is Unit of MultiplexingPacket Is Unit of Multiplexing No Assumptions About Underlying No Assumptions About Underlying
Forwarding TechnologiesForwarding Technologies
Sect. I: Framework
15Copyright 2002 Stephen F. Bush
EE 1 EE 2 ... IPv6
Policy dbChannels Store
NodeOS
ExecutionEnvironment
ManagementEE
SecurityEnforcement
Engine......
Active Network Working Group Version 1.0, Ken Calvert ed. Active Network Framework. http://www.cc.gatech.edu/projects/canes/arch/arch-0-9.ps, August 31 1998. Version 0.9.", citeseer.nj.nec.com/group98architectural.html.
Active Network FrameworkActive Network Framework
Sect. I: Framework
16Copyright 2002 Stephen F. Bush
Management Execution Management Execution EnvironmentEnvironment
Maintains Security Policy DatabaseMaintains Security Policy Database Loads/Configures New EEsLoads/Configures New EEs Supports Instantiation of Network Supports Instantiation of Network
Management ServicesManagement Services See Anetd and the ABone See Anetd and the ABone
Defines Management OperationsDefines Management Operations
Sect. I: Framework
17Copyright 2002 Stephen F. Bush
Framework Considerations (I)Framework Considerations (I)
End Systems (ES) and Intermediate Systems (IS)End Systems (ES) and Intermediate Systems (IS) No Architectural Differences Between EEs and ISs.No Architectural Differences Between EEs and ISs.
Execution Environment (EE) and Active Execution Environment (EE) and Active Application (AA)Application (AA) AA Implements an End-to-end Service Executed Within AA Implements an End-to-end Service Executed Within
an EEan EE AA Can Be Loaded Either In-band or Out-of-bandAA Can Be Loaded Either In-band or Out-of-band
Sect. I: Framework
18Copyright 2002 Stephen F. Bush
Framework Considerations (II)Framework Considerations (II)
AA Should Be ComposableAA Should Be Composable Mobility and Multicast AAs Should Work Mobility and Multicast AAs Should Work
Together to Implement Mobile MulticastTogether to Implement Mobile Multicast EE and AA DeploymentEE and AA Deployment
EE API Must Be Available for AA AccessEE API Must Be Available for AA Access ANEP Packet Types Accepted by EE Must Be ANEP Packet Types Accepted by EE Must Be
AvailableAvailable
Sect. I: Framework
19Copyright 2002 Stephen F. Bush
Framework Considerations (III)Framework Considerations (III)
Node Operating System (NodeOS)Node Operating System (NodeOS) Primary Role Is Mediator of Node Resources to Primary Role Is Mediator of Node Resources to
the EEsthe EEs SecuritySecurity
All Requests to the NodeOS Are Verified Based All Requests to the NodeOS Are Verified Based Upon Credentials Sufficient to Verify Authorized Upon Credentials Sufficient to Verify Authorized AccessAccess
EEs Must Trust NodeOS and Can Add Stricter EEs Must Trust NodeOS and Can Add Stricter PoliciesPolicies
NodeOS May Trust Some EEs More Than OthersNodeOS May Trust Some EEs More Than Others
Sect. I: Framework
20Copyright 2002 Stephen F. Bush
Framework Considerations (IV)Framework Considerations (IV)
Bounding Resource UsageBounding Resource Usage TransmissionTransmission
Relatively easy – we know how to do this (bit rate)Relatively easy – we know how to do this (bit rate) ComputationComputation
Hard – NIST computational models*Hard – NIST computational models* StorageStorage
Relatively easy – (bytes)Relatively easy – (bytes)
Sect. I: Framework
* V. Galtier, K. Mills, and Y. Carlinet National Institute of Standards and Technology, S. Bush and A. Kulkarni, General Electric Corporate R&D. PREDICTING RESOURCE DEMAND IN HETEROGENEOUS ACTIVE NETWORKS. MILCOM 2001, McLean, VA, October 28-31.
21Copyright 2002 Stephen F. Bush
Framework Considerations (V)Framework Considerations (V)
Division of Labor Example: NodeOS Division of Labor Example: NodeOS Implement Routing for EEs Rather Than Each EE Implement Routing for EEs Rather Than Each EE
Implementing Its Own RoutingImplementing Its Own Routing Loss of Flexibility If Each EE Wants to Use Different Loss of Flexibility If Each EE Wants to Use Different
Routing AlgorithmRouting Algorithm
Sect. I: Framework
22Copyright 2002 Stephen F. Bush
Active Network FrameworkActive Network FrameworkIP|UDP|ANEP
IP
Packet Classification
Input ChannelProcessing
EE Processing
Output ChannelProcessing
Scheduling and Transmission
EE 1 UDP|IP
IP
IP|UDP|ANEP
IP|UDP
IP|ANEP
IP EE 2
IPv4
classify
EE 3
sche
dANEP|IP
UDP|IP
IP
ANEP|UDP|IP
IP
sche
dsch
ed
Sect. I: Framework
Active Network Working Group Version 1.0, Ken Calvert ed. Active Network Framework. http://www.cc.gatech.edu/projects/canes/arch/arch-0-9.ps, August 31 1998. Version 0.9.", citeseer.nj.nec.com/group98architectural.html.
(Cut-through)
23Copyright 2002 Stephen F. Bush
Hardware Reference ModelHardware Reference Model
SwitchFabric
input ports output ports
SwitchFabric
input ports output portsEE EE EE
Sect. I: Framework
Passive
Active
Active Network Working Group Version 1.0, Ken Calvert ed. Active Network Framework. http://www.cc.gatech.edu/projects/canes/arch/arch-0-9.ps, August 31 1998. Version 0.9.", citeseer.nj.nec.com/group98architectural.html.
24Copyright 2002 Stephen F. Bush
Active Hardware PerformanceActive Hardware Performance Fred Kuhns, John DeHart, Anshul Kantawala, Ralph Keller, John
Lockwood, Prahanth Pappu, David Richard, David Taylor, Jyoti Parwatikar, Ed Spitznagel, Jon Turner, and Ken Wong, Design and Evaluation of a High-Performance Dynamically Extensible Router. Proceedings of the 2002 DARPA Active Networks Conference and Exposition (DANCE 2002). IEEE Computer Society Press. pp. 534-553, ISBN 0-7695-1564-9. May 29-30, 2002. San Francisco, California, USA.
Active QoS Video Streams at Several Megabits Per Second Tal Lavian, Phil Wang, Franco Travostino, Siva Subramanian and Ramesh
Duraraj, Enabling Active Flow Manipulation in Silicon-based Network Forwarding Engines, ibid.
Hrishikesh Dandekar, Andrew Purtell, and Stephen Schwab. AMP: Experiences with Building an Exokernel-based Platform for Active Networking. ibid.
Sect. I: Framework
25Copyright 2002 Stephen F. Bush
SmallState and GlobalStateSmallState and GlobalState
Active Packets Leave Information on Node for Use Active Packets Leave Information on Node for Use by Other Active Packets and Other Active by Other Active Packets and Other Active ApplicationsApplications SmallState Access PolicySmallState Access Policy SmallState Time to LiveSmallState Time to Live SmallState CPU and Memory UsageSmallState CPU and Memory Usage
Only Method of Inter-Active Application Only Method of Inter-Active Application Communication Communication Potential BottleneckPotential Bottleneck
Sect. I: Framework
26Copyright 2002 Stephen F. Bush
Node Operating System Node Operating System (NodeOS) Resource Abstractions(NodeOS) Resource Abstractions
Thread poolsThread pools Memory poolsMemory pools ChannelsChannels FilesFiles Flows (or Domains)Flows (or Domains)
Active Network Working Group, Larry Peterson ed. NodeOS Interface Specification. January 24, 2000, citeseer.nj.nec.com/532678.html.
Sect. I: Framework
27Copyright 2002 Stephen F. Bush
NodeOS
EE
AN
EP
|UD
P|IP
|AT
M
AN
EP
|UD
P|IP
|AT
M
NodeOS
EE
AN
EP
|UD
P|IP
|AT
M
AN
EP
|UD
P|IP
|AT
M
ETH|IP|ATM
EE
NodeOS
Port
Anchored
Cut-Through
Node Operating SystemNode Operating System
Sect. I: Framework
Active Network Working Group, Larry Peterson ed. NodeOS Interface Specification. January 24, 2000, citeseer.nj.nec.com/532678.html.
28Copyright 2002 Stephen F. Bush
NodeOS
EE 2EE 1
Domain 1
OutChan
InChan
Domain 2
OutChanInChan
Active Domains (Flows): Resource Active Domains (Flows): Resource ControlControl
Each Domain Is Each Domain Is Allocated Resources Allocated Resources According to Policy in According to Policy in Effect at Flow Creation Effect at Flow Creation TimeTime
Patrick Tullman, Mike Patrick Tullman, Mike Hibler, and Jay Lepreau. Hibler, and Jay Lepreau. Janos: A Java-oriented Janos: A Java-oriented OS for Active Network OS for Active Network NodesNodes, 2002, 2002
Sect. I: Framework
Active Network Working Group, Larry Peterson ed. NodeOS Interface Specification. January 24, 2000, citeseer.nj.nec.com/532678.html.
Threads
Memory
29Copyright 2002 Stephen F. Bush
Composable ServicesComposable Services Sequence ControlSequence Control
Ordering of Component ExecutionOrdering of Component Execution Shared Data ControlShared Data Control
Sharing Data Among ComponentsSharing Data Among Components Binding TimeBinding Time
Instantiation/selection of a Service From OptionsInstantiation/selection of a Service From Options Invocation MethodsInvocation Methods
Event Causing a Service to Be ExecutedEvent Causing a Service to Be Executed Division of FunctionalityDivision of Functionality
Packet Versus Node Content (What Goes Where?)Packet Versus Node Content (What Goes Where?)
Sect. I: Framework
Section 2Section 2
Active Network Frame work Active Network Frame work and Testbedsand Testbeds
31Copyright 2002 Stephen F. Bush
Purpose of ANEPPurpose of ANEP Uniquely and Quickly Determine the Uniquely and Quickly Determine the
Environment in Which the Packet Is Intended Environment in Which the Packet Is Intended to Be Evaluatedto Be Evaluated
Allow Minimal, Default Processing of Packets Allow Minimal, Default Processing of Packets for Which the Intended Evaluation for Which the Intended Evaluation Environment Is UnavailableEnvironment Is Unavailable
Information That Does Not Fit Conceptually or Information That Does Not Fit Conceptually or Pragmatically in the Encapsulated Program Pragmatically in the Encapsulated Program Can Be Placed in the HeaderCan Be Placed in the Header
Active Network Group. Active Network Encapsulation Protocol. July 1997, http://www.cis.upenn.edu/~switchware/ANEP/docs/ANEP.txt.
Sect. II: Framework
32Copyright 2002 Stephen F. Bush
ANEP Packet StructureANEP Packet Structure
Active Network Encapsulation Protocol (ANEP)Active Network Encapsulation Protocol (ANEP) Allows Encapsulation of Active Packets in Any Allows Encapsulation of Active Packets in Any
Transport MediaTransport Media
Sect. II: Framework
Options
Payload
ANEP Header Length ANEP Packet Length
Version Flags Type ID310 7 15
33Copyright 2002 Stephen F. Bush
ANEP Flag OptionANEP Flag Option Bit 0Bit 0
Indicates That This Option Is Valid Only Within the Indicates That This Option Is Valid Only Within the Type ID i.e. Do Not Parse the Option at This LevelType ID i.e. Do Not Parse the Option at This Level
Bit 1Bit 1 Indicates Whether to Discard Packet If Option Indicates Whether to Discard Packet If Option
Cannot Be ParsedCannot Be Parsed
Options Payload
Flag Type Length
310 1 2 15 16
Sect. II: Framework
34Copyright 2002 Stephen F. Bush
ANEP Option TypesANEP Option Types
OptionOption Type Type Source Identifier 1Source Identifier 1
Ipv4 Address (32 Bits) 1Ipv4 Address (32 Bits) 1 Ipv6 Address (128 Bits) 2Ipv6 Address (128 Bits) 2 802.3 Address (48 Bits) 3802.3 Address (48 Bits) 3
Destination Identifier 2Destination Identifier 2 Same Addressing Schemes As AboveSame Addressing Schemes As Above
Sect. II: Framework
35Copyright 2002 Stephen F. Bush
ANEP Option TypesANEP Option Types
Integrity Checksum Integrity Checksum 33 Option Payload Contains 1’s Complement of the 1’s Option Payload Contains 1’s Complement of the 1’s
Complement Sum of the Entire ANEP Packet, Complement Sum of the Entire ANEP Packet, Starting With the ANEP Version FieldStarting With the ANEP Version Field
Non-negotiated AuthenticationNon-negotiated Authentication 44 Non-negotiated AuthenticationNon-negotiated Authentication
– SPKI Self-signed Certificate SPKI Self-signed Certificate 11– X.509 Self-signed Certificate X.509 Self-signed Certificate 22
Sect. II: Framework
36Copyright 2002 Stephen F. Bush
ANEP PayloadANEP Payload
Any Data or Code to Be Executed by an EEAny Data or Code to Be Executed by an EE ANTS CodeANTS Code Magician CodeMagician Code ASP CodeASP Code SmartPacket CodeSmartPacket Code PLAN CodePLAN Code
Sect. II: Framework
Options
Payload
ANEP Header Length ANEP Packet Length
Version Flags Type ID310 7 15
37Copyright 2002 Stephen F. Bush
Active Network Backbone Active Network Backbone (ABone)(ABone)
ACTIVATE (SRI) ACTIVATE (SRI) Collaborative Project to Design, Build, and Manage a Collaborative Project to Design, Build, and Manage a
Large-scale Testbed to Meet the Unique Requirements Large-scale Testbed to Meet the Unique Requirements of Active Network (AN) Research and Developmentof Active Network (AN) Research and Development
http://ftp.isi.edu/abone/http://ftp.isi.edu/abone/ [email protected] Mailing List Using [email protected] Mailing List Using
[email protected]. [email protected].
Sect. II: Framework
38Copyright 2002 Stephen F. Bush
ANTS Execution EnvironmentANTS Execution Environment Capsules Identify Their Type As They TravelCapsules Identify Their Type As They Travel If Required Code Is Not at a Node, a Load If Required Code Is Not at a Node, a Load
Request Is Sent to the Previous NodeRequest Is Sent to the Previous Node Previous Node Sends Entire Code Required Previous Node Sends Entire Code Required
by Capsuleby Capsule Requesting Node Incorporates the Code Into Requesting Node Incorporates the Code Into
Its Cache and Can Respond As Previous Its Cache and Can Respond As Previous Node Did If NecessaryNode Did If Necessary
David J. Wetherall, John V. Guttag and David L. Tennenhouse. ANTS: A Toolkit for Building and Dynamically Deploying Network Protocols. In IEEE OPENARCH, April 1998. http://citeseer.nj.nec.com/wetherall98ants.html
Sect. II: Framework
39Copyright 2002 Stephen F. Bush
Magician Execution EnvironmentMagician Execution Environment
Java-based Runs at the User Level.Java-based Runs at the User Level. Easy to Install on Any Java VM in Order to Build Easy to Install on Any Java VM in Order to Build
Prototype Active Network.Prototype Active Network.
Magician Active Packets Are Java Objects and Magician Active Packets Are Java Objects and Can Contain Java Objects…Can Contain Java Objects… Not Limited to Primitive Data TypesNot Limited to Primitive Data Types
Serialized Objects Sent One Time OnlySerialized Objects Sent One Time Only Remaining Packets Use Pointer to Stored ObjectRemaining Packets Use Pointer to Stored Object
Sect. II: Framework
40Copyright 2002 Stephen F. Bush
SmartPacket StructureSmartPacket Structure
* The authentication option payload is a MD-5 message digest of the structure of the SmartPacket.
Sect. II: Framework
ANEP Source Option TLV
SmartPacket Java Serialized Object
ANEP Header Length ANEP Packet Length
Version Flags Type ID
310
ANEP Destination Option TLV
ANEP Authentication Option TLV *
7 15
Section 3Section 3
Active Network Security Active Network Security FrameworkFramework
42Copyright 2002 Stephen F. Bush
Security Is Not a Solved ProblemSecurity Is Not a Solved Problem
Network Security in General Is Not a Solved Network Security in General Is Not a Solved ProblemProblem
Active Networking Has a Well-defined Active Networking Has a Well-defined Framework in Which Security Can Be Framework in Which Security Can Be ManagedManaged
This Section Discusses That FrameworkThis Section Discusses That Framework
43Copyright 2002 Stephen F. Bush
Security Framework DocumentSecurity Framework Document
Security Architecture for Active Security Architecture for Active NetworksNetworks
AN Security Working GroupAN Security Working Group
DRAFT StatusDRAFT Status
Sect. III: Security
Sandy Murphy, NAI Labs
Security Architecture for Active Networks (latest version is May 2001). Discussion on ActiveNets_Security mailing list. Sandy Murphy is the editor.
44Copyright 2002 Stephen F. Bush
AbstractionsAbstractions
PolicyPolicy SubjectsSubjects ObjectsObjects ActionsActions
Sect. III: Security
Unauthorized Unauthorized DisclosureDisclosure
DeceptionDeception DisruptionDisruption UsurpationUsurpation
NodeNode EEEE SenderSender Active codeActive code
*RFC2828
Attacks* Assets
45Copyright 2002 Stephen F. Bush
Threat TableThreat Table
Packet Code EE Node
Sender Yes Yes Yes
Code Yes Yes Yes Yes
EE Yes Yes Yes Yes
Node Yes Yes Yes
Packet Code EE Node
Sender N/A Yes Not Really Not Really
Code Yes Yes Not Really Not Really
EE Yes Yes Yes Not Really
Node Yes Yes Yes and No
N/A
This Column: Can See Threat From:
This Column: Can Be Protected From:
Sect. III: Security
46Copyright 2002 Stephen F. Bush
Security in the Life of an Active Security in the Life of an Active PacketPacket
Hop-hop Key IdentifierHop-hop Key Identifier--if integrity check fails, packet dropped--if integrity check fails, packet dropped Domain FilterDomain Filter--packet assigned to domain--packet assigned to domain Credentials ExtractedCredentials Extracted--and verified--and verified AuthenticationAuthentication--NodeOS checks EE & Domain if such pkts. --NodeOS checks EE & Domain if such pkts.
allowedallowed Code ExtractionCode Extraction--from packet --from packet Credentials Bound to CodeCredentials Bound to Code--only authorized operations allowed --only authorized operations allowed
to continueto continue ExecutionExecution--code executes--code executes Access to ResourcesAccess to Resources--controlled by credentials--controlled by credentials Packets Are EncryptedPackets Are Encrypted—for transmission by NodeOS—for transmission by NodeOS Hop-hop Integrity Applied to Transmitted PacketsHop-hop Integrity Applied to Transmitted Packets--cycle --cycle
repeats at next noderepeats at next nodeSect. III: Security
47Copyright 2002 Stephen F. Bush
Integration with NAI LabsIntegration with NAI Labs
Integrate GE Complexity Measures and Active Integrate GE Complexity Measures and Active Network Fault Response (ANFR) RevocationNetwork Fault Response (ANFR) Revocation
The GE Complexity Measures Spot Misbehavior, The GE Complexity Measures Spot Misbehavior, Instigating a RevocationInstigating a Revocation GE Code Notices Code Complexity Is Outside GE Code Notices Code Complexity Is Outside
ToleranceTolerance Sends Revocation Notice of That Active CodeSends Revocation Notice of That Active Code
Needed to Align GE and ANFR Ways of Identifying CodeNeeded to Align GE and ANFR Ways of Identifying Code
Makes Network Self-healingMakes Network Self-healing
Sect. III: Security
48Copyright 2002 Stephen F. Bush
Integration of GE Complexity:Integration of GE Complexity:Self-Healing NetworkSelf-Healing Network
... And Tool Sends Revocation Notices
Magician Probe
ANFR
Revocation Tool
GE Probe Measures Traffic Complexity of ANEP Traffic...
Active Code
Active Packets(ANEP-EE Traffic)
Sect. III: Security
49Copyright 2002 Stephen F. Bush
Active Network SecurityActive Network Security S. Murphy, E. Lewis, and R. Watson. Secure Active Network Prototypes.
Proceedings of the 2002 DARPA Active Networks Conference and Exposition (DANCE 2002). IEEE Computer Society Press. pp. 534-553, ISBN 0-7695-1564-9. May 29-30, 2002. San Francisco, California, USA.
Secure version of MIT ANTS EE W. La Cholter P. Narasimhan, D. Sterne, R. Balupari, K. Djahandari, A.
Mani and S. Murphy. IBAN: Intrusion Blocker Based on Active Networks, ibid.
Adaptive Intrusion Detection and Response w/ANTS EE D. Sterne, K. Djahandari, R. Balupari, W. La Cholter, B. Babson, B. Wilson,
P. Narasimhan, and A. Purtell. Developing Dynamic Security Policies. ibid.
S. Krishnaswamy, J. Evans, and G. Minden. A Prototype Framework for Providing Hop-by-hop Security in an Experimentally Deployed Active Network, ibid.
Sect. I: Framework
Section 4Section 4
Data Versus Code Data Versus Code Tradeoff: Kolmogorov Tradeoff: Kolmogorov
ComplexityComplexity
51Copyright 2002 Stephen F. Bush
Relating Computation and Relating Computation and CommunicationCommunication
Pre-active (Node only Processing)Pre-active (Node only Processing) Existed Before Active NetworkingExisted Before Active Networking Fixed Processing CapabilityFixed Processing Capability Attempted to Squeeze All Processing Out of the Middle and Towards Attempted to Squeeze All Processing Out of the Middle and Towards
the Ends of the Protocolthe Ends of the Protocol Attempted to Focus on Movement of BitsAttempted to Focus on Movement of Bits
Active Network Era (Packet Dominated Processing)Active Network Era (Packet Dominated Processing) Fluid Processing CapabilityFluid Processing Capability Processing Placed When/where It Makes Sense Processing Placed When/where It Makes Sense Developer’s Must Have a Keen Sense of the Trade-offs in Developer’s Must Have a Keen Sense of the Trade-offs in
Processing Versus CommunicationProcessing Versus Communication
Sect. IV: Computation
52Copyright 2002 Stephen F. Bush
Computation vs. Communication Computation vs. Communication TradeoffTradeoff
How Much Code Should Be in an Active How Much Code Should Be in an Active Application (i.e. in the network)?Application (i.e. in the network)?
How Should Code Be Partitioned Into How Should Code Be Partitioned Into Packets?Packets?
Answers to These Questions Can Be Answers to These Questions Can Be Derived Through Complexity TheoryDerived Through Complexity Theory
Sect. IV: Computation
53Copyright 2002 Stephen F. Bush
Active PacketActive Packet
D|HD|H EE
Challenges in Active NetworkingChallenges in Active Networking When Does Active Networking Offer a Benefit?When Does Active Networking Offer a Benefit? Playing With This Dial Is Extremely Challenging and Playing With This Dial Is Extremely Challenging and
Expensive Inside a Network!!Expensive Inside a Network!! Solutions May Come From Biological Research:Solutions May Come From Biological Research:
““Evolve” New Code Inside the NetworkEvolve” New Code Inside the Network Use Complexity/homology in the Network to Reduce Likelihood of Use Complexity/homology in the Network to Reduce Likelihood of
AttackAttack
Sect. IV: Computation
54Copyright 2002 Stephen F. Bush
Early Active Networking Results: Early Active Networking Results: Packet Size Versus ProcessingPacket Size Versus Processing
Per Packet Resource Consumption Must Be Per Packet Resource Consumption Must Be Predicted and Guaranteed Quickly and EfficientlyPredicted and Guaranteed Quickly and Efficiently
No Backward Code PointerNo Backward Code Pointer Forced Relationship Between Packet Size and Forced Relationship Between Packet Size and
Resources UsedResources Used
Simple Solution, But Too ConstrainingSimple Solution, But Too Constraining
Moore, Jonathan T., Hicks, Michael, and Nettles, Scott. Practical Programmable Packets. Proceedings of the 20th Joint Conference IEEE Computer and Communications Societies, Apr 2001.
Sect. IV: Computation
55Copyright 2002 Stephen F. Bush
What Is Kolmogorov Complexity?What Is Kolmogorov Complexity?
A Measure of Descriptive ComplexityA Measure of Descriptive Complexity K Among Different Universal Computers Differs by K Among Different Universal Computers Differs by
a Constanta Constant Bounded by the Length of the StringBounded by the Length of the String Related to EntropyRelated to Entropy ( )
( ) min ( )p x
K x l p
A Fundamental Measure of Information Content
Sect. IV: Computation
56Copyright 2002 Stephen F. Bush
Program Complexity Versus Program Complexity Versus ProcessingProcessing
Kolmogorov ComplexityKolmogorov Complexity Data Versus CodeData Versus Code All Bars (Graph at Right) All Bars (Graph at Right)
Represent the Same Represent the Same InformationInformation
Li, Ming and Vitányi, Paul. An Introduction to Kolmogorov Complexity and Its Applications, ISBN 0-387-94868-6, Springer, NY 1997.
Sect. IV: Computation
57Copyright 2002 Stephen F. Bush
Legacy Versus Active NetworkingLegacy Versus Active Networking
Legacy (Non Active) Networking Applications and Network Oblivious of One-another
Active Networking• Tighter Integration of Full System• Applications Decoupled From the Legacy Infrastructure
Network
Applications
Network
Applications
Performance Is No Longer Measured by How Fast Meaningless Bits Are Pumped Across at the Network Level
Sect. IV: Computation
58Copyright 2002 Stephen F. Bush
000000000000..000000000000000..000000000000000..001000000000000..001000000000000..010000000000000..010000000000000..011000000000000..011
……1111111111111..101111111111111..101111111111111..111111111111111..11
{128 bit {128 bit strings}strings}
38128 x103.42
Model Versus Data TradeoffModel Versus Data TradeoffSuppose we want to estimate the complexity of a string of
alternating 1’s and 0’s
Small model, lots of data– most irrelevant in identifying target pattern– poor
complexity estimate
D|HD|H EE
Sect. IV: Computation
59Copyright 2002 Stephen F. Bush
Model Versus DataModel Versus Data
{128 bit strings with 64 1s}{128 bit strings with 64 1s}
1111…00001111…00001100..11001100..11001001..10011001..1001
……1010..10101010..1010
171.1242
Suppose we want to estimate the complexity of a string of alternating 1’s and 0’s
Slightly larger model, less data– better complexity estimate
D|HD|H EE
Sect. IV: Computation
60Copyright 2002 Stephen F. Bush
Minimum Description LengthMinimum Description Length
Data Size Model Size(Sophistication)
K(x)
101010010101
{128 bit strings alternating 1 and 0}
2
Slightly larger model, small amount of data– good complexity estimate
D|HD|H EE
Sect. IV: Computation
61Copyright 2002 Stephen F. Bush
Thoughts on the Future of Active Thoughts on the Future of Active Networks…Networks…
Change Is Inevitable-- Active Networking Is Still in Its Change Is Inevitable-- Active Networking Is Still in Its InfancyInfancy Excellent Experimental Platform for Developing ProtocolsExcellent Experimental Platform for Developing Protocols Active Concepts Rising in Demand by Developers and CustomersActive Concepts Rising in Demand by Developers and Customers Internet Becoming Too Complex to Hard-wire All User Internet Becoming Too Complex to Hard-wire All User
Customizations Into the NetworkCustomizations Into the Network When Physical Limit on Bit Transfer Rate Reached, a Re-thinking When Physical Limit on Bit Transfer Rate Reached, a Re-thinking
of Computation Versus Communication (i.e. Active Networking) Will of Computation Versus Communication (i.e. Active Networking) Will Occur (a la ad-hoc networking now)Occur (a la ad-hoc networking now)
Summary
THE END(Bibliography and Appendices Follow…)
62Copyright 2002 Stephen F. Bush
Additional InformationAdditional Information
Proceedings of the 2002 DARPA Active Networks Proceedings of the 2002 DARPA Active Networks Conference and Exposition (DANCE 2002). IEEE Conference and Exposition (DANCE 2002). IEEE Computer Society Press. pp. 534-553, ISBN 0-Computer Society Press. pp. 534-553, ISBN 0-7695-1564-9. May 29-30, 2002. San Francisco, 7695-1564-9. May 29-30, 2002. San Francisco, California, USACalifornia, USA
www.research.ge.com/~bushsf/ftnwww.research.ge.com/~bushsf/ftn
Summary
63Copyright 2002 Stephen F. Bush
Kluwer Academic/Plenum Publishers, New York, Boston, Dordrecht, London, Moscow, 2001, 196 pp. Hardbound, ISBN 0-306-46560-4
Bibliography
64Copyright 2002 Stephen F. Bush
Bibliography IBibliography I
Ken Calvert ed., Active Network Framework, Active Network Working Group Version 1.0, July 27, 1999, http://www.cc.gatech.edu/projects/canes/papers/arch-1-0.ps.gz.
Alexander et al., Active Network Encapsulation Protocol., July 1997, http://www.cis.upenn.edu/switchware/ANEP.
Peterson, Larry ed., NodeOS Interface Specification. Active Network Working Group, January 24, 2000, http://www.cs.princeton.edu/nsg/papers/nodeos.ps.
Zegura, Ellen ed., Composable Services for Active Networks. AN Composable Services Working Group September 1998, http://www.cc.gatech.edu/projects/canes/papers/cs-draft0-3.ps.gz.
M. Hicks, P. Kakkar, T. Moore, C. Gunter, and S. Nettles, PLAN: A Programming Language for Active Networks. International Conference on Functional Programming (ICFP’98), 1998.
Bush, Stephen F., Kulkarni, Amit B., Active Networks and Active Network Management: A Proactive Management Framework. Kluwer Academic/Plenum Publishers, New York, Boston, Dordrecht, London, Moscow, 2001, 196 pp. Hardbound, ISBN 0-306-46560-4
Bibliography
65Copyright 2002 Stephen F. Bush
Bibliography IIBibliography II
S. da Dilva, D. Florissi and Y. Yemini, Composing Active Services in NetScript. DARPA Active Networks Workshop, Tuscon AZ, March 1998.
S. Bhattacharjee, K. Calvert, and E. Zegura. Reasoning about active network protocols. In IEEE ICNP’98, Austion, TX, October 1998.
Livio Ricciulli, Anetd: Active NETworks Daemon. September 2, 1998.
David J. Wetherall, John V. Guttag and David L. Tennenhouse. ANTS: A Toolkit for Building and Dynamically Deploying Network Protocols. Submitted to IEEE OPENARCH 1998, April 1998.
A. B. Kulkarni and G. J. Minden and R. Hill and Y. Wijata and S. Sheth and H. Pindi and F. Wahhab and A. Gopinath and A. Nagarajan. Implementation of a Prototype Active Network. IEEE OPENARCH 1998, April 1998.
Bibliography
66Copyright 2002 Stephen F. Bush
Bibliography IIIBibliography III
Stephen F. Bush. Active Virtual Network Management Prediction. Proceedings of the Conference on Parallel and Discrete Event Simulation (PADS) 1999, Atlanta, GA. April 1999.
Stephen F. Bush. Active Virtual Network Management Prediction. Virtual Worlds (VWSIM) 2000, San Diego, CA. Jan 2000.
Bhattacharjee, Calvert, Zegura. Self-Organizing Wide-Area Network Caches, Proceeding of IEEE INFOCOM, 1998.
Li-wei, H. Lehman, Stephen J. Garland, and David L. Tennenhouse. Active Reliable Multicast, Proceeding of IEEE INFOCOM, 1998.
Wetherall, David. Active Network Vision and reality: lessons from a capsule-based system. 17th ACM Symposium on Operating Systems Principles.
Bibliography
Appendix AAppendix A
Active Packet DetailsActive Packet Details
68Copyright 2002 Stephen F. Bush
Active Network Application Active Network Application Packet ProgrammingPacket Programming
Packet Class Definition Base Class*Packet Class Definition Base Class* Extend KU_SmartPackets_V2 or ReliableCommFWExtend KU_SmartPackets_V2 or ReliableCommFW Active Packets Must Be SerializableActive Packets Must Be Serializable Class Definitions Sent Before Packets Are TransmittedClass Definitions Sent Before Packets Are Transmitted
(Can Cause Delay Upon First Packet Transmission)(Can Cause Delay Upon First Packet Transmission)
public class AA_Packet_Base extends magician.Node.KU_SmartPacket_V2
implements java.io.Serializable {
...
App A: Framework
* The Magician EE is freely available as part of Atropos library in http://Atropos.sourceforge.net/download.html
69Copyright 2002 Stephen F. Bush
Application Base ClassApplication Base Class…private void writeObject(ObjectOutputStream out)
throws IOException {
try { Field[] comps = Class.forName("Atropos.java.lp.AtroposBase").getDeclaredFields();
describeComponents(comps, out); } catch(ClassNotFoundException e){ e.printStackTrace(); } out.defaultWriteObject();}
App A: Framework
Extend AA_Packet_Base For Your Active Application
70Copyright 2002 Stephen F. Bush
Extend Base Class From Previous Slideexec() Method Overridden With Code to Be Executed
public class AA_Packet extends AA_Packet_Base {…
public void exec() {...}}
Programming the PacketProgramming the Packet
App A: Framework
ANEP Packet
71Copyright 2002 Stephen F. Bush
public void exec() { String NodeName = GetNodeName(); if (NodeName.equals(Source_Address) && !hasPinged)
sendTime = System.currentTimeMillis();if (NodeName.equals(Destination_Address)) {
if (hasPinged) { rtt = System.currentTimeMillis();rtt = rtt - sendTime; System.out.println("SmartPingV2: Round trip time = " + rtt + " ms"); halt();
} else {hasPinged = true;Destination_Address = Source_Address;Source_Address = NodeName;
} }
}
Example: Active PingExample: Active Ping
App A: Framework
ANEP Packet
72Copyright 2002 Stephen F. Bush
Example: Active Ping Spatial Example: Active Ping Spatial ViewView
App A: Framework
Source DestinationA
B
if (NodeName.equals(Source_Address) && !hasPinged)
sendTime = System.currentTimeMillis();
hasPinged = true;Destination_Address = Source_Address;Source_Address = NodeName;
rtt = System.currentTimeMillis();rtt = rtt - sendTime; System.out.println("SmartPingV2: Round trip time = " + rtt + " ms"); halt();
ANEP Packet
A
B
Pack Forwarded
What part of the code tells the packet to travel to the Destination?How does the returning packet “interact” with the initial packet?
73Copyright 2002 Stephen F. Bush
SmallState: Leaving State BehindSmallState: Leaving State Behind
import magician.Node.*; …
if(NodeName.equals(Destination_Address)) {
try {
o = (Object)
ActiveNodeManager.GetGlobalState("rQ");
rQ = (AtroposQueue) o;
} catch (NullPointerException e) {
error = 1;
System.out.println("AtroposPacket rQ does not exist");
} catch (NoSuchElementException e) {
error = 2;
System.out.println("AtroposPacket rQ is empty");
}
…
Retrieve a SmallState object
App A: Framework
ANEP Packet
74Copyright 2002 Stephen F. Bush
SmallState: Leaving State BehindSmallState: Leaving State Behind
import magician.Node.*;
…
if(error == 0 || error == 2) {
rQ.add((AtroposPacket) this);
ActiveNodeManager.SetGlobalState("rQ", rQ);
}
halt();
}
Retrieve a SmallState object
App A: Framework
ANEP Packet
75Copyright 2002 Stephen F. Bush
String NextNode;
for (Enumeration e = ActiveNodeManager.getNeighbors().elements();
e.hasMoreElements(); ) {
NextNode = (String) e.nextElement();
if (NextNode.equals(getSourceAddress())) {
continue;
}
if (!isInOthers(NextNode, "snmp_others")) {
InjectSnmp app = new InjectSnmp(NextNode);
app.redundant = false;
app.addresses = getOtherAtropos("snmp_others");
app.Destination_Address = NextNode;
app.SendForProcessing(NextNode);
}
Retrieve List of Adjacent Nodes
App A: Framework
Active Packet Example CodeActive Packet Example CodeANEP Packet
Send App to Next Neighboring Node
Appendix BAppendix B
Active In-line Prediction Active In-line Prediction ApplicationApplication
77Copyright 2002 Stephen F. Bush
ActualSystem
(t)
Distributed Model Prediction Capability
within/among Systems(t+Lookahead)
Goal: Active Virtual Network Management Prediction
Deployment:Best use of space and time
Space
Time
L-1 L-3
L-2
L-4
AN-5AN-1
AN-4
Real System
Virtual System
L-1 L-3
L-2
L-4
AN-5AN-1
AN-4DP
LP
LPLP
Injecting a Model into the Net Injecting a Model into the Net (Self Prediction)(Self Prediction)
App B: Prediction
78Copyright 2002 Stephen F. Bush
PropertiesProperties Active Virtual Network Management Prediction (Atropos) is Active Virtual Network Management Prediction (Atropos) is
asynchronousasynchronous One input queue for each Logical ProcessOne input queue for each Logical Process No restriction on the order in which messages are sentNo restriction on the order in which messages are sent Virtual time is the simulation time as seen by individual Virtual time is the simulation time as seen by individual
processesprocesses Processes need not wait until they can safely process the Processes need not wait until they can safely process the
next input messagenext input message False messages cause a process to go backwards in False messages cause a process to go backwards in
simulation timesimulation time
App B: Prediction
79Copyright 2002 Stephen F. Bush
Experiment involved demanding more accuracy over time by reducing the error between predicted and actual values, however...
…the tradeoff was loss in Look-ahead... …. and loss in speedup
Prediction ErrorPrediction Error
Look-ahead SpeedupSpeedup
… this required more out-of-tolerance messages...
Out of Tolerance MessagesAccuracy-Performance TradeoffAccuracy-Performance Tradeoff
App B: Prediction
80Copyright 2002 Stephen F. Bush
Tangled Hierarchy Caused by Tangled Hierarchy Caused by Self PredictionSelf Prediction
Tangled HierarchyTangled Hierarchy Virtual Time/real TimeVirtual Time/real Time Real Process/logical ProcessReal Process/logical Process Simulation of Atropos Predictive Management SystemSimulation of Atropos Predictive Management System
Predictive Management System Uses Simulation (Lookahead)Predictive Management System Uses Simulation (Lookahead) Predictive SNMP Manager Uses Atropos to Optimize Predictive SNMP Manager Uses Atropos to Optimize
Polling of AtroposPolling of Atropos Experimental ValidationExperimental Validation
Predictive Network Management System Managing aPredictive Network Management System Managing a Predictive Mobile NetworkPredictive Mobile Network
App B: Prediction
81Copyright 2002 Stephen F. Bush
Prediction ends when preset look ahead is reached Previous predictions are refined as time progresses
Cyclic Self-Prediction RefinementCyclic Self-Prediction Refinement
App B: Prediction
82Copyright 2002 Stephen F. Bush
Self Prediction: Experimental Validation of KC Self Prediction: Experimental Validation of KC (estimated) and Error (E) given Hypotheses (estimated) and Error (E) given Hypotheses (H(Hnn))
nH
Inverse relationship between compression ratio and prediction error...
… however complexity and error are directly related
Error(pkts)
(CR)
Tolerance
(CR)
App B: Prediction
83Copyright 2002 Stephen F. Bush
Validating Hypotheses for Validating Hypotheses for Complex Systems (MDL)Complex Systems (MDL)
Hypothesis (H)
Data (D)
Error (E)
Complex System
Step 1. Collect Data Samples:
Step 2. Form Hypothesis:Step 3. Validate Hypothesis (Prediction): Min{K(H)+K(E|H)} given
• Correlate Gene Function to Planetary Alignment : Small H, but a Large E
• “Correct” Planetary Alignment Algorithm to Predict Gene Function: Small E, but much larger H
• The True Hypothesis Describing Gene Function: Smallest Sum of H and E
Sect. IV: Computation
-- Simple Illustration--
Appendix CAppendix C
Kolmogorov Complexity Kolmogorov Complexity and Information Assuranceand Information Assurance
85Copyright 2002 Stephen F. Bush
Complexity EstimationComplexity Estimation
Sect. IV: Computation
86Copyright 2002 Stephen F. Bush
Context of Complexity for Context of Complexity for Vulnerability AnalysisVulnerability Analysis
Evaluate
Detect
Sect. IV: Computation