Universities Tapped To Build Secure Net

Wes Felter writes "InfoWorld reports that the National Science Foundation (NSF) has enlisted five university computer science departments to develop a secure, decentralized Internet infrastructure. I thought the Internet was already decentralized, so I'm curious about what exactly they're fixing. The article quotes Frans Kaashoek from MIT PDOS, which is working on decentralized software such as Chord."

fix the spammers

[SirSlud]

> I thought the Internet was already decentralized, so I'm curious about what exactly they're fixing.

The only thing that needs fixing is the spammers. You know, so they can't have kids who take up the family business. We could even have Bob Barker provide the PSA at the end of Price Is Right episodes. ("Remeber to have your spammers spayed or neutered.")

How so?

[YanceyAI]

But what is really exciting is that if we succeed, we could change the world.

If they do succeed, how exactly have the changed the world? Am I missing the point? Do I just not get it? Won't they just have changed the Internet...and in a way that would be seamless to most users? Isn't the general consensus that we are not all that vunerable.

The broken internet

[Kickstart70]

The internet is horribly vulnerable as it is. It's not so much a problem of pure decentralization as it is one of too many people/requests to handle through too tight a pipe if the other pipe goes down.

As an example...if one day some serious news happened that caused everyone to get on the net at once (Kyoto Earthquake, OJ Simpson on the freeway, Iraq drops a nuclear bomb), and this coincided with a failure of some large piece of hardware along the western coast (under extreme load), the remaining paths for much of this area would be so bogged down as to be useless. Effectively the internet would break under the pressure.

What needs to happen to avoid the problem here is have many more paths for the data to flow, which requires better hardware and further decentralization (would love to see everyone's cable modem be a small internet router for people's data to travel through). Barring that, with the increased worldwide participation on the net expect that some days you just won't be able to use it.

Kickstart

DNS and IP allocation not decentralized

[Bookwyrm]

Neither the DNS system (root servers), or the allocation/control of IP address(ing) is decentralized -- they may be heirarchial, but both still have a root.

It will be interesting to see if IPv6 will use geographic hierarchies for routing, or even relaxes the hierarchial assignment-scheme at all. If your IPv6 suffix is static/fixed (based on your MAC address, say), and your IPv6 prefix is from the current network/area you are in, that will be an interesting tool to let people track devices as they move around/between networks.

insert RIAA joke here

[Merik]

"The researchers hope that they can create a robust, distributed network that could essentially act as a secure storage system for the Internet. Governments, institutions and businesses worldwide could theoretically choose to place their data in the secure system, which would minimize the effects of outage or attack."

This seems it would reduce an individual entity's loss to an attack with the idea of, everyone loses a little rather than one losing alot. But it also seems, even though the details in this article are lacking, that physical security of boxes would become more important.

Should the british goverment, a university, and whoever else, trust a small buisness in san diego to house its part data.

the only way this would work from a security stand point would be to make the information that is spread out over 50 or so computers not accessible from the machine its hosted in on. and it seems this would be pretty much impossible(er.. hackerd00ds) from a purely software approach....

do you trust me with your data? um... i dont

Re:What's new about it

[Salamander]

The Rice connection almost certainly has to do with Peter Druschel and Pastry (for which the other PI seems to be Antony Rowstron of Microsoft Research, interestingly enough). I'm not totally sure of the ICSI connection, but they seem to be closely affiliated with UCB and I know that Ion Stoica works in these areas. OceanStore, CFS/SFS, Pastry, Kademlia - it's definitely a pretty good collection. A lot of the top people in DHT/DOLR (Distributed Hash Table, Distributed Object Location and Routing) research are involved, and I'd love to know how they plan to converge their various efforts toward a common solution.

Its the storage stupid!

[DaoudaW]

C'mon guys did you even read the article. NSF is not proposing changing the structure of the web, rather they are hoping to utilize the structure to make data more secure by storing it in decentralized fashion. No one server will contain enough data to reconstruct the file, any server can crash and the file will still be available.

real decentralization is needed

[TheSHAD0W]

The current internet was designed to be decentralized, with no specific backbone required; routers would figure out what paths to send what packets over. Scaling-wise, it's been pretty successful. Redundancy-wise, it is less than so. A bad route typically doesn't result in a smooth transfer to another link unless a lot of work has been done to assure it would happen; instead, packets are dropped and communications are badly disrupted.

I had a perfect example of that happen to my current ISP; after getting terrible communications errors, I called them. Turns out one of three of their routes was out; they reset a router, and everything was copacetic. But the other two routes should have been able to handle the traffic. They didn't.

With the advent of IP6, the structure of the net becomes even more convoluted, and errors may become even more difficult to handle. In order to have a nice, stable internet, a system of handling broken routes needs to be integrated into the new spec.

Re:Current Internet not *that* decentralized

[glwtta]

And because each replicates its data set to all other Root servers, catastrophic failure of one would bring down all of the others.

Um, very untrue - the primary root server replicates the data to the rest. If a non-primary root server goes down, you don't notice it. If the primary one goes down, the function is moved to any one of the rest (and you still don't notice it). Basically something like 3 or 4 of them have to go out before Joe InternetUser will notice any effect, and even then it would be somewhat inconvinient, not "catastrohpic". (This is what I rember from some article on the topic awhile back - it's not like I know anything about these things.)

Re:You dont know what you are talking about

[Zeinfeld]

You dumb troll, the arpanet was designed exactly to be a self healing system to survive nuclear attack

No, it was not, Vint Cerf has dispelled that myth a number of times.

The Internet does not emply flood fill routing or any of the technologies that one would want to have available if you wanted to survive a nuclear attack.

TCP/IP was actually designed with the idea that networks could be quickly assembled with minimal configuration issues and without the need for every node to have access to a central co-ordination point.

The Internet does actually have one central coordination point, the A root of the DNS service. However that is decoupled from the minute by minute actions of the Internet hosts so that the A root could in theory go down and come back up without a calamity (but nobody wants to try to find out!).