A Generalized Label-Forwarding Architecture for the Future Internet

•

0 likes•489 views

This document proposes a generalized label-forwarding architecture called the Extended Label Stream Switching Architecture (ELSSA) for the future internet. It aims to address lessons learned from today's internet model, including improving privacy while minimizing network state, and allowing for built-in security, mobility, and quality of service capabilities. The proposed architecture uses "extended labels" that include packet counters and can identify flows to enable these functions while keeping a modular design that separates forwarding and routing.

Technology

A Generalized
Label-Forwarding Architecture
for the Future Internet

2nd GI/ITG KuVS Workshop
Future Internet
Karlsruhe 11/2008

Achim Friedland
SONES GmbH / TU Ilmenau
achim.friedland@sones.de

Todays Internet model – in theory

APPLICATION
APPLICATION
TRANSPORT S/MIME DNSSec
APPLICATION TRANSPORT
NETWORK
SOCKS, SSH

TLS, DTLS
TRANSPORT

IP Se
c NETWORK IP-in-IP, GRE

(G)MPLS
MACSec, 802.11i LINK Q-in-Q, MAC-in-MAC

Todays Internet model – in reality

APPLICATION
APPLICATION
TRANSPORT S/MIME DNSSec
APPLICATION TRANSPORT
NETWORK
SOCKS, SSH
TLS, DTLS
TRANSPORT

IP Se
c NETWORK IP-in-IP, GRE

(G)MPLS
MACSec, 802.11i LINK Q-in-Q, MAC-in-MAC

Lessons learned so far (1)…

• End-to-End semantics are good for overall
robustness but bad for privacy
• Minimize the state within the network but
allow some state at the (domain) edges
(Firewalls, NAT, VPN, Proxies, MobileIP, QoS Classification)

• Protocol layering minimizes complexity and
boosts abstraction but everyone tries to
bypass the layer model using tunnels

Lessons learned so far (2)…

• Security is needed everywhere but has to
be easily deployable (IPSec vs. TLS)
• Some of todays (Cross-Layer)-Designs can
be seen as „lawfull“ layer violations
(e.g. TCP, IPSec)

• Stackable Flow-Labels for traffic differen-
tiation, aggregation and advanced traffic
engineering (e.g. MPLS)

Basic Idea

• Label-switched network design between
applications using „extended labels“
• Extended labels include a packet counter to
support e.g. security, loss detection, …
• Label may be „globally unique“ for suppor-
ting e.g. IP Addresses, DIFF-Serv tags
• Network state is used to implement
security, privacy, mobility and QoS

Proposed Architecture: ELSSA protocol
Extended Label Stream Switching Architecture

Properties and Comparisons

• Separation of forwarding and routing,
location and addressing
• Built-in security and privacy
• Built-in (micro-)mobilty and QoS
• Support of heterogeneous subnetworks,
modularity and soft migration

In Korea, wired telecommunications carriers have been using assorted transport technologies with diverse network appliances. In order to reduce CAPEX and to avoid vendor lock-in, these transport networks are often comprised of multi-vendor and multi-domain equipment, which leads to high complexity and incompatibility. To overcome this obstacle, research organizations and local telecommunications carriers have been investigating and analyzing the feasibility of transport SDN technology. This talk dishes on the latest trend in Korea telecommunications carriers and the status of their transport SDN technology.

Pro active datacenter-infrastructures-ccie-bulent-morten-16.10.2014

Mustafa Kuğu

SDN IN DT’s TERASTREAM

Open Networking Summits

Message-Oriented Middleware for Edge Computing Applications

Thomas Rausch

Edge computing is an emerging paradigm which aims to leverage the ever increasing amount of computational resources at the edge of the network to satisfy the stringent quality of service (QoS) requirements of many modern Internet of Things (IoT) scenarios. This PhD thesis explores challenges and solutions of message-oriented middleware (MOM) for edge computing applications. In particular, we focus on QoS optimization and message delivery guarantees under the constraints of geographic dispersion, client mobility, dynamic resource availability, and privacy policies.

EMMA: Distributed QoS-Aware MQTT Middleware for Edge Computing Applications

Thomas Rausch

RINA as a Clean-Slate Approach to Software Networks

ICT PRISTINE

One of the most complex challenges in realizing microservice architecture is not building the services themselves, but building and governing the communication between services. Most microservices developers have to take care of complex inter-service communication logic as part of their service development. Service Mesh has emerged as a solution to overcome the challenges that we have in microservices communication. Since most of the inter-service communication requirements are quite generic across all microservices implementations, we can think about offloading all such tasks to a different layer, so that we can keep the service code independent. This presentation will discuss the following: 1) Why we need a Service Mesh? 2) Fundamentals of Service Mesh 3) Introduction to Istio 4) What's new in Istio 1.0. 5) Seamless integration of Ballerina and Istio

Implementing rina in 5 g networks ws

Eduard Grasa

State of Packet Optical Integration

Colt Technology Services

What is SDN and how to approach it with Python

Justin Park

This talk is about understanding software defined networking (SDN) and recent trends in computer networking through networking tools built in Python. We aim to provide a perspective on computer networking in the era of Internet of Things (IoT) and how to cope with changing environments as developers, programmers, and Python users. This talk requires basic knowledge equivalent of first-year-computer-science-major undergraduates. However, for the latter half of the talk, we recommend you experience the basics of Python beforehand to fully understand the contents concerning Python-based tools such as Ryu (an OpenFlow controller) and Mininet (a virtual switch environment). We hope through this talk Python users would gain a better perspective and understanding about SDN and computer networking. 본 발표는 최근 네트워킹 분야에 불고 있는 소프트웨어정의 네트워킹 (SDN)에 관한 것으로 사물인터넷의 시대에서 더욱 증가되는 네트워크의 중요성과 SDN의 의미에 대해서 바르게 이해하고 앞으로 변화할 네트워킹 환경에 개발자, 프로그래머, 파이썬 유저로써 어떻게 준비하고 대처해야할지 함께 생각해보는 기회를 제공하는데 그 목적이 있다. 본 발표를 이해하기 위해서는 컴퓨터공학 전공 1학년 수준의 컴퓨터 구조와 컴퓨터 네트워크의 지식만 있다면 충분히 이해하고 즐길수 있다. 다만 후반에 나오는 파이썬툴들에 대하여 이해하기 위해서는 파이썬의 기초를 미리 공부하기를 권장한다. 발표의 초반 20분은 컴퓨터 네트워크의 역사와 발전방향에 대하여 이야기하고 SDN이 무엇인지 발표자의 생각을 나눈다. 그리고 발표의 후반 약 20분은 SDN 환경에서 여러가지 형태로 사용되는 파이썬으로 제작된 툴 (Ryu 컨트롤러와 Mininet 가상 스위치)을 소개하고 사용하는 방법을 소개한다. 이번 발표를 통해 파이썬 사용자들의 SDN에 대한 이해가 높아지기를 기대한다. Reference source codes Mininet: https://github.com/mininet Ryu: https://github.com/osrg/ryu

Cloud and the Future of Networked SystemsJames Urquhart

Meetup docker using software defined networksOCTO Technology

Rina2020 taps rina-ocarina (1)

Eduard Grasa

Overlay network

iQra Rafaqat

Diploma project Poster_v2-landscape(BCCE330) Andrey Koninov

Andrey Koninov

Meetup 1st _ SDN/NFV Use case in Operators' Networks: vCPE

OPNFV_Vietnam

Enabling Traffic Management without DPI

Dirk Kutscher

IEEE 2014 DOTNET CLOUD COMPUTING PROJECTS Distributed -concurrent--and-indepe...

IEEEMEMTECHSTUDENTPROJECTS

MPLS: Future Proofing Enterprise Networks for Long-Term SuccessReadWrite

MPLS: Future Proofing Enterprise Networks for Long-Term Success

ReadWrite

Today’s network manager has a tough job. Why? There are any number of networking protocols to manage. Maintaining these different networks requires any number of operating procedures. What to do? This report from IDC look at one solution that helps manage this intricate environment. It’s called multiprotocol label switching (MPLS), and it serves as a simplified way to transport multiple applications such as voice, video, and data.

Mpls Future Proofing Enterprise Networks For Long Term Success Wp101094Erik Ginalick

Ieee ce.dcai

Rama Subramanian

L347176

IJERA Editor

International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.

"Internet Protocol Suite" prepared by Szymon M. from Poland

irenazd

Ethernet Over Dwdm Whitepaper

Sarmad Saleem Gul

Mmsys slideshare-intel-nokia

Rufael Mekuria

LISP_in_Secure_Networks_WPCraig Hill

Networking and communications security – network architecture design

EnterpriseGRC Solutions, Inc.

What's hot

Service Mesh in Practice

Ballerina

Implementing rina in 5 g networks ws

Eduard Grasa

State of Packet Optical Integration

Colt Technology Services

What is SDN and how to approach it with Python

Justin Park

Cloud and the Future of Networked SystemsJames Urquhart

Meetup docker using software defined networksOCTO Technology

Rina2020 taps rina-ocarina (1)

Eduard Grasa

Overlay network

iQra Rafaqat

Diploma project Poster_v2-landscape(BCCE330) Andrey Koninov

Andrey Koninov

Meetup 1st _ SDN/NFV Use case in Operators' Networks: vCPE

OPNFV_Vietnam

Enabling Traffic Management without DPI

Dirk Kutscher

IEEE 2014 DOTNET CLOUD COMPUTING PROJECTS Distributed -concurrent--and-indepe...

IEEEMEMTECHSTUDENTPROJECTS

What's hot (12)

Service Mesh in Practice

Implementing rina in 5 g networks ws

State of Packet Optical Integration

What is SDN and how to approach it with Python

Cloud and the Future of Networked Systems

Meetup docker using software defined networks

Rina2020 taps rina-ocarina (1)

Overlay network

Diploma project Poster_v2-landscape(BCCE330) Andrey Koninov

Meetup 1st _ SDN/NFV Use case in Operators' Networks: vCPE

Enabling Traffic Management without DPI

IEEE 2014 DOTNET CLOUD COMPUTING PROJECTS Distributed -concurrent--and-indepe...

Similar to A Generalized Label-Forwarding Architecture for the Future Internet

MPLS: Future Proofing Enterprise Networks for Long-Term SuccessReadWrite

MPLS: Future Proofing Enterprise Networks for Long-Term Success

ReadWrite

Mpls Future Proofing Enterprise Networks For Long Term Success Wp101094Erik Ginalick

Ieee ce.dcai

Rama Subramanian

L347176

IJERA Editor

"Internet Protocol Suite" prepared by Szymon M. from Poland

irenazd

Ethernet Over Dwdm Whitepaper

Sarmad Saleem Gul

Mmsys slideshare-intel-nokia

Rufael Mekuria

LISP_in_Secure_Networks_WPCraig Hill

Networking and communications security – network architecture design

EnterpriseGRC Solutions, Inc.

5G_ALICON_5G_Capability_Enablement_and_System_Aspects_rev_pa13_2017_09

Ike Alisson

IRJET- Performance Analysis of MPLS-VPN and Traditional IP Network

IRJET Journal

IJCER (www.ijceronline.com) International Journal of computational Engineerin...ijceronline

IETF building block in the LwM2M Ecosystem (IoT World 2017 Workshop)

Open Mobile Alliance

This presentation is delivered by Hannes Tschofening, ARM and Co-chair of IETF ACE & OAuth WGs. IETF has developed a Constrained Application Protocol (CoAP) which is designed to easily translate to HTTP for simplified integration with the web. It is intended for use in resource constrained internet devices. OMA LwM2M uses CoAP as a transport mechanism. In this presentation, our speaker from IETF will provide you with an introduction to CoAP: ● What is CoAP ● How CoAP works ● What other IETF standards are used by LwM2M ● What is next for IETF in this space

An Insight Into The Qos Techniques

Katie Gulley

IP QoS signaling in the IETF:Past, Present and Future

John Loughney

ETE405-lec4.pptxmashiur

Introduction to OSI and QUIC

Farzad Soltani

Simple, Scalable and Secure Networking for Data Centers with Project Calico

Emma Gordon

IP RAN 100NGN

Muhamad Yopan

Similar to A Generalized Label-Forwarding Architecture for the Future Internet (20)

MPLS: Future Proofing Enterprise Networks for Long-Term Success

Mpls Future Proofing Enterprise Networks For Long Term Success Wp101094

Ieee ce.dcai

L347176

"Internet Protocol Suite" prepared by Szymon M. from Poland

Ethernet Over Dwdm Whitepaper

Mmsys slideshare-intel-nokia

LISP_in_Secure_Networks_WP

Networking and communications security – network architecture design

5G_ALICON_5G_Capability_Enablement_and_System_Aspects_rev_pa13_2017_09

IRJET- Performance Analysis of MPLS-VPN and Traditional IP Network

IJCER (www.ijceronline.com) International Journal of computational Engineerin...

IETF building block in the LwM2M Ecosystem (IoT World 2017 Workshop)

An Insight Into The Qos Techniques

IP QoS signaling in the IETF:Past, Present and Future

ETE405-lec4.pptx

Introduction to OSI and QUIC

Simple, Scalable and Secure Networking for Data Centers with Project Calico

IP RAN 100NGN

Recently uploaded

The Future of Platform Engineering

Jemma Hussein Allen

GridMate - End to end testing is a critical piece to ensure quality and avoid...

ThomasParaiso2

Climate Impact of Software Testing at Nordic Testing Days

Kari Kakkonen

My slides at Nordic Testing Days 6.6.2024 Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

PHP Frameworks: I want to break free (IPC Berlin 2024)

Ralf Eggert

In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development. This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

Essentials of Automations: The Art of Triggers and Actions in FME

Safe Software

In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation. We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios. Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Uni Systems Copilot event_05062024_C.Vlachos.pdf

Uni Systems S.M.S.A.

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Pushing the limits of ePRTC: 100ns holdover for 100 days

Adtran

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Video Streaming: Then, Now, and in the Future

Alpen-Adria-Universität

In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

SOFTTECHHUB

The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing. One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

A tale of scale & speed: How the US Navy is enabling software delivery from l...

sonjaschweigert1

Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved: - Reduction in onboarding time from 5 weeks to 1 day - Improved developer experience and productivity through actionable findings and reduction of false positives - Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO) Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production. We will cover: - How to remove silos in DevSecOps - How to build efficient development pipeline roles and component templates - How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence) - How to streamline operations with automated policy checks on container images

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Generative AI Deep Dive: Advancing from Proof of Concept to Production

Aggregage

Recently uploaded (20)

The Future of Platform Engineering

GridMate - End to end testing is a critical piece to ensure quality and avoid...

Climate Impact of Software Testing at Nordic Testing Days

Epistemic Interaction - tuning interfaces to provide information for AI support

PHP Frameworks: I want to break free (IPC Berlin 2024)

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Elevating Tactical DDD Patterns Through Object Calisthenics

Essentials of Automations: The Art of Triggers and Actions in FME

Monitoring Java Application Security with JDK Tools and JFR Events

UiPath Test Automation using UiPath Test Suite series, part 4

Uni Systems Copilot event_05062024_C.Vlachos.pdf

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Pushing the limits of ePRTC: 100ns holdover for 100 days

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Video Streaming: Then, Now, and in the Future

Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

A tale of scale & speed: How the US Navy is enabling software delivery from l...

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Generative AI Deep Dive: Advancing from Proof of Concept to Production

A Generalized Label-Forwarding Architecture for the Future Internet

1. A Generalized Label-Forwarding Architecture for the Future Internet 2nd GI/ITG KuVS Workshop Future Internet Karlsruhe 11/2008 Achim Friedland SONES GmbH / TU Ilmenau achim.friedland@sones.de

2. Todays Internet model – in theory APPLICATION APPLICATION TRANSPORT S/MIME DNSSec APPLICATION TRANSPORT NETWORK SOCKS, SSH TLS, DTLS TRANSPORT IP Se c NETWORK IP-in-IP, GRE (G)MPLS MACSec, 802.11i LINK Q-in-Q, MAC-in-MAC

3. Todays Internet model – in reality APPLICATION APPLICATION TRANSPORT S/MIME DNSSec APPLICATION TRANSPORT NETWORK SOCKS, SSH TLS, DTLS TRANSPORT IP Se c NETWORK IP-in-IP, GRE (G)MPLS MACSec, 802.11i LINK Q-in-Q, MAC-in-MAC

4. Todays Internet model – in reality APPLICATION APPLICATION TRANSPORT S/MIME DNSSec APPLICATION TRANSPORT NETWORK SOCKS, SSH TLS, DTLS TRANSPORT IP Se c NETWORK IP-in-IP, GRE (G)MPLS MACSec, 802.11i LINK Q-in-Q, MAC-in-MAC The Software Engineers‘ way: 1. Refactoring 2. Enhancement

5. Lessons learned so far (1)… • End-to-End semantics are good for overall robustness but bad for privacy • Minimize the state within the network but allow some state at the (domain) edges (Firewalls, NAT, VPN, Proxies, MobileIP, QoS Classification) • Protocol layering minimizes complexity and boosts abstraction but everyone tries to bypass the layer model using tunnels

6. Lessons learned so far (2)… • Security is needed everywhere but has to be easily deployable (IPSec vs. TLS) • Some of todays (Cross-Layer)-Designs can be seen as „lawfull“ layer violations (e.g. TCP, IPSec) • Stackable Flow-Labels for traffic differen- tiation, aggregation and advanced traffic engineering (e.g. MPLS)

7. Basic Idea • Label-switched network design between applications using „extended labels“ • Extended labels include a packet counter to support e.g. security, loss detection, … • Label may be „globally unique“ for suppor- ting e.g. IP Addresses, DIFF-Serv tags • Network state is used to implement security, privacy, mobility and QoS

8. Proposed Architecture: ELSSA protocol Extended Label Stream Switching Architecture

9. Properties and Comparisons • Separation of forwarding and routing, location and addressing • Built-in security and privacy • Built-in (micro-)mobilty and QoS • Support of heterogeneous subnetworks, modularity and soft migration

10. Future Project Development

11. - Questions? - Feedback?

A Generalized Label-Forwarding Architecture for the Future Internet

Recommended

Recommended

More Related Content

What's hot

What's hot (12)

Similar to A Generalized Label-Forwarding Architecture for the Future Internet

Similar to A Generalized Label-Forwarding Architecture for the Future Internet (20)

More from Achim Friedland

More from Achim Friedland (14)

Recently uploaded

Recently uploaded (20)

A Generalized Label-Forwarding Architecture for the Future Internet