Mid-semester presentation for my Computers & Society course at Mount Royal University. Has some technical detail about how the internet works, web protocols, data centres, and typical security threats.

1. SO WHERE IS THE INTERNET?

2. IT’S NOT HERE

3. It is common to visualize the internet using
some type of cloud icon. While convenient, it
does hide the fact that the internet is most
certainly not composed of magic water vapor,
but a whole lot of stuff.

4. WE NEED TO BEGIN HERE …

5. The Internet is composed of millions of
kilometers of wires (metal and fiber optic)
and millions of computing devices, such as
servers, routers, switches, hubs, and other
networking devices, most of which is
housed in specialized environments
requiring countless air conditioners and
power devices.

8. The internet is a conglomeration of many
different physical networks that are able to
communicate thanks to the use of common
connection protocols.
The internet is built on top of a massive
amount of telecommunications
infrastructure, most of it initially
government-funded, but now generally
privately owned.

9. The most important infrastructure belongs
to what are commonly called Tier 1
Networks or Tier 1 ISPs. When someone
talks about the Internet Backbone, they are
talking about Tier 1 networks.
About sixteen different companies are
considered to be Tier 1 networks, and
include Level 3, Tata Communications, NTT,
AT&T, and Verizon.

11. Tier 2 Networks may peer for free with
some networks but must pay to access at
least some other Tier 1 networks (referred
to as buying transit).
Many regional networks are Tier 2. Some
examples include Rogers, Telus, Comcast,
British Telecom, and Vodaphone.

12. R O G E R S
C A N A D A
2 5 , 0 0 0 K M
CENTURYLINK
855,000 KM

15. Since the internet is composed of many
interconnected, but independent networks,
there needs to be mechanisms for creating
those interconnections.
Internet Exchange Points (IXPs) have
become one of the most important
mechanisms for creating those
interconnections.

16. An Internet Exchange Point is a physical
location where different IP networks and
content providers meet to exchange local
traffic with each other (that is, peer) via a
switch.

18. The internet was designed to be a robust
communication network that could continue
to work even if parts of the network are
disrupted or destroyed.
It is the TCP/IP set of protocols that makes
this possible. A given message is broken
into smaller packets which can take their
own independent route from the sender to
the destination.

19. Routers are a key technology in the network
in that they shuttle packets from one
network to another.
How are destination computers identified?
Each piece of hardware has a unique IP
address. Initially each IP address was 12
digits longs. Due to the increase in the
number of devices, IP addresses are now
substantially longer.

21. I P A D D R E S S E S

22. W h a t a b o u t t h e w e b ?

23. The web uses a client-server model of
communication.
The client-server model is one in which a
computer client, such as a browser, makes
requests of another computer called a
server, which is normally continually active,
listening for requests from clients.

26. HTTP (Hypertext Transfer Protocol) defines
a set of rules about how computers
communicate with one another. It is actually
a simple text-based protocol.
While the latest generations of browsers
often hide the “http://” in the address bar,
HTTP is still present.

27. Other than the fact that almost all web-
communication makes use of HTTP, having
some idea about how HTTP works can help
you in understanding many of the
constraints that exist within the field of web
development, and many of the security
problems that bedevil the web space.

30. What about HTTPS?
HTTP Secure (sometimes also called, more
long-windely, as HTTP over Transport Layer
Security).
This protocol is essentially identical to HTTP
except the connection content is also
encrypted. It protects against man-in-the-
middle attacks, so that an eavesdropper on
a session can not read or tamper with it.

31. In some of the earlier diagrams, the server
was represented as a single entity. This is in
fact quite misleading.
A typical website makes use of several,
dozens, hundreds or even hundreds of
thousands of servers. Why?

32. Partly this is for functional reasons: different
types of tasks will be isolated in different
servers.
Partly this is for performance reasons: a
single server has limits to how many
simultaneous requests it can manage.
Another important reason is for
redundancy: computers do fail and so
having multiple servers ensures a service
works even when a single server stops
working.

34. Server farms are typically housed within
specialized facilities known as data centers.
These facilities contain a lot more than just
lots of computers contained within server
racks.

37. All those computers will generate a great
deal of heat, and so a key component of a
data center will be its heat generation
counter-measures.
These include reliable air conditioning,
forced air recirculation, and using chilled
water directly within the server racks.

40. Reliable and even power is the other key
component of any data center. This will be
achieved via UPS and other devices to
normalize electrical power as well as diesel
generators and DC battery supplies to
preserve electrical power even during power
outages.

43. Data centers in 2013 consumed somewhere
between 2% to 4% of the entire United
States electrical consumption.
Data centers in Ireland in 2016 consumed about
20% of Ireland’s entire electrical consumption.

44. Computing in general in 2012 consumed
somewhere about 5% of the world’s
electricity.
Optimistic Estimate: by 2025, computing
will consume 20% of world-wide electricity.
In 2016 about 11% of all global electricity
was consumed by computing.

45. Computing will soon produce about 3% of
global carbon emissions.
Optimistic Estimate: Within a decade,
computing will produce about 14% of global
carbon emissions.

46. “The analysis shows that for the worst-case scenario, CT
could use as much as 51% of global electricity in 2030.
…
the present investigation suggests, for the worst case
scenario, that CT electricity usage could contribute up to
23% of the globally released greenhouse gas emissions in
2030.”

47. In 2011, Google reported its energy
consumption to be 230 MWh.
In 2014, it reported 3.2 GWh (i.e. 3200 MWh)
even though it had made many of its data
centers significantly more energy efficient.
How is this possible?

48. Governments and environmentalists
generally assume that improving the energy
efficiency of a process will lower its resource
consumption.
Yet in economics, the Jevons Paradox
argues that the opposite will often occur.

49. In economics, the Jevons paradox occurs
when technological progress increases the
efficiency with which a resource is used
(reducing the amount necessary for any one
use),
but the rate of consumption of that resource
rises because of increased demand due to
falling prices.

50. Thus, the dramatic improvements of energy efficiency in
data centers in recent years has actually increased the
amount of energy being consumed in data centers
(because improved energy efficiency has lowered costs
thereby encouraging more people to make use of data
centers).

51. Estimate: 550GWh of power consumed just to
serve these 3 billion views (YouTube
servers+downloads+views) … roughly equal to
Canada’s yearly energy consumption)

52. But what about energy savings as a result
of the displacement of older technologies
with newer computing-based ones?

53. One study, for instance, that examined the
total energy footprint of a paper newspaper
compared to its online version found that
paper version consumed about half as much
energy (and that study didn't even factor in
data center energy consumption).

54. However, a different study examining
energy consumption of rented DVDs vs
streamed movies found a reduction in the
total energy footprint with the switch to
streaming (however that study also didn't
factor in data center energy consumption).

56. DEPLOYMENT
VIRTUALIZATION
A N D

57. D E D I C AT E D H O S T I N G
Each site is on its own server(s)

58. S I M P L E S H A R E D H O S T I N G

59. V I RT U A L S H A R E D H O S T

60. C L O U D H O S T I N G

61. W h y C l o u d H o s t i n g ?
R e d u n d a n c y
01
O n - D e m a n d
P r o v i s i o n i n g02
S c a l a b i l i t y
03
C o s t
E f f i c i e n c y04
L o w S t a r t u p
C o s t s05
M a n a g e r s
S e e m t o
L o v e C l o u d s
…
06

62. HOW?

63. S E RV E R I N E F F I C I E N C I E S

64. H O W I T W O R K S

65. C l o u d S e r v i c e M o d e l s
C l o u d c o m p u t i n g p r o m i s e s s o m e t h i n g u s u a l l y r e f e r r e d t o a s e l a s t i c
c a p a c i t y / c o m p u t i n g ,
m e a n i n g t h a t s e r v e r c a p a b i l i t y c a n s c a l e w i t h d e m a n d .
Platform as a Service
(PaaS)
Infrastructure as a Service
(IaaS)
Software as a Service
(SaaS)
Amazon Web Services
Microsoft Azure
Google Cloud Platform

66. Security
and
Search

67. T H E P R O B L E M W I T H E V E

68. U S I N G E N C RY P T I O N

69. P R O B L E M : H O W T O T R A N S P O R T K E Y

70. S I M P L E E N C RY P T I O N E X A M P L E

71. H T T P S
Q U I C K LY

72. S E C U R I T Y T H R E AT S

73. S Q L I N J E C T I O N AT TA C K

74. C R O S S - S I T E S C R I P T I N G AT TA C K

75. D E N I A L O F S E RV I C E AT TA C K

76. R A I N B O W TA B L E AT TA C K ( C O N T E X T )

77. R A I N B O W TA B L E AT TA C K ( S O L U T I O N ? )

78. R A I N B O W TA B L E AT TA C K ( S O L U T I O N ! )