4. Technologies for the Information Infrastructure

The HPCC Program is developing technologies underlying the National Information Infrastructure (NII) to facilitate addressing National Challenge problems of significant social and economic impact (HPCC National Challenges are described in Section II.7). These technologies build upon and extend those needed to accomplish the goals of the original HPCC Program. They will also contribute to the Government Services Information Infrastructure (GSII), the Defense Information Infrastructure (DII), and the Global Information Infrastructure (GII). Other non-HPCC technologies to support the NII are under development by Federal departments and agencies. Such efforts are being followed and in many cases coordinated with HPCC Program activities.

Information Infrastructure Services Technologies

NII technologies must be integrated and interoperable -- information must be transmitted over different bitways among different computing systems in a seamless fashion; services such as authorization and accounting must be integrated and interoperable; and they must serve people with different communications preferences (for example, voice rather than visual).

Integration and interoperability are most easily accomplished by using tools that implicitly provide them. Toward this end, ARPA has initiated a program to develop the software and services technologies needed to facilitate a marketplace of advanced distributed applications that will interoperate over the underlying networking infrastructure. The following are examples of some current activities in this program.

HORUS

The HORUS project is developing an environment for reliable distributed computing. Its "virtual synchrony" environment integrates distributed computing with fault tolerance (detection of and reaction to failures) and will make it easier to develop distributed software. An example is military mission planning and control software that integrates data from space, air, and ground resources.

http://www.cs.cornell.edu/Info/Projects/HORUS/ARPA/arpa.html

SILDS

Billing, payment, accounting, and associated privacy mechanisms are critical to the NII, especially the National Challenge in Electronic Commerce. ARPA is developing the underlying technologies to provide these capabilities in an interoperable manner, building upon underlying security services. An example is the SILDS project that is developing an infrastructure to support authorization, authentication, accounting, and related security services for the Internet that is layered over the Kerberos authentication system.

http://nii-server.isi.edu/gost-group

Adaptive Communication

Portable information and communications devices will be extensively used in the NII. ARPA is developing the required underlying mobile and wireless technologies (wireless networking technologies are described in Section II.1). Toolkits are needed for developing applications that adapt to changes in the computing and communications environment (such as platform mobility, sporadic connectivity, and dynamically varying bandwidths). An example is "middleware" services that can automatically or semi- automatically adapt the amount and form of communications between a mobile computer and the infrastructure to vastly different operating circumstances.

http://www.mcl.cs.columbia.edu/

TRAVLER

The TRAVLER project funded by ARPA is packaging systems software and services for mobile computers. These include support for adaptive agents, data consistency, database support, predictive caching of files, real-time modeling and simulation, resource discovery, security, user-level replication, and virtual networking.

http://www.cs.ucla.edu/ficus/

Wide-Area File System

ARPA funds Transarc Corporation in developing a system for organizing and locating information in a Wide-Area File System. Each file has a "synopsis" that summarizes its contents, while a "digest" contains multiple synopses. The system lets users control who can access their data. It builds on the AFS (Andrew File System) software developed at Carnegie Mellon University and Transarc and is used by more than 200,000 people at more than 120 government, industry, and academic Internet sites.

ftp://grand.central.org/afs/transarc.com/public/www/Department/ARPA/summary.html

FICUS

The FICUS project is developing a peer-to-peer file replication system that keeps multiple full-function copies of files so that (1) workers can improve their efficiency by keeping multiple copies of key files on systems both at work and at home; (2) individuals collaborating at a distance can each have copies of their working files, and updates are propagated; and (3) copies of files can be stored on portable systems. Replicating and updating files is done over the Internet. Ficus is built using its "stackable layers" technology in which software modules providing new services (such as these new file system functions) are added to existing operating systems; this technology can also be used to add other file system functions such as encryption and data compression.

http://www.cs.ucla.edu/ficus/

Nile Project

The NSF-funded Nile Project is building scalable systems for reliable access to distributed data using distributed computing resources. The immediate application is processing enormous amounts of data accumulated by CLEO, a large High Energy Physics experiment. While the goal of Nile is to solve the computing and network problems specific to this particular scientific endeavor, accessing 10 to 1,000 TB (terabytes or trillions of bytes) of distributed data and processing those data on 100 to 1,000 distributed computing systems is becoming increasingly important to such diverse areas as environmental science, medical imaging, seismology, and video-on-demand. Two particular features of the Nile project are the importance of low-latency access to the data and working with an enormous amount of data on tape. Nile collaborating institutions include Cornell University, the University of Florida, the University of Texas at Austin, and the University of California at San Diego. CLEO itself is a collaboration of 23 universities in the U.S. and Canada, and several members of CLEO are also involved with Nile.

http://www.nile.utexas.edu/NC/Report/Report-950118.html

Video Teleconferencing

Video teleconferencing explicitly requires integration and interoperability as well as resource management. DOE is addressing the need for standard file systems, graphics, spreadsheets, serial interfaces for access and configuration, and sliding bar control of video interaction. Another DOE effort addresses merging telephone, FAX, e-mail, and video into one resource.

World Wide Web (WWW) and NCSA Mosaic

WWW and Mosaic are described in earlier sections. Assuring the continued coordination of a global infrastructure for information is critical to the success of the NII. The HPCC Program will continue R&D in WWW and browsers such as Mosaic. In addition HPCC agencies support and ARPA funds the World Wide Web Consortium, headquartered at MIT.

Issues being addressed at NCSA and elsewhere include collaborative document preparation (with appropriate security), coupling to mass storage and database management systems, forms for user queries and submission of information/data to the server, interactivity, needs of the disabled in the Web environment, next generation WWW architectures, replacing the transient Web link addresses with permanent identifiers (today if a file is moved, its address changes, and every hypertext link to it would have to be changed in order to refer to the same file), scaling issues, searching (and the information that is used in the search), security and privacy, tools for performance measurement and load management, and usage metering/accounting/payment. Furthermore, the development and extension of Web standards continues to be a priority.

Security and Privacy

The NII will place increased demands on security and privacy systems. Two examples are medical records and financial records Ñ both users and providers need to know that there is no unauthorized access to or updating of the information. Already because of the growing dependence on information systems and their interconnection, these systems are more exposed and vulnerable to attack.

In response to this vulnerability, incident response teams have been established to monitor and react to unauthorized activities and potential network intrusions. Each team serves a specific constituency such as an organization or a network. Two of the first such teams, CERT and CIAC, were founded in 1989 as a result of an increase in wide-spread, malicious network-based attacks such as the Morris Worm, and provide round the clock incident handling:

• CERT is the Computer Emergency Response Team based at the Software Engineering Institute in Pittsburgh, PA. CERT was established by ARPA to support Internet users without response teams and continues to serve as the response team for much of the Internet. In 1994 CERT was contacted more than 33,000 times to report computer security incidents or to request security-related information that affected more than 40,000 different Internet sites. Community outreach included issuing 15 CERT advisories. As the incident rate has grown, so has the sophistication of the intruders. To counter these threats, CERT is expanding its program to increase emphasis on incident prevention through technology improvement, security awareness and training, and security assessment activities.

  http://www.sei.cmu.edu/SEI/programs/cert.html

• CIAC is the computer security incident response team for DOE and its contractors. CIAC provides training classes, white hat reviews, and awareness documents in the form of bulletins, advisories, electronic notes, tools, and references. CIAC's hotline number is 510-422-8193; its e-mail address is ciac@llnl.gov; and its ftp server is ciac@llnl.gov.

  http://ciac.llnl.gov/

CERT and CIAC are founding members of FIRST, the Forum for Incident Response and Security Teams. Other Federal agencies participating in FIRST include DOE, NASA, NIST, VA, the Navy, and the Small Business Administration. Members work together in handling complex incidents, testing vulnerability fixes, and sharing incident trend information. Members participate in the annual incident handling workshop sponsored by FIRST; the next workshop will be held September 18-22, 1995, in Karlsruhe, Germany; details about FIRST and the workshop can be found at:

http://www.first.org/first/

HPCC agencies are also responding by increasing emphasis on security research and prototype deployment in FY 1996 and beyond. ARPA, DOE, NASA, NIST, and NSA are addressing issues including preventing unauthorized entry into computing systems, protecting the network infrastructure (the Internet, higher speed networks as they are deployed, and other "bitways" such as satellite, cable TV, cellular, and broadcast) from external and internal attack, protecting information in repositories and in transit, providing data security controls within applications, privacy protection for medical and other sensitive applications, secure electronic commerce, secure internetworking for distributed simulations, secure collaborative work (for example, video teleconferences), security in emergencies or crises or hazards (for example robots in hazardous areas), and emergency response. The long-term challenge is to provide security solutions that can scale to emerging high performance computing technologies, such as multimedia, ultra-high data rates, mobile computing, and very large-scale distributed information storage and retrieval.

For example, one-time password technology and the Kerberos authentication system are helping to alleviate this problem. Kerberos is a cryptographic-based network system, originally developed at MIT, that provides a mechanism for client/server computing authentication. Several HPCC-funded sites are implementing such technologies:

• The NSF Supercomputer Centers are collaborating to become a "metacenter" by sharing their resources. As the metacenter evolves, a researcher will be able to direct that in the middle of the night a large program is to be run using computers and archival storage systems at several of the other centers. In order to do this, all involved systems and networks must be assured that the work is authorized. Extending such models for use throughout the Internet can minimize future attempts to exploit security vulnerabilities.

• The ESnet-based DOE laboratories added cross-realm functionality to Kerberos in order to complete their 1994 multi-site and multi- organization demonstration of authentication to support collaborative research.

  http://nii-server.isi.edu/gost-group/

  http://www.es.net/pub/esnet-doc/auth-and-security/

The secure-http protocol is an enhanced version of the WWW http protocol that supports privacy, authentication, and digital signatures. Secure http enhancements have been added to NCSA Mosaic to create Secure-Mosaic. It has been incorporated into CommerceNet, a TRP-funded government/industry consortium, which is the first full-scale market trial of electronic commerce on the Internet (the Electronic Commerce National Challenge is described in Section II.7).

http://www.commerce.net

Through a new joint Defense effort, ARPA, NSA, and the Defense Information Systems Agency will coordinate their research programs in digital signatures, e-mail security, secure operating systems, secure distributed applications over a single administrative domain, secure routing protocols, security checking, and survivability and recoverability.

Security tools and services developed by government, industry, and academia will be integrated, scalable, and suitable for use by commercial carriers, by third-party providers of security services, and by applications for embedded security functions. Resultant technologies will be flexible in meeting specific needs and in providing varying degrees of protection.

These security and privacy systems must be both policy flexible and cost effective. For example, medical and financial records require more security and privacy than information in libraries, although library users needs privacy guarantees. The Synergy system being developed at NSA, as well as other security technologies developed by NSA and ARPA, is being integrated into basic research in computing systems that will result in the next generation of commercial products. This strategy will lead to products that are easily specialized for a wide variety of security needs.

NASA supports a coordinated effort to improve the protection of sensitive but unclassified data used in collaborative aeronautics engineering both between the Federal government and industry and among industrial partners. The aeronautics community will use encryption tools and the security architecture developed for electronic commerce as a basis for communicating data that require protection from premature or unauthorized release.

Information Infrastructure Applications Technologies

An easy-to-use NII requires complex interfacing of humans to intelligent information management, control, and sensor systems. Performance and usability also depend on the ability of those systems to interface among each other. In FY 1995 and 1996, HPCC agencies are addressing many issues in this area, including the following:

• Research on software environments focuses on application developers having a design environment that matches the application. Tools developed in this effort are being used to construct human-computer interfaces used in applications ranging from software testing to visualizing thermal signatures in the B-2 tailpipe (Northrop). Test and evaluation tools used by Hughes Aircraft improve testing productivity by approximately 25 percent. The Analytical Science Corporation uses the same tools to develop an Avionics Verification and Validation system for Wright Labs. Science Applications International Corporation uses tools developed by this research community to provide interoperability between C and Ada software for U.S. Army simulators. Under related software research programs, tools are being developed to reverse engineer software to extract design information and provide tailored explanations of that software. The Army MICOM Software Engineering Directorate is evaluating some of these tools for supporting the Patriot upgrade program.

• ARPA and NSF provide support to addressing problems in long-term management and evolution of complex software -- system lifetimes are long, applications cluster in families with common characteristics, and change is rapid. The effort builds on the architecture-based approach of defining product families by adding capabilities for recording information about the rationale underlying a design so that modifications can be made more rapidly without introducing errors. Common components will be shared, reducing the cost of providing and maintaining productivity enhancers such as domain-specific architectures for families of systems and very high level languages (fourth generation languages). In FY 1996 consensus Architecture Description Language and Interactive Architecture Synthesis Tool for complex systems will be defined, cluster applications identified, and applied demonstrations initiated.

• ARPA is developing technology to enable the integration of DOD's existing legacy data systems into more effective functionally integrated information services -- without developing large-scale monolithic information systems. This effort has demonstrated that by using an information-integrating mediator, F-22 engineers can execute design changes in 80 percent less time, which is essential for streamlining the weapon systems acquisition process. A mediation module developed from this effort enables air campaign planners to locate the highest priority targets for a particular military objective in 10 minutes instead of 48 hours, providing military advantage in time of crisis. It is enabling military doctors to locate patient information within minutes instead of days, providing a life saving difference in emergencies. These advances will be incorporated in other applications in FY 1996.

• ARPA is developing enabling technologies and design tools that potentially will aid affordable acquisition and upgrade of next generation DOD platforms. In FY 1996 cognitive support tools will improve the ability of engineers to generate, store, retrieve, track, explore, and analyze design alternatives. Today humans generate alternatives in an ad hoc manner and explore them by detailed physical simulations that are time consuming to create and execute. Consequently, most complex design efforts explore a small number of solutions rather than an expanded design space. Rockwell is developing "Design Sheet," a tool used in the Air Force's Airborne Laser program to integrate weight, performance, and cost data and models from teams representing several disciplines and companies; the time to build an integrated model was reduced from two years to six months.

• ARPA is developing tools to support military planners in creating, executing, monitoring, and adapting courses of action and plans for logistical and transportation support. Interactive tools have been a key focus area; several have been developed and are in varying phases of transition. Planning is a labor-intensive, time-consuming, detailed activity that underlies nearly all aspects of military operations. ARPA's efforts have advanced the state of the art in planning and have produced several systems that support specific planning functions and are being transitioned. Applications of this technology to the operating forces include (1) DART, a transportation analysis and planning tool that supported logistics planning for Desert Storm by reducing the time required to develop transportation plans from a few weeks to a few hours (DART has been fielded to every commander-in-chief, where it is in daily use); (2) TARGET, a distributed collaborative planning tool that supports the split-base concept and lets multiple geographically distributed planners work together in a single shared planning workspace (TARGET is being transitioned into the Global Command and Control System Leading Edge Environment); and (3) Air Campaign Planning Tool (ACPT), a system that guides a user through the analysis of national objectives into military objectives, military objectives into tasks, and tasks into specific actions, finally resulting in a Master Attack Plan with traceability of all activities back to national objectives (ACPT is being incorporated into the joint air planning system known as CTAPS).

• ARPA and NSF support development of core technology in human language processing and the transfer of this technology into productive use. Language-based applications help improve overall readiness of our forces by allowing the user to interact directly and naturally with complex systems. Intuitive interaction using natural human language will make for rapid acquisition of expert skills. For example, the TIPSTER system uses text understanding technology to support detection and extraction of key information for intelligence analysts from NSA and the CIA. In FY 1996 tools for speech understanding will be applied to command and control problems including language interaction with tactical warfare training simulators, language-based access for joint service logistics planning, and language-based access to in-transit visibility of logistical assets.

• ARPA is developing new technology to enable humans and computers to interact effectively, efficiently and naturally, including (1) adaptive presentation and input that is sensitive to the context of the user, task, and application domain, (2) multimodal interaction incorporating speech and gestures, and (3) problem and information visualization, focusing on clearly presenting symbolic and numeric data. Emerging technologies and methods are being inserted into the Joint Task Force Advanced Technology Demonstration (ATD), Planning and Decision Aids, and Healthcare Information Systems programs.

In FY 1995 and FY 1996, NSF will enhance its support for research in intelligent systems, especially human-machine information systems. The research will advance the underlying scientific knowledge and technologies needed to create an intelligent service layer that will enable a significantly broader base of information providers, developers, and consumers, while reducing existing barriers to accessing and using information and computing resources for real-world applications. Work in this area includes:

• Human language technology -- Development of new technologies for speech recognition, text understanding, and multi-lingual language processing, including machine-aided language translation

• Multi-modal human-computer interfaces -- Image processing and analysis, computer vision, and integration of images with sound, text, and other forms of information source and presentation oVirtual environments/collaboration technology -- Sharable computing and communication environments that many can access, interact with, and use effectively across time/geographical and physical/artificial boundaries

• Very large knowledge repositories -- Models, tools, and technologies for storing, representing, accessing, and using large amounts and different kinds of objects, data, and knowledge sources