|
NGI Implementation Plan
Section 2.1: Introduction and Strategy |
 
|
|
|
|
|||
 |
|
||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
2. Goal 1
|
Goal 1: Experimental Research for Advanced Network Technologies |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1 Introduction and Strategy
|
Introduction and Strategy The Next Generation Internet (NGI) program will be the pathway to terabit-per-second network speeds over wide area advanced capability networks. This will be done by means of a partnership with industry leading to a shared infrastructure that can be used profitably to support new, experimental services for high end users, as well as large numbers of typical commercial users. Although the high speed communication capability (developed under Goal 2.2) will enable advanced applications for the Department of Defense (DoD), the National Aeronautical and Space Administration (NASA), the National Science Foundation (NSF), and other agency users, increased bandwidth alone will be insufficient to meet the dependability, security, and real time demands of emerging and next generation applications, such as collaboration, wide area distributed computing, and teleoperation and control. The challenge for Goal 1, then, is to ensure that the advanced capabilities of both Goal 2.1 and Goal 2.2 networks can be made predictably and reliably accessible to a broad range of users sharing a common infrastructure. Goal 1 activities will therefore focus on multiagency coordinated research, development, deployment, and demonstration of the technologies necessary to permit the effective, robust, and secure management, provisioning, and end-to-end delivery of differentiated service classes. These activities cluster into three major tasks: network growth engineering, end-to-end quality of service (QoS), and security. This will be a multiagency effort with the Defense Advanced Research Projects Agency (DARPA) as the lead with augmenting and complementing participation by the National Institute of Standards and Technology (NIST), NASA, NSF, DoE (beginning in FY 1999), and other agencies. Each agency will encourage participation in these research areas through its normal mechanisms (for example, solicitations, broad agency announcements). The coordination of the resulting research proposals will be accomplished through cross agency participation in review panels and coordination by the agency program managers to ensure that proposals do not unnecessarily duplicate other efforts. The intent is to focus the research so that the total of the parts leads to an integrated solution. The NGI strategy focuses on developing the most important and highly leveraged aspects of internetworking technology: network growth engineering, end-to-end QoS, and security. The following sections describe the NGI Goal 1 implementation plan for the agencies included in the Congressional FY 1998 NGI appropriations. DoE is not a formal participant in the NGI in FY 1998. The Administration plans to propose adding DoE as a formal participant beginning in FY 1999. This proposed DoE participation in the NGI beginning in FY 1999 is described in Appendix E. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.1 Network Growth Engineering
|
Network Growth Engineering The goals of this task are to (1) create and deploy tools and algorithms for planning and operations that guarantee predictable end-to-end performance at scales and complexities of 100 times those of the current Internet; (2) facilitate management of large scale internetworks operating at gigabit to terabit speeds supporting a range of traffic classes on a shared infrastructure; and (3) create an infrastructure partnership through which lead users (government and research) share facilities with the general public, thereby accelerating the development and penetration of novel network applications. This task will develop and integrate technologies for network planning and simulation; network monitoring, analysis, and control; innovative data delivery; and shared infrastructure management for lead users. The highly automated services envisioned in this task lead to the goal of building strong security mechanisms into the components. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.1.1 Planning and Simulation
|
Planning and Simulation Planning large network interconnections is now primarily a manual process that is not tied to any runtime tools or distributed efforts. Under this subtask, a network planning description language will be developed as a community standard facilitating not only the initial planning but also maintenance of requirements throughout the network life cycle. Metrics: Ability to plan, coordinate, and maintain 100 organizational networks. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.1.2 Monitoring, Control, Analysis, and Display
|
Monitoring, Control, Analysis, and Display Network engineering and management requires tools for gathering data and information, analyzing it, and issuing control commands based on the results of the analysis. Current practice uses planned analysis based on protocol headers and aggregated statistics. This subtask will take on the challenge of presenting runtime analysis based on distributed communication patterns and very high communication speeds that would overwhelm current tools. Metrics: Demonstrate monitoring and analysis at speeds of Optical Carrier (OC)-48 (2.5 Gbps) and higher. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.1.3 Integration
|
Integration The goal of this subtask is to ensure that the network engineering tools and the high performance transmission and switching technologies work smoothly together for accomplishing end-to-end management of leading edge user requirements. The requirements will be developed with the users, and the tools will be integrated into the NGI testbed, developing 10 distributed management stations with monitoring and command interfaces to all connected equipment; half of the management stations will be in the Goal 2.1 testbed and half will be in the Goal 2.2 testbed. Metrics: Demonstrate 25 percent utilization improvement in Goal 2.1 network over 3 months and 100 percent utilization improvement in Goal 2.2 network over 3 months. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.1.4 Data Delivery
|
Data Delivery The management software will work in a tightly bound interlock with new strategies for managing and controlling data delivery in networks. This subtask will develop network interior nodes that combine methods previously seen as disjoint or mutually exclusive: routing and switching, best effort and priority traffic, dynamic routing and virtual circuits, greedy admission versus guaranteed delivery, and flat-rate versus variable costing. Tools that permit network engineers to adjust the strategy trade-offs to best meet their requirements will be prototyped and tested in the high speed arena. Metrics: Demonstrate 100 percent improvement in throughput using heterogeneous, application specific routing strategies. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.1.5 Managing Lead User Infrastructure
|
Managing Lead User Infrastructure The DoD, NASA, NSF, and other government agencies, as well as the research community at large, typically have lead user requirements for telecommunication facilities that require speed and complexity that are orders of magnitude beyond those of the typical users. This task will investigate architectural concepts, management strategies, and operational arrangements that will allow lead users to concurrently share the same infrastructure as conventional users at a variety of levels. Extension of this dual modality into the campus infrastructure for end-to-end support will also be investigated. Metrics: Demonstrate lead user support by striping, that is, partitioning a data stream across multiple low bandwidth channels to emulate a high bandwidth channel, over 100 ordinary channels without performance loss. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.2 End-to-End Quality of Service
|
End-to-End Quality of Service The goals of this task are to facilitate the delivery of end-to-end ensured QoS to applications and to ensure that these technologies can be tailored for use by and made available to lead users who have demanding requirements. The strategy is to allow users to negotiate application specific trade-offs among such parameters as bandwidth, latency, precision, and reliability in order to obtain predictable performance at a known quality level. Exploiting emerging network level mechanisms is difficult, however, as they are semantically far removed from the applications they are intended to support and are accessible only through many layers of software. End-to-end QoS assurance requires an approach that spans these layers of operating system and middleware in order to effectively deliver network level QoS guarantees. This task will develop and demonstrate a comprehensive QoS management architecture, drill down technologies to facilitate propagation of QoS constraints across software and network layers, and next generation network technologies to support QoS. Research addressing issues specific to wireless networking and nomadicity are beyond the scope of this initiative; however, the QoS framework will be general enough to accommodate the integration of wireless services and the eventual integration of nomadicity support. This effort will be fully coordinated with on-going agency and industry advances in mobile networking and computing. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.2.1 Baseline Quality of Service Architecture
|
Baseline Quality of Service Architecture The baseline QoS management architecture will provide the framework of models, languages, and protocols to permit distributed applications to specify multidimensional QoS requirements, negotiate acceptable trade-offs and confidence levels, and receive feedback on delivered QoS enabling adaptation. Application Program Interfaces (APIs) supporting the propagation of QoS constraints and feedback through software layers will be developed, as well as the requisite admission control, accounting/costing, security, and priority mechanisms both within the network infrastructure and the periphery ingress/egress environments. Metrics: Demonstrate ability to handle differentiated service classes and to reduce variance in end-to-end performance by factors of three to five for multimedia traffic. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.2.2 Drill Down Technologies
|
Drill Down Technologies Current technologies support composition of functionality across system layers but not the composition of their QoS properties. This subtask will develop technologies that can be used to drill down and expose interfaces to QoS and network management capabilities that are presently hidden within the individual layers. Emphasis will be on techniques appropriate for operating systems, communications libraries, and middleware services, including distributed objects, and providing direct access from the applications to network layer components and objects. Metrics: Demonstrate factor of 3 to 5 reduction in communications overhead attributable to systems software. Next Generation Network Technologies Next generation network technologies, particularly those supporting QoS, are critical to the success of the Internet, but they lack an adequate experience base at the speeds and scale envisioned for NGI. This subtask will accelerate pilot deployment of and experimentation with technologies such as class based queuing, Resource Reservation Protocol (RSVP), and Internet Protocol Version 6 (IPv6), as well as research and develop new technologies for admission control, accounting/costing, scheduling, prioritization in both IP and Asynchronous Transfer Method (ATM) networks. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.3 Security
|
Security Security's essential role in the NGI is to support several objectives: a secure and fair means of user access to and use of network resources (for example, QoS), smart network management, internetwork peering (for example, surety of routing updates), accounting/costing for intercarrier as well as end user to carrier relationships, ensuring low latency control mechanisms, and nomadic/remote high speed access. A Public Key Infrastructure (PKI) that interacts with the industry-wide PKI is paramount to the success of integrating and deploying security in the NGI. This subtask will also develop ways for organizations or individuals to interoperate in the face of a rich and dynamic set of policies, for example, those that exist among different Federal agencies. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.3.1 Cryptographic Technology and Applications
|
Cryptographic Technology and Applications The cryptographic activity involves the development and testing of cryptographic algorithms and interfaces for use in protecting office and electronic commerce applications and data. This is one of the most important areas of information technology (IT) security, since several critical security services (authentication, data integrity, data confidentiality, and nonrepudiation) all depend on cryptographic technology. Public Key and Key Management Infrastructure. The use of cryptographic services across the global Internet requires the use of "certificates" that bind cryptographic keys and other security information to specific users or entities in the network. Comprehensive certificate management mechanisms and underlying support infrastructure are required for all of this to work. Internet/Internetwork Security. The viability and success of the NGI will depend on the existence of new, more secure protocols. Current protocols have limited and demonstrably weak security mechanisms. New protocols being developed will include advanced methods to authenticate communications, nodes, and users, and will provide other security services such as confidentiality protection, extended audit trails, and threat monitoring. |
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||
|
2.1.3.2 Security Criteria, Test Methods and Testing |
Security Criteria, Test Methods and Testing Unlike other types of standards and open specifications, security standards have an implicit requirement for special testing. In addition to traditional functionality and interoperability tests, security products and services need to be tested to ensure that they cannot be subverted by intentional acts or attacks and that they do not contain functionality beyond that specified (for example, "trap doors"). This subtask will continue efforts to develop a common set of security product/system evaluation and testing criteria to meet this need. |
||||||||||||||||||||||||||||
|
|
|
||||||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||||