下一代互联网的二点技术探讨和体系架构的再思考

ben13424860910
2 ℃
2020-06-15

整理文档很辛苦，赏杯茶钱您下走！

还剩 ... 页未读，继续阅读 >>

免费阅读已结束，点击下载阅读编辑剩下 ... 页

阅读已结束，您可以下载文档离线阅读编辑

资源描述

1AsstProfessorNanyangTechnologicalUniversity2TCP/IPLAN::IPv4NGI,NGN,GENI,AGN,VenoII3TCP/IP:TCP4Cont’d1974VintonCerf,RobertKahn“AProtocolforPacketNetworkIntercommunication”IEEETrans.OnComm.TCPtargetProvidereliabledatacommoverunreliablemedium(e.g.link(s),intermediatenodes)(().)Applicationtoapplication/processtoprocess/e2eMSN/EmailIloveyou!ÆIhateyouMosaic,Netscape,IEexplorer….5TCP/IP:IPLANApp2App26RRRRRRR•1978.Networking(--)•IPTarget:UniversalNetworkinginfrastructure•AddressingUniversally()•Routing•Ciscounifiesallsmallmarketandcreateabiggermarket(grabsthisopportunityin1980’s)PhysicalWorld:TechnologyandMarket7LAN/WANin70s/80s–Internetin80s/90s8TCPandIPIfthereisnoIP,whathappenedtoTCP?NonetworkÆnousersIfthereisnoTCP,whathappenedtoIP?Noreliablecommunications-nokillerappl.IP–,,LANTCP–ComplementaryToday’sInternet9LayeringViewLANEthernetTokenRingFDDInewIPv4TCPUDPApp.1App.2App.3App.1App.2App.3App.1App.2App.3App.1App.2App.3......App.nApp.4App.5ByIntroductionofanUniversalplatform(TCP/IP)•Noneedtospendtimeonindividualnetworks•Provideoneuniversalplatformfordevelopingmoreapplications•Ciscowasborn….EthernetTokenRingFDDIApp.1App.2App.3App.1App.2App.3App.1App.2App.3Applicationsarequiteboundtodifferenttypesofnetworksandlackflexibilities10TCP/IPLAN::IPv4NGI,NGN,GENI,AGN,VenoII11:(VenoSEC)VenoSECprovidestransparentend-to-endsecurityNATFirewallVPNInternetHTTP,Telnet,FTP,POP...HTTP,Telnet,FTP,POP...Insecurechannel-attackerscaneavesdropormodifythedataInsertedsecuritymoduleInsertedsecuritymoduleEnd-to-endsecurechannelSecurechannel-dataisprotectedwithencryptionandintegritycheck12BasedonspecificapplicationsSSH,SFTP,SMIME,HTTPS,Basedonnetworklinksornetworkinfrastructure,ratherthanend/userIPSECVPNWEPFirewallIDEOthers,e.g.,secureinfrastructure(static)AnalogytoTCP’semphasisone2eratherthanlinksorintermediatenodes13VenoSECArchitecture(static)(GroupUsersScenario)UsersareorganizedintogroupsVG2VG3Group3VG1InternetSecureChannelSecureChannelSecureChannelGroup1Group214VenoSECArchitectureTrustedInfrastructureisFormulatedDynamically(EndUsersScenario)Usersareself-organizedintoasecureoverlaynetworkNocentralizedsecuritymanagementAslongasyourthumdriveisaroundyou!SecureChannelSecureOverlayNetworkInternet15VenoSEC?Realizereliableandsecuredatacommoverunreliablemediumrealizetrustedcommoveruntrustednetworkinginfrastructure.Applicationtoapplication/processtoprocess/e2eMSN/Email/FTP/Telnet/!ÆIhateyou16:IPv4InternetusersarenotabletoaccessprivateIPnetworksPrivateIPbasednetworksNAT?Mapping?17Cont’dExample(name–privateaddress)resolutionabc1.tsinghua.edu.cn(mappedtoprivateaddress:192.168.0.1)abcn.tsinghua.edu.cnVGDNSServerResolve:abc.ntu.edu.sgabcInternet1.query:abc.ntu.edu.sg2.reply:canfind4.reply:155.69.103.103.query:vg.ntu.edu.sg5.query:abc.ntu.edu.sg6.reply:192.168.0.118NGIbyIETFIPv6/(shortageofIPAddressandsecurity)GENIbyNSFTrustedComputingbyTCG(companies)AGNbyDARPANGNbyITUSoftswitcher4G/WiMAX19TCP/IPLAN::IPv4NGI,NGN,GENI,AGN,VenoII20WhatisNGN?ITUQoS.“”21IdeainNGNInternetNGNData22NGNIPTCP/UDP/SCTPNGNInternetInternet/VoIP23What’sNGI?NGITCP/IPInternet“NGIconceptspaper”,in199721NGINGI1233InternetNGI24IdeainNGIInternetNGIVoice25Internet2:AnexampleofNGINGIInternet2.Internet2200InternetIPv6Internet2IPv626Architecture:ConcreteorIllusive?NGNbyITUSoftswitcherNGIbyIETFIPv6/(shortageofIPAddressandsecurity)TrustedComputingbyTCG(companies)GENIbyNSFAGNbyDARPA……27TCP/IPLAN::IPv4NGI,NGN,GENI,AGN,VenoII28WhatisVenoII?29WhatisVenoII?DCCPDataapplications()TCP(Reno)UDPIPv430InternetToday–NextGenerationComm.InternetTodayIPv4IPv6DataapplicationsVoIPTCP(Reno,Veno..)UDPWiredWLANSatelliteOptical3G31VenoIINGNNGI0%100%100%VenoIINGNNGI4G100x100project322.VenoII:virtualconnection-oriented332.VenoII:virtualconnection-oriented(con’t)CollegenetworkCompanynetworkCompanynetworkIPRouterCompanyNetwork34VenoIIVenoIIGateway,IPRouter35TCP/IPLAN::IPv4NGI,NGN,GENI,AGN,VenoII36VenoIITrustedInfrastructureisFormulatedbyVenoSEC()Usersareself-organizedintoasecureoverlaynetworkNocentralizedsecuritymanagementAslongasyourthumdriveisaroundyou!SecureChannelSecureOverlayNetworkInternet37Thesoul/platformoftelecom,InternetandTVbroadcast38VenoIIDefactoStandard?YES!39IPDECIBM3COMMITBerkeleyVintonCerf40Cont’dIPciscoVenoIIIPInternetVenoII41CERNETSUNMicrosystemIncTheChineseUniversityofHongKongAOE-IT,HongKongUCBerkeley(ACIRI)LinuxOS(TCPVeno)Myteachers,students,friendsandlovers….42ThankYou!Q&A43VenoIIBenefit:AllApplicationsareSupportedUniversally–ANewPlatformData:Email,FTP,Stream:VoIP,IPTVGamesIndustry