Vint Cerf on Internet Challenges

【注】摘自网络

Vint Cerf  once in a tech-talk said 

Where is the science in CS? Here are places some with underlying theory:

• Automata theory (strong)
• Compiler and language theory (strong)
• Operating system design (weak) - we are vulnerable to how to make OS’s secure and they take too many resources trying to manage resources.
• Data structures (strong)
• Queuing theory (networks of queues) - strong theory, but too much of the network functionality has to be abstracted away before you can apply the theory.
• Animation and rendering (strong) - Vint has recently come to have a respect for the theory, physics, and mathematics hiding behind the artistry.

Networking isone area that he picks on as not having significant underlying theory.There areimportant principals, like layering, but much of the theory is shallow.Protocol design, as an example, doesn’t have much theory. There has been some work in formalizing protocols and their analysis, but it’s way too complex.Other examples of places where we need deep analytical elements are distribute dalgorithms and cooperating processes.

We know almostnothing about making programming more efficient and systems more secure andscalable. Hecharacterizes our progress in programming efficiency as a “joke” compared to hardware.

Security (andhere he’s really mostly talking about identity) works well in hierarchicalorganizations, but not elsewhere. The cost of authenticating individual users is one of the key factors.Hierarchical organizations can more efficiently issue IDs and performauthentications. Hementions virtual machines as an intriguing notion because theoretically they can create safe execution environments for various applications. JVMs do this, as an example.One of the reasons that people went tosingle application servers (for example, a DNS server, a mail server, etc.) inthe 90’s was to get safe execution environments and process independence. Thefalling cost of hardware made this possible. VMs allow the cost of creating amachine to fall more dramatically still.

Here are some potential trouble spots:

• Penetrable operating systems.
• Insecure networks
• Buggy servers
• Broken models of perimeter security
• Worms, virus, Trojan horses, keyboard and web page monitors
• Bluetooth security in mobiles
• SPAM, SPIM, and SPIT
• Phishing and Pharming
• IDN ambiguities and DNS hijacking
• Intellectual property problems
• Routing attacks with BGP routing
• Distributed denial of service
  • Millions of zombies
  • Insecure servers, laptops, desktops, mobiles, etc.

Worms have the potential to create resilient processes that run across multiple machines forbusiness continuity.Vintnotes that the first instance of a worm was at Xerox Park for precisely thispurpose. Business processes could be broken up and run as worm-like agents onmultiple machines.

Speaking of identity, Vint wishes that the original design of the Internet hadrequired that each end point on the network be able to authenticate themselvesto every other end point.He notes that public key cryptography was still four years in the futureat that point and symmetric key encryption was too expensive.

He lists afew more challenges that remain:

• Identity theft
• Personal privacy
• Search algorithms
• Semantic networks (related to last point)
• Database sharing (genome and space data are examples)
• IPv6 deployment
  • Layers of details such as the network management systems, DNS refactoring, provisioning
  • Allocation policy development
• Networked scientific instruments (tele-operation)

Some policy challenges in the Internet environment:

• WSIS/WGIG - Internet governance
• ICANN vs. ITU
• International eCommerce - imagine an Amazon customer in Hong Kong, ordering from Amazon in the US. The book is sourced in South Africa, and shipped to Paris. Certain questions arise:
  • dispute resolution
  • online contracts (authenticity, legal framework)
  • taxation policies

He calls out Creative Commons and iTunes and new, innovative models of solving contentmanagement challenges.He notes that the regulatory system we have today is broken because it’s based onthe modality of the communication and the Internet is subsuming them all.

Inter planetary Internet: InterPlaNet (IPN). The flowcontrol mechanism of TCP doesn’t work well when the latency goes to 40 minutes.What’s more, planets are in motion, so distances apart vary with time and thus latency varies with time. So do error rates. Some of these problems are likemobile networks.

IPN  assumes that you can use TCP/IP on the surfaceof the planet. Each planet has its own IP space demarked by a separateidentifier. DNS doesn’t work on an interplanetary scale since by the time youget a resolution for an earth DNS address from Mars, the IP number may havechanged (think mobile or DHCP). The protocol  looks more like a store-and-forward emailsystem than an end-to-end protocol like TCP. The result is an interplanetarynetwork protocol.

(The end )