Module 6
Advanced Networking
Security problems with internet architecture, Introduction to Software defined networking, Working of SDN, SDN in data centre, SDN applications, Data centre networking, IoT.
1. 20CS2008 Computer Networks
Module 6
Advanced Networking
Security problems with internet architecture, Introduction to Software defined
networking, Working of SDN, SDN in data centre, SDN applications, Data centre
networking, IoT.
Dr.A.Kathirvel, Professor,
DCSE, KITS
kathirvel@karunya.edu
2. Computer
Networking: A Top-
Down Approach
8th edition
Jim Kurose, Keith Ross
Pearson, 2020
Chapter 8
Security
A note on the use of these PowerPoint slides:
We’re making these slides freely available to all (faculty,
students, readers). They’re in PowerPoint form so you see the
animations; and can add, modify, and delete slides (including
this one) and slide content to suit your needs. They obviously
represent a lot of work on our part. In return for use, we only
ask the following:
If you use these slides (e.g., in a class) that you mention
their source (after all, we’d like people to use our book!)
If you post any slides on a www site, that you note that they
are adapted from (or perhaps identical to) our slides, and
note our copyright of this material.
For a revision history, see the slide note for this page.
Thanks and enjoy! JFK/KWR
All material copyright 1996-2020
J.F Kurose and K.W. Ross, All Rights Reserved
3. Security: overview
Security: 8- 3
Chapter goals:
understand principles of network
security:
• cryptography and its many uses beyond
“confidentiality”
• authentication
• message integrity
security in practice:
• firewalls and intrusion detection systems
• security in application, transport, network,
link layers
4. Chapter 8 outline
What is network security?
Principles of cryptography
Message integrity, authentication
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
Operational security: firewalls and
IDS
Security: 8- 4
5. What is network security?
Security: 8- 5
confidentiality: only sender, intended receiver
should “understand” message contents
• sender encrypts message
• receiver decrypts message
authentication: sender, receiver want to confirm
identity of each other
message integrity: sender, receiver want to
ensure message not altered (in transit, or
afterwards) without detection
access and availability: services must be
accessible and available to users
6. Friends and enemies: Alice, Bob,
Trudy
Security: 8- 6
well-known in network security world
Bob, Alice (lovers!) want to communicate
“securely”
Trudy (intruder) may intercept, delete, add
messages
secure
sender
secure
receiver
channel
data,
control
messages
data data
Alice Bob
Trudy
7. Friends and enemies: Alice, Bob,
Trudy
Who might Bob and Alice be?
… well, real-life Bobs and Alices!
Web browser/server for electronic transactions (e.g.,
on-line purchases)
on-line banking client/server
DNS servers
BGP routers exchanging routing table updates
other examples?
8. There are bad guys (and girls) out
there!
Q: What can a “bad guy” do?
A: A lot! (recall section 1.6)
• eavesdrop: intercept messages
• actively insert messages into connection
• impersonation: can fake (spoof) source address
in packet (or any field in packet)
• hijacking: “take over” ongoing connection by
removing sender or receiver, inserting himself in
place
• denial of service: prevent service from being
used by others (e.g., by overloading resources)
9. Chapter 8 outline
What is network security?
Principles of cryptography
Message integrity, authentication
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
Operational security: firewalls and
IDS
Security: 8- 9
10. The language of cryptography
m: plaintext message
KA(m): ciphertext, encrypted with key KA
m = KB(KA(m))
plaintext plaintext
ciphertext
KA
encryption
algorithm
decryption
algorithm
Alice’s
encryptio
n
key
Bob’s
decrypti
on
key
KB
Security: 8- 10
11. Breaking an encryption scheme
cipher-text only
attack: Trudy has
ciphertext she can
analyze
two approaches:
• brute force:
search through
all keys
• statistical analysis
known-plaintext attack:
Trudy has plaintext
corresponding to
ciphertext
• e.g., in monoalphabetic
cipher, Trudy determines
pairings for a,l,i,c,e,b,o,
chosen-plaintext attack:
Trudy can get ciphertext
for chosen plaintext
Security: 8- 11
12. Symmetric key cryptography
plaintext plaintext
KS
encryption
algorithm
decryption
algorithm
KS
ciphertext
K (m)
S
symmetric key crypto: Bob and Alice share
same (symmetric) key: K
e.g., key is knowing substitution pattern in mono
alphabetic substitution cipher
Q: how do Bob and Alice agree on key value?
Security: 8- 12
13. Simple encryption scheme
substitution cipher: substituting one thing for
another
monoalphabetic cipher: substitute one letter for
another
plaintext: abcdefghijklmnopqrstuvwxyz
ciphertext: mnbvcxzasdfghjklpoiuytrewq
Plaintext: bob. i love you. alice
ciphertext: nkn. s gktc wky. mgsbc
e.g.:
Encryption key: mapping from set of 26
letters
to set of 26 letters Security: 8- 13
14. A more sophisticated encryption
approach
Security: 8- 14
n substitution ciphers, M1,M2,…,Mn
cycling pattern:
• e.g., n=4: M1,M3,M4,M3,M2; M1,M3,M4,M3,M2; ..
for each new plaintext symbol, use
subsequent substitution pattern in cyclic
pattern
• dog: d from M1, o from M3, g from M4
Encryption key: n substitution ciphers, and
cyclic pattern
• key need not be just n-bit pattern
15. Symmetric key crypto: DES
Security: 8- 15
DES: Data Encryption Standard
US encryption standard [NIST 1993]
56-bit symmetric key, 64-bit plaintext input
block cipher with cipher block chaining
how secure is DES?
• DES Challenge: 56-bit-key-encrypted phrase
decrypted (brute force) in less than a day
• no known good analytic attack
making DES more secure:
• 3DES: encrypt 3 times with 3 different keys
16. AES: Advanced Encryption
Standard
Security: 8- 16
symmetric-key NIST standard, replaced DES
(Nov 2001)
processes data in 128 bit blocks
128, 192, or 256 bit keys
brute force decryption (try each key) taking 1
sec on DES, takes 149 trillion years for AES
17. Public Key Cryptography
Security: 8- 17
symmetric key
crypto:
requires sender,
receiver know
shared secret key
Q: how to agree on
key in first place
(particularly if
never “met”)?
public key crypto
radically different
approach [Diffie-
Hellman76, RSA78]
sender, receiver do
not share secret key
public encryption
key known to all
private decryption
key known only to
receiver
18. Public Key Cryptography
Security: 8- 18
m = K (K (m))
B
+
B
-
plaintext
encryption
algorithm
decryption
algorithm
K (m)
B
+
ciphertext
plaintext
message, m
K
B
+
Bob’s public
key
Bob’s private key
K
B
-
Wow - public key cryptography revolutionized 2000-
year-old (previously only symmetric key) cryptography!
• similar ideas emerged at roughly same time, independently in
US and UK (classified)
19. Public key encryption algorithms
Security: 8- 19
requirements:
RSA: Rivest, Shamir, Adelson algorithm
1 need K ( ) and K ( )
such that
B B
. .
+ -
K (K (m)) = m
B
B
- +
given public key K , it should be
impossible to compute private
key K
B
B
2
+
-
20. Prerequisite: modular arithmetic
Security: 8- 20
x mod n = remainder of x when divide by n
facts:
[(a mod n) + (b mod n)] mod n = (a+b) mod n
[(a mod n) - (b mod n)] mod n = (a-b) mod n
[(a mod n) * (b mod n)] mod n = (a*b) mod n
thus
(a mod n)d mod n = ad mod n
example: x=14, n=10, d=2:
(x mod n)d mod n = 42 mod 10 = 6
xd = 142 = 196 xd mod 10 = 6
21. RSA: getting ready
Security: 8- 21
message: just a bit pattern
bit pattern can be uniquely represented by an
integer number
thus, encrypting a message is equivalent to
encrypting a number
example:
m= 10010001. This message is uniquely represented
by the decimal number 145.
to encrypt m, we encrypt the corresponding number,
which gives a new number (the ciphertext).
22. RSA: Creating public/private key pair
Security: 8- 22
1. choose two large prime numbers p, q. (e.g.,
1024 bits each)
2. compute n = pq, z =
(p-1)(q-1)
3. choose e (with e<n) that has no common
factors with z (e, z are “relatively prime”).
4. choose d such that ed-1 is exactly divisible by z.
(in other words: ed mod z = 1 ).
5. public key is (n,e). private
key is (n,d).
KB
+
KB
-
23. RSA: encryption, decryption
Security: 8- 23
0. given (n,e) and (n,d) as computed above
1. to encrypt message m (<n), compute
c = m
mod n
e
2. to decrypt received bit pattern, c, compute
m = c
mod n
d
m = (m
mod n)
e mod
n
d
magic
happens! c
24. RSA example:
Security: 8- 24
Bob chooses p=5, q=7. Then n=35, z=24.
e=5 (so e, z relatively prime).
d=29 (so ed-1 exactly divisible by z).
bit pattern m m
e c = m mod n
e
0000l000 12 24832 17
encrypt:
encrypting 8-bit messages.
c m = c mod n
d
17
481968572106750915091411825223071697 12
cd
decrypt:
25. Why does RSA work?
Security: 8- 25
must show that cd mod n = m, where c = me
mod n
fact: for any x and y: xy mod n = x(y mod z) mod
n
• where n= pq and z = (p-1)(q-1)
thus,
cd mod n = (me mod n)d mod n
= med mod n
= m(ed mod z) mod n
= m1 mod n
= m
26. RSA: another important property
Security: 8- 26
The following property will be very useful later:
K (K (m)) = m
B
B
- +
K (K (m))
B
B
+ -
=
use public
key first,
followed by
private key
use private
key first,
followed by
public key
result is the
same!
27. Security: 8- 27
follows directly from modular
arithmetic:
(me mod n)d mod n = med mod n
= mde mod n
= (md mod n)e
mod n
Why ?
K (K (m)) = m
B
B
- +
K (K (m))
B
B
+ -
=
28. Why is RSA secure?
Security: 8- 28
suppose you know Bob’s public key (n,e). How
hard is it to determine d?
essentially need to find factors of n without
knowing the two factors p and q
• fact: factoring a big number is hard
29. RSA in practice: session keys
Security: 8- 29
exponentiation in RSA is computationally
intensive
DES is at least 100 times faster than RSA
use public key crypto to establish secure
connection, then establish second key –
symmetric session key – for encrypting data
session key, KS
Bob and Alice use RSA to exchange a symmetric
session key KS
once both have KS, they use symmetric key
cryptography
30. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
Operational security: firewalls and
IDS
Security: 8- 30
31. Authentication
Security: 8- 31
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap1.0: Alice says “I am Alice”
failure scenario??
“I am Alice”
32. Authentication
Security: 8- 32
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap1.0: Alice says “I am Alice”
in a network,
Bob can not
“see” Alice,
so Trudy
simply
declares
herself to be
Alice
“I am Alice”
33. Authentication: another try
Security: 8- 33
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap2.0: Alice says “I am Alice” in an IP
packet containing her source IP address
“I am Alice”
Alice’s
IP address
failure scenario??
34. Authentication: another try
Security: 8- 34
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap2.0: Alice says “I am Alice” in an IP
packet containing her source IP address
“I am Alice”
Alice’s
IP address
Trudy can create
a packet “spoofing”
Alice’s address
35. Authentication: a third try
Security: 8- 35
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap3.0: Alice says “I am Alice” Alice says
“I am Alice” and sends her secret password to
“prove” it.
“I am Alice”
Alice’s
IP addr
Alice’s
password failure scenario??
Alice’s
IP addr
OK
36. Authentication: a third try
Security: 8- 36
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap3.0: Alice says “I am Alice” Alice says
“I am Alice” and sends her secret password to
“prove” it.
“I am Alice”
Alice’s
IP addr
Alice’s
password
playback
attack: Trudy
records Alice’s
packet
and later
plays it back
to Bob
37. Authentication: a modified third try
Security: 8- 37
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap3.0: Alice says “I am Alice” Alice says
“I am Alice” and sends her encrypted secret
password to “prove” it.
“I am Alice”
Alice’s
IP addr
encrypted
password failure scenario??
Alice’s
IP addr
OK
38. Authentication: a modified third try
Security: 8- 38
Goal: Bob wants Alice to “prove” her
identity to him
Protocol ap3.0: Alice says “I am Alice” Alice says
“I am Alice” and sends her encrypted secret
password to “prove” it.
“I am Alice”
Alice’s
IP addr
encrypted
password playback attack
still works:
Trudy records
Alice’s packet
and later plays
it back to Bob
39. Authentication: a fourth try
Security: 8- 39
Goal: avoid playback attack
protocol ap4.0: to prove Alice “live”, Bob sends
Alice nonce, R
Alice must return R, encrypted with shared
secret key
number (R) used only once-in-a-lifetime
Failures, drawbacks?
“I am Alice”
R
K (R)
A-B
Bob know Alice is
live, and only Alice
knows key to
encrypt nonce, so it
must be Alice!
40. Authentication: ap5.0
Security: 8- 40
ap4.0 requires shared symmetric key - can we
authenticate using public key techniques?
ap5.0: use nonce, public key cryptography
“I am Alice”
R
K (R)
A
-
Send me your public key
K (R)
A
+
Bob
computes
and knows only
Alice could have the
private key, that
encrypted R such
that
(K (R)) = R
A
-
K
A
+
(K (R)) = R
A
-
K
A
+
41. Authentication: ap5.0 – there’s still a
flaw!
Security: 8- 41
man (or woman) in the middle attack: Trudy poses as
Alice (to Bob) and as Bob (to Alice)
I am Alice I am Alice
Send me your public key
Send me your public key
T
m = K (K (m))
+
T
-
Trudy recovers m:
sends m to
Alice encrypted
with Alice’s
public key
T
K (R)
-
R
T
K
+
T
K
+
(K (R)) = R,
T
-
Bob computes
authenticati
ng
Trudy as
Alice
R
A
K (R)
-
K
+
A
K (m)
+
T
Bob sends a
personal
message, m to
Alice
A
K (m)
+
A
m = K (K (m))
+
A
-
Trudy recovers Bob’s
m:
and she and Bob
meet a week later in
person and discuss m,
not knowing Trudy
knows m
?
Where
are
mistakes
made
here?
42. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
Operational security: firewalls and
IDS
Security: 8- 42
43. Digital signatures
Security: 8- 43
cryptographic technique analogous to hand-
written signatures:
sender (Bob) digitally signs document: he is document
owner/creator.
verifiable, nonforgeable: recipient (Alice) can prove to
someone that Bob, and no one else (including Alice),
must have signed document
simple digital signature for message m:
• Bob signs m by encrypting with his private key KB, creating
“signed” message, KB
-(m)
Bob’s message,
m
Public key
encryption
algorithm
Bob’s
private
key
KB
-
m,KB
-
(m
)
Dear Alice
Oh, how I have
missed you. I think
of you all the
time! …(blah blah
blah)
Bob
Dear Alice
Oh, how I have
missed you. I think
of you all the
time! …(blah blah
blah)
Bob
KB
-
(m
)
44. Digital
signatures
Security: 8- 44
-
Alice thus verifies that:
Bob signed m
no one else signed m
Bob signed m and not m’
non-repudiation:
Alice can take m, and signature KB(m) to court and
prove that Bob signed m
-
suppose Alice receives msg m, with signature: m,
KB(m)
Alice verifies m signed by Bob by applying Bob’s public
key KB to KB(m) then checks KB(KB(m) ) = m.
If KB(KB(m) ) = m, whoever signed m must have used
Bob’s private key
-
-
-
+
+
+
45. Message
digests
Security: 8- 45
Hash function properties:
many-to-1
produces fixed-size msg digest (fingerprint)
given message digest x, computationally infeasible to
find m such that x = H(m)
large
messa
ge
m
H: Hash
Function H(m
)
computationally expensive to public-key-encrypt long
messages
goal: fixed-length, easy- to-compute digital “fingerprint”
apply hash function H to m, get fixed size message digest, H(m)
46. Internet checksum: poor crypto hash
function
Security: 8- 46
Internet checksum has some properties of hash
function:
produces fixed length digest (16-bit sum) of
message
is many-to-one
but given message with given hash value, it is easy
to find another message with same hash value:
I O U 1
0 0 . 9
9 B O B
49 4F 55 31
30 30 2E 39
39 42 D2 42
messageASCII format
B2 C1 D2 AC
I O U 9
0 0 . 1
9 B O B
49 4F 55 39
30 30 2E 31
39 42 D2 42
messageASCII format
B2 C1 D2 AC
different messages
but identical checksums!
47. Digital signature = signed message
digest
Security: 8- 47
digital
signature
(encrypt)
+
Bob sends digitally signed
message:
large
messag
e
m
H: Hash
Function H(m
)
Alice verifies signature,
integrity of digitally
signed message:
H: Hash
function
H(
m)
H(
m)
large
messag
e
m
Bob’s
privat
e
key
KB
-
KB(H(m
))
-
encrypted
message
digest
KB(H(m
))
-
encrypted
message
digest
digital
signature
(decrypt)
Bob’s
public
key KB
+
?
equal
48. Hash function algorithms
Security: 8- 48
MD5 hash function widely used (RFC 1321)
• computes 128-bit message digest in 4-step
process.
• arbitrary 128-bit string x, appears difficult to
construct msg m whose MD5 hash is equal to x
SHA-1 is also used
• US standard [NIST, FIPS PUB 180-1]
• 160-bit message digest
49. Authentication: ap5.0 – let’s fix it!!
Security: 8- 49
Recall the problem: Trudy poses as Alice (to Bob) and
as Bob (to Alice)
I am Alice I am Alice
Send me your public key
Send me your public key
T
m = K (K (m))
+
T
-
Trudy recovers m:
sends m to
Alice encrypted
with Alice’s
public key
T
K (R)
-
R
T
K
+
T
K
+
(K (R)) = R,
T
-
Bob computes
authenticati
ng
Trudy as
Alice
R
A
K (R)
-
K
+
A
K (m)
+
T
Bob sends a
personal
message, m to
Alice
A
K (m)
+
A
m = K (K (m))
+
A
-
Trudy recovers Bob’s
m:
and she and Bob
meet a week later in
person and discuss m,
not knowing Trudy
knows m
?
Where
are
mistakes
made
here?
50. Need for certified public keys
Security: 8- 50
motivation: Trudy plays pizza
prank on Bob
• Trudy creates e-mail order:
Dear Pizza Store, Please deliver to
me four pepperoni pizzas. Thank
you, Bob
• Trudy signs order with her private
key
• Trudy sends order to Pizza Store
• Trudy sends to Pizza Store her
public key, but says it’s Bob’s
public key
• Pizza Store verifies signature;
then delivers four pepperoni
pizzas to Bob
• Bob doesn’t even like pepperoni
51. Public key Certification Authorities
(CA)
Security: 8- 51
certification authority (CA): binds public key to
particular entity, E
entity (person, website, router) registers its public
key with CE provides “proof of identity” to CA
• CA creates certificate binding identity E to E’s public key
• certificate containing E’s public key digitally signed by
CA: CA says “this is E’s public key”
Bob’s
identifyi
ng
informati
on
KB
+
certificate for
Bob’s public key,
signed by CA
Bob’s
public
key KB
+
digital
signature
(encrypt)
CA’s
privat
e
key
K
CA
-
52. Public key Certification Authorities
(CA)
Security: 8- 52
Bob’
s
publi
c
key
KB
+
KB
+
when Alice wants Bob’s public key:
• gets Bob’s certificate (Bob or elsewhere)
• apply CA’s public key to Bob’s certificate, get Bob’s
public key
CA’s
publi
c
key
KCA
+
digital
signature
(decrypt)
53. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
Operational security: firewalls and
IDS
Security: 8- 53
54. Secure e-mail: confidentiality
Security: 8- 54
Alice wants to send confidential e-mail, m, to Bob.
KS( )
.
KB( )
.
+
KS(
m )
KB(KS )
+
m
KS
KS
KB
+
Internet
KS( )
.
KB( )
.
-
KB
-
KS
m
KS(
m )
KB(KS )
+
Alice:
generates random symmetric private key, KS
encrypts message with KS (for efficiency)
also encrypts KS with Bob’s public key
sends both KS(m) and K+
B(KS) to Bob
+ -
55. Secure e-mail: confidentiality (more)
Security: 8- 55
Alice wants to send confidential e-mail, m, to Bob.
KS( )
.
KB( )
.
+
KS(
m )
KB(KS )
+
m
KS
KS
KB
+
Internet
KS( )
.
KB( )
.
-
KB
-
KS
m
KS(
m )
KB(KS )
+
+ -
Bob:
uses his private key to
decrypt and recover KS
uses KS to decrypt KS(m) to
recover m
56. Secure e-mail: integrity, authentication
Security: 8- 56
Alice wants to send m to Bob, with message integrity, auth
H( )
. KA( )
.
- H(m
)
KA(H(m))
-
m
KA
-
m
KA( )
.
+
KA
+
KA(H(m))
-
m
H( )
. H(m
)
compare
Internet
+ -
Alice digitally signs hash of her message with her
private key, providing integrity and
authentication
sends both message (in the clear) and digital
signature
57. Secure e-mail: integrity, authentication
Security: 8- 57
Alice sends m to Bob, with confidentiality, message integrity,
H( )
. KA( )
.
- KA(H(m))
-
m
KA
-
m Internet
+ KS( )
.
KB( )
.
+
KS(
m )
KB(KS )
+
KS
KB
+
KS
+
message integrity, authentication
confidentiality
Alice uses three keys: her private key, Bob’s public key,
new symmetric key
What are Bob’s
complementary actions?
58. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
Operational security: firewalls and IDS
Security: 8- 58
59. Transport-layer security (TLS)
Security: 8- 59
widely deployed security protocol above the
transport layer
• supported by almost all browsers, web servers: https
(port 443)
provides:
• confidentiality: via symmetric encryption
• integrity: via cryptographic hashing
• authentication: via public key cryptography
all techniques
we have
studied!
history:
• early research, implementation: secure network
programming, secure sockets
• secure socket layer (SSL) deprecated [2015]
• TLS 1.3: RFC 8846 [2018]
60. Transport-layer security (TLS)
Security: 8- 60
widely deployed security protocol above the
transport layer
• supported by almost all browsers, web servers: https
(port 443)
provides:
• confidentiality: via symmetric encryption
• integrity: via cryptographic hashing
• authentication: via public key cryptography
all techniques
we have
studied!
history:
• early research, implementation: secure network
programming, secure sockets
• secure socket layer (SSL) deprecated [2015]
• TLS 1.3: RFC 8846 [2018]
61. Transport-layer security: what’s
needed?
Security: 8- 61
handshake: Alice, Bob use their certificates, private
keys to authenticate each other, exchange or
create shared secret
key derivation: Alice, Bob use shared secret to
derive set of keys
data transfer: stream data transfer: data as a series
of records
• not just one-time transactions
connection closure: special messages to securely
close connection
let’s build a toy TLS protocol, t-tls, to see
what’s needed!
we’ve seen the “pieces” already:
62. client
request
server
reply
t-tls
hello
public key
certificate
KB
+(MS) =
EMS
TCP
SYN
SYNA
CK
AC
K
t-tls: initial handshake
t-tls handshake phase:
• Bob establishes TCP
connection with Alice
• Bob verifies that Alice is
really Alice
• Bob sends Alice a master
secret key (MS), used to
generate all other keys
for TLS session
• potential issues:
– 3 RTT before client can
start receiving data
(including TCP
handshake)
Security: 8- 62
63. t-tls: cryptographic keys
Security: 8- 63
considered bad to use same key for more than one
cryptographic function
• different keys for message authentication code (MAC)
and encryption
four keys:
Kc : encryption key for data sent from client to server
Mc : MAC key for data sent from client to server
Ks : encryption key for data sent from server to client
Ms : MAC key for data sent from server to client
keys derived from key derivation function (KDF)
• takes master secret and (possibly) some additional
random data to create new keys
64. t-tls: encrypting data
Security: 8- 64
recall: TCP provides data byte stream abstraction
Q: can we encrypt data in-stream as written into
TCP socket?
• A: where would MAC go? If at end, no
message integrity until all data received and
connection closed!
• solution: break stream in series of “records”
• each client-to-server record carries a MAC,
created using Mc
• receiver can act on each record as it arrives
data MAC
length
t-tls record encrypted using symmetric key, Kc,
passed to TCP:
Kc( )
65. t-tls: encrypting data (more)
Security: 8- 65
possible attacks on data stream?
• re-ordering: man-in middle intercepts TCP
segments and reorders (manipulating sequence
#s in unencrypted TCP header)
• replay
solutions:
• use TLS sequence numbers (data, TLS-seq-#
incorporated into MAC)
• use nonce
66. t-tls: connection close
Security: 8- 66
data MAC
length type
Kc( )
truncation attack:
• attacker forges TCP connection close segment
• one or both sides thinks there is less data than
there actually is
solution: record types, with one type for closure
• type 0 for data; type 1 for close
MAC now computed using data, type, sequence #
67. Transport-layer security (TLS)
Security: 8- 67
IP
TCP
TLS
HTTP/2
IP
UDP
QUIC
HTTP/2 (slimmed)
Networ
k
Transp
ort
Applicati
on
HTTP/2 over TCP
HTTP
/3
HTTP/2 over QUIC
(which incorporates TLS)
over UDP
IP
TCP
HTTP 1.0
HTTP/2 over TCP
TLS provides an API that any application can
use
an HTTP view of TLS:
68. • “cipher suite”: algorithms that can be used for
key generation, encryption, MAC, digital
signature
• TLS: 1.3 (2018): more limited cipher suite choice
than TLS 1.2 (2008)
– only 5 choices, rather than 37 choices
– requires Diffie-Hellman (DH) for key exchange,
rather than DH or RSA
– combined encryption and authentication
algorithm (“authenticated encryption”) for data
TLS: 1.3 cipher suite
Security: 8- 68
69. TLS 1.3 handshake: 1 RTT
Security: 8- 69
client hello:
supported
cipher suites
DH key
agreement
protocol,
parameters
1
server hello:
selected cipher
suite
DH key
agreement
protocol,
parameters
2
3
clie
nt
serv
er
client TLS hello msg:
guesses key
agreement protocol,
parameters
indicates cipher suites
it supports
1
server TLS hello msg
chooses
key agreement
protocol,
parameters
cipher suite
server-signed
certificate
2
client:
checks server
certificate
generates key
can now make
application request
(e.g.., HTTPS GET)
3
70. TLS 1.3 handshake: 0 RTT
Security: 8- 70
client hello:
supported
cipher suites
DH key
agreement
protocol,
parameters
application data
server hello:
selected cipher
suite
DH key
agreement
protocol,
parameters
application data
(reply)
clie
nt
serv
er
• initial hello message
contains encrypted
application data!
• “resuming” earlier
connection between client
and server
• application data encrypted
using “resumption master
secret” from earlier
connection
• vulnerable to replay
attacks!
• maybe OK for get HTTP GET
or client requests not
modifying server state
71. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
Operational security: firewalls and IDS
Security: 8- 71
72. • provides datagram-level encryption,
authentication, integrity
– for both user traffic and control traffic (e.g., BGP, DNS
messages)
• two “modes”:
IP Sec
Security: 8- 72
transport mode:
only datagram
payload is
encrypted,
authenticated
tunnel mode:
entire datagram is
encrypted,
authenticated
encrypted datagram
encapsulated in new
datagram with new IP
header, tunneled to
payload
payload
payload
73. Two IPsec protocols
Security: 8- 73
• Authentication Header (AH) protocol [RFC 4302]
– provides source authentication & data integrity but
not confidentiality
• Encapsulation Security Protocol (ESP) [RFC 4303]
– provides source authentication, data integrity, and
confidentiality
– more widely used than AH
74. SA
Security associations (SAs)
Security: 8- 74
• before sending data, security association
(SA) established from sending to receiving
entity (directional)
• ending, receiving entitles maintain state
information about SA
– recall: TCP endpoints also maintain state info
– IP is connectionless; IPsec is connection-
oriented!
193.68.2.23
200.168.1.100
R1 stores for SA:
32-bit identifier: Security Parameter Index (SPI)
origin SA interface (200.168.1.100)
destination SA interface (193.68.2.23)
type of encryption used
encryption key
type of integrity check
used
authentication key
75. IPsec datagram
Security: 8- 75
new IP
header
ESP
header
original
IP hdr
Original IP
datagram payload
ESP
trailer
ESP
auth
padding
pad
length
next
header
SPI
Seq
#
encrypted
authenticated
ESP trailer: padding for block ciphers
ESP header:
• SPI, so receiving entity knows what to do
• sequence number, to thwart replay attacks
MAC in ESP auth field created with shared secret
key
tunnel mode
ESP
76. ESP tunnel mode: actions
Security: 8- 76
at
R1
:
appends ESP trailer to
original datagram (which
includes original header
fields!)
encrypts result using
algorithm & key specified
by SA
appends ESP header to
front of this encrypted
quantity
creates authentication
MAC using algorithm and
key specified in SA
payload
payload
R
1
77. IPsec sequence numbers
Security: 8- 77
for new SA, sender initializes seq. # to 0
each time datagram is sent on SA:
• sender increments seq # counter
• places value in seq # field
goal:
• prevent attacker from sniffing and replaying a packet
• receipt of duplicate, authenticated IP packets may
disrupt service
method:
• destination checks for duplicates
• doesn’t keep track of all received packets; instead uses
a window
78. Security Policy Database
(SPD)
Security: 8- 78
policy: for given datagram,
sender needs to know if it
should use IP sec
policy stored in security
policy database (SPD)
needs to know which SA to
use
• may use: source and
destination IP address;
protocol number
Security Assoc.
Database (SAD)
endpoint holds SA state in
security association
database (SAD)
when sending IPsec
datagram, R1 accesses SAD
to determine how to
process datagram
when IPsec datagram
arrives to R2, R2 examines
SPI in IPsec datagram,
indexes SAD with SPI,
processing
datagram accordingly.
SPD: “what” to do
SAD: “how” to do it
IPsec security databases
79. Security: 8- 79
Summary: IPsec services
Trudy sits somewhere between
R1, R2. she doesn’t know the
keys
– will Trudy be able to see original
contents of datagram? How
about source, dest IP address,
transport protocol, application
port?
– flip bits without detection?
– masquerade as R1 using R1’s IP
address?
80. Security: 8- 80
IKE: Internet Key Exchange
previous examples: manual establishment of IPsec SAs
in IPsec endpoints:
Example SA:
SPI: 12345
Source IP: 200.168.1.100
Dest IP: 193.68.2.23
Protocol: ESP
Encryption algorithm: 3DES-cbc
HMAC algorithm: MD5
Encryption key: 0x7aeaca…
HMAC key:0xc0291f…
manual keying is impractical for VPN with 100s of
endpoints
instead use IPsec IKE (Internet Key Exchange)
81. Security: 8- 81
IKE: PSK and PKI
authentication (prove who you are) with
either
• pre-shared secret (PSK) or
• with PKI (pubic/private keys and certificates).
PSK: both sides start with secret
• run IKE to authenticate each other and to
generate IPsec SAs (one in each direction),
including encryption, authentication keys
PKI: both sides start with public/private key
pair, certificate
• run IKE to authenticate each other, obtain IPsec
SAs (one in each direction).
82. Security: 8- 82
IKE phases
IKE has two phases
• phase 1: establish bi-directional IKE SA
• note: IKE SA different from IPsec SA
• aka ISAKMP security association
• phase 2: ISAKMP is used to securely negotiate
IPsec pair of SAs
phase 1 has two modes: aggressive mode
and main mode
• aggressive mode uses fewer messages
• main mode provides identity protection and is
more flexible
83. Security: 8- 83
IPsec summary
IKE message exchange for algorithms, secret
keys, SPI numbers
either AH or ESP protocol (or both)
• AH provides integrity, source authentication
• ESP protocol (with AH) additionally provides
encryption
IPsec peers can be two end systems, two
routers/firewalls, or a router/firewall and an
end system
84. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
• 802.11 (WiFi)
• 4G/5G
Operational security: firewalls and IDS
Security: 8- 84
85. Security: 8- 85
802.11: authentication, encryption
Arriving mobile must:
associate with access point: (establish)
communication over wireless link
authenticate to network
AP
AS
Authentication Server
wired network
mobile
86. Security: 8- 86
802.11: authentication, encryption
AP
AS
Authentication Server
wired network
1
discovery of security capabilities:
AP advertises its presence, forms of authentication and
encryption provided
device requests specific forms authentication,
encryption desired
although device, AP already exchanging messages, device
not yet authenticated, does not have encryption keys
1
mobile
discovery of security capabilities
87. Security: 8- 87
802.11: authentication, encryption
AP
AS
Authentication Server
mobile
wired network
1
mutual authentication and shared symmetric key
derivation:
AS, mobile already have shared common secret (e.g.,
password)
AS, mobile use shared secret, nonces (prevent relay
attacks), cryptographic hashing (ensure message integrity)
to authenticating each other
discovery of security capabilities
2
2
mutual authentication, key derivation
88. Initial shared secret
Security: 8- 88
802.11: WPA3 handshake
• AS generates NonceAS, sends to mobile
• mobile receives NonceAS
– generates NonceM
– generates symmetric shared session key KM-AP
using NonceAS, NonceM, and initial shared secret
– sends NonceM, and HMAC-signed value using
Nonce and initial shared secret
a
Nonc
eAS
b
NonceM, HMAC(f(KAS-
M,NonceAS))
derive session key KM-AP
using initial-shared-secret,
NonceAS, NonceM
Initial shared secret
a
b
c
derive session key KM-AP
using initial shared secret ,
NonceAS, NonceM
c
AS Authentication Server
mobile
89. Security: 8- 89
802.11: authentication, encryption
AP
AS
Authentication Server
mobile
wired network
1
discovery of security capabilities
2
mutual authentication, key derivation
3
3
Shared symmetric key distribution
shared symmetric session key distribution (e.g., for
AES encryption)
same key derived at mobile, AS
AS informs AP of the shared symmetric session
90. Security: 8- 90
802.11: authentication, encryption
AP
AS
Authentication Server
mobile
wired network
1
discovery of security capabilities
2
4
mutual authentication, key derivation
3
shared symmetric key distribution
encrypted communication between mobile and
remote host via AP
same key derived at mobile, AS
AS informs AP of the shared symmetric session
4
encrypted communication over WiFi
91. Security: 8- 91
802.11: authentication, encryption
AP
AS
Authentication Server
mobile
wired network
EAP TLS
EAP
EAP over LAN (EAPoL)
IEEE 802.11
RADIUS
UDP/IP
• Extensible Authentication Protocol (EAP) [RFC
3748] defines end-to-end request/response
protocol between mobile device, AS
92. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile
networks
• 802.11 (WiFi)
• 4G/5G
Operational security: firewalls and IDS
Security: 8- 92
93. Security: 8- 93
Authentication, encryption in 4G LTE
Visited network
mobile
Base station (BS)
Mobility
Management
Entity (MME)
Home network
Home
Subscriber
Service
(HSS)
arriving mobile must:
• associate with BS: (establish) communication over
4G wireless link
• authenticate itself to network, and authenticate
network
notable differences from WiFi
• mobile’s SIMcard provides global identity, contains
shared keys
• services in visited network depend on (paid) service
subscription in home network
94. Security: 8- 94
Authentication, encryption in 4G LTE
mobile, BS use derived session key KBS-M to encrypt
communications over 4G link
MME in visited network + HHS in home network,
together play role of WiFi AS
• ultimate authenticator is HSS
• trust and business relationship between visited
and home networks
Base station (BS) Visited network
mobile
Mobility
Management
Entity (MME)
Home network
Home
Subscriber
Service
(HSS)
KHSS-M
KBS-M
K
HSS-M
95. Security: 8- 95
Authentication, encryption in 4G LTE
a
attach attach AUTH_REQ (IMSI, VN info)
Base station (BS) Visited network
mobile
Mobility
Management
Entity (MME)
Home network
Home
Subscriber
Service
(HSS)
KHSS-M
KBS-M
K
HSS-M
authentication request to home network HSS
• mobile sends attach message (containing its IMSI,
visited network info) relayed from BS to visited
MME to home HHS
• IMSI identifies mobile’s home network
a
96. Security: 8- 96
Authentication, encryption in 4G LTE
• HSS use shared-in-advance secret key, KHSS-M, to
derive authentication token, auth_token, and expected
authentication response token, xresHSS
• auth_token contains info encrypted by HSS using KHSS-M ,
allowing mobile to know that whoever computed
auth_token knows shared-in-advance secret
• mobile has authenticated network
b
b
AUTH_RESP (auth token,xresHSS,keys)
auth token
auth token
a
attach attach AUTH_REQ (IMSI, VN info)
Base station (BS) Visited network
mobile
Mobility
Management
Entity (MME)
Home network
Home
Subscriber
Service
(HSS)
KHSS-M
KBS-M
K
HSS-M
97. Security: 8- 97
Authentication, encryption in 4G LTE
• authentication response from mobile:
• mobile computes resM using its secret key to make
same cryptographic calculation that HSS made to
compute xresHSS and sends resM to MME
c
b
AUTH_RESP (auth token,xresHSS,keys)
auth token
auth token
a
attach attach AUTH_REQ (IMSI, VN info)
Base station (BS) Visited network
mobile
Mobility
Management
Entity (MME)
Home network
Home
Subscriber
Service
(HSS)
KHSS-M
KBS-M
K
HSS-M
resM
c
98. Security: 8- 98
Authentication, encryption in 4G LTE
• mobile is authenticated by network:
• MMS compares mobile-computed value of resM with the
HSS-computed value of xresHSS . If they match, mobile is
authenticated ! (why?)
• MMS informs BS that mobile is authenticated, generates
d
b
AUTH_RESP (auth token,xresHSS,keys)
auth token
auth token
a
attach attach AUTH_REQ (IMSI, VN info)
Base station (BS) Visited network
mobile
Mobility
Management
Entity (MME)
Home network
Home
Subscriber
Service
(HSS)
KHSS-M
KBS-M
K
HSS-M
resM
c
d
OK, keys
OK
99. Security: 8- 99
Authentication, encryption in 4G LTE
b
AUTH_RESP (auth token,xresHSS,keys)
auth token
auth token
a
attach attach AUTH_REQ (IMSI, VN info)
Base station (BS) Visited network
mobile
Mobility
Management
Entity (MME)
Home network
Home
Subscriber
Service
(HSS)
KHSS-M
KBS-M
K
HSS-M
resM
c
d
OK, keys
OK
e
key derivation e mobile, BS determine keys
for encrypting data, control
frames over 4G wireless
channel
AES can be used
100. • 4G: MME in visited network makes
authentication decision
• 5G: home network provides authentication
decision
– visited MME plays “middleman” role but can
still reject
Security: 8- 100
Authentication, encryption: from 4G to
5G
4G: uses shared-in-advance keys
5G: keys not shared in advance for IoT
4G: device IMSI transmitted in cleartext to BS
5G: public key crypto used to encrypt IMSI
101. Chapter 8 outline
What is network security?
Principles of cryptography
Authentication, message integrity
Securing e-mail
Securing TCP connections: TLS
Network layer security: IPsec
Security in wireless and mobile networks
Operational security: firewalls
and IDS
Security: 8- 101
102. Security: 8- 102
Firewalls
isolates organization’s internal network
from larger Internet, allowing some
packets to pass, blocking others
administered
network
public
Internet
firewall
trusted “good guys” untrusted “bad guys”
firewall
103. Security: 8- 103
Firewalls: why
prevent denial of service attacks:
SYN flooding: attacker establishes many bogus TCP
connections, no resources left for “real” connections
prevent illegal modification/access of internal data
e.g., attacker replaces CIA’s homepage with
something else
allow only authorized access to inside network
set of authenticated users/hosts
three types of firewalls:
stateless packet filters
stateful packet filters
application gateways
104. Security: 8- 104
Stateless packet filtering
Should
arriving
packet be
allowed in?
Departing
packet let
out?
internal network connected to Internet via router
firewall
filters packet-by-packet, decision to forward/drop
packet based on:
• source IP address, destination IP address
• TCP/UDP source, destination port numbers
• ICMP message type
• TCP SYN, ACK bits
105. Security: 8- 105
Stateless packet filtering: example
Should
arriving
packet be
allowed in?
Departing
packet let
out?
example 1: block incoming and outgoing datagrams with IP
protocol field = 17 and with either source or dest port = 23
• result: all incoming, outgoing UDP flows and telnet
connections are blocked
example 2: block inbound TCP segments with ACK=0
• result: prevents external clients from making TCP
connections with internal clients, but allows internal
clients to connect to outside
106. Security: 8- 106
Stateless packet filtering: more
examples
Policy Firewall Setting
no outside Web access drop all outgoing packets to
any IP address, port 80
no incoming TCP
connections, except those
for institution’s public
Web server only.
drop all incoming TCP SYN
packets to any IP except
130.207.244.203, port 80
prevent Web-radios from
eating up the available
bandwidth.
drop all incoming UDP packets
- except DNS and router
broadcasts.
prevent your network
from being used for a
smurf DoS attack.
drop all ICMP packets going to
a “broadcast” address (e.g.
130.207.255.255)
prevent your network
from being tracerouted
drop all outgoing ICMP TTL
expired traffic
107. Security: 8- 107
Access Control Lists
action
source
address
dest
address
protocol
source
port
dest
port
flag
bit
allow
222.22/
16
outside
of
222.22/
16
TCP
>
1023
80
any
allow
outside
of
222.22/
16
222.22/
16 TCP 80 > 1023 ACK
allow
222.22/
16
outside
of
222.22/
16
UDP
>
1023
53 ---
ACL: table of rules, applied top to bottom to
incoming packets: (action, condition) pairs:
looks like OpenFlow forwarding (Ch. 4)!
108. Security: 8- 108
Stateful packet filtering
stateless packet filter: heavy handed tool
• admits packets that “make no sense,” e.g., dest port = 80, ACK
bit set, even though no TCP connection established:
action
source
addres
s
dest
address
protoc
ol
source
port
dest
port
flag
bit
allow
outside
of
222.22/
16
222.22/
16 TCP 80 > 1023 ACK
stateful packet filter: track status of every TCP
connection
• track connection setup (SYN), teardown (FIN): determine
whether incoming, outgoing packets “makes sense”
• timeout inactive connections at firewall: no longer admit
packets
109. Security: 8- 109
Stateful packet filtering
action source
address
dest
address
prot
o
source
port
dest
port
flag
bit
check
connecti
on
allow
222.22/1
6
outside of
222.22/16
TCP > 1023 80
any
allow
outside
of
222.22/1
6
222.22/16
TCP 80 > 1023 ACK x
allow
222.22/1
6
outside of
222.22/16
UDP > 1023 53 ---
allow
outside
of
222.22/1
6
222.22/16
UDP 53 > 1023 ----
x
deny all all all all all all
ACL augmented to indicate need to check connection
state table before admitting packet
110. Security: 8- 110
Application gateways
filter packets on
application data
as well as on
IP/TCP/UDP fields.
example: allow
select internal
users to telnet
outside
1. require all telnet users to telnet through gateway.
2. for authorized users, gateway sets up telnet
connection to dest host
• gateway relays data between 2 connections
3. router filter blocks all telnet connections not
originating from gateway
application
gateway
host-to-gateway
telnet session
router and filter
gateway-to-remote
host telnet session
111. Security: 8- 111
Limitations of firewalls, gateways
IP spoofing: router
can’t know if data
“really” comes from
claimed source
if multiple apps need
special treatment,
each has own app.
gateway
client software must
know how to contact
gateway
• e.g., must set IP
filters often use all or
nothing policy for
UDP
tradeoff: degree of
communication with
outside world, level
of security
many highly
protected sites still
suffer from attacks
112. Security: 8- 112
Intrusion detection systems
packet filtering:
• operates on TCP/IP headers only
• no correlation check among sessions
IDS: intrusion detection system
• deep packet inspection: look at packet contents
(e.g., check character strings in packet against
database of known virus, attack strings)
• examine correlation among multiple packets
• port scanning
• network mapping
• DoS attack
113. Security: 8- 113
Intrusion detection systems
Web
server
FTP
server
DNS
server
Internet
demilitarized
zone
firewall
IDS
sensors
multiple IDSs: different types of checking at
different locations
internal
network
114. Security: 8- 114
Network Security (summary)
basic techniques…...
cryptography (symmetric and public
key)
message integrity
end-point authentication
…. used in many different security
scenarios
secure email
secure transport (TLS)
IP sec
802.11, 4G/5G
operational security: firewalls and
116. Outline
• What is SDN?
• OpenFlow basics
• Why is SDN happening now? (a brief history)
• 4D discussion
116
117. Software Defined Network ?
A network in which the control plane is
physically separate from the data plane.
and
A single (logically centralized) control plane
controls several forwarding devices.
117
118. Software Defined Network (SDN)
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Control
Control
Control
Control
Control
Global Network Map
Control Plane
Control
Program
Control
Program
Control
Program
118
119. What You Said
• “Overall, the idea of SDN feels a little bit
unsettling to me because it is proposing to
change one of the main reasons for the
success of computer networks: fully
decentralized control. Once we introduce a
centralized entity to control the network we
have to make sure that it doesn’t fail, which I
think is very difficult.”
119
120. Entire backbone
runs on SDN
A Major Trend in Networking
Bought for $1.2 billion
(mostly cash) 120
121. The Networking “Planes”
• Data plane: processing and delivery of packets with local
forwarding state
– Forwarding state + packet header forwarding decision
–Filtering, buffering, scheduling
• Control plane: computing the forwarding state in routers
– Determines how and where packets are forwarded
– Routing, traffic engineering, failure detection/recovery,
…
• Management plane: configuring and tuning the network
–Traffic engineering, ACL config, device
provisioning, …
121
123. Data and Control Planes
Switching
Fabric
Processor
Line card
Line card
Line card
Line card
Line card
Line card
data plane
control plane
123
124. Data Plane
• Streaming algorithms on packets
– Matching on some header bits
– Perform some actions
• Example: IP Forwarding
host host host
LAN 1
... host host host
LAN 2
...
router router router
WAN WAN
1.2.3.4 1.2.3.7 1.2.3.156 5.6.7.8 5.6.7.9
1.2.3.0/24
5.6.7.0/24
forwarding table
124
125. Control Plane
• Compute paths the packets will follow
– Populate forwarding tables
– Traditionally, a distributed protocol
• Example: Link-state routing (OSPF, IS-IS)
– Flood the entire topology to all nodes
– Each node computes shortest paths
– Dijkstra’s algorithm
125
127. 1
2
3
“If , send to 3”
Data
“If a packet is going to B,
then send it to output 3”
1. Figure out which routers and links are present.
2. Run Dijkstra’s algorithm to find shortest paths.
127
128. Management Plane
• Traffic Engineering: setting the weights
– Inversely proportional to link capacity?
– Proportional to propagation delay?
– Network-wide optimization based on traffic?
3
2
2
1
1
3
1
4
5
3
3
128
129. Challenges
(Too) many task-specific control mechanisms
– No modularity, limited functionality
Indirect control
– Must invert protocol behavior, “coax” it to do what you want
– Ex. Changing weights instead of paths for TE
Uncoordinated control
– Cannot control which router updates first
Interacting protocols and mechanisms
– Routing, addressing, access control, QoS
The network is
• Hard to reason
about
• Hard to evolve
• Expensive
129
130. Example 1: Inter-domain Routing
• Today’s inter-domain routing protocol, BGP, artificially
constrains routes
- Routing only on destination IP address blocks
- Can only influence immediate neighbors
- Very difficult to incorporate other information
• Application-specific peering
– Route video traffic one way, and non-video another
• Blocking denial-of-service traffic
– Dropping unwanted traffic further upstream
• Inbound traffic engineering
– Splitting incoming traffic over multiple peering links
130
131. • Two locations, each with data center &
front office
• All routers exchange routes over all links
R1 R2
R5
R4
R3
Chicago (chi)
New York (nyc)
Data Center Front Office
Example 2: Access Control
131
134. • A new short-cut link added between data centers
• Intended for backup traffic between centers
R1 R2
R5
R4
R3
Data Center
Packet filter:
Drop nyc-FO -> *
Permit *
Packet filter:
Drop chi-FO -> *
Permit *
Front Office
chi
nyc
Example 2: Access Control
134
135. • Oops – new link lets packets violate access control policy!
• Routing changed, but
• Packet filters don’t update automatically
R1 R2
R5
R4
R3
Data Center
Packet filter:
Drop nyc-FO -> *
Permit *
Packet filter:
Drop chi-FO -> *
Permit *
Front Office
chi
nyc
Example 2: Access Control
135
136. Custom Hardware
Custom Hardware
Custom Hardware
Custom Hardware
Custom Hardware
OS
OS
OS
OS
OS
Network OS
Feature Feature
How SDN Changes the Network
Feature Feature
Feature Feature
Feature Feature
Feature Feature
Feature Feature
136
136
137. Control Program 1
Network OS
1. Open interface to packet forwarding
3. Consistent, up-to-date global network view 2. At least one Network OS
probably many.
Open- and closed-source
Software Defined Network (SDN)
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Control Program 2
137
138. Network OS
Network OS: distributed system that creates a
consistent, up-to-date network view
– Runs on servers (controllers) in the network
– NOX, ONIX, Floodlight, Trema, OpenDaylight,
HyperFlow, Kandoo, Beehive, Beacon, Maestro, …
+ more
Uses forwarding abstraction to:
– Get state information from forwarding elements
– Give control directives to forwarding elements 138
139. Control Program A Control Program B
Network OS
Software Defined Network (SDN)
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
139
140. Control Program
Control program operates on view of network
– Input: global network view (graph/database)
– Output: configuration of each network device
Control program is not a distributed system
– Abstraction hides details of distributed state
140
141. Forwarding Abstraction
Purpose: Standard way of defining forwarding
state
– Flexible
• Behavior specified by control plane
• Built from basic set of forwarding primitives
– Minimal
• Streamlined for speed and low-power
• Control program not vendor-specific
• OpenFlow is an example of such an
abstraction
141
142. Network OS
Software Defined Network
142
Global Network View
Control Program
Virtual Topology
Network Hypervisor
143. Virtualization Simplifies Control Program
A
B
A
B
Abstract Network View
Global Network View
AB drop
Hypervisor then inserts flow entries as needed
AB drop
AB drop
14
144. What You Said
• “However, I remain skeptical that such an
approach will actually simplify much in the
long run. That is, the basic paradigm in
networks (layers) is in fact a simple model.
However, the ever-changing performance and
functionality goals have forced more
complexity into network design. I'm not sure if
SDN will be able to maintain its simplified
model as goals continue to evolve.”
144
145. Does SDN Simplify the Network?
Abstraction doesn’t eliminate complexity
- NOS, Hypervisor are still complicated pieces of code
SDN main achievements
- Simplifies interface for control program (user-specific)
- Pushes complexity into reusable code (SDN platform)
Just like compilers….
145
146. OpenFlow Protocol
Data Path (Hardware)
Control Path OpenFlow
Ethernet Switch
Network OS
Control Program A Control Program B
OpenFlow Basics
146
147. Control Program A Control Program B
Network OS
OpenFlow Basics
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Flow
Table(s)
“If header = p, send to port 4”
“If header = ?, send to me”
“If header = q, overwrite header with r,
add header s, and send to ports 5,6”
147
148. Primitives <Match, Action>
Match arbitrary bits in headers:
– Match on any header, or new header
– Allows any flow granularity
Action
– Forward to port(s), drop, send to controller
– Overwrite header with mask, push or pop
– Forward at specific bit-rate
Header Data
Match: 1000x01xx0101001x
150. The Road to SDN
Why is SDN happening now?
• Active Networking: 1990s
- First attempt make networks programmable
- Demultiplexing packets to software programs, network
virtualization, …
• Control/Dataplane Separation: 2003-2007
- ForCes [IETF], RCP, 4D
[Princeton, CMU], SANE/Ethane
[Stanford/Berkeley]
- Open interfaces between data and control plane, logically
centralized control
• OpenFlow API & Network Oses: 2008
- OpenFlow switch interface [Stanford]
- NOX Network OS [Nicira]
150
N. Feamster et al., “The Road to SDN: An Intellectual History of Programmable Networks”, ACM
SIGCOMM CCR 2014.
151. SDN Drivers
• Rise of merchant switching silicon
- Democratized switching
- Vendors eager to unseat incumbents
• Cloud / Data centers
- Operators face real network management problems
- Extremely cost conscious; desire a lot of control
• The right balance between vision & pragmatism
- OpenFlow compatible with existing hardware
• A “killer app”: Network virtualization 151
152. Virtualization is Killer App for
SDN
Consider a multi-tenant datacenter
- Want to allow each tenant to specify virtual topology
- This defines their individual policies and requirements
Datacenter’s network hypervisor compiles these
virtual topologies into set of switch configurations
- Takes 1000s of individual tenant virtual topologies
- Computes configurations to implement all simultaneously
This is what people are paying money for….
- Enabled by SDN’s ability to virtualize the network
153. 4D
• Decision: all management and control logic
• Dissemination: communicating with routers
• Discovery: topology and traffic monitoring
• Data: packet handling
routers
Decision
Dissemination
Discovery
Data
Network-level
objectives
Direct
control
Network-
wide views
154. What You Said
• “The most compelling aspect of SDN and of
the 4D Approach proposed, in my opinion, is
the ability to enable innovation. However, SDN
taken to the extreme proposed in the 4D
approach seems to me to significantly limit
scalability and increase complexity.”
154
155. What You Said
• “My concern is that, previous designs that is
aware of the delay of updating network view,
take the consideration right on their control
(they have control rules and protocol that
touch this directly). But SDN tries to hide this
nature from the programmers. I am not sure if
the design of the software, in the absence of
these concerns, will end up with expected
results.”
155
156. Practical Challenges
• Scalability
– Decision elements responsible for many routers
• Reliability
– Surviving failures of decision elements and routers
• Response time
– Delays between decision elements and routers
• Consistency
– Ensuring multiple decision elements behave consistently
• Security
– Network vulnerable to attacks on decision elements
• Interoperability
– Legacy routers and neighboring domains
156
158. Datacenter networks
Link Layer: 6-158
10’s to 100’s of thousands of hosts, often closely
coupled, in close proximity:
e-business (e.g. Amazon)
content-servers (e.g., YouTube, Akamai, Apple, Microsoft)
search engines, data mining (e.g., Google)
challenges:
multiple applications, each
serving massive numbers of
clients
reliability
managing/balancing load,
avoiding processing,
networking, data bottlenecks
Inside a 40-ft Microsoft container, Chicago
data center
159. Datacenter networks: network
elements
Link Layer: 6-159
Server racks
20- 40 server blades: hosts
Top of Rack (TOR)
switch
one per rack
40-100Gbps Ethernet
to blades
Tier-2 switches
connecting to ~16
TORs below
Tier-1 switches
connecting to ~16 T-
2s below
Border routers
connections outside datac
…
…
…
…
…
…
…
…
161. Datacenter networks: multipath
Link Layer: 6-161
9 1
0
1
1
1
2
1
3
1
4
1
5
1
6
two disjoint paths highlighted between racks 1
and 11
rich interconnection among switches, racks:
• increased throughput between racks (multiple routing paths
possible)
• increased reliability via redundancy
162. …
…
…
…
…
…
…
…
Datacenter networks: application-
layer routing
Link Layer: 6-162
Load
balancer
Internet
load balancer:
application-layer
routing
receives external
client requests
directs workload
within data
center
returns
results to
external client
(hiding data
center internals
from client)
163. • link layer:
– RoCE: remote DMA (RDMA) over Converged Ethernet
• transport layer:
–ECN (explicit congestion notification) used in transport-
layer congestion control (DCTCP, DCQCN)
–experimentation with hop-by-hop (backpressure)
congestion control
• routing, management:
– SDN widely used within/among organizations’ datacenters
– place related services, data as close as possible (e.g., in
same rack or nearby rack) to minimize tier-2, tier-1
communication
Datacenter networks: protocol
innovations
Link Layer: 6-163
165. Content
1. Introduction
2. Benefits of IoT
3. Application and use of IoT
4. IoT challenges
5. What needs to be done?
6. Top IoT technologies and trends
7. Future of IoT
8. Q&A
165
166. Introduction – what is IoT?
• The Internet of things (IoT) is a system of interrelated computing
devices, mechanical and digital machines, objects, animals or
people that are provided with unique identifiers ( UIDs ) and the
ability to transfer data over a network without requiring human-to-
human or human-to-computer interaction - IoTAgenda
• A thing in the IoT can be a person with a heart monitor implant, a
farm animal with a biochip transponder, an automobile that has
built-in sensors to alert the driver when tire pressure is low or any
other natural or man-made object that can be assigned an IP
address and is able to transfer data over a network.
• IoT is a sensor network of billions of smart devices that connect
people, systems and other applications to collect and share data.
166
167. Introduction – cont’d
• IoT is a concept of connecting any device with an on and off
switch to the Internet (and/or to each other). This includes
everything from cellphones, coffee makers, washing machines,
headphones, lamps, wearable devices and almost anything else
you can think of. This also applies to components of machines,
for example a jet engine of an airplane or the drill of an oil rig –
Forbes.
• The IoT is a giant network of connected "things" (which also
includes people). The relationship will be between people-
people, people-things, and things-things.
• The dominant consumer IoT device, worldwide, is the smart TV.
Between 25-35% cent of consumers worldwide own a
television that can connect to the Internet, according to a
Deloitte research. However, other areas of the IoT market are
growing rapidly.
167
168. Why IOT?
• Organizations in a variety of industries are
using IoT to operate more efficiently, better
understand customers to deliver enhanced
customer service, improve decision-making
and increase the value of the business.
168
169. IoT ecoystem
• An IoT ecosystem consists of web-enabled
smart devices that use embedded processors,
sensors and communication hardware to
collect, send and act on data they acquire
from their environments.
• IoT devices share the sensor data they collect
by connecting to an IoT gateway or other edge
device where data is either sent to the cloud
to be analyzed or analyzed locally.
169
170. Top 10 Strategic IoT Technologies and
Trends - GARTNER
1) Trend No. 1: Artificial Intelligence (AI): “Data is the fuel that
powers the IoT and the organization’s ability to derive meaning
from it will define their long term success.”
2) Trend No. 2: Social, Legal and Ethical IoT: These include
ownership of data and the deductions made from it, algorithmic
bias, privacy and compliance with regulations such as the General
Data Protection Regulation. “Successful deployment of an IoT
solution demands that it’s not just technically effective but also
socially acceptable.”
3) Trend No. 3: Infonomics and Data Broking: The theory of
infonomics takes monetization of data further by seeing it as a
strategic business asset to be recorded in the company accounts.
By 2023, the buying and selling of IoT data will become an
essential part of many IoT systems.
170
171. Top 10 Strategic IoT Technologies and
Trends – GARTNER (cont’d)
4) Trend No. 4: The Shift from Intelligent Edge to Intelligent Mesh:
The shift from centralized and cloud to edge architectures is well
under way in the IoT space. These mesh architectures will enable
more flexible, intelligent and responsive IoT systems — although
often at the cost of additional complexities.
5) Trend No. 5: IoT Governance: As the IoT continues to expand, the
need for a governance framework that ensures appropriate
behaviour in the creation, storage, use and deletion of
information related to IoT projects will become increasingly
important.
6) Trend No. 6: Sensor Innovation: The sensor market will evolve
continuously through 2023. New sensors will enable a wider
range of situations and events to be detected.
171
172. Top 10 Strategic IoT Technologies and
Trends – GARTNER (cont’d)
7) Trend No. 7: Trusted Hardware and Operating System: ‘.. by 2023,
we expect to see the deployment of hardware and software
combinations that together create more trustworthy and secure
IoT systems…’.
8) Trend 8: Novel IoT User Experiences: User experience driven by 4
factors: new sensors, new algorithms, new experience
architectures and context, and socially aware experiences.
9) Trend No. 9: Silicon Chip Innovation: By 2023, it’s expected that
new special-purpose chips will reduce the power consumption
required to run IoT devices.
10) Trend No. 10: New Wireless Networking Technologies for IoT: IoT
networking involves balancing a set of competing requirements. In
particular they should explore 5G, the forthcoming generation of
low earth orbit satellites, and backscatter networks.
172
173. Benefits of IoT
IoT offers a number of benefits to organizations,
enabling them to:
1. Monitor their overall business processes;
2. Improve the customer experience;
3. Save time and money;
4. Enhance employee productivity;
5. Integrate and adapt business models;
6. Make better business decisions; and
7. Generate more revenue.
173
175. The smart world of the future –
using Iot
Source:
https://www
.forbes.com/
sites/jacobm
organ/2014/
05/13/simpl
e-
explanation-
internet-
things-that-
anyone-can-
understand/
#ef2433f1d0
91
175
176. Sample: consumer iot products &
Services
1. Helmet Concussion Sensor
2. Medical Alert Watch
3. Smart Fitness Clothing and Smart Running Shoes
4. One-Button Product Purchases: “Order at the click of a
button!” Amazon has taken that phrase literally and
produced physical branded buttons called Amazon Dash
that link to products in your home. Say you run out of
laundry powder. You can press your Dash button for
Tide and Amazon will reorder your Tide Powder product
for you. No need to sign onto the Web, fumble with
payment methods, or retype credit card numbers.
5. Garden Sensors
6. Smart Televisions
176
180. Connected car story 180
Source:
https://www.businessinsider.co
m/connected-car-statistics-
manufacturers-2015-2?IR=T
The connected car is equipped
with internet connections and
software that allow people to
stream music, look up movie
times, be alerted of traffic and
weather conditions, and even
power driving-assistance
services such as self-parking.
181. Smart farming: Use of iot to
improve agriculture
• In IoT-based smart farming, a system is built for monitoring the crop
field with the help of sensors (light, humidity, temperature, soil
moisture, etc.) and automating the irrigation system. The farmers
can monitor the field conditions from anywhere. This is highly
efficient compared to the traditional/conventional approach.
• In terms of environmental issues, IoT-based smart farming provides
great benefits including: better and efficient water usage, and
optimization of inputs and treatments.
• Therefore, smart farming based on IoT technologies enables growers
and farmers to reduce waste and enhance productivity.
• Some of the IoT applications in this area are:
i. Precision farming Agricultural drones
ii. Livestock monitoring Smart greenhouses
181
182. Industrial Iot (iiot)
• Industrial IoT (IIoT) focusses on the use of
cyber-physical systems to monitor the physical
factory processes and make data-based
automated decisions.
• While the physical systems are made the
intelligent using IoT, the real-time
communication, and cooperation both with
each other and with humans is established via
the wireless web
• IIoT brings in the concept of ‘a connected
factory leads to a smart factory’.
182
183. Iiot in manufacturing
1. Digital/connected factory: IoT enabled machinery can
transmit operational information to the partners like
original equipment manufacturers and to field
engineers.
2. Facility management: The use of IoT sensors in
manufacturing equipment enables condition-based
maintenance alerts.
3. Production flow monitoring: IoT in manufacturing can
enable the monitoring of production lines starting from
the refining process down to the packaging of final
products.
4. Inventory management: IoT applications permit the
monitoring of events across a supply chain.
183
184. Iiot in manufacturing (cont’d)
5. Plant Safety and Security: IoT combined big data analysis
can improve the overall workers’ safety and security in the
plant. .
6. Quality control: IoT sensors collect aggregate product data
and other third-party syndicated data from various stages
of a product cycle.
7. Packaging Optimization: By using IoT sensors in products
and/or packaging, manufacturers can gain insights into the
usage patterns and handling of product from multiple
customers.
8. Logistics and Supply Chain Optimization: The Industrial
IoT (IIoT) can provide access to real-time supply chain
information by tracking materials, equipment, and
products as they move through the supply chain.
184
185. IOT CHALLENGES
Security, privacy and data sharing issues
• Because IoT devices are closely connected, all a hacker has to
do is exploit one vulnerability to manipulate all the data,
rendering it unusable. And manufacturers that don't update
their devices regularly -- or at all -- leave them vulnerable to
cybercriminals.
• However, hackers aren't the only threat to the internet of
things; privacy is another major concern for IoT users. For
instance, companies that make and distribute consumer IoT
devices could use those devices to obtain and sell users'
personal data.
• Challenges with IIoT:
i. Security of data – same as above
ii. Reliability and stability – of IIoT sensors
iii. Connectivity of all the systems in IIoT setup – no maintenance
envisioned?
iv. Blending legacy systems – IIoT is new in the market
185
186. What NEEDS TO be done?
1. Consumer education
2. Product reviews and comparisons
3. Vulnerability disclosure and vulnerability markets
4. Self-certification and voluntary codes of practice
5. Trust marks and labels like Internet Society’s Online Trust
Alliance (OTA) IoT Trust Framework
6. Government initiatives
7. Mandated security requirements
8. Mandated certification
9. Liability reform
10. Etc.
11. No intervention!?
186
187. The future of iot
• Bain & Company expects annual IoT revenue of hardware and software to exceed
$450 billion by 2020.
• McKinsey & Company estimates IoT will have an $11.1 trillion impact by 2025.
• IHS Markit believes the number of connected IoT devices will increase 12%
annually to reach 125 billion in 2030.
• Gartner assesses that 20.8 billion connected things will be in use by 2020, with
total spend on IoT devices and services to reach $3.7 trillion in 2021.
• By 2023, the average CIO will be responsible for more than three times as many
endpoints as this year – Gartner
• Garter forecasts that worldwide IoT Security Spending will be 3.11 billion by 2021
largely driven by regulatory compliance.
• Great improvements in the security of IoT devices driven by manufacturers’ own
initiatives as well users’ demand for better secure devices.
• Global manufacturers will use analytics data recorded from connected devices to
analyze processes and identify optimization possibilities, according to IDC and SAP.
• Business Insider forecasts that by 2020, 75 percent of new cars will come with
built-in IoT connectivity.
187