Yoram Ofek Department of Information and Communications Technology University of Trento, Italy
description
Transcript of Yoram Ofek Department of Information and Communications Technology University of Trento, Italy
Marie Curie Chairs (EXC)Marie Curie Chairs (EXC)
IP FLows over Optical and Wireless IP FLows over Optical and Wireless (“IP-FLOW”)(“IP-FLOW”)
“Kick-off” Meeting – Monday 28 June, 2004“Kick-off” Meeting – Monday 28 June, 2004
Yoram OfekDepartment of Information and Communications Technology
University of Trento, Italy
Prof. Yoram Ofek - DIT - University of Trento, Italy 2
Agenda 10:30 Opening:
Prof. Fausto Giunchiglia – Vice Rector – University of Trento Prof. Roberto Battiti – University of Trento Mr. Philippe Froissard – European Union
10:45 Prof. Yoram Ofek (University of Trento) – IP-FLOW Overview and Planning Discussion/planning Research Area 1: 11:30 Prof. Mario Baldi (Politecnico di Torino) and Prof. Achille Pattavina (Politecnico di
Milano) – “Minimum Complexity Non-blocking Switching” 11:50 Prof. Mario Baldi and Ing. Guido Marchetto (Politecnico di Torino) – "Time-based
Router” 11:40 Prof. Yoram Ofek “40 Tb/s Time-based Non-blocking Switch Design” Lunch 12:00 – 13:00 Discussion/planning Research Area 2: 13:00 Prof. Moti Yung (Columbia University - USA) – “Trusted Flow: Why, How, and Where?” 13:15 Prof. Fabio Massacci (University of Trento) – “Malware Protection” 13:30 Prof. Roberto Battiti (University of Trento) – “Trust and Location” 13:45 Dr. Paolo Falcarin and Dr. Maurizio Morisio (Politecnico di Torino) –
“A proposed TrustedFlow System Architecture with Aspect-oriented Implementation” 14:15 Dott. Davide D'Aprile Dr. Daniele Mazzocchi (Istituto Superiore Mario Boella - Torino) –
“A TrustedFlow Enabled Run-time Environment and Trusted Flow Formal Specification” 14:30 Dr. Luca Tagliaferri and Prof. Paolo Prinetto (Politecnico di Torino) –
“Code Self-checking Techniques for TrustedFlow Implementation”Discussion/planning Research Area 3:
15:00 Prof. Bezalel Gavish (SMU - USA) – Placement of multidirectional antennas 15:15 Prof. Andrea Massa / Prof. Renato Lo Cigno (University of Trento) – “the inter-
relationship: APs placement, antenna design, Radio wave propagation properties”
15:30 Prof. Yoram Ofek (University of Trento) – Concluding Discussion 16:00 – 16:30 Refreshment 16:30 – 18:00 Separate discussions and detailed planning 20:00 – Dinner – Ristorante Chiesa
Prof. Yoram Ofek - DIT - University of Trento, Italy 3
IP-FLOW Overview
Focus on:
1. Flow (switching/forwarding) of data over the Internet: optical and wireless
[Rather than on routing]
2. Internet/telecom business and security
Prof. Yoram Ofek - DIT - University of Trento, Italy 4
IP-FLOW Overview
Research Area 1 – UTC-based pipeline forwarding for solving switch and link bottlenecks
delivery of very high capacity streaming data
Research Area 2 – TrustedFlow for run-time software authentication
trusted delivery and processing of data
Research Area 3 – B-GLOW - Broadband services via GLobal Optical and Wireless integration - delivering streaming data to Wi-Fi clients
Prof. Yoram Ofek - DIT - University of Trento, Italy 5
Research Area 1 - MotivationThe Telecom (Unfinished) Story
Why the telecom industry: vendors and providers are more or less in “bankruptcy” ( two trillions $ debts)
They ignored cash flow: 1. spending money wisely … 2. earn more money from new services
Optimal UTC-based pipeline forwarding ensures:1. Efficient expenditure on equipment/infrastructure:
Single fully utilized network – convergence to 1 wire 1 network
2. Revenue from services with deterministic QoS:Streaming/interactive media: video, audio, multimedia
Prof. Yoram Ofek - DIT - University of Trento, Italy 6
Pipelines are deployed to increase efficiency in Factory (automotive), Computers (CPU), …
NOW NOW (deterministic)(deterministic) pipeline over the Internet! pipeline over the Internet!Thanks to GPS/Thanks to GPS/GALILEO/... that provides UTC – /... that provides UTC –
Coordinated Universal Time everywhereCoordinated Universal Time everywhere
Research Area 1 UTC-based Pipeline
Forwarding/Switching
Time-driven Switching (TDS)
1 2 1000
TimeCycle0
1 2 1000
TimeCycle1
1 2 1000
TimeCycle 79
UTC second
Time-of-Day or UTC
0beginning of a UTC second
fTfTfTfT fT
Time-driven Priority (TDP)
Optimal for Video-Conferencing – Why?
Prof. Yoram Ofek - DIT - University of Trento, Italy 7
Research Area 1 UTC-based for Streaming
Media
Deterministic performance: No loss, Minimum delay and Constant jitterend-to-end delay < 100 ms - interactive voice/video
Minimum buffers for all-optical realization Enables huge capacity increase for streaming
1000 capacity increase may create major switching bottlenecks
Prof. Yoram Ofek - DIT - University of Trento, Italy 8
Research Area 1 UTC-based Switching Complexity Minimum complexity non-blocking
switching – thus very high scalability
Analytically proven
UTC-based switch = Banyan Minimum complexity
Crossbar:
Clos:
NN log
2N
NN
Prof. Yoram Ofek - DIT - University of Trento, Italy 9
Crosspoint Switches:Vitesse –VSC3140VC, or
MindSpeed – M21150
32-by-32320 Gbps
1
32
32-by-32320 Gbps
1
32
132-by-32320 Gbps
1
32
32-by-32320 Gbps
1
32
1
3232
32x320: 10 Tbps Switching Module
Ele
ctri
cal I
nte
rcon
nec
tion
Research Area 1
UTC-based 40 Tera-bit/s Switch
Prof. Yoram Ofek - DIT - University of Trento, Italy 10
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
32-by-321
32
32-by-321
32
1
32-by-321
32
32-by-321
32
1
3232
Only off-the-shelf componentsThus, simple to prototype
Pipeline ForwardingSwitch Controller
32-by-32
32-by-32
1
32-by-32
32-by-32
1
3232
10 Tbps SwitchingModule
Interconnection:Electrical or Optical
UTC
Research Area 1
UTC-based 40 Tera-bit/s Switch
50 times less complexitythan HFR (Cisco newest switch)
Prof. Yoram Ofek - DIT - University of Trento, Italy 11
Research Area 1 Optical to Wireless Challenge
Optical/wireless bandwidth mismatch – factor of 1000 or more
UTC-based forwarding ensures: Minimum delay buffering and delay Deterministic no loss
Bandwidth Mismatch Animation
Prof. Yoram Ofek - DIT - University of Trento, Italy 12
Ph.D. Thesis Opportunities in Research Area 1
The research activities in this area will be open for students to propose and define their activities since there are still many open issues with regard to performance and realization.
Blocking probability analysis of global IP network with time-driven switching and time-driven priority
Optics vs. electronics: qualitative and quantitative comparison of UTC-based pipeline forwarding
Bandwidth mismatch: streaming from optical to wireless
Network architecture design and performance evaluation of multi terabit/second IP packet switches
Performance study of time-driven “best-effort” traffic over IP networks
Prof. Yoram Ofek - DIT - University of Trento, Italy 13
Research Area 2 Computing and Networking
Fundamental inventions in the past 50 years: Transistor Laser & optical fiber
Lead to exponential growth inComputingNetworking
Doubling performance every 18-24 mo. - a.k.a. Moore's "Law“
Led to the convergence of:Computing and Networking
Prof. Yoram Ofek - DIT - University of Trento, Italy 14
Research Area 2 Computing and Networking
Today, Internet: computing/networking are
ONE
Thus, trusted operation is a major challenge Critical to business:
Temporal (and spatial) manipulation of protocols
On-line bidding / stocks tradingDoS, DDoS – loss of revenues
Stealing: content, SW and information
Is it possible to use the network
to alleviate networkingtrust problem?
Prof. Yoram Ofek - DIT - University of Trento, Italy 16
Research Area 2 The Context of TrustedFlow
A method that combines:Computing and networking
For distribution of trust or
entrusting Stand-alone computer can be
trusted, by definition!
Prof. Yoram Ofek - DIT - University of Trento, Italy 17
Research Area 2 What Do We Want to Achieve?
Remote authentication of code during execution
Trusted 1st computer ensure that SW executed on
Untrusted 2nd computer was not modified
Thereby,
entrusting the 2nd computer
Prof. Yoram Ofek - DIT - University of Trento, Italy 18
Research Area 2 The Trust Problem Definition
How to ensure How to ensure run-timerun-time SW SW authenticityauthenticity
Focusing on two generic protocols:
1. Sending packets:1. Sending packets: To avoid unfair usage/attacks on To avoid unfair usage/attacks on
networks/serversnetworks/servers TCP, SLA, 802.11, …TCP, SLA, 802.11, …
2. Receiving packets (e.g., 2. Receiving packets (e.g., content):content):
To ensure digital right management (DRM)To ensure digital right management (DRM) Audio, video … Audio, video …
Prof. Yoram Ofek - DIT - University of Trento, Italy 19
Research Area 2 How: Entrusting
(Stream of) Tags are EMANATED from a program=code=software at run-time
ENTRUSTING by verifying the Tags
TagsTrusted
ComputerUNtrusted Computer
Entrusting
NetworkingComputing Computing
Prof. Yoram Ofek - DIT - University of Trento, Italy 20
Research Area 2 How: Entrusting
UntrustedComputing
Environment
TrustedComputing
Environment
Tag Checker(TC)
“HARDENED”with Special
Hardware/Software(e.g., TCPA)
(Stream of) Tags Associated with
Periodic Replacementof SW parts & Parameters
Trusted Computer
Entrusted SW onUNtrusted Computer
Entrusting SW by Verifying
Tags
SW withTag Generator
(TG)
Sending PacketsSending Packets
Receiving PacketsReceiving Packets
Prof. Yoram Ofek - DIT - University of Trento, Italy 21
Research Area 2
Quality of Remote SW Authentication
with TrustedFlow
TIME:periodicreplacementof SW componentsand parameters
SPACE:interlocking
andHiding
Of Tag Generation
BetterBetterRemoteRemoteAuthenticationAuthenticationOperationsOperations
Prof. Yoram Ofek - DIT - University of Trento, Italy 22
Ph.D. Thesis Opportunities in Research Area 2
TrustedFlow for streaming media content protection and management
TrustedFlow for 802.11 MAC protocol Reverse TrustedFlow for securing mobile
users TrustedFlow for Grid computing TrustedFlow for Internet voting software TrustedFlow for TCP (transport control
protocol) Design of the “hiding” function
of the tag generator Design of the “interlocking” function
of the tag generator TrustedFlow for SLA (service level agreement)
Prof. Yoram Ofek - DIT - University of Trento, Italy 23
WirelessWi-Fi 802.11
Optical Backbone
Security
Revenue Generating Services
Mismatch:Bandwidth /Availability /
Reliability
Secure Data andContent Flows
B-GLOWHigh FidelityData Flows
Over Wireless &Optical Backbone
ResearchArea 3
Research Area 3 B-GLOW Overview
Ub
iqu
itous C
omp
utin
g, S
torage, Position
& T
ime
Prof. Yoram Ofek - DIT - University of Trento, Italy 24
Predictable High QualityContent Delivery via IP-based Wireless: IEEE 802.11 – Wi-Fi
Optical Backbone Interfaces: GE/10GE/IP-MPLS/SDH/ …
Scalable and adaptable Audio/Video ContentDesired by Mobile Users
Mobile Users with Handheld DevicesWho Desired to Receive (and Pay for) Quality Content
Research Area 3 B-GLOW Overview
Prof. Yoram Ofek - DIT - University of Trento, Italy 25
Predictable Payments for quality content protected that can be protected by DRMWith scalable flat rate/mini/micro paymentsWith multilingual user interfacesPredictable delivery of scalable contentTo provide scalable audio and video content with coding and representation with run-time SLA protocol and interfaces with UMTS
To provide capacity to user to satisfy their need for content while minimizing infrastructure cost Optimized access point location with/without
directional Antenna
Efficient and timely packet flow and monitoringEnd-to-end Measurements with Feedback to Apps and Users Packet Transmission/Scheduling Protocol for Overcoming Optical/Wireless Bandwidth Mismatch
Objectiven. 4
Objectiven. 3
Objectiven. 2
Objectiven. 1IP-FLOW
FOCUS
Research Area 3 B-GLOW Overview
Prof. Yoram Ofek - DIT - University of Trento, Italy 26
USB
802.11 withExternal AntennaOmni/Directional
802.11 Access Pointwith/out SDMA
USB
802.11 withExternal AntennaOmni/Directional
MultimediaServer
Streaming Media to Mobile Users
Mobile DevicePC/PDA/Phone
Mobile DevicePC/PDA/Phone
Experimental Study:- “Hot-spot” and open-space- Utilizing both:
- Network/protocol analyzer- RF spectrum analyzer
Research Area 3 Focus on Wi-Fi Physical/Network
Layer
Prof. Yoram Ofek - DIT - University of Trento, Italy 27
Antenna Gain: G(db) = 10 log10(gmax) = 10 log10 [4*π*A / Lambda 2]
gmax 4*(3.14)*{(L1*L2)/(Lambda 2)} [Lambda = speed-of-light/Frequency]
[A=L1*L2 is the rectangular area of antenna aperture in cm 2 ]
L1
L2
5GHz
6 cm 60
12 cm
30G(db) 14
5GHz
6 cm 60
24 cm
15
G(db) 17
5GHz
6cm 60
48 cm
7.5
G(db) 20
5GHz
6 cm 60
6 cm
60
G(db) 11
L2
Research Area 3 Focus on Directional Antennas
2 cm 60 2 cm 60 2 cm 602 cm 60
4 cm
30
8 cm
15
16cm
7.5
2 cm
60
15GH
z
15GH
z
15GH
z
15GH
z
L1
L2
802.16SmallerDirectionalAntennasBut higher loss
802.11
Prof. Yoram Ofek - DIT - University of Trento, Italy 28
Research Area 3 Challenge
Small angle-high gain continuously changing best receiving direction, due to:
1. environment factors 2. motion - mobility 3. interference (unlicensed band)
Possible solution: multiple sectors
Antenna Sector 4Antenna Sector 5Antenna Sector 6
Antenna Sector 3Antenna Sector 2Antenna Sector 1Each Antenna Sector is
Flat Panel with Multiple “Patches”
Prof. Yoram Ofek - DIT - University of Trento, Italy 29
AntennaSector 1
Antenna C
ontrol Softw
are
USB802.11Access ControlAdapter
USB802.11Access Control Adapter
AntennaSector 6
US
B H
UB USB
Connection
Mobile Device
Research Area 3 1st Experimental Prototype Only software
Prof. Yoram Ofek - DIT - University of Trento, Italy 30
AntennaSector 1
Antenna C
ontrol Softw
are
USB802.11Access ControlAdapter
AntennaSector 6
Mobile Device
RF
Sw
itch
USBConnection
Research Area 3 2nd Experimental Prototype with RF Switch
Prof. Yoram Ofek - DIT - University of Trento, Italy 31
Ph.D. Thesis Opportunities in Research Area 3
In-depth experimentation and measurement of content delivery capacity in “hot-spot” as function of the number of active mobile user – using high-end spectrum and network analyzers
Studying the inter-relationship between directional antenna and access point placement both analytically and experimentally
Design and analysis of the potential benefits of directional antennas for mobile users
Studying and analysing how to provide scalable and adaptive audio and video content with necessary coding and representation, including a run-time and adaptive service level agreement protocol for matching capabilities for (paid) quality content delivery to mobile devices
Studying and analysing how to provide scalable content with protection using DRM (digital right management) with capability for differentiated payments and micro-payments, that are dependent on the quality of content delivered and on prior classification of users
Prof. Yoram Ofek - DIT - University of Trento, Italy 32
WirelessWi-Fi 802.11
Optical Backbone
Security
Services
Mismatch:Bandwidth /Availability /
Reliability
Secure Data andContent Flows
B-GLOWHigh FidelityData Flows
Over Wireless &Optical Backbone
ResearchArea 3
TrustedFlowAuthentication of
Data Flows
ResearchArea 2
ResearchArea 1
Time-basedPipeline
Forwarding of Data
IP-FLOW Summary
Ub
iqu
itous C
omp
utin
g, S
torage, Position
& T
ime
Prof. Yoram Ofek - DIT - University of Trento, Italy 33
IP-FLOW Overview Milestones
1ST YEAR 2ND YEAR 3RD YEAR Research Area 1
PCB electronic/heat dissipation design
Success
Implementation and testing
Success
Integration and demonstration
switch and interfaces
Research Area 2
Implementation of TrustedFlow
protocolSuccess
Integration for trusted content
deliverySuccess
Integration and demonstration with
trusted computing
Research Area 3Understanding
mobile w/directional antenna
Success
Evaluating content delivery quality
Success
Integration and demonstration with
micro-payment / DRM
Prof. Yoram Ofek - DIT - University of Trento, Italy 34
IP-FLOW Overview PROJECT GANTT
Month 0-3 4-6 7-9 10-12 13-15 16-18 19-21 22-24 25-27 28-30 31-33 34-36
Research Area 1 Switch Bottleneck: Complete Design/Analysis Complete PCB Implementation
UTC-based pipeline forwarding Link Bottleneck: Complete Interface Design Complete Interface Implementation
Research Area 2 Initial TrustedFlow Prototype Implementation Digital Right Management Implementation
TrustedFlow "Reverse" TrustedFlow Prototype Implementation
Research Area 3 Content Delivery Measurement Access Point Placement Run-time
B-Glow Mobile Devices WITHOUT Mobile Devices WITH Service Level Agreement with PaymentDirectional Antennas Directional Antennas
Content Delivery Measurement Access Point Placement Scalable Content Mobile Devices WITH Mobile Devices WITH MULTIPLE Dlivery with Micro-paymentDirectional Antennas Directional Antennas
Content Delivery Measurement Mobile Devices WITH MULTIPLE Directional Antennas
Prof. Yoram Ofek - DIT - University of Trento, Italy 35
IP-FLOW Overview Lecture series: Three graduate courses
Course 1: Satisfying QoS Requirements over a Single Networks
Course 2: Optical Networking
Course 3: The Inter-relationship of QoS, Mobility and Security
Seminar Series to Broad Audience Seminar 1: User’s satisfaction and flow of packet over the
Internet Seminar 2: The use of time in future packet networks Seminar 3: Trusted computing and run-time authentication of
protocols Seminar 4: Moore’s Law and the evolution of optical networking Seminar 5: The inter-relationship of QoS, mobility and security
Prof. Yoram Ofek - DIT - University of Trento, Italy 36
IP-FLOW Overview
teaching, training, dissemination and Workshops
1ST YEAR 2ND YEAR 3RD YEARGraduate courses Course 1 / Course 2 Course 3 / Course 2 Course 1 / Course 3Dissémination: Seminars: 1, 2, 3 Seminars: 3, 4, 5 Seminars: 1, 2, 3, 4, 5Dissemination: Short tutorials
Based on:Course 1 / Course 2
Based on:Course 3 / Course 2
Based on:Course 1 / Course 3
Workshops organized by the Chair holder on:
Streaming media over optical and wireless - 5/1/06
Trusted computing and content protection - 11/1/06
Possible technology transfers:
-Directional antennas for mobile users
-TrustedFlow applications-Pipeline forwarding Switch