printable banner

U.S. Department of State - Great Seal

U.S. Department of State

Diplomacy in Action

Future of the Cyber-Network

Dr. Michael El-Batanouny
Washington, DC
September 22, 2009


Andrew Reynolds: So, good morning ladies and gentlemen. Welcome to the first lecture of the Jefferson Science Fellows Distinguished Lecture Series for this academic year. Thank you for coming. We had initiated this lecture series last fall and we rely upon our Jefferson Science Fellows for substantive content of the lectures and we hope they continue to be of interest to you, our staff members and colleagues inside the State Department, as well as our wider community of scientists and engineers with which we associate ourselves.

My name is Andrew Reynolds. I am the deputy to our Science and Technology Advisor, Nina Fedoroff, who is traveling. She just departed yesterday for a long trip to the Middle East and Asia and she sends you her greetings. Nina is a Ph.D. scientist herself and, of course, has been the mentor for our Jefferson Fellows, both here and serving now as alumni.

This morning we are talking about the cyber network and I'm sure you all appreciate how central that is to our world today, to the way we conduct business, to the way we conduct military affairs, to the way we communicate as citizens and this buzz about Internet is really at a peak right now because the question of Internet governance has so dominated our policy responsibilities: accessibility, and this in both the domestic setting and internationally and international organizations are hard at work considering this whole question of governance and physical infrastructure, including cyber security. If you are familiar with the ICANN, the International Corporation for Assigned Names and Numbers, that happens to be a central locus of the debate as well: who controls the Internet names and subject matter: the assignment.

This administration, the Obama Administration, has put the Internet and cyber security at the center of its priority list of topics. They have a Special Assistant for Science Technology and Innovation in the White House by the name of Susan Crawford who was a former ICAS member, a board member, and has been a strong advocate in her career for net neutrality. Melissa Hathaway, the Cyber Security Chief at the National Security Council, also instrumentally involved: the budget, the supplemental and the long-term budget of this administration focusing on greater broadband access for our citizens, our businesses and our communities at large. And recently the cyberspace policy review was completed by the White House. So, I would commend you to have a look at that; it is the roadmap, if you will. And, of course, the DOD has established an undersecretary for cyber security, not insignificant any number of these issues and the timing; I can't say we were planning this. Michael is here today but yesterday Federal Communications Commission Chairman Genachowski announced proposed new rules for Internet service providers and that basically could treat all Internet traffic equally and to allow Internet access and through the networks with any nature of device. The industry will say there are constraints because of broadband limitations but net neutrality is guiding this principle, this set of proposals, and it will be treated on a case-by-case basis.

So, it's a propitious time to hear from one of our experts and Professor Michael El-Batanouny has been assigned in the academic year 2009-2010 to our Office of International Communication and Information Policy in the State Department Bureau of Economic, Energy and Business Affairs. And we're very happy to have this morning Ambassador Philip Verveer with us, who heads this office. Welcome Ambassador. I'm glad you could take the time to hear one of our distinguished alumni speak today and I hope that Michael's insights are also useful to you.

Michael is a professor of physics. He has been nearly 30 years at Boston University, is a well published, well documented researcher in his field and I think brings a unique perspective this morning on the future of the cyber network. I would like to invite Michael up to speak for maybe 25 minutes, as much time as you feel is necessary, but allow some time for questions and answers because that is part of the Distinguished Lecture Series idea to have some interaction.

So, ladies and gentlemen, again, welcome. Please keep an eye out. We hold these lectures every month. The next one will be in late October and we will be notifying you through the normal channels about the topic. We're not quite sure which one we're going to choose for that particular lecture but, without further ado, Michael, please come up and give us your insights. Thank you very much and we will look for to some questions and answers.


Michael El-Batanouny: Well, I'll be talking about the future of the cyber network and this work has come out of my work at the Office of International Communications and Information Policy in 2008-2009 and these were the people I collaborated with.

The outline of my talk will be “Architecture and Operation of Current Network:” How the network works now and then I will introduce some emerging infrastructure services and applications and how the current operation of Internet [low audio] these new emerging technologies. And I will finally end up with putting a list of what we call the mega-projects around the world that are researching these topics and how will it happen in the future? Do we have to have evolved slowly or do we have to have a revolution and a clean slate; just remove everything and start from scratch?

Okay, just to remind you of the jargon that's used, we call software applications things like word processing, photo manipulation; that's an application. And we can divide them into two categories: e-mail, Internet browsing, file transfer; these are all done over the Internet and, therefore, they are network applications and then these are productivity applications.

Okay, if we are on the Internet how do we communicate? How do we send a message? We can send -- we can ask for a Web page or we can send an e-mail but everything is done in what we call a packet. So, if we have a message, that message, if it's an e-mail message, it's divided in two packets. Then each packet is put inside an envelope, and we call that the payload, and outside the envelope we have a header and the header, among the main things, has where it's going, the destination address, and where it's coming from, the source address.

Among the other things that the header has is what's the number of the package? Is it number one, two, three, four? So, it gives that and then there is a protocol which I'll talk about in a second and a protocol basically specifies: is it a video? Is it an audio? Is it a file, because it can be treated differently and so on and of course the destination and originating address.

A protocol is just a set of rules that govern communications. A protocol is just, to computers, is computers just like language to humans. So, for example, for two devices on the network to successfully communicate, they should understand the same set of protocols.

Now the two main protocols that we use on the Internet now are what's called the transmission control protocol, TCP, and it's called connection oriented because it does reliable delivery of the packets in the sense that it sends out to the receiving end a message saying, "Are you ready?" The acknowledgment comes back and then the packet starts to go.

Now if the packet does not receive the acknowledgment, it's not received, it will send it again and it will slow down, assuming that there is congestion and there's a lot of problem because of that sometimes. Some applications or some things don't need that and, therefore, they are encumbered.

The second one is what's called user datagram protocol and that is a protocol -- it's called a connection list because it doesn't establish a connection and it's unreliable but it's fast. It just sends. It sends the messages. Of course, that works very well for streaming video and audio because you don't want to miss the sequence, okay, so you have to keep the sequence of the sound or the video because if a packet is not received and then it's resent it will arrive at a later time; so it will confuse the flow of conversation or the video. So, if you drop some, it's a millisecond or a couple of milliseconds. You will not notice something was dropped, okay? That's the main idea.

So, each packet now is sent to its destination via an available route. The route might be taken by preceding packets but not necessarily. And at the receiving end the packets are collected in sequence, stripped as if you are taking something out of an envelope and put together again.

Now how do we do that? Well, what happens is that you on the left basically are sending a packet or e-mail, one packet of an e-mail, and it's now routed through the Internet to the other end which happens to be, let's say, a Web server. So, all the communications, all the knowledge of the communications is between you and the end device, which is a server here so you specify what it's going to be like and the other end specifies how it's going to receive it and it's called an end-to-end communication. And all the things that you see in the middle -- it's taking a route and, therefore, we call them routers and each router's function is just to check the congestion in the neighboring routers and make sure to send it through the least congested router, okay? At the same time it will also take the shortest path to go. So, that's the function of the routers. The routers are just computers but they are designed and so on to do these functions. They could be if it's a huge traffic, it could be a supercomputer, or it could be just a small computer, a server. One of the routers you can have if you have something like a wireless router at home; that's a router. That's the simplest kind of router, okay?

The ones at the edge of the -- this will be the Internet so there's an edge one. We call it an edge router or a border router; and the ones in the center are called core routers and they have different functions. Now I will take this and I will break it down to smaller parts. So I will check where you are first and if I look at that this is the smallest possible, except for your home computer, this is the smallest possible network. It's called a local – a LAN -- a local area network and it can be a couple of you and your boss, and maybe an assistant, and then is the server that has the e-mail and printers. If you sent an e-mail or something to be printed, you send it to there and it sends it to the printer. E-mail: it would send it out through the router to the Internet.

Now, we get bigger. Then we have your home and you connect through a cable modem or DSL. And there is a business and they all connect to the -- ISP is the Internet Service Provider and when it goes to your local place, it sent to a regional place and so on. It goes on the Internet.

Another view of the same thing, except we call your local as a point of presence, and then there is NAP which is the network access point. Suppose you have Comcast and somebody else you are sending to has Verizon. Then you have the -- Comcast and Verizon have to communicate and they communicate through what's called a network access point.

This is another view and you are here. You're sending, let's say again, an e-mail, or a packet. It goes to an edge router and then it goes through many routers inside this cloud and it reaches the edge of this. This could be an ISP and the ISP router at the edge communicates with the other router at the edge through what's called a border gateway protocol so they have their own spoken language.

This is a bigger one and now we have -- we call this an autonomous system and it's an ISP and there's another autonomous system, another ISP, and they communicate via the network access point. I should have drawn --this last one -- the autonomous system: that could be the State Department autonomous system and it should have – instead of – it can't go directly to the NAP. It should go to a point of presence for an ISP. So this drawing was not exactly correct.

We also see a mail server and I'll talk about servers shortly and then we have the domain name server which will come up in my discussion.

So servers are just computers and they are computers that are dedicated to do one or two or three services. That's a server. So a server can be an e-mail server or a web browser or for the printer or the domain name address; I will discuss that in a second and we have a proxy cache, a proxy or cache server and that serves a very interesting role. It's between you and whatever -- let's say you want to go to Amazon and you want a Web page from Amazon. That would get it for you but it will keep a copy of it at the proxy, so that if you need next time to get that item or that webpage or, let's say the emblem for it, it will be already available and downloaded and it saves time instead of having the whole thing coming from Amazon.

Then there is a content server and a company like AKAMAI. AKAMAI has something like six 60,000 servers distributed around the world and, again, if you want to go to Amazon for -- some book came that's very important and everybody's buying it and it will basically create a big backlog at Amazon and -- now we have to go through a whole Internet. Let's say Amazon is in California so it has to go through all these routers and it causes congestion so instead of doing that, you have all these servers around the world: 60,000, and companies like Amazon, or CNN, and so on will contract with AKAMAI to mirror their product on to these servers and, therefore, it will save a lot of congestion from the network.

Then the last one is – that I will also get to: the DHCP which is dynamic cost configuration protocol.

Now the first thing I would like to talk about quickly is the addressing. How do we address? When you are sending some e-mail to somebody, how does the address work? Well, there are two parts to the address. There's something called the media access control, or MAC address, and the Internet protocol address. The analogy is the following. The MAC is exactly like your vehicle identification number. It basically is done by the manufacturer on the network interface card and it goes with you everywhere. So that never changes as long as you have the same computer. But there is also the license plate which can change if you move from one state to another state, okay, so this is not permanent. So that's the IP.

Now, another analogy is if you are sending a letter by the mail you have the person's name and his residence address. The residence address can change. His name doesn't change.

Now we come to how these IP addresses are done. Right now we are still working in version four and as I will point out shortly, there is a problem with that but it's written in like four pieces separated by dots. Each one can go from 0 to 255 so if you multiply that, you'll get that the total unique values are about four billion, 4.3 billion. Now when this was done everybody thought how could you have more than that? It's more than enough but it turns out that we're running out of these guys in less than two years, okay, so there is a big problem to that and that's why IPv6 has been designed and ready to go since 1998. It hasn't been adopted yet. So, I will discuss the problems with it. We have a problem with this and we have a problem with this. I will start with the top one.

How can you remember It's impossible to remember; and, therefore, we had to resort to something that is more friendly and the more friendly is that lower line. So if you're at the State Department you have your name and then and that now is called a domain name; and the domain name has levels. Of course, gov is at the top level domain, TLD, and it can be gov. It can be .com, .edu, .mil and so on. If you are a country, you've got .fr, France, .jp, Japan, .ca, Canada and so on.

As Andy was saying, all these assignments are supervised by the Internet Corporation for Assigned Names and Numbers, ICANN. There is another thing that you probably are familiar with is this line, http. HTTP is a protocol, okay? It's a protocol for browsing and web and that specifies what protocol is going to be dealing with the connection between you and the web that you're trying to reach. And this is called -- the whole thing is called the uniform resource locator, URL.

Now to be able to translate from host.state, .gov and the number, we have dictionaries and the dictionaries -- you basically give it the and it will give you the equivalent number. These are called domain name system server and of course you can see that now -- the main, there are 13 main servers like that. They are called the root servers and they have all possible entries in that dictionary, but each ISP or State Department has a smaller version of that, a subset of that. So there are many, many, many DNS servers.

Now, the IP address can be interpreted in the following way. The first part is called the prefix and that defines the domain or the domain and sub-domain and so on; not the host, okay? It can be, for example -- in B-U you can have physics@bu and so on; or something like that or dot something, okay? And sub sub-domain and so on, and that's why we can use all the way to here. Okay, and the rest is the host.

Okay, now after many iterations because of this -- it's a very large number of users now; there were iterations about how to use this and they formed aggregates and the aggregates basically are exactly like a zip code. So if you are sending a mail to 9-x-x-x, nine means you are on the West Coast in the zip code and then so post office here doesn't have to look at anything else except the first digit and it sends it to the West Coast. And then when it reaches one of the big centers of the post office, they look at the second, which is eight, which would be Washington and so on and so forth. So, the structure now of the IP address is done the same way; aggregated.

And the main authority in that is the Internet Assigned Number Authority and it issues blocks of addresses to, let's say, regional ones which are called RIR. RIR and the regional ones take the block, divide it into smaller parts and gives it, let's say, to one huge ISP and then the ISP will take it, divide it into parts and give it to companies and businesses and so on.

The problem with all that, that's not enough because we don't have enough of it. So there was sort of an ingenuity to try to keep it going and that's going to the network address translation. That's equivalent to -- suppose you have an office and the office has 10 people and then there is a switchboard at the [unintelligible] so when somebody calls he goes through the switchboard. The switchboard -- he says I need such and such person to talk to. Then there's an internal phone number, right, extension, internal that's not on the list outside.

The same thing happens here. There is a -- for example Boston University has something like 168 dot, dot, dot, and that block is inside. It's not a public block. It's used only inside; so inside you can have these addresses and yet, on the outside, when you want to send something it takes a different number, okay? And now you can use the same block for the State Department, for Boston University, for MIT, and replicate and that can save a lot of space. In spite of all that, we still have a big problem with that. It's going to run out in less than two years.

The one that assigns these -- if you log in and you want to get on the Internet you get an IP address and that's done via a, let's say, from the ISP via a VHCP server, okay? So that's how it's done and you are assigned a number. If you log out and you turned off your computer, you turn it on again, it will get another number from your ISP and so on and so forth.

Now we come to the IPv6. I'm not going to spend a lot of time on that but the IPv6 solved the problem by having a very large address. As a matter of fact, there are 39 digits in there; so if you take these 39 digits and 3.4 times -- and they have 38 digits, 38 zeros. Now if you take that number and divide it by everybody all the population of the earth, 6.6 billion, you'll find that you'll get for each person five and 28 zeros, okay? Fascinating but the reason is not that you're going to have all these users. You can now assign blocks for certain different things. So now you make life easy. For example, you as a host can have more than one address. You can have an address for this, an address for that. So, it's really an endless -- hopefully, it's an endless resource of numbers. Of course, there are more things to talk about like security and so on, which is much better handled in IPv6 than IPv4. I'm not discussing security at all today, okay?

So, this says that it has 64 bits; it's not important. And now we come to the emerging technology, and I will start talking about one of those technologies which is sensor networks. Sensor networks are everywhere today and they are going to increase incredibly, like exponentially in the future. Power companies have sensor networks that monitor all the grids. They monitor the houses. They monitor the grids and you can name it. In the military; it has huge sensor networks and so on. Now these sensor -- there you go: all possible sensors that you can have, all right?

Now if you take any of those sensors, and you have millions of them, that is incredible. And now all these will have demands and things on the Internet and that's one of the big problems we have. So, there is one, for example. There is a power grid and there is a substation and the substation basically feeds electricity to houses and now these are intelligent houses because they all have sensors to monitor all the power that's going to them. So if you're power goes out, they know immediately where it happened, okay; and these are intelligent sensors and they can go through the Internet to the headquarters and tell them, "Oh it happened at such and such address." You have to pick that address and so on and -- so this is just one possibility.

Now, sorry. Now how do these things work? And that I will come to when I talk about PEER- to-PEER and so on. So, but keep in mind that this is an enormous, enormous load on the Internet.

Now this is the most important and most agile part of the modern technology or the modern technology -- or the emerging technology. We call it virtualization. So it can be virtual machines. I will talk about that or virtual memory, or virtual links, or virtual networks. What it says is basically it will give you, for any user, it will give you the impression that you are working alone on a device while it's really shared by many other people. That was the first -- it goes back to the ’60s when we had mainframe computers. When you had the mainframe computer you basically had a dumb terminal and your office connected to the computer. Now if you connect to the computer, you're the only one. You don't know that there are other users on that and, therefore, this is -- you had a virtual computer, virtual machine. You had a machine on a mainframe. You don't know anybody else that is using it. You are isolated and this is your virtual machine. That's virtualization in the first place. That's the virtualization in the ’60s.

Okay, so now we come to virtualization today. One of the possible things about virtualization is what is a virtual server virtualization? Servers are very -- the load on the servers maybe is about 25 percent of their capacity, okay? So they really have a lot of unused capacity and, therefore, you can use it more. Now, as I said, the number of servers is exponential. It's mushrooming all over the place. The amount of power consumption, the amount of people that have -- the IT people that have to supervise it and run it and so on is incredible; and, therefore, this comes as a salvation or saving us from that and that is you now have -- you take one server, there's the hardware and there is the operating system; it could be Windows, or Linux, or Mac, and then you put what's called a virtualization hypervisor and that basically interacts with the operating system and then it can create different compartments. It's exactly like when you were on the mainframe. So you can have one system, let's say, operating with Linux and it does, let's say, domain name server, and the second one runs with, let's say, Windows and has mail and so on, on the same machine; and that can be established on a very short timescale, okay? You can remove it or you can add another one. It's all done by software and, therefore, you can have all these machines, okay, these virtual machines existing on one.

Or you can have a few of them, a cluster of these servers, run by some control and they can adapt: add virtual servers as they want, take away, move -- one of the servers is bad so you can move it to another machine. So it's a very agile system and that's the first part of my discussion of virtual. So we see virtual servers.

Now, we can also do virtual routers. So, we can create routers on the same machine: one router for this, one router for that and so on; and therefore, you don't have to run IP. You can run, you can have your own set of protocols for some other -- as you will see, for some other application or some other service; and therefore, you can create it. You can move it: all virtual and that's the beauty of it.

So, and then the third part of virtualization is basically what we call overlays. Overlays: You have the network and you have these routers and so on but you can go over the Internet and you can have your own servers and that's what AKAMAI does and others do. You have your own servers and now you can use your servers as -- so even though you are going through as IP over the regular routers, you can use your servers to basically have a better metric which is what are the conditions for sending things? Should I send it this way or should I send it this way or should I send it this way? They would have a much better metric which is oriented for a specific service, okay? And then you can basically send it and that's done over the Internet. So how it's done; inside the packet there is a tag and when that tag arrives at the particular server, let's say it belongs to AKAMAI, then it is sent to another server with a new metric as if that server now is also acting as a router. Okay, but it's a problem. It's [unintelligible] It's a handicap. Why do you have to do that? Why can't you use your own protocols to be able to go very efficiently through all of the networks that you are interested in?

We come to PEER-to-PEER. Remember, PEER-to-PEER came from -- remember Napster? What Napster's problem -- it was great; it was a genius idea. They said, "Okay, you can have on your computer: you can store a hundreds songs, and then 100 songs and so on," except Napster kept the list of all the songs and that was illegal and that's why they were shut down; but if you don't do that it's legal. The point is you can store probably a billion songs, distribute it among all the members of the group. You have a group, a group of peers. You can have all those; and therefore, you don't have to have a huge storage demand. You distribute it among the group, okay, and now the group will communicate with each other through a tag. So they have a tag and it can go from one member of the group, the Nq. I'm sending a question and to the second member it passes all these routers and so to a second member, to the third member, to the one who that has the answer and then, of course, once it has the answer it will send it immediately back because he knows the address of the inquirer. So that's basically a PEER-to-PEER and it basically bypasses the whole Internet by doing that. So now each of these computers act as a computer and as a router because it sent it to the next one with the tag and so on, okay? So that's the beauty of -- and now peer to peer is very big. It's really emerging. It started with Napster and now it's really emerging.

Another thing is virtual private networks. If you belong to a company with the main office over there and you are traveling, or you have an office in some other place, and you want to send some very highly secret stuff from one place to another then what you do is you encrypt the addresses and so on inside the packet, okay? That's done still inside the IP encrypted and there are, again, routers that can interpret the encryption once it reaches there. So, it can go very safely through anywhere you are. For example, in my hotel I can connect to Boston University through VPN and it looks as if I'm at Boston University. So if I ask for a paper from a journal, I can download it because Boston University is a member. So this is another virtual network, okay? This is another overlay.

Voice over the Internet is another overlay: the same idea. But they are all encumbered by the problem of having to follow a certain set of protocols.

Cloud computing: This is another emerging technology and cloud computing; you basically have companies that do that, have a huge number of servers which are computers, and they can be in one place, or they can be distributed over very different areas and they are, again, connected by virtualization; by overlays, and if you are a business you don't have to buy the software and hire the IT people to run your business software. You can rent it on a cloud computer. You can store your stuff over there. You can do all your work over there and you don't need any overhead for computers. You basically have maybe one or two PCs without any software because the software resides over at the cloud computing company.

You can develop; you can develop applications because cloud computing also provides all the tools to develop applications. Suppose you had your company and you want to develop a Web page for your company. You don't have to have all the software to do that. They can give you help and they basically -- you can design it with just your very simple computer with no programs on it.

So virtualization is becoming a central feature of modern networks, in combination with virtualized computers. Infrastructure is extremely useful. Major shifts in focus for networking; we're moving from a traditional approach to a virtualization approach which eliminates the need for a single network. You can have, as I said earlier, you can have simultaneous networks, each one with its virtual routers and so on and so forth. This works in IP. This works in something else and so on. So that's the thing that virtualization -- it's a whole new world that virtualization opens.

There are other things like now -- it's being researched and that's autonomic networks that can self-configure, self-optimize, self-protect, self-heal, self-monitor, self-adjust, and then you have self-governance of the network, okay? This is also -- this has not yet, has not yet emerged but it's in the process of research.

And this is some more self-managing routing, forwarding, monitoring, discovery, fault detection, fault removal can all be -- can automatically feed to each other. It's exactly like a biological system. It feeds to each other.

That idea of autonomic networks came around 2000 from IBM and it's, again -- they were worried about the fact that millions and millions and millions of lines of code are being written and at some point we’re going to reach the point where we can't deal with it; and therefore, we should think about having it self-governing and self-awareness, context awareness. You should be aware. Then they is user centric like Web 2.0 and so on. So all these emerging services and technologies are coming up and the question is: Can the current Internet handle that?

And that has led to what we call mega-cyber network projects and these are huge projects. The main ones are the Global Environment for Network Innovation, GENI, which is funded by the NSF. GENI is a project that covers, as I'll show you on the map, covers the whole -- it's a whole new hardware network over the whole of the United States and it has 33 institutions, universities and research centers participating. The first phase is something like half a billion dollars and that's to establish this huge network, okay? And over this network they call them slices. Each research experiment group will have a slice which means they will basically exist virtually and they can do their own -- they can experiment with hardware, with software, with new applications, with new protocols, everything; and then there's a second one which is Future Internet Design. That is research done over the existing Internet. In Europe they have Future Internet Research and Experiment, FIRE. In Japan they have AKARI and NwGN. In Korea they have FIF, and China has CNGI. So all these countries have these mega-projects researching these.

What is it going to be? Are they going to come out with something that says it's time to scrap the Internet and start from scratch? Or are they going to come up with something that says we can do it evolutionary and that's the question that still has not been totally answered. And this is the Internet. This is the GENI Internet; another picture of the GENI Internet. I'll stop here.


Andrew Reynolds: Thank you Michael and you have some remaining time. Ladies and gentlemen we normally hold this to one hour to keep everyone [inaudible] so I invite you to the microphone if you have a question. Please tell us who you are and then state your question.

Ned Williams: Hello Michael. I'm Ned Williams, staff director of the U.S. Nuclear Risk Reduction Center and we use Internet communications, as well as other dedicated communications to communicate with our treaty and ally partners. Recently we have looked into next generation Internet technology and the terminologies that you used: the GENI and FIND and FIRE; are they not equivalent to Internet II? Is that part of the Internet II?

Michael El-Batanouny: No, it's not. GENI is a totally independent and separate network. It's being built right now and it's dedicated for experimentation.

Ned Williams: Yes, and Internet II has become operational.

Michael El-Batanouny: Yes, but it's not -- Internet II is not GENI. The GENI project is not next generation. It's future networks and there's a difference in terminology, okay? And the future -- the future networks there's a question mark. Will it be clean slate or will it be incremental? And that has not -- the answer is not there yet.

Ned Williams: Thank you.

Michael El-Batanouny: You're welcome.

Tish Butler: Thank you. I'm Tish Butler from Policy Planning. With the development of autonomic networks it seems to me that there's high possibility for the introduction of nefarious purpose that can lead to destructive outcome. Is there any --

Michael El-Batanouny: Policy-wise you mean? You're talking policy-wise.

Tish Butler: In terms of the policy introduction -- an introduction of some nefarious policy that would, by virtue of its autonomic nature, result in destructive outcome; and I just wonder if there's anything ongoing in terms of conceptualization of an ethical premise for the autonomic networks.

Michael El-Batanouny: I am not aware but I'm sure that such topic is being -- because there are many groups around the world looking into the same, the autonomic thing. In FIRE there is and so on, so I believe there might be but I'm not sure.

Male Speaker: Michael, I would like to ask -- you've put some horizons on the capacity limitations of the current Internet infrastructure with the IPv4 version quickly running out of capacity and you also mentioned internally, when we speak of the network address translation, also a capacity problem there. If we go to IPv6, ample capacity forever; when do you see this particular issue being addressed or a decision being taken on IPv6? How does that figure into our domestic priorities and how does that figure into our international negotiations?

Michael El-Batanouny: Well, in domestic priorities; it has to come because we're running out so that has to be done. The problem is on the ISPs there is a sort of -- they don't want to do it. It will be -- the routers and so on have to be either replaced or reconfigured and so on and that's a big -- so they are very reluctant to do it. They're postponing it as much as they can and it's going to be a problem and they have to do it. And I think the U.S. Government should be playing a role in pushing it.

Andy Reynolds: This is Andy Reynolds again. Michael, are we headed for a major train wreck? Is that what you're saying?

Michael El-Batanouny: Well, they thought about it as the year 2000 thing. Remember the [laughter] yeah, but this is real. This is not just like the year 2000.


Jerry Epstein: Hi, Jerry Epstein. I guess this is actually the same question. Were we to go to IPv6, is it something that can be phased in with some kind of backward compatibility or does the whole world have to do it at once? Does the whole country have to do it at once?

Michael El-Batanouny:

Right now there is -- again, it's an overlay like you can use IPv6 but it really goes like IPv4. You can use that. It has to be a big change. I don't think it's going to be -- you can't phase in. If you wanted to phase into it, it should have started 10 years ago to phase into that slowly but -- okay Windows and so on are equipped with doing IPv6, okay, but the routers and so on are not and that's the problem. Yeah so… Yes, sir.

Ray Arnado: Ray Arnado [spelled phonetically] from Policy Planning. If you mentioned the next step of these various countries: China, Japan, AKARI [unintelligible]. What coordination is being done between those future planners with the different systems?

Michael El-Batanouny: Oh, okay, for example, FIRE had a meeting in Sweden at the end of June, beginning of July and there were people from GENI, from NSF and so on looking into what they are doing over there. There's also something called Federation, which is also part of this, and that is -- suppose our system and their system can be used shared like you create a federation between the two to do experiments, bigger kinds of experiments. Those are also in the works.

Julian Renard:

I'm Julian Renard from the CIP. I'm sorry Michael. Would you go over again how the GENI nodes speak to each other because there has to be some kind of common protocol and I understand it won't be the IP protocols so it will be some other kind of protocol; but if we are to release ourselves from IP, that means we have to have something else and I don't understand how that works.

Michael El-Batanouny: How the GENI network works.

Julian Renard: What is the protocol that it's based on if it's not going to be IP?

Michael El-Batanouny: It can start with IP but it can evolve. It has the means of evolving into other protocols.

Julian Renard: So…

Michael El-Batanouny: Okay, so I think the main problem is that you are thinking of one monolithic thing. Remember now that we can have different types of virtual routers and, therefore, you can communicate even though you have the same physical node, you can communicate through that node with different protocols. You can create a router with a different protocol so you can do that. That's the beauty of virtualization.

Andy Reynolds.

Any other questions? [inaudible]


I would just add for those of you that did not see it, the National Intelligence Council last week released its National Intelligence Strategy and cyber security was one of the main pillars of that strategy so this issue, and thank you for expanding on it, I have learned a lot today Michael; this issue is something that will affect all of us, especially in the work that we do, the policy and the infrastructure that we worry about.

So I know that we're looking ahead to an academic year which will involve this issue in many, many of your offices. There will be other activities featured on this topic and I want to thank you all today for coming and, perhaps, in a later Distinguished Lecture Series we will revisit this issue since it is becoming omnipresent globally and in the United States. Michael, thank you for coming down from Boston University today.

Back to Top

Do you already have an account on one of these sites? Click the logo to sign in and create your own customized State Department page. Want to learn more? Check out our FAQ!

OpenID is a service that allows you to sign in to many different websites using a single identity. Find out more about OpenID and how to get an OpenID-enabled account.