DOCSLIB.ORG

HTTP Over UDP: an Experimental Investigation of QUIC

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
HTTP Over UDP: an Experimental Investigation of QUIC HTTP over UDP: an Experimental Investigation of QUIC Gaetano Carlucci Luca De Cicco Saverio Mascolo Politecnico di Bari & Politecnico di Bari & Politecnico di Bari & Quavlive, Italy Quavlive, Italy Quavlive, Italy [email protected] [email protected] [email protected] ABSTRACT Application layer HTTP SPDY QUIC This paper investigates \Quick UDP Internet Connections" (TLS) (TLS) (Crypto) (QUIC), which was proposed by Google in 2012 as a reliable Transport layer protocol on top of UDP in order to reduce Web Page re- TCP TCP UDP trieval time. We first check, through experiments, if QUIC can be safely deployed in the Internet and then we evalu- Internet layer ate the Web page load time in comparison with SPDY and IP IP IP HTTP. We have found that QUIC reduces the overall page a) b) c) retrieval time with respect to HTTP in case of a channel without induced random losses and outperforms SPDY in Figure 1: HTTP, SPDY and QUIC stack the case of a lossy channel. The FEC module, when en- is meant to overcome the following inefficiencies of HTTP: 1) abled, worsens the performance of QUIC. a HTTP client can only fetch one resource at a time, even if this issue can be in part mitigated with pipelining; 2) Keywords a client-server pull-based communication model is used; if a TCP, UDP, HTTP, SPDY, QUIC, congestion control server knows that a client needs a resource, there is no mech- anism to push the content to the client; 3) it redundantly 1. INTRODUCTION sends several headers on the same channel. HTTP/1.1 Web browsers attempt to address these issues by opening multiple HTTP is the most used application level protocol over the concurrent HTTP connections, even though this approach is Internet [1]. Recent studies argue that HTTP will represent discouraged in the HTTP/1.1 RFC which suggests a limit the narrow waist of the future Internet [12]. During the past of two concurrent connections for each client-server pair. decade its adoption has experienced a tremendous growth To address these issues SPDY introduces the following [10] mainly fueled by the wide diffusion of HTTP-based in- features: 1) it multiplexes concurrent HTTP requests on frastructure such as Content Distribution Networks (CDNs), a single TCP socket; 2) it compresses HTTP headers; 3) proxies, caches, and other middle-boxes. This growth is it enables the server to push data to the client whenever driven by video content delivered using HTTP, which is to- possible; 4) it allows prioritization among parallel requests. day the first source of Internet traffic. In fact, video over SPDY has already been deployed world-wide in the Chrome HTTP is the mainstream choice employed by all major video Web browser and it shows encouraging improvements with distribution platforms including the ones based on the recent 1 respect to HTTP/1.1 [2] in the case of wired networks, but it MPEG-DASH , HLS standards, and the VoD systems such is still not clear whether it is able to improve performances as YouTube and NetFlix [5]. in the case of cellular networks [7]. The fact that SPDY em- Despite its widespread use, some inefficiencies of HTTP ploys only one TCP socket to deliver all the Web resources to are hindering the development of a faster Internet. The goal the client has the advantage of decreasing the port usage at of improving HTTP/1.1 has attracted researchers [12] and the server, but has a key drawback: by multiplexing streams industries, among which Google that has recently proposed 2 over a single TCP connection put SPDY in disadvantage SPDY [4] within the IETF working group HTTPbis . SPDY when compared to several HTTP/1.1 connections each with 1http://dashif.org/mpeg-dash/ a separate congestion window. In fact, a single lost packet in 2http://datatracker.ietf.org/doc/draft-ietf-httpbis-http2/ an underlying TCP connection triggers a congestion window decrease for all of the multiplexed SPDY streams, whereas in the case of N parallel HTTP/1.1 connections it would affect Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed only one out of the N parallel connections. Another disad- for profit or commercial advantage and that copies bear this notice and the full cita- vantage of SPDY is that an out-of-order packet delivery for tion on the first page. Copyrights for components of this work owned by others than TCP induces head of line blocking for all the SPDY streams ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or re- multiplexed on that TCP connection. Moreover, SPDY con- publish, to post on servers or to redistribute to lists, requires prior specific permission nection startup latency depends on TCP handshake which and/or a fee. Request permissions from [email protected]. requires one RTT and in the case SSL/TLS is employed up ACM SAC’15, April 13 - 17 2015, Salamanca, Spain Copyright 2015 ACM 978-1-4503-3196-8/15/04 ...$15.00. to three RTT. http://dx.doi.org/10.1145/2695664.2695706 . All the inefficiencies mentioned above are due to the use of TCP as transport protocol. This has motivated Akamai Requests HTTP HTTP and Google to propose new reliable protocols on top of UDP. Client Internet 12 3 4 5 6 7 8 Server Akamai has proposed a Hybrid HTTP and UDP content TCP Connection delivery protocol that is employed in its CDN [11]. Google is aiming at reducing TCP handshake time [13] and, more a) HTTP recently in [8], at improving TCP loss recovery mechanism. Unfortunately, the improvements above mentioned are not Requests implemented in the default version of TCP. Motivated by QUIC streams Internet 1 2 3 QUICQUIC this evidence Google has proposed QUIC [14] over UDP Client 4 5 6 Server to replace HTTP over TCP. QUIC has been already de- 7 8 ployed by Google in their servers, such as the ones powering YouTube, and can be activated in the Web client Chrome UDP Connection browser that runs on billions of desktop and mobile devices. b) QUIC This puts Google in the position of driving a switch of a siz- able amount of traffic from HTTP over TCP to QUIC over Figure 2: Multiplexing UDP. The contribution of this paper is twofold: 1) we provide an experimental investigation of QUIC to check whether its de- HTTP QUICHTTP QUIC Client Server Client Server ployment can be harmful for the network; 2) we assess the TCP QUIC performance of QUIC compared to SPDY and HTTP/1.1 1 RTT 1 RTT StartUp in terms of Page Load Time reduction. To the best of Handshake our knowledge, this is the first experimental investigation 1 RTT TLS of QUIC. negotiation 1 RTT 2. THE QUIC PROTOCOL a) b) Quick UDP Internet Connections (QUIC) is an experi- mental protocol proposed by Google and designed to pro- Figure 3: Startup latency vide security and reliability along with reduced connection 2) traffic bundling over the same UDP connection; 3) com- and transport latency. Google has already deployed QUIC pression of HTTP headers over the same connection. protocol in their servers and has a client implementation in By using the UDP, QUIC is able to eliminate the HOL the Chrome web browsers. issue affecting the SPDY multiplexed streams; for instance Figure 1 shows the main architectural differences between in the case of Figure 2(a) if packet n.1 is lost and all the other HTTP over TCP (Figure 1(a)), SPDY over TCP (Figure packets are received, all packets must wait until the lost 1 (b)) and QUIC over UDP (Figure 1(c)). The main idea packet is retransmitted before TCP can deliver the data to behind QUIC is to use the UDP to overcome the SPDY the application (TCP does not allow out-of-order delivery); inefficiencies as discussed in Section 1 along with an ad-hoc on the other hand UDP can deliver all the received packet designed encryption protocol named \QUIC Crypto" which to the application without waiting for the retransmission. provides a transport security service similar to TLS. Since the UDP is unreliable and does not implement con- 2.2 Connection startup latency and security gestion control, QUIC implements retransmissions and con- Figure 3(a) shows the time required to setup a TCP con- gestion control at the application layer. Furthermore, QUIC nection: it takes one RTT for the handshake and at least leverages most part of the SPDY design choices to inherit one extra RTT or two in the case of an encrypted connec- its benefits. tion over TLS. When QUIC is used (Figure 3(b)), the time A description of the QUIC protocol based on the official taken to set up a connection is at most one RTT; in the documentation [14] and on the analysis of the Chromium case the client has already talked to the server before, the code base is following below3. startup latency takes zero RTT even in case of an encrypted connection (QUIC uses its own encryption algorithm named 2.1 Multiplexing QUIC-Crypto). QUIC-Crypto decrypts packets indepen- QUIC multiples several QUIC streams over the same UDP dently: this avoids serialized decoding dependency which connection. Figure 2(a) shows that with HTTP/1.1 a client would damage QUIC ability to provide out-of-order deliv- can only fetch one resource at a time (even if they are ery to reduce the HOL. pipelined) whereas with QUIC (Figure 2(b)) a client can send multiple HTTP requests and receive multiple responses 2.3 Forward Error Correction over the same UDP socket (in the case of Figure 2 three re- Another interesting feature of QUIC is the Forward Er- sources are requested).
Load more

Recommended publications
  • The Internet in Iot—OSI, TCP/IP, Ipv4, Ipv6 and Internet Routing
    Chapter 2 The Internet in IoT—OSI, TCP/IP, IPv4, IPv6 and Internet Routing Reliable and efficient communication is considered one of the most complex tasks in large-scale networks. Nearly all data networks in use today are based on the Open Systems Interconnection (OSI) standard. The OSI model was introduced by the International Organization for Standardization (ISO), in 1984, to address this composite problem. ISO is a global federation of national standards organizations representing over 100 countries. The model is intended to describe and standardize the main communication functions of any telecommunication or computing system without regard to their underlying internal structure and technology. Its goal is the interoperability of diverse communication systems with standard protocols. The OSI is a conceptual model of how various components communicate in data-based networks. It uses “divide and conquer” concept to virtually break down network communication responsibilities into smaller functions, called layers, so they are easier to learn and develop. With well-defined standard interfaces between layers, OSI model supports modular engineering and multivendor interoperability. 2.1 The Open Systems Interconnection Model The OSI model consists of seven layers as shown in Fig. 2.1: physical (Layer 1), data link (Layer 2), network (Layer 3), transport (Layer 4), session (Layer 5), presentation (Layer 6), and application (Layer 7). Each layer provides some well-defined services to the adjacent layer further up or down the stack, although the distinction can become a bit less defined in Layers 6 and 7 with some services overlapping the two layers. • OSI Layer 7—Application Layer: Starting from the top, the application layer is an abstraction layer that specifies the shared protocols and interface methods used by hosts in a communications network.
    [Show full text]
  • HTTP Cookie - Wikipedia, the Free Encyclopedia 14/05/2014
    HTTP cookie - Wikipedia, the free encyclopedia 14/05/2014 Create account Log in Article Talk Read Edit View history Search HTTP cookie From Wikipedia, the free encyclopedia Navigation A cookie, also known as an HTTP cookie, web cookie, or browser HTTP Main page cookie, is a small piece of data sent from a website and stored in a Persistence · Compression · HTTPS · Contents user's web browser while the user is browsing that website. Every time Request methods Featured content the user loads the website, the browser sends the cookie back to the OPTIONS · GET · HEAD · POST · PUT · Current events server to notify the website of the user's previous activity.[1] Cookies DELETE · TRACE · CONNECT · PATCH · Random article Donate to Wikipedia were designed to be a reliable mechanism for websites to remember Header fields Wikimedia Shop stateful information (such as items in a shopping cart) or to record the Cookie · ETag · Location · HTTP referer · DNT user's browsing activity (including clicking particular buttons, logging in, · X-Forwarded-For · Interaction or recording which pages were visited by the user as far back as months Status codes or years ago). 301 Moved Permanently · 302 Found · Help 303 See Other · 403 Forbidden · About Wikipedia Although cookies cannot carry viruses, and cannot install malware on 404 Not Found · [2] Community portal the host computer, tracking cookies and especially third-party v · t · e · Recent changes tracking cookies are commonly used as ways to compile long-term Contact page records of individuals' browsing histories—a potential privacy concern that prompted European[3] and U.S.
    [Show full text]
  • Is QUIC a Better Choice Than TCP in the 5G Core Network Service Based Architecture?
    DEGREE PROJECT IN INFORMATION AND COMMUNICATION TECHNOLOGY, SECOND CYCLE, 30 CREDITS STOCKHOLM, SWEDEN 2020 Is QUIC a Better Choice than TCP in the 5G Core Network Service Based Architecture? PETHRUS GÄRDBORN KTH ROYAL INSTITUTE OF TECHNOLOGY SCHOOL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCE Is QUIC a Better Choice than TCP in the 5G Core Network Service Based Architecture? PETHRUS GÄRDBORN Master in Communication Systems Date: November 22, 2020 Supervisor at KTH: Marco Chiesa Supervisor at Ericsson: Zaheduzzaman Sarker Examiner: Peter Sjödin School of Electrical Engineering and Computer Science Host company: Ericsson AB Swedish title: Är QUIC ett bättre val än TCP i 5G Core Network Service Based Architecture? iii Abstract The development of the 5G Cellular Network required a new 5G Core Network and has put higher requirements on its protocol stack. For decades, TCP has been the transport protocol of choice on the Internet. In recent years, major Internet players such as Google, Facebook and CloudFlare have opted to use the new QUIC transport protocol. The design assumptions of the Internet (best-effort delivery) differs from those of the Core Network. The aim of this study is to investigate whether QUIC’s benefits on the Internet will translate to the 5G Core Network Service Based Architecture. A testbed was set up to emulate traffic patterns between Network Functions. The results show that QUIC reduces average request latency to half of that of TCP, for a majority of cases, and doubles the throughput even under optimal network conditions with no packet loss and low (20 ms) RTT. Additionally, by measuring request start and end times “on the wire”, without taking into account QUIC’s shorter connection establishment, we believe the results indicate QUIC’s suitability also under the long-lived (standing) connection model.
    [Show full text]
  • Lecture: TCP/IP 2
    TCP/IP- Lecture 2 [email protected] How TCP/IP Works • The four-layer model is a common model for describing TCP/IP networking, but it isn’t the only model. • The ARPAnet model, for instance, as described in RFC 871, describes three layers: the Network Interface layer, the Host-to- Host layer, and the Process-Level/Applications layer. • Other descriptions of TCP/IP call for a five-layer model, with Physical and Data Link layers in place of the Network Access layer (to match OSI). Still other models might exclude either the Network Access or the Application layer, which are less uniform and harder to define than the intermediate layers. • The names of the layers also vary. The ARPAnet layer names still appear in some discussions of TCP/IP, and the Internet layer is sometimes called the Internetwork layer or the Network layer. [email protected] 2 [email protected] 3 TCP/IP Model • Network Access layer: Provides an interface with the physical network. Formats the data for the transmission medium and addresses data for the subnet based on physical hardware addresses. Provides error control for data delivered on the physical network. • Internet layer: Provides logical, hardware-independent addressing so that data can pass among subnets with different physical architectures. Provides routing to reduce traffic and support delivery across the internetwork. (The term internetwork refers to an interconnected, greater network of local area networks (LANs), such as what you find in a large company or on the Internet.) Relates physical addresses (used at the Network Access layer) to logical addresses.
    [Show full text]
  • Analysis of QUIC Session Establishment and Its Implementations Eva Gagliardi, Olivier Levillain
    Analysis of QUIC session establishment and its implementations Eva Gagliardi, Olivier Levillain To cite this version: Eva Gagliardi, Olivier Levillain. Analysis of QUIC session establishment and its implementations. 13th IFIP International Conference on Information Security Theory and Practice (WISTP), Dec 2019, Paris, France. pp.169-184, 10.1007/978-3-030-41702-4_11. hal-02468596 HAL Id: hal-02468596 https://hal.archives-ouvertes.fr/hal-02468596 Submitted on 5 Feb 2020 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Analysis of QUIC Session Establishment and its Implementations Eva Gagliardi1 and Olivier Levillain2 1 French Ministry of the Armies, 2 T´el´ecomSudParis, Institut Polytechnique de Paris Abstract. In the recent years, the major web companies have been working to improve the user experience and to secure the communica- tions between their users and the services they provide. QUIC is such an initiative, and it is currently being designed by the IETF. In a nutshell, QUIC originally intended to merge features from TCP/SCTP, TLS 1.3 and HTTP/2 into one big protocol. The current specification proposes a more modular definition, where each feature (transport, cryptography, application, packet reemission) are defined in separate internet drafts.
    [Show full text]
  • Torward: DISCOVERY, BLOCKING, and TRACEBACK of MALICIOUS TRAFFIC OVER Tor 2517
    IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, VOL. 10, NO. 12, DECEMBER 2015 2515 TorWard: Discovery, Blocking, and Traceback of Malicious Traffic Over Tor Zhen Ling, Junzhou Luo, Member, IEEE,KuiWu,Senior Member, IEEE, Wei Yu, and Xinwen Fu Abstract— Tor is a popular low-latency anonymous communi- I. INTRODUCTION cation system. It is, however, currently abused in various ways. OR IS a popular overlay network that provides Tor exit routers are frequently troubled by administrative and legal complaints. To gain an insight into such abuse, we designed Tanonymous communication over the Internet for and implemented a novel system, TorWard, for the discovery and TCP applications and helps fight against various Internet the systematic study of malicious traffic over Tor. The system censorship [1]. It serves hundreds of thousands of users and can avoid legal and administrative complaints, and allows the carries terabyte of traffic daily. Unfortunately, Tor has been investigation to be performed in a sensitive environment such abused in various ways. Copyrighted materials are shared as a university campus. An intrusion detection system (IDS) is used to discover and classify malicious traffic. We performed through Tor. The black markets (e.g., Silk Road [2], an comprehensive analysis and extensive real-world experiments to online market selling goods such as pornography, narcotics validate the feasibility and the effectiveness of TorWard. Our or weapons1) can be deployed through Tor hidden service. results show that around 10% Tor traffic can trigger IDS alerts. Attackers also run botnet Command and Control (C&C) Malicious traffic includes P2P traffic, malware traffic (e.g., botnet servers and send spam over Tor.
    [Show full text]
  • Designing a Better Browser for Tor with BLAST
    Designing a Better Browser for Tor with BLAST Tao Wang Department of Computer Science and Engineering Hong Kong University of Science and Technology [email protected] Abstract—Tor is an anonymity network that allows clients unwilling to trade off utility for its better privacy. Having to browse web pages privately, but loading web pages with more users improves the anonymity of Tor Browser by creating Tor is slow. To analyze how the browser loads web pages, we larger anonymity sets, reducing the chance that eavesdroppers examine their resource trees using our new browser logging and could deanonymize a Tor user using side information. simulation tool, BLAST. We find that the time it takes to load a web page with Tor is almost entirely determined by the number Anonymity network optimization is a well-studied privacy of round trips incurred, not its bandwidth, and Tor Browser problem with a decade of research, generally focused on incurs unnecessary round trips. Resources sit in the browser Tor [4], [5], [12], [14], [18]. Researchers have proposed various queue excessively waiting for the TCP and TLS handshakes, each solutions to optimize Tor’s performance on the network level of which takes a separate round trip. We show that increasing so as to improve user experience. On the other hand, the resource loading capacity with larger pipelines and even HTTP/2 problem of browser design for anonymity networks remains do not decrease load time because they do not save round trips. academically untouched, with many open problems that are We set out to minimize round trips with a number of protocol just as significant for user experience as network design and browser improvements, including TCP Fast Open, optimistic problems.
    [Show full text]
  • Lesson-13: INTERNET ENABLED SYSTEMS NETWORK PROTOCOLS
    DEVICES AND COMMUNICATION BUSES FOR DEVICES NETWORK– Lesson-13: INTERNET ENABLED SYSTEMS NETWORK PROTOCOLS Chapter-5 L13: "Embedded Systems - Architecture, Programming and Design", 2015 1 Raj Kamal, Publs.: McGraw-Hill Education Internet enabled embedded system Communication to other system on the Internet. Use html (hyper text markup language) or MIME (Multipurpose Internet Mail Extension) type files Use TCP (transport control protocol) or UDP (user datagram protocol) as transport layer protocol Chapter-5 L13: "Embedded Systems - Architecture, Programming and Design", 2015 2 Raj Kamal, Publs.: McGraw-Hill Education Internet enabled embedded system Addressed by an IP address Use IP (internet protocol) at network layer protocol Chapter-5 L13: "Embedded Systems - Architecture, Programming and Design", 2015 3 Raj Kamal, Publs.: McGraw-Hill Education MIME Format to enable attachment of multiple types of files txt (text file) doc (MSOFFICE Word document file) gif (graphic image format file) jpg (jpg format image file) wav format voice or music file Chapter-5 L13: "Embedded Systems - Architecture, Programming and Design", 2015 4 Raj Kamal, Publs.: McGraw-Hill Education A system at one IP address Communication with other system at another IP address using the physical connections on the Internet and routers Since Internet is global network, the system connects to remotely as well as short range located system. Chapter-5 L13: "Embedded Systems - Architecture, Programming and Design", 2015 5 Raj Kamal, Publs.: McGraw-Hill Education
    [Show full text]
  • Securing Internet of Things with Lightweight Ipsec
    CORE Metadata, citation and similar papers at core.ac.uk Provided by Swedish Institute of Computer Science Publications Database SICS Technical Report T2010:08 ISSN:1100-3154 Securing Internet of Things with Lightweight IPsec Shahid Raza1, Tony Chung2, Simon Duquennoy1, Dogan Yazar1, Thiemo Voigt1, Utz Roedig2 1Swedish Institute of Computer Science, Kista, Sweden fshahid, simonduq, dogan, [email protected] 2Lancaster University Computing Department, Lancaster, UK fa.chung, [email protected] February 7, 2011 Abstract Real-world deployments of wireless sensor networks (WSNs) require secure communication. It is important that a receiver is able to verify that sensor data was generated by trusted nodes. In some cases it may also be necessary to encrypt sensor data in transit. Recently, WSNs and traditional IP networks are more tightly integrated using IPv6 and 6LoWPAN. Available IPv6 protocol stacks can use IPsec to secure data exchange. Thus, it is desirable to extend 6LoWPAN such that IPsec communication with IPv6 nodes is possible. It is beneficial to use IPsec because the existing end-points on the Internet do not need to be modified to communicate securely with the WSN. Moreover, using IPsec, true end-to-end security is implemented and the need for a trustworthy gateway is removed. In this paper we provide End-to-End (E2E) secure communication between an IP enabled sensor nodes and a device on traditional Internet. This is the first compressed lightweight design, implementation, and evaluation of 6LoW- PAN extension for IPsec on Contiki. Our extension supports both IPsec's Au- thentication Header (AH) and Encapsulation Security Payload (ESP).
    [Show full text]
  • How Can We Protect the Internet Against Surveillance?
    How can we protect the Internet against surveillance? Seven TODO items for users, web developers and protocol engineers Peter Eckersley [email protected] Okay, so everyone is spying on the Internet It's not just the NSA... Lots of governments are in this game! Not to mention the commerical malware industry These guys are fearsome, octopus-like adversaries Does this mean we should just give up? No. Reason 1: some people can't afford to give up Reason 2: there is a line we can hold vs. So, how do we get there? TODO #1 Users should maximise their own security Make sure your OS and browser are patched! Use encryption where you can! In your browser, install HTTPS Everywhere https://eff.org/https-everywhere For instant messaging, use OTR (easiest with Pidgin or Adium, but be aware of the exploit risk tradeoff) For confidential browsing, use the Tor Browser Bundle Other tools to consider: TextSecure for SMS PGP for email (UX is terrible!) SpiderOak etc for cloud storage Lots of new things in the pipeline TODO #2 Run an open wireless network! openwireless.org How to do this securely right now? Chain your WPA2 network on a router below your open one. TODO #3 Site operators... Deploy SSL/TLS/HTTPS DEPLOY IT CORRECTLY! This, miserably, is a lot harder than it should be TLS/SSL Authentication Apparently, ~52 countries These are usually specialist, narrowly targetted attacks (but that's several entire other talks... we're working on making HTTPS more secure, easier and saner!) In the mean time, here's what you need A valid certificate HTTPS by default Secure cookies No “mixed content” Perfect Forward Secrecy A well-tuned configuration How do I make HTTPS the default? Firefox and Chrome: redirect, set the HSTS header Safari and IE: sorry, you can't (!!!) What's a secure cookie? Go and check your site right now..
    [Show full text]
  • Internetworking and Layered Models
    1 Internetworking and Layered Models The Internet today is a widespread information infrastructure, but it is inherently an insecure channel for sending messages. When a message (or packet) is sent from one Website to another, the data contained in the message are routed through a number of intermediate sites before reaching its destination. The Internet was designed to accom- modate heterogeneous platforms so that people who are using different computers and operating systems can communicate. The history of the Internet is complex and involves many aspects – technological, organisational and community. The Internet concept has been a big step along the path towards electronic commerce, information acquisition and community operations. Early ARPANET researchers accomplished the initial demonstrations of packet- switching technology. In the late 1970s, the growth of the Internet was recognised and subsequently a growth in the size of the interested research community was accompanied by an increased need for a coordination mechanism. The Defense Advanced Research Projects Agency (DARPA) then formed an International Cooperation Board (ICB) to coordinate activities with some European countries centered on packet satellite research, while the Internet Configuration Control Board (ICCB) assisted DARPA in managing Internet activity. In 1983, DARPA recognised that the continuing growth of the Internet community demanded a restructuring of coordination mechanisms. The ICCB was dis- banded and in its place the Internet Activities Board (IAB) was formed from the chairs of the Task Forces. The IAB revitalised the Internet Engineering Task Force (IETF) as a member of the IAB. By 1985, there was a tremendous growth in the more practical engineering side of the Internet.
    [Show full text]
  • Guidelines for the Secure Deployment of Ipv6
    Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks NIST Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 December 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Dr. Patrick D. Gallagher, Director GUIDELINES FOR THE SECURE DEPLOYMENT OF IPV6 Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-119 Natl. Inst. Stand. Technol. Spec. Publ. 800-119, 188 pages (Dec. 2010) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]