skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Can We Save the Public Internet?
The goal of this short document is to explain why recent developments in the Internet's infrastructure are problematic. As context, we note that the Internet was originally designed to provide a simple universal service - global end-to-end packet delivery - on which a wide variety of end-user applications could be built. The early Internet supported this packet-delivery service via an interconnected collection of commercial Internet Service Providers (ISPs) that we will refer to collectively as the public Internet. The Internet has fulfilled its packet-delivery mission far beyond all expectations and is now the dominant global communications infrastructure. By providing a level playing field on which new applications could be deployed, the Internet has enabled a degree of innovation that no one could have foreseen. To improve performance for some common applications, enhancements such as caching (as in content-delivery networks) have been gradually added to the Internet. The resulting performance improvements are so significant that such enhancements are now effectively necessary to meet current content delivery demands. Despite these tangible benefits, this document argues that the way these enhancements are currently deployed seriously undermines the sustainability of the public Internet and could lead to an Internet infrastructure that reaches fewer people and is largely concentrated among only a few large-scale providers. We wrote this document because we fear that these developments are now decidedly tipping the Internet's playing field towards those who can deploy these enhancements at massive scale, which in turn will limit the degree to which the future Internet can support unfettered innovation. This document begins by explaining our concerns but goes on to articulate how this unfortunate fate can be avoided. To provide more depth for those who seek it, we provide a separate addendum with further detail.  more » « less
Award ID(s):
2242502 2242503
PAR ID:
10492345
Author(s) / Creator(s):
; ; ; ; ; ; ; ;
Publisher / Repository:
ACM
Date Published:
Journal Name:
ACM SIGCOMM Computer Communication Review
Volume:
53
Issue:
3
ISSN:
0146-4833
Page Range / eLocation ID:
18 to 22
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; ; ; ; ; ; ; ; ; ; et al (, ACM SIGCOMM Computer Communication Review)
    null (Ed.)
    There is now a significant and growing functional gap between the public Internet, whose basic architecture has remained unchanged for several decades, and a new generation of more sophisticated private networks. To address this increasing divergence of functionality and overcome the Internet's architectural stagnation, we argue for the creation of an Extensible Internet (EI) that supports in-network services that go beyond best-effort packet delivery. To gain experience with this approach, we hope to soon deploy both an experimental version (for researchers) and a prototype version (for early adopters) of EI. In the longer term, making the Internet extensible will require a community to initiate and oversee the effort; this paper is the first step in creating such a community. 
    more » « less
  2. ; ; ; ; (, Passive and Active Measurement Conference (PAM))
    Securing the Internet’s inter-domain routing system against illicit prefix advertisements by third-party networks remains a great concern for the research, standardization, and operator communities. After many unsuccessful attempts to deploy additional security mechanisms for BGP, we now witness increasing adoption of the RPKI (Resource Public Key Infrastructure). Backed by strong cryptography, the RPKI allows network operators to register their BGP prefixes together with the legitimate Autonomous System (AS) number that may originate them via BGP. Recent research shows an encouraging trend: an increasing number of networks around the globe start to register their prefixes in the RPKI. While encouraging, the actual benefit of registering prefixes in the RPKI eventually depends on whether transit providers in the Internet enforce the RPKI’s content, i.e., configure their routers to validate prefix announcements and filter invalid BGP announcements. In this work, we present a broad empirical study tackling the question: To what degree does registration in the RPKI protect a network from illicit announcements of their prefixes, such as prefix hijacks? To this end, we first present a longitudinal study of filtering behavior of transit providers in the Internet, and second we carry out a detailed study of the visibility of legitimate and illegitimate prefix announcements in the global routing table, contrasting prefixes registered in the RPKI with those not registered. We find that an increasing number of transit and access providers indeed do enforce RPKI filtering, which translates to a direct benefit for the networks using the RPKI in the case of illicit announcements of their address space. Our findings bode well for further RPKI adoption and for increasing routing security in the Internet. 
    more » « less
  3. ; ; ; ; (, Passive and Active Measurement Lecture Notes in Computer Science)
    Securing the Internet’s inter-domain routing system against illicit prefix advertisements by third-party networks remains a great concern for the research, standardization, and operator communities. After many unsuccessful attempts to deploy additional security mechanisms for BGP, we now witness increasing adoption of the RPKI (Resource Public Key Infrastructure). Backed by strong cryptography, the RPKI allows network operators to register their BGP prefixes together with the legitimate Autonomous System (AS) number that may originate them via BGP. Recent research shows an encouraging trend: an increasing number of networks around the globe start to register their prefixes in the RPKI. While encouraging, the actual benefit of registering prefixes in the RPKI eventually depends on whether transit providers in the Internet enforce the RPKI’s content, i.e., configure their routers to validate prefix announcements and filter invalid BGP announcements. In this work, we present a broad empirical study tackling the question: To what degree does registration in the RPKI protect a network from illicit announcements of their prefixes, such as prefix hijacks? To this end, we first present a longitudinal study of filtering behavior of transit providers in the Internet, and second we carry out a detailed study of the visibility of legitimate and illegitimate prefix announcements in the global routing table, contrasting prefixes registered in the RPKI with those not registered. We find that an increasing number of transit and access providers indeed do enforce RPKI filtering, which translates to a direct benefit for the networks using the RPKI in the case of illicit announcements of their address space. Our findings bode well for further RPKI adoption and for increasing routing security in the Internet. 
    more » « less
  4. ; (, ICN '20: Proceedings of the 7th ACM Conference on Information-Centric Networking)
    Named-Data Transport (NDT) is introduced to provide efficient content delivery by name over the existing IP Internet. NDT consists of the integration of three end-to-end architectural components: The first connection-free reliable transport protocol, the Named-Data Transport Protocol (NDTP); minor extensions to the Domain Name System (DNS) to include records containing manifests describing content; and transparent caches that track pending requests for content. NDT uses receiver-driven requests (Interests) to request content and NDT proxies that provide transparent caching of content while enforcing privacy. The performance of NDT, the Transmission Control Protocol (TCP), and Named-Data Networking (NDN) is compared using off-the-shelf implementations in the ns-3 simulator. The results demonstrate that NDT outperforms TCP and is as efficient as NDN, but without making any changes to the existing Internet routing infrastructure. 
    more » « less
  5. ; ; ; (, Entropy)
    Short-packet transmission has attracted considerable attention due to its potential to achieve ultralow latency in automated driving, telesurgery, the Industrial Internet of Things (IIoT), and other applications emerging in the coming era of the Six-Generation (6G) wireless networks. In 6G systems, a paradigm-shifting infrastructure is anticipated to provide seamless coverage by integrating low-Earth orbit (LEO) satellite networks, which enable long-distance wireless relaying. However, how to efficiently transmit short packets over a sizeable spatial scale remains open. In this paper, we are interested in low-latency short-packet transmissions between two distant nodes, in which neither propagation delay, nor propagation loss can be ignored. Decode-and-forward (DF) relays can be deployed to regenerate packets reliably during their delivery over a long distance, thereby reducing the signal-to-noise ratio (SNR) loss. However, they also cause decoding delay in each hop, the sum of which may become large and cannot be ignored given the stringent latency constraints. This paper presents an optimal relay deployment to minimize the error probability while meeting both the latency and transmission power constraints. Based on an asymptotic analysis, a theoretical performance bound for distant short-packet transmission is also characterized by the optimal distance–latency–reliability tradeoff, which is expected to provide insights into designing integrated LEO satellite communications in 6G. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Text Encoded Conversion
  • XML
  • Save / Share this Record
  • Send to Email