What's wrong with the Internet we have?
Nothing at first glance. In fact, the existing Internet is a tremendous success and has radically transformed our society and the way we live over the past decades. In our opinion, it's certainly not "broken" as some claim. After all, who can imagine life without the Internet these days?
What is true though, is that the Internet was not designed to support 21st century applications. For example, the original designers of the Internet didn't anticipate users wanting to connect "things" to the net that operate within people's physical space, such as delivery drones, swarms of robots, self-driving cars, remotely operated surgical equipment, and connected door locks. Security and stability considerations were not part of the original Internet protocol suite so within today's Internet, such devices introduce risks, because a security incident such as a DDoS attack or a routing hijack may disrupt a thing's network connection and as a result jeopardise people's safety.
Similarly, the original Internet designers couldn't foresee that users would like to get more insight into and control over who receives data about them (e.g. data collected by sensors, websites and apps), and how such data flows through the network. Examples include a connected thermostat that shares temperature (and thus presence) information with remote services, and a medical institution that wants to be able to verify that its medical records only pass through networks that it trusts. Thus more transparency is needed.
The explanation for such shortcomings is that the problem that the Internet is designed to solve has changed over the past fifty years. The problem in the early days (1970s) was how to enable university researchers to share expensive computer hardware via a network, which later evolved into how to make computer networking ubiquitously available for everyone. The Internet has far exceeded expectations in its resolution of both problems, but its success has also introduced new problems, because it isn't designed for newer types of use with new security, stability and transparency requirements.
The research programme: 2STiC
To address those new communication requirements, AMS-IX, NDIX, NLnet Labs, SIDN Labs, SURF, TU Delft, the University of Amsterdam and the University of Twente work together in the joint research programme called 2STiC (pronounced "to stick"), which is short for Security, Stability and Transparency in inter-network Communication.
2STiC's goal is to develop and evaluate mechanisms for increasing the security, stability and transparency of internet communications, for instance by experimenting with and contributing to emerging internet architectures, such as SCION, RINA, and NDN, as well as the existing (IP-based) Internet. The 2STiC partners envisage that such new types of internet will complement and co-exist with the current Internet, serving specific types of application. Our long-term objective is to establish a centre of expertise in the field of trusted and resilient internets and help put the Dutch (and European) networking communities in a leading position in the field.
2STiC follows a hands-on approach based on measurements, running code, a national 2STiC test network, experiments and demos. We will focus on a few specific "vertical" services (e.g. intelligent transport systems or e-health services) to demonstrate the properties of the underlying internets for immediate and real-world problems. We will actively share our work, for instance with the Dutch, European and worldwide academic and operational communities (e.g. through technical reports, papers and open-source software).
2STiC: the long read
We have written a joint blog in which we discuss our plans in more detail, for instance in terms of goals, motivation, timeliness and research topics.
Why are the partners participating?
Working with new and different technologies aiming at improving reliability and security of interconnection is therefore a key mission for AMS-IX. For example with SCION's increased path control, AMS-IX is excited to investigate how this benefit can be leveraged in an huge ecosystem where multiple ingress and egress points coexist, in order to offer the best possible shortest path to all interconnected parties. This environment which was constructed on top of multiple elephant links, differs a lot with the tradition ISP - client model.
Secure, high quality and reliable communication is what our customers require. Now, and in the future even more. Not just the volume of traffic is growing exponentially, but also the benefits and value of it in businesses, healthcare, public services, culture, education and social live. The COVID-19 crisis just made this even more evident. NDIX is therefor more than interested in flexible AND secure communication facilities. We are not only looking for more advanced routing to ensure higher quality and/or privacy, but we also look for new network-designs that provide a maximum of flexibility, together with quality and security in an optimal and scalable way.
Safeguarding the future stability and security of the Internet is part of NLnet Labs core mission. In this context, NLnet Labs contributes its extensive expertise of the Internet standardisation process in the IETF, as well as its deep understanding of the core protocols of the current Internet used for routing (BGP, RPKI) and naming (DNS, DNSSEC). In the context of 2STiC, NLnet Labs focuses on security improvements to the Internet routing ecosystem based on the Resource Public Key Infrastructure (RPKI) that aim to incrementally increase the trustworthiness of Internet routing. We believe the lessons we can draw from this will be vital to inform future Internet architectures.
One of the goals of SIDN Labs is to advance the operational security and resilience of end-to-end internet communications. Up till recently, SIDN Labs's research mostly focussed on today's Internet. However, we think it is important to take a step back and look how issues related to security, stability and transparency can be solved in a more fundamental and pro-active manner. Therefore, SIDN Labs initiated the 2STiC programme.
SURF is the collaborative organisation for ICT in Dutch education and research. SURF offers networking, storage, computing and other (ICT) services to its members to support their research and education.
Independency and transparency are vital principles in science and education. This also holds for the ICT facilities that support it. We strive to use open technology (open source, open hardware, open standards, open APIs) that is developed in transparent processes. This ensures that the community can verify that the technology is safe and privacy friendly. SURF is constantly innovating its infrastructure for e-science and education. SURF joined 2STiC to research and discuss the latest insights in internet communication.
At TU Delft's Lab on Internet Science, we work on building a robust, yet flexible network infrastructure accommodating the connected systems and applications of the future. In particular, we develop automation and telemetry tools that leverage network programmability; analyse and mitigate the vulnerability of the Internet to regional failures; and advance new application domains, such as the Tactile Internet.
In the spirit of the Internet, which itself is a network-of-networks, we believe it is important to team-up and "network" in addressing the challenges in improving the security, stability and transparency of the Internet. 2STiC provides an excellent platform for such collaboration.
University of Amsterdam
The SNE cluster of the University of Amsterdam is since decades at the forefront of the international networking research scene, with an extensive publications' record and leading contributions to numerous projects and initiatives. Enhancing the operations of the Internet through programmability of the infrastructure has always been a core concern for us. In the past we have pioneered the use of Semantive Web models to program more efficiently the networking infrastructures; we have been looking at how networks can react autonomously to counteract attacks. We are now increasingly recognizing the need to provide more insight and control in the network behavior to end users/applications.
Our contribution to the 2STiC program allows us to test our ideas in a large scale testbed, as well as to create strong synergies with the other participants. By being part of 2STiC we can jointly develop the tools and methods that will define the networks of the future. Participation to 2STiC makes us part of a strong ecosystem that can have a large reach and impact within the Netherlands and Europe.
University of Twente
The University of Twente (UT) participates in 2STiC because the program addresses the urgent and pressing problem of declining digital sovereignty of many societies around the world, such as in the Netherlands and Europe. Specially, 2STiC helps us to collaboratively advance the notion of a "responsible Internet", which offers users more insight into the security attributes of network operators in the Internet or future networks and gives them more control over how their data flows through the network based on these attributes. Such capabilities enhance the set of security-related actions that users have at their disposal and are particularly important for safety-critical service providers that interact with physical space through large numbers of sensors and actuators. For example, a future responsible Internet would enable a smart grid operator to get a description of the security attributes of the network operators that potentially transport their data (e.g., using the Network Description Language) and dynamically verify if their router software is free of backdoors. It would then use these details to instruct the Internet that control commands for remote field stations must only pass through network operators that pass the verification. The UT's work in 2STiC is based on the principles of open networking (the confluence of open source software, open hardware, and programmable router hardware), Software Defined Networking (SDN) and includes relevant concepts of "clean slate" Internet architectures such as SCION. 2STiC's added value for the UT is the combined expertise of the partners (research and operations) and the possibility to experiment with new technologies on 2STiC’s national and multi-domain P4 network. Together, these ingredients enable to us tangibly address the problem of digital sovereignty at the network-level.
Would you like to know more or participate? Then please contact Victor Reijs, the 2STiC programme coordinator. He can be reached at info at 2stic dot nl.