• LinkedIn Social Icon
  • Facebook Social Icon
  • Twitter Social Icon

Abstract 

Keynotes

Internet History

Fred Baker, USA

This talk traces the history of the Internet from early beginnings - J.C.R. Licklider's ruminations on a global information system and various efforts including the ARPANET - through commercialization to the present day. It also traces the development of the organizations that make it work - the IAB, the IRTF, the IETF, and the Internet Society.

Encryption and Enterprise Data Centers

Nalini Elkins, USA

Many new protocols are being worked on at the IETF. Some are RFCs already; others will soon gain that status. These include: TLS1.3, DNS over HTTPs, and HTTP/2, and QUIC. A fundamental premise that all of these protocols share is that metadata may be misused. So, more and more of the packet is being encrypted.  How will this impact diagnostics and troubleshooting? If many of the protocol headers themselves are encrypted, how will we get information on performance?  Deep packet inspection is currently used by IDS / IPS, fraud detection and other security tools at enterprises.

 

These new protocols require a transition for enterprise network management.    This session will discuss the nature of the problem and potential solutions for government and industry.

IPv6: Past, Present, and Future

Ron Bonica, USA

In this talk, we will discuss IPv6 architecture and extensibility, as it was initially conceived, as it is currently deployed, and as it may be deployed in the future.

Contributing to the IETF: how to play your part, and how RFCs are made.

Adrian Farrel, UK

Making standards for the Internet is not magic, but it is hard work. The IETF's specifications depend on engineering excellence and collaborative work from experts, designers, academics and most importantly from implementers.

In a high-pressure environments focused on getting it right, there can be many different commercial incentives and there are a lot of strong opinions. But you can contribute to make your mark and to make the Internet work better.

This talk will give you some pointers on how the IETF works, how RFCs come about, and the best ways to penetrate the IETF's unique culture and get involved.

IETF and Regional Internet Registries (RIR)

Paul Wilson, Australia

In 1992, RFC 1366 proposed the regionalisation of IP address management, and led to the establishment of Regional Internet address Registries (RIRs) in the following years. APNIC was founded in 1993 as the RIR for the Asia Pacific region, and serves the regional Internet operator community with IP address allocation and registration services (including IPv4 and IPv6 addresses, and Autonomous System numbers).  In this session Paul Wilson will introduce APNIC’s role and responsibilities, and its relationship with IETF standards and processes which are critical to IP addressing and routing in the Internet today.

Internet & IETF Principles

Fred Baker

This talk is a discussion of design principles that architects and operators have found interesting and useful - including principles for the design of standards organizations and the discussions they entertain.

Please reload

Routing Track

Network Slicing and Enhanced VPNs

Adrian Farrel, Old Dog Consulting, UK

5G wireless networks offer the prospect of a large range of sophisticated services for the end-user and for connecting intelligent devices. But delivering those services requires that the underlying network delivers advanced quality guarantees of throughput, loss, delay, and jitter. A popular way of ensuring that these quality guarantees can be met is by partitioning the network resources in a technique called "network slicing."

This talk will look at the techniques developed in the IETF to meet the needs of network slicing. One of the approaches is known as "enhanced VPNs" or "VPN+" and builds on existing VPN concepts to deliver network slices of different types and qualities to enable and support 5G services.

Path Computation Element (PCE): Looking ahead

Dhruv Dhody, Huawei, India

This talk will focus on the Path Computation Element (PCE) - Quick introduction to it and how it is being used and what are the future plans? We will also cover how the PCE related to Software defined Networking (SDN) and the status of the WG. 

Segment Routing mapped to IPv6 (SRm6)

Reji Thomas, Juniper, Bangalore

In this talk, we would look at Segment Routing with emphasis on SRm6, its motivation, and differences from SRv6.  SRm6 supports traffic engineering and network programmability. Specifically, it supports both strict and loose source routing using a new Routing Header type, called the Compressed Routing Header (CRH). It also supports per-segment and per-path service instructions, using new IPv6 Destination Options.  SRm6 differs from its predecessors in that a) it adheres strictly to the IPv6 addressing architecture [RFC 4291], b) it adheres strictly to IPv6 [RFC 8200] processing rules, c) it leverages existing IPv6 protocol machinery to the greatest degree possible. 

Vmware NSX journey of Network Virtualization towards intent-based networking

Santosh P K, Abhishek Goliya, Bangalore

Technology disruptions and changing markets require the business to constantly deliver new applications to market.  However, connectivity between workloads and applications needs to be consistent and security policy must travel with application irrespective of whether it's deployed.  Vmware virtual cloud network vision breaks emerging silos created by the multiple public / private data center (s) and creates a ubiquitous network fabric. Vmware NSX is built on the principle of software-defined networking and it provides a foundational step for application mobility.  Let's go through the NSX journey of network virtualization; from switching to the virtual cloud network and how it plans to embrace intent-based networking.

Please reload

Security Track

Secure Network Protocol Design

Mohit Sethi, Finland

In this talk, we will first look at two recent attacks on network security protocols:

1. Misbinding attacks on secure device pairing and bootstrapping: In identity misbinding attacks against, a legitimate but compromised participant manipulates the honest parties so that the victim becomes unknowingly associated with a third party. These attacks are well known, and resistance to misbinding is considered a critical requirement for security protocols on the Internet. We will show that most device pairing and bootstrapping protocols are however vulnerable to misbinding.

2. Selfie attack on TLS 1.3 External Pre-Shared Key (PSK) mode: TLS 1.3 is finally an Internet standard and is published as RFC 8446. It has undergone roughly 5 years of standardization at the IETF and has been received significant contributions from the security community (about 90 contributors listed in the RFC). TLS 1.3 allows the use of external PSKs for authentication (instead of certificates). This was one of the features specifically requested from the IoT community. Unfortunately, the TLS 1.3 external PSK mode is vulnerable to Selfie attack. Selfie attack is a special case of misbinding attacks.

We will try to understand these complex attacks and their consequences. With these two attacks in mind, we will discuss why it is important for us update the Internet threat model specified in RFC 3552. Finally, we will look at some basic design guidelines which are important to keep in mind when designing security protocols.

How secure is the global routing?

Anurag Bhatia, Hurricane Electric

This talk will cover in detail about how routing filtering across the BGP routing table, the practice of IRR, RPKI, associated challenges etc. It will also put some data on how current state of Indian networks with respect to route filtering. 

Edge computing security : Challenges and solutions

Rajeev Chaubey, Juniper

Edge cloud represents an extension of cloud resources where the traffic is processed closer to source. This approach caters to higher data rates, reduced latency, and massive device connectivity. IOT,  5G, augmented reality/virtual reality (AR/VR) and smart devices are primary drivers of edge cloud. It has also resulted in a decentralized cloud network and substantially increased attack surface. This talk will discuss some of security challenges on an edge cloud and emerging solutions for the same.

Engaging Policymakers in the Standards Ecosystem

Deepak Maheshwari, NortonLifeLock Inc.

With the ever-increasing digitization and digitalization across the socio-economic fabric, it is becoming important for the technologists and policymakers to appreciate each other's perspectives and concerns thereby leading to creation and adoption of robust technical standards by bodies like the IETF that would foster and enable an open, free and secure cyberspace.

This would go a long way in enhancing affordability, access, interoperability and assurance around safety and security. Last but not the least, instead of seeing objectives like privacy and security as contradictory in nature, harmony across the same should be developed in the interest of the larger public good. 

IPv6 and TLS would be taken up as examples.

Please reload

IoT Track