Researchers at Stanford University are on a mission to completely revamp the Internet. Plans for their multipart program, called the Clean Slate Design for the Internet, will be presented to the public this Wednesday at the school’s annual Computer Forum. Ultimately, the researchers hope to make the Internet safer, more transparent, and more reliable by reconsidering both private and public networks.
Ten years ago, some researchers thought the Internet would be routinely used for all kinds of essential services, from remote surgery to even air-traffic control. “To think of that today is kind of laughable,” says Nick McKeown, an associate professor of electrical engineering and computer science at Stanford and leader of the Clean Slate project. “If air-traffic control was carried on the Internet, I, for one, wouldn’t fly.”
The Internet may have revolutionized society, but McKeown points out that there are still some basic things it doesn’t do well. There’s no reliable way of knowing whom data comes from, for example, because the Internet was designed in a way that makes it “ridiculously easy” to fake any information’s origin, McKeown says. It would be much easier to eliminate unsolicited e-mail messages if the sender could be verified because spammers could be quickly identified and prosecuted.
The intent of data can also be masked. Data packets that might look as though they were sent for a legitimate purpose could actually be intended to damage the network by spreading viruses or searching for secret information. When the Internet was first designed, “it was assumed that everyone would be well behaved, but we’re obviously in an era now where we can’t make that assumption,” McKeown says.
To address these and other issues, Clean Slate researchers are working in small teams on separate projects. One team is tackling corporate network security issues by turning the current model on its head and developing a 400-user wireless network called Ethane.
Most corporate computer networks currently have a firewall at the outer edge of the network to protect it. But machines within the corporate network are free to communicate with one another. “That shouldn’t be the case,” says David Mazieres, assistant professor of computer science at Stanford and member of the Ethane development team, in part because the current model is a “big pain” to maintain.
McKeown says there should be an easy way, for example, to send all of the traffic from computers without the latest security patches installed and filter it through an intrusion detection device, so that viruses don’t spread within the corporate network. “But there’s no way of doing that now,” he says.
Instead of letting all computers within the corporate network communicate freely, Ethane is designed so that communication privileges within the corporate network have to be explicitly set; that way, only those activities deemed safe are permitted. “With hindsight, it’s a very obvious thing to do,” McKeown says.