Current network-centric Internet service model is prone to resource exhausting attacks such as Distributed Denial of Services attacks. Due to the resource sharing nature and non-coordinated monitoring capability of the current Internet, it is difficult to quickly identify attack sources. Second, a new trend is to develop a user-centric Internet service model, in which traditional local network services are outsourced to remote service providers such as for cloud services. This new trend allows end users to fully control remote service nodes, their interconnections and routing, which imposes great threats on network resource allocations. Thus, it is highly desired that the future Internet is designed to provide a secure service domain that is both network-centric and user-centric. As a fundamental core to this goal, a secure and resilient virtualized routing architecture in a global inter-networking environment is explored to provide network resource reservation protection both at the network-centric and the user-centric level. A novel attribute-based, cryptography-based approach to construct secure virtualization is to be developed. Furthermore, an architectural solution to address the policy enforcement and inter-domain trust management is also considered. The end goal is to greatly improve the efficiency of attack monitoring and intrusion detection and to increase the resiliency of the future Internet. This is a collaborative exploratory project bringing together researchers from the University of Missouri-Kansas City, Arizona State University, and Osaka City University, Japan. All research results will be made available to the scientific community.
An important issue facing the current Internet architecture is that it does not have a built-in notion of trustworthiness. While trust is somewhat accomplished through encryption for a specific connection or a session (such as secure web transfer), this is only action specific, not network based. Secondly, it does not allow trust to be accomplished at different levels. The scope of this project "SeRViTR" was to investigate the possibility of built-in functionalities for a trustworthy Internet that is network wide. This project explored a number of fundamental directions in this context such as how trust can be established between network domains, how exchange of information between different domains with different trust levels might possibly be accomplished, and how to tie in both security and resource requirements under the same framework. The main outcome of this project is to be able to develop a network wide solution of trustworthiness for future Internet along with a proof of concept implementation. A sampling of key peer-reviewed publications based on this work is listed below: D. Huang, S. Ata, and D. Medhi, "Establishing Secure Virtual Trust Routing And Provisioning Domains For Future Internet," Proc. of IEEE Globecom 2010 Conference (Next Generation Networking Symposium), Miami, Florida, December 2010. X. Liu, A. Wada, T. Xing, P. Juluri, Y. Sato, S. Ata, D. Huang, and D. Medhi, "SeRViTR: A Framework for Trust and Policy Management for a Secure Internet and its Proofof Concept Implementation," Proc. of 4th IEEE/IFIP International Workshop on Management of the Future Internet (ManFI'2012), pp. 11591166, Maui, Hawaii, April 2012. T. Xing, X. Liu, C.J. Chung, A. Wada, S. Ata, D. Huang, and D. Medhi, "Constructing a Virtual Networking Environment in a Geo-distributed Programmable Layer2 Networking Environment (G PLaNE)," Proc. of IEEE 5th International Workshop on the Network of the Future (FutureNetV), Ottawa, Canada, June 2012. T. Xing, D. Huang, D. Medhi, S. Ata, "MobiCloud: a Geo-distributed Mobile Cloud Computing Platform", Proceedings of the 8th International Conference on Network and Service Management (CNSM), 2012. A. Wada, Y. Sato, X. Liu, T. Xing, S. Ata, D. Medhi, D. Huang and I. Oka, "A Behavior based Policy Management for Adaptive Trustworthiness Assignment in Future Networks", Proceedings of IFIP/IEEE International Symposium on Integrated Network Management, IFIP/IEEE IM'2013, Ghent, Belgium, June 2013. S. Ata, D. Huang, X. Liu, A. Wada, T. Xing, P. Juluri, C.J. Chung, Y. Sato, and D. Medhi, ``SeRViTR: A Framework, Implementation, and a Testbed for a Trustworthy Future Internet," Computer Networks, 2014, http://dx.doi.org/10.1016/j.bjp.2013.12.028 This is a joint project between the USA and Japan. The broader impact is that it allowed researchers from two countries to work together towards a common goal, while training research students that included student exchange programs.