Keynote 1:
|
Abstract:
People mostly assume that “the identity problem” is well-understood, and that, given how long Internet authentication has been deployed, the world must have solved how to do that securely. This talk describes various facets of “the identity problem”; for instance, how does a website get a name, how does a website get a certificate, how does a browser know what to trust to sign certificates, how a human finds a website, how a user acquires a unique name, and how users prove they own their names. Surprisingly, there are unsolved issues with all of these aspects. As with most security problems, some people propose “blockchain” as being able to solve everything.
This talk will describe what aspects of identity and authentication blockchain might address, and compare a blockchain approach with what is deployed today. (Hint: I will argue that blockchain will not be an improvement). If the talk spurs spirited debate throughout the conference, all the better.
Biography:
Radia Perlman is a Fellow at Dell Technologies. She is known for inventing much of the routing and bridging technology deployed in today’s networks. She has also made contributions in network security and cryptography. She is the author of the textbook “Interconnections” (about network layers 2 and 3) and coauthor of “Network Security: Private Communication in a Public world”.
The 3rd edition of “Network Security” will hopefully be available before the conference, and will include topics such as quantum computing, post-quantum algorithms, blockchain, homomorphic encryption, and secure multiparty computation, in addition to the original material covering cryptography, user authentication, and other network security issues. She has been recognized with many industry honors including induction into the National Academy of Engineering, the Inventor Hall of Fame, The Internet Hall of Fame, Washington State Academy of Science, and lifetime achievement awards from Usenix and SIGCOMM.
She has a PhD in computer science from MIT.
Keynote 2:
|
Abstract:
What does it mean for a public cloud to be secure? There’s the traditional concern of protecting services from bad actors on the Internet, but there is also protecting customers from other customers, protecting the cloud infrastructure from malicious customers, and even protecting the Internet from malicious customers. There is also protecting customers from the operator of the cloud infrastructure.
Historically, network security was treated differently on the Internet, where you had to assume there were lots of hostile actors, and on an Intranet, where people (sometimes foolishly) assumed there were none. In recent years, the trend has been to treat all networks as hostile and to design for the worst case. But a cloud network truly is different. By a cloud network, I mean one where all routing components – including the hypervisors hosting untrusted guest software – are under the control of a single administration. In a cloud, the network can filter both what comes into endnodes and what goes out of them. Public clouds, where both other customers and the Internet at large have to be protected from bad actors on the inside, present some unique challenges. This talk looks at some of the challenges and the opportunities in this rapidly evolving space.
Biography:
Charlie Kaufman, security architect at Dell/EMC and currently in the midrange storage group, has long been involved with computer networking and security issues. Prior to Dell, at Microsoft he was the security architect for Microsoft Azure – Microsoft’s Public Cloud offering – where he was involved with all aspects of cloud security from design through responding to ongoing attacks. Prior to Microsoft, at Lotus he was chief security architect for Lotus Notes and Domino and later the entire Lotus product suite. Prior to Lotus, at Digital he was the Security Architect for their networking group and later for Digital’s UNIX offering.
He has contributed to a number of IETF standards efforts including IPsec, S/MIME, and DNSsec and served as a member of the Internet Architecture Board. He served on the National Academy of Sciences expert panel that wrote the book “Trust In Cyberspace” and holds 70 patents in the areas of networking and security. He is co-author of the textbook “Network Security: Private Communication in a Public World”, the third edition of which should be out by the time of this conference.
Keynote 3:
|
Abstract:
5G networks have been conceived to address the needs and requirements of very heterogeneous verticals, proposing mobile networks as a controllable and tunable infrastructural asset for companies, industries, and governmental entities, even when they do not have a telecommunication-oriented vocation or deep expertise. To fully realize such an ambition, private 5G networks should be easily instantiated, operated, managed, and scaled. Cloud environments are a perfect domain to deploy virtualized network functions that support such goals.
This presentation focuses on mobile core network virtualized solutions that allow users to deploy the most advanced and sophisticated 5G networks with Wi-Fi-like simplicity while using any 5G-radio from any vendor. We will present a core network solution that can be deployed on private or public cloud environments and resources to serve the needs of different verticals, lighten and facilitate the network deployment and management, and increase the network’s robustness. On-cloud 5G core network deployments make private 5G affordable, practical, and accessible to all kinds of users, without sacrificing latency, resilience, or control, and with reduced management complexity.
In this keynote speech, we will discuss:
- The network architecture and the cloud networking technologies that underlie on-cloud solutions.
- From cloud to edge: distributed 5G core network solutions and cloud-supported “edge connectivity bubbles.”
- The use cases addressed by these solutions: are take-away lessons and experiences from real-life deployments.
Biography:
Keynote 4:
|
Abstract:
In the last years, we are witnessing growing concerns from private citizens as well as governments regarding the trustworthiness of the Internet. One way to address these questions is to look at the current Internet architecture, and the protocols that govern the data transmission, and change them so that we can have additional transparency, accountability, and controllability.
These three aspects are what we call the TAC triad of a Responsible Internet, an extension of the current Internet that we are currently investigating.
In my presentation I will cover the current research effort in this direction, and show how moving towards more trustable infrastructures enables data sharing applications and services that comply with the desired security levels of the data owners.
Biography:
Paola Grosso (Member, IEEE) is an Associate Professor at the University of Amsterdam where she leads the Multiscale Networked Systems research group (mns-research.nl). Her work focuses on the creation of sustainable and secure e-infrastructures, which rely on the provisioning and design of programmable networks. She has an extensive list of publications on the topic and currently contributes to several national and international projects such as the EU-funded projects Fed4FIRE+ (https://www.fed4fire.eu/), SLICES-RI (https://slices-ri.eu/), as well as international initiatives like FABRIC (https://fabric-testbed.net/about/fab/)
Keynote 5:
|
Abstract:
Due to modularity and scalability considerations, most server applications deployed in a datacenter are based on a multi-tier architecture, which comprises multiple software components running on distinct machines (e.g., a load balancer, the core business logic, and a storage backend). While all of the tiers are typically involved in the processing of external client requests, a significant ratio of the bytes within a response payload are actually emanating from a handful of backend tiers — the remaining upstream tiers are only forwarding and encapsulating/encoding them. This results in suboptimal resource usage on the servers and the network fabric of the datacenter. In this talk, I will introduce Distributed Shared Connection (DiSC), a protocol allowing several tiers within a datacenter to jointly act as endpoints of the same TCP connection. This enables the selective bypass of one or several tiers on the response path, leading to reduced resource consumption. Unlike existing optimizations,
DiSC is (1) flexible — it accommodates arbitrary multi-tier topologies and heterogeneous application-level protocols, (2) fine-grained — it allows multiple tiers to be involved in the generation and emission of a given response message (e.g., to decouple the network path of the response headers and footers from the path of the response body, so that the intermediate tiers can remain aware of both the inbound and the outbound traffic), (3) and non-intrusive — it requires only minor and localized/modular modifications to the code base of legacy applications and is fully transparent for external clients.
Biography:
Alain Tchana is from Nkongsamba, a city in Cameroon where he studied until 2008. He graduated from University of Yaoundé I. Then he received his PhD in computer science in 2011 from INP de Toulouse, France. Since September 2022 he is Professor in Grenoble INP. He spent three years in ENS Lyon, one year in Nice University and five years in INP Toulouse. His main research interests are Virtualization and Operating Systems. Currently, he is mainly interested in datacenter disaggregation, storage virtualization, application security. Simply, Alain Tchana is a Systems guy!
He has published +60 research papers in major Systems and Middleware conferences including EuroSys, ATC, VEE, Middleware, and DSN. He has also served as PC member in several conferences including ATC and DSN. Alain Tchana has co-supervised up to seven PhD students, five of them pursuing their career in the academia. He spends a lot of time mentoring African students.
He received two major prizes: the 2021 GDR RSD best junior researcher awards, the 2021 Prix de la Francophonie pour Jeunes chercheurs.
Global Internet Symposium Keynote:
|
Abstract:
Telco slicing has been said to be the future of connectivity. It has been much talked about and the object of many research papers advancing the State of the Art on architecture, algorithms, resource optimisation, scheduling, orchestration, scaling, machine-learning based automation, reliability. In this talk, we look at concrete impacts of Telco slicing in an IP world. In particular, we will address the following questions:
– What will change in the IP configuration of your device?
– Can slices be planned dynamically everywhere? How will slice numbers grow?
– Will every entreprise small or big be able to benefit of its own private logical 5G network (Non-Public Network: NPN), its own set of slices?
– Is slicing the answer to every 5G service need?
We will also discuss Slicing versus QoS technologies, as they are frequently intermixed or confused, and how they relates to a Service Level Agreement (SLA).
Biography:
Barbara Orlandi is a Senior Researcher and Distinguished Member of Technical Staff in the Network Systems and Security Research lab at Nokia Bell Labs. Prior to joining Bell Labs, she worked at Alcatel, Nortel, and Alcatel-Lucent where she accumulated 18 years of hands-on R&D experience working on both Wireline and Wireless networks. Since joining Bell Labs, Barbara set up and led 6 research projects in direct co-creation mode with operators. From 2009 to 2013, Barbara was the main architect of the research around Wi-Fi Offload in Alcatel-Lucent and as such contributed to the company strategy on the topic. Her work on interworking between heterogeneous wireless networks can be noted for encompassing solutions for WiMAX/Cellular interworking which got standardised at WMF. She started working on early versions of 5G network slicing coupled with edge resource federation in 2015. Currently, her research interests include 5G/6G Network Architecture, E2E Network Slicing, Automation, and pretty much all things involving a base station and a mobile device. Barbara holds an Engineering Degree in Electronics from ENAC (National School of Civil Aviation).