The HPCC Program is developing technologies underlying the National Information Infrastructure (NII) to facilitate addressing National Challenge problems of significant social and economic impact (HPCC National Challenges are described in Section II.7). These technologies build upon and extend those needed to accomplish the goals of the original HPCC Program. They will also contribute to the Government Services Information Infrastructure (GSII), the Defense Information Infrastructure (DII), and the Global Information Infrastructure (GII). Other non-HPCC technologies to support the NII are under development by Federal departments and agencies. Such efforts are being followed and in many cases coordinated with HPCC Program activities.
Information Infrastructure Services Technologies
NII technologies must be integrated and interoperable -- information must be transmitted over different bitways among different computing systems in a seamless fashion; services such as authorization and accounting must be integrated and interoperable; and they must serve people with different communications preferences (for example, voice rather than visual).
Integration and interoperability are most easily accomplished by using tools that implicitly provide them. Toward this end, ARPA has initiated a program to develop the software and services technologies needed to facilitate a marketplace of advanced distributed applications that will interoperate over the underlying networking infrastructure. The following are examples of some current activities in this program.
The HORUS project is developing an environment for reliable distributed computing. Its "virtual synchrony" environment integrates distributed computing with fault tolerance (detection of and reaction to failures) and will make it easier to develop distributed software. An example is military mission planning and control software that integrates data from space, air, and ground resources.
Billing, payment, accounting, and associated privacy mechanisms are critical to the NII, especially the National Challenge in Electronic Commerce. ARPA is developing the underlying technologies to provide these capabilities in an interoperable manner, building upon underlying security services. An example is the SILDS project that is developing an infrastructure to support authorization, authentication, accounting, and related security services for the Internet that is layered over the Kerberos authentication system.
Portable information and communications devices will be extensively used in the NII. ARPA is developing the required underlying mobile and wireless technologies (wireless networking technologies are described in Section II.1). Toolkits are needed for developing applications that adapt to changes in the computing and communications environment (such as platform mobility, sporadic connectivity, and dynamically varying bandwidths). An example is "middleware" services that can automatically or semi- automatically adapt the amount and form of communications between a mobile computer and the infrastructure to vastly different operating circumstances.
The TRAVLER project funded by ARPA is packaging systems software and services for mobile computers. These include support for adaptive agents, data consistency, database support, predictive caching of files, real-time modeling and simulation, resource discovery, security, user-level replication, and virtual networking.
Wide-Area File System
ARPA funds Transarc Corporation in developing a system for organizing and locating information in a Wide-Area File System. Each file has a "synopsis" that summarizes its contents, while a "digest" contains multiple synopses. The system lets users control who can access their data. It builds on the AFS (Andrew File System) software developed at Carnegie Mellon University and Transarc and is used by more than 200,000 people at more than 120 government, industry, and academic Internet sites.
The FICUS project is developing a peer-to-peer file replication system that keeps multiple full-function copies of files so that (1) workers can improve their efficiency by keeping multiple copies of key files on systems both at work and at home; (2) individuals collaborating at a distance can each have copies of their working files, and updates are propagated; and (3) copies of files can be stored on portable systems. Replicating and updating files is done over the Internet. Ficus is built using its "stackable layers" technology in which software modules providing new services (such as these new file system functions) are added to existing operating systems; this technology can also be used to add other file system functions such as encryption and data compression.
The NSF-funded Nile Project is building scalable systems for reliable access to distributed data using distributed computing resources. The immediate application is processing enormous amounts of data accumulated by CLEO, a large High Energy Physics experiment. While the goal of Nile is to solve the computing and network problems specific to this particular scientific endeavor, accessing 10 to 1,000 TB (terabytes or trillions of bytes) of distributed data and processing those data on 100 to 1,000 distributed computing systems is becoming increasingly important to such diverse areas as environmental science, medical imaging, seismology, and video-on-demand. Two particular features of the Nile project are the importance of low-latency access to the data and working with an enormous amount of data on tape. Nile collaborating institutions include Cornell University, the University of Florida, the University of Texas at Austin, and the University of California at San Diego. CLEO itself is a collaboration of 23 universities in the U.S. and Canada, and several members of CLEO are also involved with Nile.
Video teleconferencing explicitly requires integration and interoperability as well as resource management. DOE is addressing the need for standard file systems, graphics, spreadsheets, serial interfaces for access and configuration, and sliding bar control of video interaction. Another DOE effort addresses merging telephone, FAX, e-mail, and video into one resource.
World Wide Web (WWW) and NCSA Mosaic
WWW and Mosaic are described in earlier sections. Assuring the continued coordination of a global infrastructure for information is critical to the success of the NII. The HPCC Program will continue R&D in WWW and browsers such as Mosaic. In addition HPCC agencies support and ARPA funds the World Wide Web Consortium, headquartered at MIT.
Issues being addressed at NCSA and elsewhere include collaborative document preparation (with appropriate security), coupling to mass storage and database management systems, forms for user queries and submission of information/data to the server, interactivity, needs of the disabled in the Web environment, next generation WWW architectures, replacing the transient Web link addresses with permanent identifiers (today if a file is moved, its address changes, and every hypertext link to it would have to be changed in order to refer to the same file), scaling issues, searching (and the information that is used in the search), security and privacy, tools for performance measurement and load management, and usage metering/accounting/payment. Furthermore, the development and extension of Web standards continues to be a priority.
Security and Privacy
The NII will place increased demands on security and privacy systems. Two examples are medical records and financial records Ñ both users and providers need to know that there is no unauthorized access to or updating of the information. Already because of the growing dependence on information systems and their interconnection, these systems are more exposed and vulnerable to attack.
In response to this vulnerability, incident response teams have been established to monitor and react to unauthorized activities and potential network intrusions. Each team serves a specific constituency such as an organization or a network. Two of the first such teams, CERT and CIAC, were founded in 1989 as a result of an increase in wide-spread, malicious network-based attacks such as the Morris Worm, and provide round the clock incident handling:
CERT and CIAC are founding members of FIRST, the Forum for Incident Response and Security Teams. Other Federal agencies participating in FIRST include DOE, NASA, NIST, VA, the Navy, and the Small Business Administration. Members work together in handling complex incidents, testing vulnerability fixes, and sharing incident trend information. Members participate in the annual incident handling workshop sponsored by FIRST; the next workshop will be held September 18-22, 1995, in Karlsruhe, Germany; details about FIRST and the workshop can be found at:
HPCC agencies are also responding by increasing emphasis on security research and prototype deployment in FY 1996 and beyond. ARPA, DOE, NASA, NIST, and NSA are addressing issues including preventing unauthorized entry into computing systems, protecting the network infrastructure (the Internet, higher speed networks as they are deployed, and other "bitways" such as satellite, cable TV, cellular, and broadcast) from external and internal attack, protecting information in repositories and in transit, providing data security controls within applications, privacy protection for medical and other sensitive applications, secure electronic commerce, secure internetworking for distributed simulations, secure collaborative work (for example, video teleconferences), security in emergencies or crises or hazards (for example robots in hazardous areas), and emergency response. The long-term challenge is to provide security solutions that can scale to emerging high performance computing technologies, such as multimedia, ultra-high data rates, mobile computing, and very large-scale distributed information storage and retrieval.
For example, one-time password technology and the Kerberos authentication system are helping to alleviate this problem. Kerberos is a cryptographic-based network system, originally developed at MIT, that provides a mechanism for client/server computing authentication. Several HPCC-funded sites are implementing such technologies:
The secure-http protocol is an enhanced version of the WWW http protocol that supports privacy, authentication, and digital signatures. Secure http enhancements have been added to NCSA Mosaic to create Secure-Mosaic. It has been incorporated into CommerceNet, a TRP-funded government/industry consortium, which is the first full-scale market trial of electronic commerce on the Internet (the Electronic Commerce National Challenge is described in Section II.7).
Through a new joint Defense effort, ARPA, NSA, and the Defense Information Systems Agency will coordinate their research programs in digital signatures, e-mail security, secure operating systems, secure distributed applications over a single administrative domain, secure routing protocols, security checking, and survivability and recoverability.
Security tools and services developed by government, industry, and academia will be integrated, scalable, and suitable for use by commercial carriers, by third-party providers of security services, and by applications for embedded security functions. Resultant technologies will be flexible in meeting specific needs and in providing varying degrees of protection.
These security and privacy systems must be both policy flexible and cost effective. For example, medical and financial records require more security and privacy than information in libraries, although library users needs privacy guarantees. The Synergy system being developed at NSA, as well as other security technologies developed by NSA and ARPA, is being integrated into basic research in computing systems that will result in the next generation of commercial products. This strategy will lead to products that are easily specialized for a wide variety of security needs.
NASA supports a coordinated effort to improve the protection of sensitive but unclassified data used in collaborative aeronautics engineering both between the Federal government and industry and among industrial partners. The aeronautics community will use encryption tools and the security architecture developed for electronic commerce as a basis for communicating data that require protection from premature or unauthorized release.
Information Infrastructure Applications Technologies
An easy-to-use NII requires complex interfacing of humans to intelligent information management, control, and sensor systems. Performance and usability also depend on the ability of those systems to interface among each other. In FY 1995 and 1996, HPCC agencies are addressing many issues in this area, including the following:
In FY 1995 and FY 1996, NSF will enhance its support for research in intelligent systems, especially human-machine information systems. The research will advance the underlying scientific knowledge and technologies needed to create an intelligent service layer that will enable a significantly broader base of information providers, developers, and consumers, while reducing existing barriers to accessing and using information and computing resources for real-world applications. Work in this area includes: