Abstract
IoT Track
IoT Standardization: Setting the context for India
Abhijan Bhattacharyya, TCS, India
In this talk we shall touchbase the following questions
* Why Internet of 'Things' needs a special treatment in the context of evolution of the Internet that we have witnessed.
* What are the different configurations in IoT.
* Why standardization is important and how IETF plays a pivotal role.
* Some of the key IoT issues under standardization spot-light in IETF.
* Internet standardization and India: where are we?
* IoT as a "horizontal" driver for finding solutions for digital divide in India.
* Some of the contributions to IETF from our organization.
* Standardization through indigenous efforts - how to approach the problem space?
Designing IoT system to be secure from day one
Michael Richardson, Sandelman Software Works, Canada
Building secure systems is difficult. Additional restrictions of battery power, slow networks and very short time-to-market make it even more difficult. A decade after the “IoT” revolution has started there are very few real IoT deployments, and the Things that out there have a deserved reputation as being poorly secured and potentially a scourge to society. This talk is a technical talk about the state of “IoT” today, and how that is going to change when the Internet part of the IoT revolution comes to bear. This talk is about how to code to today’s demands while preparing your products and systems for tomorrow’s revolution. The talk is about turning security issues from a burden to an opportunity.
Bootstrapping Remote Secure Key Infrastructures (BRSKI) for Wifi
Eliot Lear, Cisco, Switzerland
How does a device get properly introduced to a network when it has no user interface? The device requires credentials and some assurance that it is joining the correct network. Bootstrapping Key Infrastructure (draft-ietf-anima-bootstrapping-keyinfra) provides the the device a basis for a trusted introductionb etween the manufacturer and the local deployment. However, it is just a beginning. Wireless deployments, particularly that of 802.11 require a little bit more attention. In order to do the trusted introduction the device needs to be on the network? But to be on the network, the device needs credentials. To break this circle, we consider an EAP method– draft-lear-eap-teap-brski that can easily be extended into existing Wifi implementations. A few open issues remain that we will discuss.
Owen Friel is co-author.
IoT bootstrapping security and EAP-NOOB
Mohit Sethi, Ericsson, Finland
Secure bootstrapping is the process by which an IoT device gets the necessary configuration information and security credentials to become operational. Since bootstrapping is the first phase in the lifecycle of any IoT device, a security breach during bootstrapping would make the device vulnerable for the rest of its lifetime. Security, scalability and usability of bootstrapping have a great effect on how smoothly IoT devices can be deployed and redeployed wherever users want them. In this talk, we will look at the bootstrapping problem in detail and suggest some directions for a bootstrapping solution that is especially designed for cloud-connected IoT appliances. We will also look at EAP-NOOB, a protocol for bootstrapping all kinds of IoT appliances that have a minimal user interface and no pre-configured authentication credentials. We will show how off-the-shelf ubiquitous computing devices such as cameras, printers, displays and speakers can be securely connected to an online cloud service with EAP-NOOB.
Panel: IoT and Security
Mohit Sethi, Eliot Lear, Michael Richardson, Vinayak Hegde, Rahul Jadhav, Lee Howard (Moderator)
IoT involves the inter-connection of a large number of heterogeneous devices and networks. Technologies such as embedded sensors & actuators, Zigbee, Bluetooth and Wi-Fi have transformed simple physical devices into smart objects that can understand and react to their environment. The communication infrastructure for these smart objects is based on an extension of the Internet protocol stack. Although the need for security is widely accepted, many IoT devices and systems are being designed and deployed with woefully little or no security. This panel discussion will begin by looking at the ongoing IoT standards work at the IETF. The panel will then highlight some important lessons from successful IoT deployments. Finally, the panel will identify key security challenges for IoT deployments and discuss technologies available or needed for mitigating them.
SDN/Network Operations Track
Service Function Chaining (SFC)
Adrian Farrel, Old Dog Consulting, UK
An emerging function in the provision of services in IP-enabled networks is Service Function Chaining (SFC). This talk will look at the motivation for SFC with special focus on its deployment in data centres, and then will describe the architecture developed by the IETF's SFC working group. We will examine the different functional components of an SFC system and how they are combined to direct traffic off its normal path s that it can be acted on by service functions hosted at different places in the network.
The SFC working group has developed a protocol-independent encapsulation called the Network Service Header (NSH). The NSH allows packets to be marked according to the service functions that they must traverse, and can be applied to any payload and with any transport protocol. But two alternate approaches have been suggested in the MPLS and SPRING working groups to achieve the same function as the NSH in existing forwarding systems using either MPLS or Segment Routing encapsulations, thus allowing legacy routers to participate in SFC. Furthermore, there is a proposal to achieve SFC by extensions to L3VPN techniques being progressed by the BESS working group.
Lastly we will consider the control and management necessary for SFC. We will look at approaches for central control using an SDN-based central controller, BGP southbound instructions, or distributed BGP information exchange.
Recent standardization work in Network configuration and modelling
Rohit R Ranade, Huawei, India
Network configuration is an essential part of Network operations and management. There are many mechanisms for Network configurations, one of which is NETCONF.
This talk will focus on NETCONF and different mechanisms proposed in IETF to support YANG Push, YANG library and schema mount.
Abstraction and Control of TE Networks (ACTN)
Dhruv Dhody, Huawei, India
The Abstraction and Control of Traffic-Engineered Networks (ACTN) initiative represents a set of well-defined use cases developed from the input of network operators and service providers, researchers, and vendors. The ACTN framework and its ongoing solution development addresses resource abstraction for multi-technology and multi-vendor transport networks. It is based on the software-defined networking (SDN) principles in a hierarchical architecture to scale and support the clear domains to allow consumers of high-bandwidth services seamless access to the underlying packet and optical transport networks.
Network latency maps for mobile networks : stories from Asia
Siddharth Mathur, Fastah, India
We discuss mobile network performance from the outside in, that is from the consumer’s perspective. How is network quality-of-service and availability keeping up with the exploding on-demand mobile economy in Asia? When does an application feel “fast” to the user? What role does latency and congestion play in all of this? And does crowd-sourcing data from a million smartphones help or hurt operate smarter networks in the field? This talk features colorful maps and graphs on Asia’s real-world mobile data networks!
IPv6 Track
EVPN & IPv6 application for its underlay and Overlay
Ali Sajassi, Cisco, USA
EVPN has become the de-facto standard for fabric overlays and inter-site connectivity in the Data Center market segment, for next generation VPNs in the Service Provider market segment, and for fabric overlay and WAN connectivity in Enterprise networks. Today's data center networks and their associated inter-connect WAN networks require efficient and flexible multi-homing, efficient fabric bandwidth utilization, flexible workload placement both within and across DCs, seamless workload mobility both within and across DCs, high scale multi-tenancy, optimal forwarding for both intra and inter subnet traffic, and seamless integration with existing L2VPN and L3VPN networks. This session talks about some of the main requirements; features needed in today's data center applications and how EVPN can meet these needs and then some. The emphasis will be on IPv6 for both overlay and underlay networks.
Segment Routing in IPv6 (SRv6)
Mahendra Singh Negi, Huawei, India
Segment routing is a new way of doing source routing with complete control over the network path by combining simple network instructions (called segments). The source selects a path over a network, placing an ordered list of IPv6 addresses into the header of an IPv6 packet using a dedicated extention header. The IPv6 flavor of Segment Routing (called SRv6) further allows user-defined functions to be associated with segments. By leveraging the IPv6 SID format and the dedicated Segment Routing Extension Header, these functions may implement various new use-cases. SRv6 allow end-host to control network enabling active participate in the management and policing of their network traffic, with the help of controller.
IPv6 in the Enterprise
Michael Ackermann, Blue Cross Blue Shield of Michigan, USA
Enterprises have lagged in IPv6 deployment. Why is that in 20 years less than 10% (some say less than 5%) of the brick-and-mortar enterprises have no plans for IPv6 conversion of their internal network? Facebook and Google say over 50% of their customers are using IPv6. Dual stacking or translation mechanisms for IPv6 support are starting to be used by the largest companies -- but for their web sites only! This talk will be about how large enterprise data centers view IPv6 and the deployment challenges.
Deployment Track
[Service Provider Network] IPv6 Deployment in Reliance Jio
Rajesh A Shinde / Ramesh Chandra, Reliance Jio, India
Jio has been driving digital India transformation by development and standardization of new technologies and innovative solutions required from IP eco system comprising of user devices, Telecom Service Providers (TSP) and content providers. JIO IPv6 Deployment strategy will be explained with what challenge in the technology vs adaptation with complete LTE eco system. How JIO tactfully handled and become 1st in Asia market to deploy largest IPv6 network. Adopting multiple strategies with leading OEMs and technology partners has helped Jio to become world’s largest operator carrying highest IPv6 traffic with highest subscribers on IPv6.
[Data Center Network] Routing in Data Center
Adrian Farrel, Old Dog Consulting, UK / Shraddha Hegde, Juniper, India
Data Centers have been steadily growing to commonly host tens of thousands of end points, or more, in a single network. Because of their topologies (traditional and emerging), traffic patterns, need for fast restoration, and for low human intervention, data center networks have a unique set of requirements that is resulting in the design of routing solutions specific to them.
In this talk Adrian and Shradha will first introduce the DC routing space and then provide an overview of various solutions - LSVR, RIFT, Dynamic flooding etc.
[IoT Networks] Challenges in building IoT system for Moving Vehicles
Vinayak Hegde, Zoomcar, India
The talk will focus on the practical challenges in building IOMT (Internet of Moving things). Zoomcar is the leading multi-mobility player in the urban transportation and vacation rental industry. This operates Cars, Cycles and eScooters in a more than 30 indian cities. This talk will focus on the different practical aspects of designing, developing, deploying, operating and upgrading IOMT services. It will also look at the associated design considerations of developing protocols in this space and review some of the work of associated IETF working groups.
Panel: Tension between Privacy and Security
Tirumaleswar Reddy, Michael Richardson, Bhaskar Medhi, Michael Ackermann, Eliot Lear, Nalini Elkins (Moderator)
Are privacy and security diametrically opposed to each other? Must we give up one to have the other? Don't we need and want both?
The changes in security protocols and the reaction by many to such changes have been one of the most contentious issues at the IETF.
This panel will attempt to have a rational, careful, nuanced look at this very important topic.