You are here: Resources > FIDIS Deliverables > HighTechID > D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication >

Resources

Identity Use Cases & Scenarios.
FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
  - D3.1: Overview on IMS.
  - D3.2: A study on PKI and biometrics.
  - D3.3: Study on Mobile Identity Management.
  - D3.5: Workshop on ID-Documents.
  - D3.6: Study on ID Documents.
  - D3.7: A Structured Collection on RFID Literature.
  - D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
  - D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
  - D3.10: Biometrics in identity management.
  - D3.11: Report on the Maintenance of the IMS Database.
  - D3.15: Report on the Maintenance of the ISM Database.
  - D3.17: Identity Management Systems – recent developments.
  - D12.1: Integrated Workshop on Emerging AmI Technologies.
  - D12.2: Study on Emerging AmI Technologies.
  - D12.3: A Holistic Privacy Framework for RFID Applications.
  - D12.4: Integrated Workshop on Emerging AmI.
  - D12.5: Use cases and scenarios of emerging technologies.
  - D12.6: A Study on ICT Implants.
  - D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
  - D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
IDIS Journal.
FIDIS Interactive.
Press & Events.
In-House Journal.
Booklets
Identity in a Networked World.
Identity R/Evolution.

D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication

Title:
INTERNET2

Internet2

The Internet2 is a consortium of universities and companies developing an infrastructure which is much more powerful than the current Internet. The Internet2 group created a very fast backbone, called “Abilene”. It is a fibre optic network with a bandwidth of up to 100 Gbit per second. The Internet2 group started in 1997 by the “University Corporation for Advanced Internet Development (UCAID)”. The Internet2 consortium is independent of the US military, which is noteworthy, since the original Internet was developed by the US military. Right now more then 200 US universities are connected to this high-speed infrastructure, and more than 60 companies are involved in its creation.

European countries and institutions are connected to the Abilene network, too. In Germany for instance, the DFN (“Deutsches Foschungsnetz”) operates the X-WiN network which is connected to the Abilene infrastructure.

The Abilene network is merely a new physical infrastructure; it can handle any sort of Internet protocols. And in fact the Abilene network as it is deployed today uses the same old protocols as the rest of the Internet does. For example, addressing is done by using the IPv6 protocol. But there are also some new protocols developed for this high-speed network. For example a new bulk file transfer protocol is being developed by some researchers in order to speed up the transfer of often huge amounts of data needed by many research projects and applications (Shalunov et al. 2005).

The Internet2 consortium claims that it takes security seriously. For example, instead of the normal DNS, the Internet2 network uses DNSSEC for a more secure naming service. But the members acknowledge that there is still much to do in order to create a secure network. They try to implement security in all stack levels, and this is of course complex since many working groups are involved in such an effort. Authentication and authorisation are especially big topics, as well as aggravating Denial-of-Service attacks and other attacks against users in the network. Many security features are implemented on the so called “Internet2 Middleware”, which is something like the “glue” between the network and the application. The middleware software “provides services such as identification, authentication, authorisation, directories, and security.” At a lower level, the networking layer, Abilene has the ability to filter traffic in case of an attack on the network itself or on its peers.

An interesting project within the Internet2 research is “Shibboleth”. Shibboleth is a middleware project for federate identity-based authentication and authorisation system. It can be used for a single-sign-on system, meaning that a user has to identify himself once against a so called “Identity Provider”, which then provides credentials after a successful login to so called “Service Providers”. A Service Provider can decide by the credentials which services to open to the user.

schulte

20 / 30