1 / 9

Perspectives for 2005

Perspectives for 2005. Marie Zitkova October 19, 2004 Geneva. Background. While we were setting up the registry, the technology moved forward New security standard DNSSec is close to deployment designed to protect against many known DNS threats several test beds already operational

corbett-richter
Download Presentation

Perspectives for 2005

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Perspectives for 2005 Marie Zitkova October 19, 2004 Geneva

  2. Background • While we were setting up the registry, the technology moved forward • New security standard DNSSec is close to deployment • designed to protect against many known DNS threats • several test beds already operational • security framework for XML (SAML) already assumes deployment of DNSSec • DNS is used as an online database for different digital identifiers • telephone industry is merging telephone numbers with domain names • RFID industry is implementing the same DNS based technology • This presentation explains how our community can benefit

  3. Safe transition to Internet style-services • Our industry is moving towards “always on” Internet style services • More than a change of protocol • Supply of network services becomes a commodity • New technology requires new approaches • Safe and effective Internet use depends on or benefits from • Automatic alternate routings (one ISP fails, traffic routes through another) • Dynamic construction of virtual circuits (in or out of secure tunnels) • Abstraction of “host” from “connection point” (host’s name remains the same, when supplier or router used changes) • Authentication of connections and end to end messages is critical

  4. Airline2.aero Airline1.aero .aero Airline5.aero SITA Airline3.aero Airline4.aero Other network connections Host addressing by names Abstraction of “host” from “connection point” Airline 2 In X.25 style network, everyone used one hardened network, each connection also served as an authentication and mechanism and for addressing Airline 1 At the time of Internet-style communications, network service supply is a commodity, and it may be cheaper to use multiple suppliers. Authentication of and addressing to many partners is still difficult. Airline 5 Airline 3 For safe use of Internet addressing independent on connection points and authentication are critical. Airline 4 DNS is key SITA network connections

  5. .aero as an Enabler • DNS technology is key to many new approaches • Logical addressing through a name space is needed to allow redundant connections and routing through multiple suppliers and rapid fall-over to backup systems • Authentication of DNS responses is critical (via DNSSec) • .aero is controlled by the industry • Ability to deploy new technologies on industry schedule, without national or commercial-domain constraints • Brand already developed and distinct from pre-Internet technologies • DNS for key/certificate storage and delivery

  6. Examples • Baggage mediation • Authoritative pointers to airline systems worldwide (baggage mgmt, DCS) • Integration with RFID technology for anytime anywhere baggage information • Location of reservation systems • All connections to res systems could be based on domain names • No need to reconfigure corresponding systems when IP address changes (now 3-4 weeks needed to change) • International e-ticket system could use the technology • Big airlines can do it bilaterally, but experience so far has involved many “kinks” • Global use requires global standards and a transaction mediator – .aero platform is owned by the community • Possibly collaborative decision making • Using DNS eliminates the need for a maintaining a central database

  7. The Industry Perspective • Reduced networking costs • Better integration of inter airline traffic with intra-airline systems • Better integration of inter airport traffic with intra-airport systems • Better services for “alliance” models • Easier communications with and authentication of 3rd parties • Automatic fall-over to alternate systems and better disaster recovery • Fewer customer-perceived differences between service capabilities of “large” and “small” entities • Faster responses of entire industry to changes • Reduced dependency on short, cryptic messages, reducing personnel costs

  8. Consultative process • Suggestions in this presentation are based on our consultations with renowned Internet experts • Dr. Brian Reid from Internet Software Corporation • Dr. John Klensin, independent consultant former chair of IAB, ICANN director and liaison between IAN and ICANN • Dr. Paul Mockapetris, the inventor of DNS • Some concepts were informally consulted with airlines and airports • Formal consultation to follow during a workshop in November

  9. Summary • .aero as an integral part of air transport comms infrastructure • Industry system of digital identifiers for Internet-style communications • Means to use Internet effectively and safely • Now must focus on specific applications to move forward

More Related