June 2004

RISQ 2003/CANARIE'S 2003
Advanced Network Workshop Joint Event

Christian Allegre, RISQ, Omar Cherkaoui, UQAM


      Quebec universities and Research Centers are fortunate. Fourteen years ago they decided to join forces to create a network able to satisfy their long-term administration, communications, and research needs at the lowest cost possible. Today, with Réseau d'informations scientifiques du Québec (RISQ), they own one of the most advanced optical + IP infrastructures in the world.
      RISQ is a 6200 km optical network connecting all universities and colleges, more and more schools, and education related institutions such as museums and libraries. The idea was simple: when the deregulation of telecommunications was enforced by Canada's telecommunications ruling body, the CRTC, competition made it possible for RISQ to negotiate major parts of a brand new dark fiber network with major operators as well as new players, by building, swapping, or co-owning (condominium) optical fibers. Fiber swaps were common, but no one had had the idea of building a brand new private network based on the principle. In two years, from 2000 to 2002, RISQ was able, with a major financial contribution from the Ministry of Education of Quebec, to deploy a complete technologically leading edge network. Besides dark fiber, the other major technology choice made early by RISQ was IP. Major telecommunications operators have just switched to IP. RISQ made the choice 14 years ago, and in fact provided historically the first IP link in Quebec. Another distinctive feature of RISQ is that it has an innovation team that works directly with the researchers belonging to its member institutions to offer them custom services adapted to their research requirements.
      RISQ, as the network for higher education and research in Quebec, organizes an annual event. This event brings together members and many guests in order to keep them informed on the state of the network and its activities, and to explain and demonstrate present and future services. A significant portion of each RISQ conference is set aside for members to discuss emerging technologies as well as technical and administrative challenges related to those technologies. Advanced uses of the network are also demonstrated. One of the more spectacular ones, in 2001, was a very tight violin duet between two distant players, using high definition uncompressed stereo audio, with a latency lower than 15 ms, using about 300 Mb/s.
      This year RISQ 2003 was a joint event with ANW 2003, CANARIE's Advanced Network Workshop, the most significant Canadian event in the field of broadband and its applications. In the past 10 years, CANARIE has actively promoted very-high-performance networks, their technologies, and their uses in Canada, and has effectively placed Canada in the leading pack of countries in the use of advanced networks. In fact, on the first day of the joint event CANARIE was presented the first RISQ Award in recognition of 10 years of service to innovation.
      For the 2003 edition of their events, RISQ and CANARIE decided to show "the power of networks" and their usefulness to users. Applications were therefore the center of all the attention and at the core of most presentations. More than 30 presentations were given by scientists and users coming from all over Canada, the United States, and Europe. Important topics for the future of network computing were highlighted. Among those were end-to-end lightpaths and user-controlled lightpaths, and the various technologies and middleware that make it possible for two machines to communicate at high speeds securely, efficiently, and adaptively through several autonomous systems. SURFnet, the Netherlands higher education and research network, possibly the most sophisticated research network in the world at present, introduced SURFnet 6, "GigaPort's Next Generation Innovation Engine." The Canadian Research Council (CRC) presented a user-controlled lightpath provisioning system. Carleton University presented a space-based programming approach to user controlled light paths; Waterloo University showed a lightpath management system using a grid-based architecture, and a team from Université du Québec à Montréal (UQAM) explained the features of a very promising lightpath provisionning application and a policy manager. Various aspects of grid computing were also discussed. Different types of grids were presented: computational, storage, shared file systems, and real-time applications.
      Other topics included all-optical networks (U. Sherbrooke, U. Laval, Ericsson Research, CANARIE, and RISQ), and agile all-photonic networks (McGill U.). A session was devoted to approaches to network technologies by artists and art research groups (Simon Fraser U., U. Laval) and new media challenges, from DV over IP to MPEG 7 encoding. A session was devoted to e-government, where Canada holds leadership at the moment. Another session was devoted to network management, under the assumption that all the preceding high end services can work only on well managed networks. Expressions such as "adaptive networks" and "agile systems" were in the air, not just good old "network monitoring." The conference closed with presentations on HiFi networks geared to learning, education, and research.

HPSR 2003: Marconi's Ultimate Steps in Quality and Security for Carrier-Class Multimedia over IP Services

Matteo Gumier, Marconi;
Riccardo Scopigno, Istituto Superiore Mario Boella

      The process of migrating voice and video traffic onto a common infrastructure, using IP as the base protocol, is gathering speed. The route toward service integration using Internet technology is inevitable for several reasons, among them:       Being a connectionless packet-based technology, the Internet Protocol (IP) intrinsically lacks features that guarantee QoS and security (there is no circuit separation of traffic, so hacker attacks are simplified). In addition, any attempt to migrate public switched telephone network (PSTN) services onto an IP network must not worsen QoS; users would find this unacceptable, especially for telephony [1, 2].
      Most available solutions for voice over IP (VoIP) telephony services tend to bypass QoS limitations by limiting coverage to specific areas in which network resources are overprovisioned. This is a nonscalable solution relying on naive prioritization mechanisms and dimensioned for a particular load. But what would happen if the same infrastructure should also support other services (e.g., movies over IP, MoIP)? And what would happen if a hacker used VoIP/MoIP terminals to get free calls, perform denial of service (DoS) attacks, flood viruses, or violate privacy?
      The key arguments against convergence can be answered by new developments in IP technology aimed at enriching it with scalable mechanisms for flow control. These should at last deliver awareness of traffic flows, and lead to improvements in quality and security. Moreover, they could and should be performed at both the network and application layers, creating strong mutual interaction to deliver dynamism in service provision.
      The basic idea is to enhance existing VoIP/MoIP architectures with new types of firewalls suitable for such services: so-called media firewalls (MFWs). Let us analyze in depth the general MFW requirements.
      To begin with, as a firewall deputized to manage multimedia traffic, the MFW must satisfy real-time requirements. It must minimize traffic delay and cut jitter for a broad range of physical media while keeping strong control of packet arrival rates, in order to avoid DoS attacks but also contribute to QoS guarantees. These requirements are quite new for firewalls.
      Firewalls can filter (discard or alter contents of packets) according to their headers and/or contents. To do this, they need a mechanism to specify which packets they should allow through and which they should drop (the so-called pinholes are the correspondent ports open on the firewall). Typically, the more open ports on a firewall, the less secure it is. Moreover, firewalls managing fewer packet classifiers are less secure than those that can execute many packet classifiers. Firewalls often rely on external packet filters and, if configured (almost) statically, they are more likely to be violated by a hacker.
      It is therefore desirable to have a firewall able to dynamically open and close precisely those pinholes that are required and execute enough packet classifiers to perform flow control of individual calls. Carrier-class performance means that the firewall must handle pinhole configurations for thousands of call setups/cleardowns per second, support hundreds of thousands of open pinholes concurrently, and filter millions of packets per second.
      Firewalls are often required to perform network and port address translation (NAT/PAT) for a number of reasons. These include the need to overcome the lack of public IP addresses and hide the true network topology and addresses of internal nodes. This makes the network less vulnerable to attacks and creates a division between the internal and external networks that can help to improve scalability.
      However, there is a possibility that introducing NAT and static and/or dynamic firewalls into a network can disrupt signaling, which would result in a loss of quality of VoIP services or other novel applications carried over IP. This creates a need for an application proxy to perform application-level address translation (translation in the contents of packets, not only in the headers handling specific IP telephony protocols, e.g., H.323 and SIP).
      The last point highlights the need to ensure that all mentioned requirements are fulfilled in a coherent way and with a tight link between the network and application layers (each must be aware of the other).
      The ultimate approach is to define a protocol to let the MFW interact with the application (e.g., telephony) controllers (this protocol solves dynamic issues; its general requirements are defined by the MIDCOM Framework, MCFW [3]).
      For the SoftSwitch XCD5000 platform [4], Marconi is using a protocol approach that is under the final standardization process at H.248/MEGACO-IETF and supported by ETSI Tiphon recommendations. The platform supports a MIDCOM-style architecture able to handle alternative or complementary VoIP network standards (H.323, MGCP, MEGACO-H.248, SIP) [5].
      The main components of the architecture are the SoftSwitch call agent (SCA), performing signaling, switching, and call control; various servers for complementary and supplementary services (e.g., announcements and intelligent networking, IN); gateways (signaling and media) to legacy networks; a management server for management and billing; and the MFW located at the edge of the operator's secure IP network (e.g., boundaries of the access and core networks).
      The MFW guarantees overall security and performs the described critical operations under the control of the SCA on a per-call basis, changing pinholes frequently without breaking the signaling.
      The MFW location, as well as the ability to police arrival rate and manage various QoS models, enables connection-oriented-like control of resources (call admission control) coherent with network resources of the subtended areas. Flow-based control and routing via MFW enable critical actions, such as lawful interception.
      With the advent of the MFW, the gap between the PSTN and VoIP has significantly lessened. Telecommunications operators can now expect converged, flexible, low-cost, carrier-class networks.

References
[1] ETSI TR 102 024-1 V4.1.1 (2003-09) tech. rep., "End-to-End Quality of Service in TIPHON Systems; Part 1: General Aspects of Quality of Service (QoS)."
[2] ETSI TS 101 329-2 V2.1.3 (2002-01) Tech. Spec., "End to End Quality of Service in TIPHON Systems; Part 2: Definition of Quality of Service (QoS) Classes."
[3] R. Swale et al., "Middlebox Communications (MIDCOM) Protocol Requirements," IETF RFC 3304, Aug. 2002.
[4] Marconi's SoftSwitch Enables Jersey Telecom's New VoIP Service Launch," Dec 2002; http://www.marconi.com/html/news/marconissoftswitchenablesjerseytelecomsnewvoipservicelaunch.htm
[5] T.Taylor "Megaco/H.248: A New Standard for Media Gateway Control," IEEE Commun. Mag., Oct. 2000.

IEEE Communications Society
Region EAME Chapters Chairs Congress (RCCC) 2003

      The IEEE Communications Society Region 8 (Europe, Africa, Middle East) Chapter Chairs Congress took place in Rimini, Italy, 21­23 September 2003. It was adjacent to the European Conference on Optical Communications, ECOC-2003, whose General Chairman and management assisted in local arrangements. The conference was conducted in Hotel Continental e dei Congressi. There were about 30 attendees including the Chapter Chairs, members of the ComSoc Board of Governors, and ComSoc staff.
      The conference started late afternoon Sunday with a get together including all participants and their companions.
      On Monday at 8:30 a.m. the morning session started with greetings by Celia Desmond, ComSoc President, and Curtis Siller, ComSoc President Elect. Celia also greeted the audience in the name of Tony Davies, Director of Region 8, who could not attend.

Morning Session Presentations:

Afternoon Session Presentations:

      All Chapters making presentations were Achievement Award winners: UK&RI in 2002, ComSoc; St. Petersburg in 2003, ComSoc; Novosibirsk in 2003, Region 8.

Evening:

Tuesday Morning Session Presentation: Breakout Session:       The main goal of this brainstorming session was to create some stimulating ideas for advancement of the Society. The recommendations will be forwarded to the ComSoc Board of Government. The highlights are presented below.

Student Members Retention (coordinated by Jacob Baal Schem):

Members' Professional Benefits (coordinated by Istvan Frigyes): ComSoc­Industry Relations (coordinated by Peter Hill): At Lunch
      The IEEE Communications Society hosted this Region EAME Chapter Chairs Congress to encourage sharing, feedback, and networking among chapter chairs, staff, and volunteers, and exchange ideas and experience. It was also an educational event, presenting the ever changing and vibrant Society trends, goals, and procedures to its flag bearers, the Chapter Chairs.
      By all criteria, it was a very successful (and pleasant!) event, thanks to the efforts of many people.
      Special thanks to those without whom this RCCC could not be as successful as it was:
ComSoc BoG: Celia Desmond, President; Curtis Siller, President Elect; Trevor Clark, VP; Roberto Saracco, VP; and Alex Gelman, VP
Region 8 Committee Members: T. Davies, Director, Jozef Modelski, Chapters Coordinator
ComSoc staff: In particular Carole Swaim, Senior Administrator; John Pape, Marketing Manager; Jack Howell, Executive Director
ComSoc EAME Board: Jacob Baal-Schem, Isthvan Frigyes, and Peter Hill
Presented by: Dr.Adam Livne, Director IEEE ComSoc Region EAME, 2002­2003; Coordinator, IEEE ComSoc Chapters Region 8, 2003­2004

The Directive on the Patentability of Computer-Implemented Inventions

By Josemaria Malgosa-Sanahuja and Joan Garcia-Haro, Spain

      In February 2002, the European Commission presented a proposal for a directive of the European Parliament and Council on the patentability of computer-implemented inventions. With this directive, the Commission tries to achieve three main objectives: to harmonize around all European countries the laws related to patentability issues; second, to modify the current legal framework in order to allow software patents; and finally, to normalize the situation created by the European Patent Office (EPO), which has already accepted about 20,000 software patents.
      It is clear that, due the importance of the software tools in current society and in particular in the business world, this directive caused some controversy. In fact, recently the European Parliament voted more than 50 amendments to the proposed text, and one of them clearly states that patentability is not applicable to software. Now, the European Council and next the European Commission must make appropriate modifications; then the directive will be voted on again in Parliament.
      Why did the European Parliament temporarily stop the process? In the next paragraphs we try to explain some of the technical reasons, but essentially, it is because Parliament is a democratic institution. Therefore, the parliamentarians made the decision mainly considering the impact this law could have on society.
      In recent years, free software has had notable and increasing acceptance among people. GNU programs and Linux operating system are the most remarkable examples. For instance, a program like Apache is widely used in many companies (many of them offering Web services). In addition, some of the programs developed by private software companies are based on GNU projects. With Linux the situation is similar in the sense that it is employed in all society levels: people, private companies, and some government departments. Moreover, a lot of people think that governmental departments must always use free software to manage and store public and personnel data since this is the only way to guarantee privacy. As a consequence, there is no doubt about the benefits free software provides to society.
      But the proposed directive may do irreversible damage to free software. First, by its own nature free software is usually built in a collaborative and altruistic environment. Therefore, it is quite difficult to know which software modules a patent protects. Second, free software is distributed by means of general public license (GPL); consequently, programmers do not obtain incomes. It is very unlikely that someone (remember, in a collaborative environment) wants to protect a GPL program with an unlimited license knowing that this software will never produce economic benefits. Finally, if patentability is approved, free software is more prone to lawsuits because source code is public.
      Some other aspects of the directive are also unpopular. For example, the time period applicable to each patent is 10 years. This timeframe is reasonable and acceptable in other businesses, but in computer science 10 years is an eternity. Another consideration is that software development costs do not need to be protected with a patent since they are generally low (at least compared to other businesses like the chemical industry).
      But perhaps the main fear regarding software patents is that if this directive progresses, some huge companies may become monopolies. For this reason, some people think that the existing copyright laws are enough to protect software costs. Moreover, the absence of software patents does not seriously damage the benefits of big companies since installation and maintenance tasks constitute the real revenue, not the software retail price itself.
      The issue of patentability of computer-implemented inventions is also related to hacking activities. The development of peer-to-peer applications and the low cost of CD and DVD recorders are converting the Internet into a "pirate ship," where songs, movies, and software tools are the favorite items to crack. Is law enforcement the solution to this problem? Are companies really prepared for a new electronic global world? These new questions arise, and the so-called information and knowledge society and its elected representatives have to answer them.