New technique of the computer network
Abstract
The 21 century is an ages of the information economy, being the computer network technique of representative techniques this ages, will be at very fast speed develop soon in continuously creatively, and will go deep into the people's work, life and study. Therefore, control this technique and then seem to be more to deliver the importance. Now I mainly introduce the new technique of a few networks in actuality live of application.
keywords
Internet Network System Digital Certificates Grid Storage
1. Foreword
Internet turns 36, still a work in progress
Thirty-six years after computer scientists at UCLA linked two bulky computers using a 15-foot gray cable, testing a new way for exchanging data over networks, what would ultimately become the Internet remains a work in progress.
University researchers are experimenting with ways to increase its capacity and speed. Programmers are trying to imbue Web pages with intelligence. And work is underway to re-engineer the network to reduce Spam (junk mail) and security troubles.
All the while threats loom: Critics warn that commercial, legal and political pressures could hinder the types of innovations that made the Internet what it is today.
Stephen Crocker and Vinton Cerf were among the graduate students who joined UCLA professor Len Klein rock in an engineering lab on Sept. 2, 1969, as bits of meaningless test data flowed silently between the two computers. By January, three other "nodes" joined the fledgling network.
Then came e-mail a few years later, a core communications protocol called TCP/IP in the late 70s, the domain name system in the 80s and the World Wide Web - now the second most popular application behind e-mail - in 1990. The Internet expanded beyond its initial military and educational domain into businesses and homes around the world.
Today, Crocker continues work on the Internet, designing better tools for collaboration. And as security chairman for the Internet's key oversight body, he is trying to defend the core addressing system from outside threats.
He acknowledges the Internet he helped build is far from finished, and changes are in store to meet growing demands for multimedia. Network providers now make only "best efforts" at delivering data packets, and Crocker said better guarantees are needed to prevent the skips and stutters now common with video.
Cerf, now at MCI Inc., said he wished he could have designed the Internet with security built-in. Microsoft Corp.Yahoo Inc. and America Online Inc., among others, are currently trying to retrofit the network so e-mail senders can be authenticated - a way to cut down on junk messages sent using spoofed addresses.
Many features being developed today wouldn't have been possible at birth given the slower computing speeds and narrower Internet pipes, or bandwidth, Cerf said.
2.Digital Certificates
Digital certificates are data files used to establish the identity of people and electronic assets on the Internet. They allow for secure, encrypted online communication and are often used to protect online transactions.
Digital certificates are issued by a trusted third party known as a certification authority (CA). The CA validates the identity of a certificate holder and “signs” the certificate to a ttest that it hasn’t been forged or altered in any way.
New Uses For Digital Certificates
Digital certificates are now being used to provide security and validation for wireless connections, and hardware manufacturers are one of the latest groups to use them. Not long ago, Version Inc. announced its Cable Modem Authentication Services, which allow hardware manufacturers to embed digital certificates into cable modems to help prevent the pirating of broadband services through device cloning.
Using Version software, hardware makers can generate cryptographic keys and corresponding digital certificates those manufacturers or cable service providers can use to automatically identify individual modems.
This ‘ast-mile’authentication not only protects the value of existing content and services but also positions cable system operators to bring a broad new range of content, applications and value-added services to market.
When a CA digitally signs a certificate, its owner can use it as an electronic passport to prove his identity. It can be presented to Web sites, networks or individuals that require secure access.
Identifying information embedded in the certificate includes the holder’ s name and e-mail address, the name of the CA, a serial number and any activation or expiration data for the certificate. When the CA verifies a user’s identity, the certificate uses the holder’s public encryption key to protect this data.
Certificates that a Web server uses to confirm the authenticity of a Web site for a user’s browser also employ public keys. When a user wants to send confidential information to a Web server, such as a credit-card number for an online transaction, the browser will access the public key in the server’s digital certificate to verify its identity.
Role of Public-Key Cryptography
The public key is one half of a pair of keys used in public-key cryptography, which provides the foundation for digital certificates.
Public-key cryptography uses matched public and private keys for encryption and decrypt ion. These keys have a numerical value that’s used by an algorithm to scramble information and make it readable only to users with the corresponding decryption key.
Others to encrypt information meant only for that person use a person’s public key. When he receives the information, he uses his corresponding private key, which is kept secret, to decrypt the data. A person's public key can be distributed without damaging the private key. A Web server using a digital certificate can use its private key to make sure that only it can decrypt confidential information sent to it over the Internet.
The Web server’s certificate is validated by a self-signed CA certificate that identifies the issuing CA. CA certificates are preinstalled on most major Web browsers, including Microsoft Internet Explorer and Netscape Navigator.
The CA certificate tells users whether they can trust the Web server certificate when it’s presented to the browser. If the validity of the Web server certificate is affirmed, the certificate’s public key is used to secure information for the server using Secure Sockets Layer (SSL) technology.
Digital certificates are used by the SSL security protocol to create a secure “pipe” between two parties that seek confidential communication. SSL is used in most major Web browsers and commercial Web servers.
3. Digital Wallets
----A digital wallet is software that enables users to pay for goods on the Web .It holds credit-card numbers and other personal information such as a shipping address .Once entered,the data automatically populates order fields at merchant sites .
----When using a digital wallet,consumers don’t need to fill out order forms on each site when they purchase an item because the information has already been stored and is automatically updated and entered into the order fields across merchant sites .Consumers also benefit when using digital wallets because their information is encrypted or protected by a private software code .And merchants benefit by receiving protection against fraud .
----Digital wallets are available to consumers free of charge,and they’re fairly easy to obtain .For example,when a consumer makes a purchase at a merchant site that’s set up to handle server-side digital wallets,he types his name and payment and shippin g information into the merchant’s own form .At the end of the purchase,one consumer is asked to sign up for a wallet of his choice by entering a user name and password for future purchases .Users can also acquire wallets at a wallet vendor’s site .
----Although a wallet is free for consumers,vendors charge merchants for wallets .
----Digital wallets come in two main types: client-side and server- side .Within those divisions are wallets that work only on specific merchant sites and those that are merchant agnostic .
----Client-based digital wallets,the older of the two types,are falling by the wayside,according to analysts,because they require users to download and install
software .A user downloads the wallet application and inputs payment and mailing information .At that point,the information is secured and encrypted on the user’s hard drive .The user retains control of his credit card and personal information locally .
----With a server-based wallet,a user fills out his personal information,and a cookie is automatically downloaded .(A cookie is a text contains information about the user .)In this scenario,the consumer information resides on the server of a financial institution or a digital wallet vendor rather than on the user’s PC .
----Server-side wallets provide assurance against merchant fraud because they use certificates to verify the identity of all parties .When a party makes a transaction,it presents its certificate to the other parties involved .A certificate is an attachment to an electronic message used to verify the identity of the party and to provide the receiver with the means to encode a reply .
----Furthermore,the cardholder’s sensitive data is typically housed at a financial institution,so there’s an extra sense of security because financial environments generally provide the highest degree of security .
----But even though wallets provide easy shopping online,adoption hasn’t been widespread .
----Standards are pivotal to the success of digital wallets .
----Last month,major vendors,including Microsoft Corp ., Sun Microsystems Inc .and America Online Inc .announced their endorsement of a new standard called EMCL,or E-Commerce Modeling Language,to give Web merchants a standardized way to collect electronic data for shipping,billing and payment .
4. Grid Storage
Definition: Grid storage, analogous to grid computing, is a new model for deploying and managing storage distributed across multiple systems and networks, making efficient use of available storage capacity without requiring a large, centralized switching system.
A grid is, in fact, a meshed network in which no single centralized switch or hub controls routing. Grids offer almost unlimited scalability in size and performance
because they aren’t constrained by the need for ev er-larger central switches. Grid networks thus reduce component costs and produce a reliable and resilient structure.
Applying the grid concept to a computer network lets us harness available but unused resources by dynamically allocating and deal locating capacity, bandwidth and processing among numerous distributed computers. A computing grid can span locations, organizations, machine architectures and software boundaries, offering power, collaboration and information access to connected users. Universities and research facilities are using grids to build what amounts to supercomputer capability from PCs, Macintoshes and Linux boxes.
After grid computing came into being, it was only a matter of time before a similar model would emerge for making use of distributed data storage. Most storage networks are built in star configurations, where all servers and storage devices are connected to a single central switch. In contrast, grid topology is built with a network of interconnected smaller switches that can scale as bandwidth increases and continue to deliver improved reliability and higher performance and connectivity.
Based on current and proposed products, it appears that a grid storage system should include the following:
Modular storage arrays: These systems are connected across a storage network using serial ATA disks. The systems can be block-oriented storage arrays or network-attached storage gateways and servers.
Common virtualization layer: Storage must be organized as a single logical pool of resources available to users.
Data redundancy and availability: Multiple copies of data should exist across nodes in the grid, creating redundant data access and availability in case of a component failure.
Common management: A single level of management across all nodes should cover the areas of data security, mobility and migration, capacity on demand, and provisioning.
Simplified platform/management architecture: Because common management is so important, the tasks involved in administration should be organized in modular fashion, allowing the auto discovery of new nodes in the grid and automating volume and .
Three Basic Benefits
Applying grid topology to a storage network provides several benefits, including the following:
Reliability. A well-designed grid network is extremely resilient. Rather than providing just two paths between any two nodes, the grid offers multiple paths between each storage node. This makes it easy to service and replace components in case of failure, with minimal impact on system availability or downtime.
Performance. The same factors that lead to reliability also can improve performance. Not requiring a centralized switch with many ports eliminates a potential performance bottleneck, and applying load-balancing techniques to the multiple paths available offers consistent performance for the entire network.
Scalability. It’s easy to expand a grid network using inexpensive switches with low port counts to accommodate additional servers for increased performance, bandwidth and capacity. In essence, grid storage is a way to scale out rather than up, using relatively inexpensive storage building blocks.
计算机网络
摘要:
21世纪是信息经济的时代,作为这个时代的代表技术,计算机网络技术将在非常快的速度发展很快,不断创造性地将进入人们的工作,学习和生活中深。
因此,控制这种技术,然后似乎更提供的重视。现在,我主要介绍一些在现实的网络新技术现场应用。
关键字:
网络系统互联网数字证书网格存储
1.前言:
互联网变成36,仍然在进行中的工作
36年后在加州大学洛杉矶分校的计算机科学家相连两台笨重的计算机用一条15英尺长的灰色电缆,测试在网络上交换数据的新方法,最终产生了互联网仍然是一个正在进行的工作。
大学的研究人员正在试验方法,以增加其容量和速度。编程人员正在设法注入更多的智能网页。和工作正在进行重新设计网络以减少垃圾邮件(垃圾邮件)和安全麻烦。
所有的威胁一直是存在:批评人士警告说,商业,法律和政治压力可能会阻碍创新的类型,使互联网是今天。
Stephen Crocker和Vinton Cerf同谁的研究生参加了对1969年9月2日工程实验室,加州大学洛杉矶分校教授Len克莱瑞克作为数据传输试验,静静地流过两台计算机之间。到1月,其他三个“节点”加入这个网络。
接着出现了电子邮件,几年后,一个核心通信协议,TCP / IP协议在70年代末,80年代中的域名系统和万维网-现在第二个最受欢迎的背后电子邮件在1990年-应用。在Interbetween两台计算机。到1月,其他三个“节点”加入这个网络。净扩大,超出了最初的军事和教育纳入企业和世界各地的家庭域。
现在,Crocker还在从事互联网的工作,为网络协作设计更好的工具。作为互联网安全的关键监督机构的主席,他是为了捍卫核心处理来自外部的威胁系统。
他承认,他帮助建立互联网还远远没有完成,在商店的变化,以满足多媒体日益增长的需求。网络供应商现在只是“最大努力”在提供数据包,克罗克说,需要更好的保障,以防止和结结巴巴跳过现在视频常见。
瑟夫,现在在MCI公司说,他希望他可以设计出具有内置安全性的互联网英寸微软,雅虎和美国在线等,目前正在努力改造的网络,电子邮件发送者可以验证-一种方法减少了发送垃圾邮件使用伪造的地址。
许多目前正在开发的功能在出生就没有可能发生,由于计算机速度很慢窄互联网管道,或带宽,瑟夫说。
2.Digital证书
数字证书是数据文件,用于建立人民和因特网上的电子资产的身份。他们允许安全,加密的网络通信和经常被用来保护网上交易。
数字证书颁发由信任的第三方作为认证机构(CA)已知的缔约国。 CA的验证证书持有人的“标志”证书的身份证明,它没有被伪造或以任何方式改变。
使用新数字证书
数字证书是目前用来提供安全和无线连接验证,和硬件制造商最新的群体之一来使用它们。不久前,VeriSign公司宣布Cable Modem的认证服务,它允许嵌入数字证书到电缆调制解调器硬件制造商,以帮助防止通过设备克隆盗版的宽带服务。
使用VeriSign的软件,硬件制造商可以生成密钥和相应的数字证书,制造商或有线电视服务提供商可以使用自动识别个人调制解调器。
这'同工酶mile'authentication不仅保护了现有的内容和服务,而且位置有线电视系统业者的价值带来广泛的内容,应用和价值的各种增值服务推向市场。
当数字证书是由CA签署的,其所有者可以使用电子护照,以证明他的身份。它可以提交给网站,网络或个人,需要安全的访问。
识别信息嵌入在证书中包括持有人'姓名和电子邮件地址,CA的,序列号和激活或到期的任何名称的凭证资料。当用户的身份是由CA验证,使用证书持有人的公开加密密钥,以保护这些数据。
公共密钥还聘请证书,Web服务器用来确认了用户的浏览器网站的真实性。当用户想发送,如信用卡号码机密信息的Web服务器,网上交易,浏览器将访问服务器的数字证书的公钥来验证其身份。
角色的公钥加密
公共密钥是一个公共钥匙加密,它提供了基础,采用数字证书密钥对的一半。
公开密钥加密使用匹配的加密和解密公钥和私钥。这些键有一个数字值的使用对加密信息的算法,使其只对用户可读与相应的解密密钥。
一个人的公共密钥用于加密他人的信息只能用于人的意思。当他收到的信息,他还是用相应的私钥,这是保密的,对数据进行解密。一个人的公钥可以分布不损坏私钥。 Web服务器使用数字证书可以使用它的私钥,以确保只有它才能解密的机密资料通过互联网传送给它。
Web服务器的证书验证了自签名的CA证书,标识颁发CA。 CA证书是预装在大多数主要的Web浏览器,包括Microsoft Internet Explorer和Netscape Navigator。
CA证书告诉用户他们是否可以信任的Web服务器证书时,它在浏览器里。如果Web服务器证书是肯定的有效性,该证书的公钥是用来确保为使用安全套接字层(SSL)技术的服务器信息。
使用数字证书的SSL安全协议,以创造一个安全的“,双方之间的管道”,寻求保密通信。使用SSL在大多数主要的Web浏览器和商业Web服务器。3。数字钱包
----一个数字钱包软件,使用户支付的货物在网络上。它拥有如送货地址,信用卡号码和其他个人资料。一旦输入后,数据自动填充在商业网站秩序领域。
----在使用电子钱包,消费者并不需要填写在每个网站上订购表格,当他们购买,因为这些信息已经存储的项目,并自动更新,并成为全国的商业网站字
段中输入的顺序。消费者也有利于使用,因为他们的信息被加密或由私人软件代码保护的数字钱包。和商人的利益,接受保护,防止欺诈。
----数码钱包,可向消费者免费的,而且他们很容易获得。例如,当消费者在作出购买的商业网站的建立,处理服务器端,他种的数字化钱包名称和付款和发货信息的商人到自己的形式在购买结束。,一个消费者是要求注册输入一个用户名和密码为自己选择未来的钱包购买。用户也可以收购一钱包供应商的网站。
----虽然钱包是免费为消费者,供应商收取的钱包商人。
----数字钱包有两种主要类型:客户端和服务器端。在这些部门的钱包,工作只在特定的商业网站和那些商人无关。
----客户端的数字钱包,该两种年龄增长,在路边下降,据分析,因为它们需要用户下载和安装软件。用户下载的应用和投入钱包付款和邮寄资料。在这一点上,信息安全,并在用户的硬盘驱动器加密。用户保留了他的信用卡和个人信息在当地的控制。
----与服务器的钱包,用户填写的个人信息,以及一个Cookie会自动下载。(Cookie是文本文件,它包含有关用户的信息。)在这种情况下,消费者信息驻留而不是在用户的PC服务器的金融机构或数字钱包供应商。
----服务器端钱包提供针对商家欺诈保证,因为他们使用证书验证各方的身份。当一方做出交易,它提供其证书的其他有关各方。证书是对电子附件消息用来验证党的身份,并提供了手段,编码答复接收器。
----此外,持卡人的敏感数据通常设在一个金融机构,因此,有一个额外的安全意识,因为金融环境的一般规定的安全程度最高。
----但是,即使钱包网上购物提供方便,通过尚未普遍。
----标准是至关重要的数字钱包的成功。
----上个月,主要厂商,包括微软。,Sun微系统公司。和美国在线公司。宣布了他们在新标准通过所谓EMCL,或电子商务模型语言,让商人网络标准化的方法收集航运,结算和支付电子数据。
4。网格存储
定义:网格存储,类似于网格计算,是部署和管理多个系统和网络,分布式存储的新模式,使无需很高,集中交换系统的可用存储容量的有效利用。
一个网格,实际上是一个网状网络中没有任何一台中央交换机或集线器控制路由。网格提供了几乎无限的可扩展性,在尺寸和性能,因为它们不是由任何大型中央交换机需要限制。网格网络,从而减少元件成本,生产出可靠的,有弹性的结构。
应用网格的概念,计算机网络,使我们能够通过动态分配和释放能力,在众多的带宽和分布式计算机处理,但可利用未使用的资源。阿网格计算可以跨越地区,组织,机器结构和软件的界限,带来力量,协作和信息访问连接的用户。大学和研究设施是用电网建设从个人电脑,Macintoshes和Linux箱什么相当于超级计算机的能力。
经过网格计算应运而生,它是在一个类似的模型只是一个时间问题,呈现利用分布式数据存储使用。大多数存储网络建成,所有服务器和存储设备连接到一个单一的中央交换机明星配置。相比之下,网格拓扑结构建立一个相互连接的小型交换机,可以随着带宽的增加,并继续提供更高的可靠性和更高的性能和连接网络。
根据目前的和拟议的产品,似乎网格存储系统应包括以下内容:
模块化存储阵列:这些系统都是在存储使用串行ATA磁盘网络连接。该系统可以面向块存储阵列或网络附加存储网关和服务器。
通用虚拟层:存储必须作为一个单一的资源提供给用户的逻辑区举办。
数据冗余和可用性:数据的多个副本,应存在于不同节点的网格,建立冗余的数据存取和一个部件出现故障时的可用性。
共同管理:统一管理水平,在所有节点应包括数据处理领域的安全性,流动性和迁移,对需求的能力,和供应。
简化平台/管理架构:由于共同的管理是如此重要,在行政工作的任务应该组织模块化方式,允许在新的节点网格的自动搜索和自动化卷和文件管理。
三个基本保障
应用网格拓扑结构的存储网络提供了几个好处,包括以下内容:
可靠性。一个设计良好的网格网络是非常有弹性。而不是提供只有两个任意两个节点之间的路径,网格提供了每个存储节点之间的多条路径。这便于服务和替换部件的故障的情况下,与系统的可用性或停机时间的影响微乎其微。
性能。同样的因素导致可靠性,也可以提高性能。不要求与许多港口集中开关消除潜在的性能瓶颈,并采用负载均衡技术的多条路径为整个网络可提供一致的性能。
可扩展性。可以很容易地扩展网格网络,利用廉价的低端口交换机数量以适应更高的性能,带宽和容量额外的服务器。从本质上讲,网格存储的一种方法,而不是向外扩展时,采用价格相对低廉的存储单元。