The eXpressive Internet Architecture (XIA) Project, a next-generation network architecture that fixes security and reliability deficiencies now threatening the viability of the Internet, is one of four new projects funded through the Future Internet Architecture Program of the National Science Foundation's Computer and Information Science and Engineering (CISE) Directorate. The proposed architecture will include intrinsic security features so that users can be assured that the websites they access and the documents they download are legitimate. XIA also will include features that will help users find the content they seek wherever it is most accessible, speeding information retrieval while easing network traffic.
"Today’s Internet is vital to the functioning of our economy and society, yet it is under enormous pressure as security attacks become more sophisticated and as new uses continue to multiply," explains Peter Steenkiste. "Obviously, a lot of wisdom is embedded in the current Internet and we’ll retain that. But parts of it are clearly broken and can’t be fixed with incremental steps."
Steenkiste, the principal investigator for XIA, said many building blocks for correcting the Internet's deficiencies have been developed by various researchers. Putting them together into a usable, working system remains a major challenge, though researchers expect to have a prototype system operating within a year. To explore the technical challenges, the usability issues and public policy implications, the XIA project will draw upon the expertise of researchers across CMU's School of Computer Science and the College of Engineering, as well as colleagues from Boston University and the University of Wisconsin.
Today's Internet is a host-based system in which communications occur by exchanging packets of information over the network between host computers. For instance, a user wishing to read the CNN home page would send a request to the CNN host site, which would then send that content back to the user's host computer. But that same content may well exist on numerous computers, many of which may be closer or more accessible to the user than the CNN site. So XIA will enable users to address packets for the content they seek, rather than to a host site, which could significantly reduce network traffic by eliminating redundant downloads.
XIA will include intrinsic security features so users can be confident that their communications are trustworthy. For instance, the numeric codes that computers will use to identify documents will be hash values -- strings of digits that are mathematically calculated based on the content of each document. A computer can thus mathematically determine whether the document it receives is consistent with the hash value that identifies it, or if it has been altered. Likewise, XIA will use another self-certifying method, called Accountable Internet Protocol, to ascertain that websites are legitimate using public key cryptography. These security features promise to reduce denial-of-service attacks, phishing attacks and the hijacking of messages.