SlideShare a Scribd company logo

Rina advantages for large scale decentralized applications

Download as PPTX, PDF
Predictable Network Solutions Ltd.
Predictable Network Solutions Ltd.

How Recursive InterNetworking Architecture helps with large-scale distributed and decentralised applications, using Cardano as an example

1 of 12
© Predictable Network Solutions Ltd 2018 www.pnsol.com RINA advantages for large-scale decentralized applications Peter Thompson, CTO Predictable Network Solutions Ltd
© Predictable Network Solutions Ltd 2018 2 www.pnsol.com Large-scale distributed applications • Moving to a world in which almost all applications are distributed • Many use client/server model • ‘Big’ applications (Google, Facebook, Netflix etc.) try to localize • Caching/CDNs • Load-balancing/redirection • ‘anycast’ addresses • Get traffic onto their own infrastructure as early as possible • Now seeing applications that are distributed on a large scale • Distributed databases • Distributed ledgers (blockchain)
© Predictable Network Solutions Ltd 2018 3 www.pnsol.com Challenges for large-scale distributed apps • Delivering adequate and consistent performance • Especially if the network of participating nodes evolves dynamically • Having resilience against connectivity failures • Bearer failure, route poisoning etc. • Having resistance against (D)DoS attacks • IP association-by-default makes DDoS attacks too easy to mount • Enabling effective use of non-standard communication channels • E.g. LEO/MEO satellites • Maintaining security and enabling appropriate end-user anonymity • With appropriate levels of assurance
© Predictable Network Solutions Ltd 2018 4 www.pnsol.com Solution approaches • Large-scale distributed applications need a set of capabilities that support efficient, secure, interprocess communication at scale • They also need a framework that is sufficiently general and flexible to adapt easily as requirements evolve • A piecemeal approach to addressing these challenges will not deliver a robust and sustainable solution • Continuing with ‘business as usual’ creates unmanageable complexity that will consume an ever-increasing fraction of development and maintenance resources • Instead, we need a consistent framework • To define and describe issues and posit and refine solutions • Without piling up complexity and technical debt
© Predictable Network Solutions Ltd 2018 5 www.pnsol.com IP limitations • IP networks constrain any globally distributed system • Difficult to deliver effective and performant operation over the existing global network infrastructure • Issues are embedded in the design of IP networking, and also in its implementation and operation • The original notion of a 'datagram' is entirely sound • However IP, and the implicit use of it to create 'circuits', has created a set of hazards (e.g. BGP routing hijacks) that are hard to mitigate while remaining within its paradigm
© Predictable Network Solutions Ltd 2018 6 www.pnsol.com Why RINA? RINA stands out as a uniquely coherent approach to networking issues There are several areas where RINA can supply a better / more sustainable starting point than current IP: 1. Hardening • Reducing the threat surface that exists in IP • Having better mitigation strategies for such threats 2. Performance assurance • Needed to create a robust and trustworthy infrastructure 3. Supporting multiple communication patterns • Maintaining security and (appropriate) anonymity
© Predictable Network Solutions Ltd 2018 www.pnsol.com Example: Cardano Globally distributed blockchain ledger
© Predictable Network Solutions Ltd 2018 8 www.pnsol.com Cardano • Distributed cryptographic ledger • Participating nodes keep copies of the ledger • Organised as a sequence of blocks containing ‘transactions’ • Blocks linked by cryptographic checksums • Authenticity of a block is assured by the sequence of subsequent blocks that refer back to it (the ‘blockchain’) • Consensus on ‘correct history’ achieved by ‘proof of stake’ algorithm • Much more efficient than Bitcoin (‘proof of work’) • Initial development funded by IOHK
© Predictable Network Solutions Ltd 2018 9 www.pnsol.com Cardano – particular challenges • Blocks and transactions should be diffused to many participating nodes in 20s • Nodes can be anywhere in the world • Topology is random (to mitigate certain attacks) and dynamic (nodes can join and leave at will) • Some nodes are assumed to be potentially adversarial • Anyone can put up a node and join the network • All decision-making must be distributed • No central point of management • The system should have a high level of assurance • $Billions of value are at stake
© Predictable Network Solutions Ltd 2018 10 www.pnsol.com Cardano – using RINA • Aim to replace current Cardano network layer • With a robust, performant RINA stack • Using IP connections as point-to-point bearers only • Create a coherent design for a real-world operational environment • Including various types of attacks • Building on 10+years of R&D • Build in performance as a first-class design objective • Support high-assurance verification • Implementation in Haskell (like the rest of Cardano) • Potential for formal proof
© Predictable Network Solutions Ltd 2018 www.pnsol.com 11 Make RINA ‘provable’ • Existing implementations show RINA isn’t hard to implement • But aren’t designed for formal verification • Re-implementing in Haskell with provability as a goal • Must also meet performance targets • Have to deal with garbage collection • Develop a general DSL for expressing policies • Independent of language used for RINA implementation Harden RINA • RINA natively provides defence against ‘outside’ threats by requiring authentication to join a DIF etc. • However the management model is centralised and assumes a level of trust • Must be decentralised • Need to deal with bad actors on the inside Challenges
© Predictable Network Solutions Ltd 2018 www.pnsol.com 12 • Design for provability • High-quality specifications • Define invariants • Guides test strategy • Formal proof for key features • Including performance • Graceful degradation by design • Need to be able to emulate time • Run tests faster than real-time Executable specification tests Specification test results Implementation test results Implementation tests Semi-formal high-assurance approach

More Related Content

Rina advantages for large scale decentralized applications

  • 1. © Predictable Network Solutions Ltd 2018 www.pnsol.com RINA advantages for large-scale decentralized applications Peter Thompson, CTO Predictable Network Solutions Ltd
  • 2. © Predictable Network Solutions Ltd 2018 2 www.pnsol.com Large-scale distributed applications • Moving to a world in which almost all applications are distributed • Many use client/server model • ‘Big’ applications (Google, Facebook, Netflix etc.) try to localize • Caching/CDNs • Load-balancing/redirection • ‘anycast’ addresses • Get traffic onto their own infrastructure as early as possible • Now seeing applications that are distributed on a large scale • Distributed databases • Distributed ledgers (blockchain)
  • 3. © Predictable Network Solutions Ltd 2018 3 www.pnsol.com Challenges for large-scale distributed apps • Delivering adequate and consistent performance • Especially if the network of participating nodes evolves dynamically • Having resilience against connectivity failures • Bearer failure, route poisoning etc. • Having resistance against (D)DoS attacks • IP association-by-default makes DDoS attacks too easy to mount • Enabling effective use of non-standard communication channels • E.g. LEO/MEO satellites • Maintaining security and enabling appropriate end-user anonymity • With appropriate levels of assurance
  • 4. © Predictable Network Solutions Ltd 2018 4 www.pnsol.com Solution approaches • Large-scale distributed applications need a set of capabilities that support efficient, secure, interprocess communication at scale • They also need a framework that is sufficiently general and flexible to adapt easily as requirements evolve • A piecemeal approach to addressing these challenges will not deliver a robust and sustainable solution • Continuing with ‘business as usual’ creates unmanageable complexity that will consume an ever-increasing fraction of development and maintenance resources • Instead, we need a consistent framework • To define and describe issues and posit and refine solutions • Without piling up complexity and technical debt
  • 5. © Predictable Network Solutions Ltd 2018 5 www.pnsol.com IP limitations • IP networks constrain any globally distributed system • Difficult to deliver effective and performant operation over the existing global network infrastructure • Issues are embedded in the design of IP networking, and also in its implementation and operation • The original notion of a 'datagram' is entirely sound • However IP, and the implicit use of it to create 'circuits', has created a set of hazards (e.g. BGP routing hijacks) that are hard to mitigate while remaining within its paradigm
  • 6. © Predictable Network Solutions Ltd 2018 6 www.pnsol.com Why RINA? RINA stands out as a uniquely coherent approach to networking issues There are several areas where RINA can supply a better / more sustainable starting point than current IP: 1. Hardening • Reducing the threat surface that exists in IP • Having better mitigation strategies for such threats 2. Performance assurance • Needed to create a robust and trustworthy infrastructure 3. Supporting multiple communication patterns • Maintaining security and (appropriate) anonymity
  • 7. © Predictable Network Solutions Ltd 2018 www.pnsol.com Example: Cardano Globally distributed blockchain ledger
  • 8. © Predictable Network Solutions Ltd 2018 8 www.pnsol.com Cardano • Distributed cryptographic ledger • Participating nodes keep copies of the ledger • Organised as a sequence of blocks containing ‘transactions’ • Blocks linked by cryptographic checksums • Authenticity of a block is assured by the sequence of subsequent blocks that refer back to it (the ‘blockchain’) • Consensus on ‘correct history’ achieved by ‘proof of stake’ algorithm • Much more efficient than Bitcoin (‘proof of work’) • Initial development funded by IOHK
  • 9. © Predictable Network Solutions Ltd 2018 9 www.pnsol.com Cardano – particular challenges • Blocks and transactions should be diffused to many participating nodes in 20s • Nodes can be anywhere in the world • Topology is random (to mitigate certain attacks) and dynamic (nodes can join and leave at will) • Some nodes are assumed to be potentially adversarial • Anyone can put up a node and join the network • All decision-making must be distributed • No central point of management • The system should have a high level of assurance • $Billions of value are at stake
  • 10. © Predictable Network Solutions Ltd 2018 10 www.pnsol.com Cardano – using RINA • Aim to replace current Cardano network layer • With a robust, performant RINA stack • Using IP connections as point-to-point bearers only • Create a coherent design for a real-world operational environment • Including various types of attacks • Building on 10+years of R&D • Build in performance as a first-class design objective • Support high-assurance verification • Implementation in Haskell (like the rest of Cardano) • Potential for formal proof
  • 11. © Predictable Network Solutions Ltd 2018 www.pnsol.com 11 Make RINA ‘provable’ • Existing implementations show RINA isn’t hard to implement • But aren’t designed for formal verification • Re-implementing in Haskell with provability as a goal • Must also meet performance targets • Have to deal with garbage collection • Develop a general DSL for expressing policies • Independent of language used for RINA implementation Harden RINA • RINA natively provides defence against ‘outside’ threats by requiring authentication to join a DIF etc. • However the management model is centralised and assumes a level of trust • Must be decentralised • Need to deal with bad actors on the inside Challenges
  • 12. © Predictable Network Solutions Ltd 2018 www.pnsol.com 12 • Design for provability • High-quality specifications • Define invariants • Guides test strategy • Formal proof for key features • Including performance • Graceful degradation by design • Need to be able to emulate time • Run tests faster than real-time Executable specification tests Specification test results Implementation test results Implementation tests Semi-formal high-assurance approach