Understanding technology; security and the networks of the future

The recent loss of HM Revenue and Customs’ CDs has sent a shock wave through government, and some parts of industry. Those responsible for processing data are checking their security controls, processes and generally looking at their security cultures, while those in government with security projects are undoubtedly rubbing their hands in glee, safe in the knowledge that funding will be heading their way.

What is perhaps more surprising than the loss of the data is that it was being transferred in that manner in the first place. If video is being delivered to mobile phones, lives are being organised through social networking sites and cars can automatically telephone the emergency services when they crash, then why on earth is the government sending such sensitive data on unencrypted CDs through the post between two of its own organisations?

Next-generation networks
IP technology provides a fast and secure environment in which to transfer data. Gigabytes of data are routinely transferred over both private networks and indeed over the Internet every hour without incident. Not only that, but the convergence of just about everything onto a common platform, the personal computer, and onto a common next-generation network (NGN) infrastructure (using IP) allows the same cheap security tools to be used for protecting almost any information whether in transit or whilst being stored. The level of protection on your latest iTunes download was light-years ahead of anything that appears to have been used in sending sensitive data between government departments.

Even the most trivial of security architectures would have been better than using a courier service. Routers on the edge of a network can easily encrypt the data from the moment it leaves the building to the moment it arrives at its destination. This is without a single modification to the application transferring the information or indeed without any change in process, procedure or culture at either end. Technology that is readily available in any NGN.

Not only does the use of NGNs make sense from a security perspective, it also allows a single approach to ensuring things carry on working. Assuming you follow good practice in designing your single IP network, it’s possible to achieve high degrees of resilience. Government in fact estimate that the resilience of typical NGN services is likely to be suitable for ‘impact level 4’ applications (essentially services the loss of which may cause prolonged distress, the loss of up to £1m or have a similar impact). And that’s before any special precautions are taken!

Sharing information
So why, given all this advanced networking technology was the data on CDs in the first place?

Ironically one of the reasons people transfer data to CDs is that the security technology that’s already in place means it’s not easy to make direct connections between two sites for the transfer of large amounts of data on an ad-hoc basis.

Email tends to stop working at around 10Mb; upper limits are in place in most businesses to protect mail servers. Email also provides little opportunity for security – whilst reading someone’s email is a relatively challenging operation on a well set-up installation, inserting fake emails into the system is very trivial – just ask your local spam merchant!

Businesses that transfer a lot of data regularly can set up dedicated servers for transferring information. Connections through extranet servers can be private rather than over the Internet for additional reliability and increased speed of transfer – for larger files the Internet may simply not be fast enough.

It is also possible to establish encrypted tunnels between end points across private or public networks that ensure the safety of information in transit between locations.

All of these however require planning and capital investment in advance. They have long lead times and the resulting applications are inflexible. Businesses implementing this type of system will also have the problem of managing authentication and all the overhead that goes with it.

The future
In the background – in committees, standards bodies and industry working groups – the telecommunications industry is undergoing another revolution. People with beards and particular types of cardigan are thrashing out the specifications of how NGNs will interconnect with each other. Until now, NGN networks were typically the domain of a single operator. Connections between operators were limited to specific applications such as voice, GPRS or to link broadband telecommunications providers with ISPs.

The transfer of telephony services onto IP is one of the key enablers of this transition.

NGN interconnects will also bring about a whole new range of features, products and services. A networking standard known as the session initiation protocol (or SIP) is replacing the old ISDN system used to make telephone calls.

The new NGNs (that’ll be a next generation next-generation network – NGN2 anybody?) will deliver identity, new quality of service features, flexible bandwidth, voice, video, data, presence, location information, roaming between access technologies and improved security. The infrastructure that provides this will also use common interfaces to allow the development of applications that talk directly to the network.

What makes the NGN standards special is that these features will not be restricted to closed user groups. NGN interconnects will make communication using these features possible with anyone, anywhere in the world on any provider, using any type of device.

So what?

What does this mean for the HMRC and their difficulty with a simple file transfer?

It provides the ability to open a connection between the two organisations to transfer a large file. Convergence will mean that if you can make a phone call using an NGN 2.0 service then it’s equally easy to transfer data.

The ability to do this rapidly is key; billing is likely to be based on the amount of data transferred, so there will be no penalty for transferring the data quickly if the access bandwidth is available. The SIP protocol allows as much bandwidth as is required to be allocated, all without affecting other users on the network (a technical term slightly confusingly called Quality of Service). With next-generation access networks getting faster all the time, transferring a CD over the network may only take 10 or 20 seconds – try doing that today on the Internet!

The NGN will also provide a feature known as identity. This, stripped down to its bare essentials, is a set of ideas and techniques that allow users and systems to recognise each other. A phone call today has, if you have it enabled, CLID or calling line identification. This provides some primitive assurance as to who is calling you – or rather which telephone line is calling.

For transferring data as sensitive as bank account information and addresses you’d like a great deal of certainty over the destination.

The identity features of an NGN will provide this certainty, and flexibility with it: for business use it may be more important to understand what part or the organisation you are sending the data to, or receiving it from. For example, “The Accounts Department at HMRC” is more useful than “John Smith”. For personal use it may be good to withhold some information, and perhaps create an identity “John S”, but when you interact with the government to renew your passport they’ll need some certainty that you really are “John Smith, born in Reading, UK, 2nd October 1970”.

NGN identity features will cater for varying degrees of certainty and varying amounts of information.

Shorter term solutions

The rapid progress in information processing and communications in recent decades is set to continue, if not accelerate. Whilst it’s easy to look at this simple example of transferring data securely, I’m certain that we haven’t even imagined some of the advantages and uses of this technology to date. Applications developed on top of the network platform will transform business models.

Unified communications solutions delivered over NGNs are here today – delivering VoIP and many of the advanced services that the NGN 2.0 architecture will later integrate globally.

Embracing these solutions today will not only realise benefits now but will also significantly move businesses further down the next-generation communication experience curve. This early understanding of the technology will position organisations to gain the earliest advantage possible from advanced services and applications as they become available.

For more, please visit www.thus.net.