NEBULA: Future Internet Architecture
NEBULA is a future Internet architecture that is intrinsically more secure and addresses threats to the emerging computer utility capabilities (called cloud computing) while meeting the challenges of flexibility, extensibility and economic viability. NEBULA’s architecture surrounds a highly-available and extensible core network interconnecting data centers with new trustworthy transit and access networks that enable many new forms of distributed communication and computing...A major technical concern for such an architectural vision is trustworthiness, e.g., that each user’s data is kept private and that communication is always avail able. NEBULA addresses the security properties of confidentiality, integrity and availability with a systems approach. NEBULA has three interrelated parts:
- The NEBULA Data Plane (NDP) exploits cryptographic mechanisms to establish trustworthy paths among NEBULA routers and to provide policy-compliant paths. NDP includes flexible access control, as well as a defense against availability attacks (e.g., DoS), by employing a novel provenance approach to network path establishment, in which information about the origin of data is required.
- The NEBULA Virtual and Extensible Networking Techniques (NVENT) is a control plane for NEBULA that provides access to application-selectable service and network abstractions, such as redundancy, consistency, and policy routing. NVENT offers policy-selectable network abstractions, including multipath routing and use of new networks as they become available.
- The NEBULA Core (NCore) redundantly interconnects enterprise data centers containing replicated data with ultra-high availability, next-generation core routers developed in collaboration with Cisco.