Monday, September 22, 2008

Assignment No.1

1. Explain the cirumstances under which a token-ring netwrok is more effective than an Ethernet network.
Token-Ring Network
----A type of computer network in which all the computers are arranged (schematically) in a circle. A token, which is a special bit pattern, travels around the circle. To send a message, a computer catches the token, attaches a message to it, and then lets it continue to travel around the network.
----Also see token passing.
----When capitalized, Token Ring refers to the PC network architecture developed by IBM. The IBM Token-Ring specification has been standardized by the IEEE as the IEEE 802.5 standard.


More Effective:
----Unlike Ethernet, Token Ring uses a ring topology whereby the data is sent from one machine to the next and so on around the ring until it ends up back where it started. It also uses a token passing protocol which means that a machine can only use the network when it has control of the Token, this ensures that there are no collisions because only one machine can use the network at any given time.
http://www.datacottage.com/nch/troperation.html

2. Although security issues were not mentioned in this chapter, every network owner must consider them. Knowing that open networks all data to pass to every node, describe the posssible security concerns of open network achitectures. include the implicatiions of passing logon procedures, user IDs, and passwords openly on the network.

Security concern:

Internet and Network Attacks

Intruders spread viruses through network/internet. eg. email attachent. Without permission from the authoritative supervisors, no network system manager may browse the personal files of users. In case of the discovery of any suspicious events regarding network security, network system managers shall follow the authorization regulations and use automatic search tools to check files.

Unauthorized Access and Use

Unauthorized access is the use of a computer or network without permission. Unauthorized use is the use of a computer or its data for unapproved or possibly illegal activities.

Controlling Network

The network administrator, the person overseeing network operations, uses the network OS to add and remove users, computers, and other devices to and from the network. The network administrator also uses the network operating system to install software and administer network security.

Administering Security

The network administrator uses the network OS to establish permissions to resources. These permissions define who can access certain resources and when they can access those resources.

Access Control



3. Remembering the discussion of deadlocks, if you were designing a networked system, how would you manage the treat of deadlocks in your network? Consider all of the following: prevention, detection, avoidance, and recovery.

Deadlock prevention

Attacking Mutex condition
never grant exclusive access. but this may not be possible for several resources.

Attacking preemption
not something you want to do.

Attacking hold and wait condition
make a process hold at the most 1 resource at a time.
make all the requests at the beginning. All or nothing policy. Attacking circular wait

Order all the resources.
Make sure that the requests are issued in the correct order so that there are no cycles present in the resource graph.

Deadlock detection

A method is described for checking deadlock in a telecommunication network including a first activated backup connection for protecting traffic over a first intended connection. The method includes the steps of checking a reversion blocked status of the first intended connection by checking if the segments of the first intended connection are available or not available, in case of detecting the reversion blocked status of the first intended connection identifying activated backup connections using the not available segments of the first intended connection, identifying the corresponding intended connections, checking the reversion blocked status of each identified corresponding intended connection by checking if the corresponding segments are available or not available, in case of detecting the reversion blocked status of an identified corresponding intended connection checking if a corresponding not available segment is included in the first backup connection. The method further provides the indication of the intended connections involved in the deadlock.

Deadlock avoidance

In an apparatus having a network including successive stages of cross-point switches which collectively interconnect a plurality of nodes external to said network, wherein at least one message is carried between one of the nodes and one of the cross-point switches over a route through said network, a method for preventing routing deadlocks from occurring in the network which comprises the steps of: creating a graphical representation of the network; searching for the existence of cycles within the graphical representation; partitioning the graphical representation into at a first subgraph and a second subgraph if cycles exist in the graphical representation; searching for the existence of edges directed from the first subgraph to the second subgraph; and removing the edges directed from the first subgraph to the second subgraph. Preferably the step of partitioning the network into at a first subgraph and a second subgraph is performed such that the first subgraph and the second subgraph have an equal number of vertices, a number of directed edges from the first subgraph to the second subgraph is minimized so as to minimize the number of routes prohibited, and a set of partition constraints are satisfied. The method is recursively applied to the first subgraph and then the second subgraph, thereby removing all of the deadlock prone cycles in the network while minimizing the number of routes prohibited due to remove edges.

Deadlock recovery
The development of fully adaptive, cut-through (wormhole) networks is important for achieving high performance in communication-critical parallel processor systems. Increased flexibility in routing allows network bandwidth to be used efficiently, but also creates more opportunity for cyclic resource dependencies to form which can cause deadlock. If not guarded against, deadlocks in routing make packets block in the network indefinitely and, eventually, could result in the entire network coming to a complete standstill. This paper presents a simple, flexible, and efficient routing approach for multicomputer interconnection networks which is based on progressive deadlock recovery as opposed to deadlock avoidance or regressive deadlock recovery. Performance is optimized by allowing the maximum routing freedom provided by network resources to be exploited. True fully adaptive routing is supported in which all physical and virtual channels at each node in the network are available to packets without regard for deadlocks. Deadlock cycles, upon forming, are efficiently broken in finite time by progressively routing one of the blocked packets through a connected, deadlock-free recovery path. This new routing approach enables the design of high-throughput networks that provide excellent performance. Simulations indicate that progressive deadlock recovery routing can improve throughput by as much as 45 percent and 25 percent over leading deadlock avoidance-based and regressive recovery-based routing schemes, respectively.
4. Assuming you had sufficient funds to upgrade only one component for a system with which you are familiar, explain which component you would choose to upgrade to improve overall performance, and why?
Upgrade Network Software
Ask most company information security officers about enterprise security and we’ll speak with conviction about threats to our desktop, data-center systems, and applications. We’ll talk about our vigilant efforts to continuously secure those assets, possibly with a wry smile acknowledging the thought that our users are sometimes our biggest threat. What you rarely hear us mention is threats to the network devices themselves and the operating systems on which we rely. Unfortunately, this is our blind spot and a growing security threat for organizations of all sizes. A network running last year’s OS is just not as secure as you might think, and within many organizations it gets less attention than it warrants. This is probably because, for the most part, it just works. But in truth, the longer a network goes without upgrades and attention, the longer the list of accumulated exploits to which it may be vulnerable. We’ve seen the threat against network operating systems grow substantially over the past decade.
Imagine that your network went down. You would likely lose access to mission-critical data, voice, video, and business applications. Your customers might be unable to contact you. Scarier yet, envision your network becoming an “insider threat,” running smoothly while outside parties were using your network like a bot to steal and exploit your critical business information.
These days, network attack research increasingly makes news headlines. It may seem odd for me, an executive for a network vendor, to call attention to this issue. After all, with proactive marketing campaigns, a deep and broad set of security products, and actionable intelligence portals, Cisco is already committed to helping its customers protect themselves. However, you and I know that networking devices too frequently run older code and are weakened by doing so. If networks are essentially a conglomeration of computing devices with their operating systems, why are they routinely left untouched while business applications, desktop and server operating systems, and server hardware get regular maintenance and updates.