Gareth Baxendale CITP FBCS looks at the 45-year-old TCP / IP, some of its attendant problems and a potential replacement.

'How does the internet work?' Is a question that defies a simple, short answer. 'Because it does...' may not satisfy the more inquisitive...a lesson I have learned.

If the question was more on the lines of 'How does the internet work at its most fundamental level?' Then the answer lays in the communication foundation of the internet, and that answer would simply be 'TCP / IP'.

It would be at this point in the conversation that the obligatory whiteboard and an array of colored pens would appear, as I eagerly instruct my inquisitive (foolish) student on the length and breadth of internet protocols, blissfully leading them to a place of regret and despair.

What is TCP / IP?

TCP / IP was invented by the pioneers of ARPANET way back in the 70s (with support from the US military) the predecessor of today's internet. TCP / IP is used by everything currently connected to the internet including the device you're reading this on.

TCP / IP or 'transmission control protocol and internet protocol' provides end-to-end connectivity specifying how the data should be formatted, addressed, transmitted, routed and received at the destination. TCP/IP has been enhanced over the years but the basic protocol hasn't really changed since it was first specified by our flare-wearing boffins in 1975 in RFC 793, far out...

What's the problem with TCP / IP?

Well, nothing, so far as the protocol itself works and is reliable, guaranteeing delivery of data packets in the order they were sent. It functions exactly as it was designed to do. The protocol was produced some 40 odd years ago and it is testimony to the 'elders of the internet' that it has endured for so long.

TCP/IP would continue to be the defacto standard of the internet if the internet was not a playground for criminals and hackers determined to undermine it through cybercrime, for example.

Security is now at the top of most businesses agendas, and that's where it should stay, given the speed of change and the sophisticated techniques used by modern cybercriminals.

Security, then is one of the key drivers for change...

So how do we make things more secure?

We are all used to application level security such as antivirus and internet security packages and the like. These products essentially 'prevent' or 'pro-actively' deter security vulnerabilities at the application end, usually where a human is involved and is often the last step, and also the weakest link, in the security chain.

But what about at the protocol layer? Could there be away of making things more secure at the lower levels and thereby augmenting the security at the higher layers?

Named data networking

Named data networking or NDN is a possible rival to TCP / IP. NDN is funded by the National Science Foundation and a considerable number of vendors with big bags of cash to wave around.

To quote the NDN authors: ‘the internet was designed as a communication network so the only entities that could be named in its packets were communication endpoints. Recent growth in ecommerce, digital media, social networking, and smartphone applications has resulted in the internet primarily being used as a distribution network. Distribution networks are fundamentally more general than communication networks and solving distribution problems with a communications network is complex and error prone.’

NDN attempts to address the security limitations of the TCP / IP protocol by allowing the addressing in the data packet to be 'anything' instead of just the IP 'endpoints'. Essentially providing a security 'context'. The NDN project back in 2010 suggested that ‘NDN can tell if all the data on the web page you are viewing has been produced and signed by your bank, TCP / IP is unable to do this.’

So the security vision is simply that the data packet can be validated by its 'type', not just from where and where it is going.

NDN has other benefits too, such as how it can improve data handling for multicast distributions such as video streaming. The NDN project suggests ‘Today, YouTube, Netflix, Amazon and iTunes account for more than half of the world’s internet traffic’. Any improvement in data inefficiencies would clearly be welcomed by such NDN providers.

For example, NDN routers can 'cache' data and re-use it reducing repeat requests and the overhead that that causes for today's internet services.

NDN also overcomes IP address exhaustion since it simply does not need IP addresses.

What's NDN’s ETA?

It's still early days for NDN and a very subjective guess would perhaps estimate another five years before we see anything tangible. However the number of high profile backers including the likes of Cisco, Huawei, Panasonic and Verisign along with 14 universities suggests a clear direction for NDN and we could see adoption much sooner than expected.

But, for now, our 70's child that is TCP / IP will be around for sometime and will continue to successfully serve your internet needs as efficiently as ever...groovy.