recommended reading

Vinton Cerf: Outer space could be next frontier for cybersecurity

Google executive Vinton Cerf, known as the father of the Internet, said a tool for securing ad hoc networks used in warfare might be sitting in an extraterrestrial Internet that he and NASA have been testing.

A cybersecurity strategy "has been waiting in the interplanetary Internet" Cerf and NASA began developing a decade ago to regulate data transmission among outer space devices, he said on Wednesday at a networking reception sponsored by the trade group TechAmerica. "We will be applying alien technology to our terrestrial requirements."

Information security, dwindling user space on the Internet, and the lack of a system for monetizing digital information are key vulnerabilities Cerf said the new administration and private sector must tackle. He was speaking before a crowd of government and technology industry leaders in Washington.

In an interview with Nextgov after the event, Cerf noted that in November, NASA successfully tested interplanetary data transmission in deep space and soon will do the same on the International Space Station. "This is moving ahead after a 10-year period of gestation," said Cerf, Google's chief Internet evangelist and vice president. "So, for me, this is like a science fiction dream that's finally coming true."

The experiment is sponsored by NASA's space operations mission directorate, which the president's fiscal 2010 budget would fund with $6.2 billion, up from $5.8 billion in fiscal 2009. The proposed level would cover the full cost of NASA space operations activities, according to the budget.

In outer space, glitches can occur due to solar storms, long communication delays or a spacecraft moving behind a planet, so the interplanetary Internet is more robust than the earthly Internet infrastructure Cerf co-created. Rather than rely on a continuous end-to-end connection, as the normal Internet does, each node on the network, such as an orbiter or lander, holds on to its information until it can safely communicate with another node.

Therefore, information is not lost when an immediate connection fails.

Another problem for earthlings is that the number of unique addresses computers use to connect to the current Internet, or Internet Protocol version 4 (IPv4) is running out. This is becoming a larger concern, considering the proliferation of mobile devices around the world that will need to access the Web. IPv4 provides about 4 billion addresses, not enough to cover Earth's 6 billion inhabitants. The next generation Internet, Internet Protocol version 6 (IPv6), provides enough space to assign nearly 3 billion networks to every person on the planet, according to Google.

But engineers and manufacturers simply cannot flip a switch to transition to IPv6. "It is vital that we get IPv4 and IPv6 running in parallel," Cerf said. Google already is trying to do this with all the company's online services, he added.

Cerf also warned attendees of "the incomplete Internet," which "still lacks many features that it needs." One of the most critical missing pieces is authentication. Digitally signed domain names have yet to catch on in cyberspace, and there is no routine practice for authenticating e-mail senders, he said.

In addition, he observed that new "digital economics" are transforming many industries, notably publishing. "The business models built around particular media have to be rethought," he said. "The control of copies was the way copyright protection was conferred," but the Internet "turns out to be a giant copying machine."

When an audience member asked how the administration should use information to empower people, as the president is attempting to do through his transparency agenda, Cerf replied, "If you think information is power, you're wrong. Information sharing is power."

After the event, Cerf said he anticipated federal Chief Technology Officer Aneesh Chopra will play a key role in developing standards to enable smart grids, health IT and better information-sharing encryption. One benchmark for measuring whether the government's cybersecurity efforts have worked could be less incidences of identity theft, he said.

Threatwatch Alert

Network intrusion / Spear-phishing

Researchers: Bank-Targeting Malware Sales Rise in Dark Web Markets

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.