| Internet-Draft | Green Security | November 2024 |
| Soares & Nobre | Expires 5 May 2025 | [Page] |
With the onset of the climate emergency, all areas of human activity are expected to continuously assess their Greenhouse Gas emissions and encourage the use of clean energy sources as much as possible. The current discussion on green networking in the Network Management research field still needs to be expanded to the adjoined areas, such as Network Security. This document summarizes the security considerations of the existing works and outlines possible research directions for energy-aware security mechanisms.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 5 May 2025.¶
Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Computer networking and the Internet are no exception to the global necessity of reducing carbon footprint. While the green networking effort is not new, the recent escalation of the climate emergency inevitably led to intensified discussion on the topic.¶
Some of the recent works on the subject of green networking focus on improving the efficiency of current network mechanisms as means to save energy, such as optimizing the volume of transmitted data and improving congestion control mechanisms to avoid re-transmission. Another promising approach is to alternate high link utilization with power-saving modes in network equipment. Regardless of the approach, the green networking effort must follow from robust measurement frameworks capable of providing comprehensive visibility into the energy consumption of the network.¶
Existing IETF drafts are discussing power consumption metrics based on real-time network decisions instead of just measuring overall power consumption regardless of the task [I.D.draft-cx-green-green-metrics-00]. The standardization effort of energy metrics in networking is a key step for energy awareness throughout the entire Internet. Solid standards can avoid proprietary, redundant, and even contradictory metrics from taking hold across different vendors [RFC9547]. Besides, it is easier for developers and researchers to add sustainability considerations at the design phase of new protocols than attempting to do so after deployment [I.D.draft-pignataro-green-enviro-sust-terminology-00]. This reasoning further advocates for the need of standardization in all subjects related to energy-aware networking.¶
Despite the advancements on green networking, much of the discussion still needs to be expanded to adjoined research fields, such as network security. Security protocols are some of the more expensive, and are likely to show up in measurement tools as top consumers of energy resources. Policies and guidelines must take this fact into account, or risk compromising the security of applications. This document primarily focuses on the current security considerations on the existing discussion on green networking, and outlines future research directions for energy-aware network security.¶
Concerns about the substantial amount of energy used by the Internet have been showing up in research over the last 20 years or so. Some of the existing works on the topic of energy-aware solutions include Adaptive Link Rate (ALR), energy-aware routing, and measurement ideas for assessing power consumption of the general backbone structure. The research has progressed over the past two decades, aided by new and upcoming technology such as Software Defined Networks (SDNs) and Programmable Data Plans.¶
More recently, green networking became an emerging topic on the IETF. [I.D.draft-irtf-nmrg-green-ps-03], [I.D.draft-cx-green-green-metrics-00] provide a initial drafting of relevant measurement attributes and related metrics, such as power consumption under various loads, energy efficiency, and carbon footprint -- each associated with a network, its equipment, individual paths, and the services provided over it. In these drafts, Clemm et al. also note that the suggested metrics must be taken in combination with one another to result in a more comprehensive picture of the network and that no metric could be able to present the whole picture by itself.¶
The IAB also organized a program to discuss sustainability-related issues within the IETF, encompassing multiple working groups. The e-Impact, Environmental Impacts of Internet Technology, recently published a report on the proceedings of their first workshop that took place in December 2022 [RFC9547], with the goal of calling attention to the topic. The workshop noted the demand for minimal environmental impact within the Internet and the clear need for standardized metrics. Another draft, [I.D.draft-pignataro-green-enviro-sust-terminology-00], has a detailed glossary of terms and several sustainability considerations for network, protocol, and application designers. They also recommend that authors and reviewers include a Sustainability Considerations section in future IETF Internet-Drafts and RFCs.¶
Finally, the IEEE also launched a Special Interest Group about Sustainable Network Operations aiming to encourage the development of solutions on topics concerning network management, such as the design efficiency of data planes and protocols, network optimization, reducing energy waste in overprovisioned network structures, and so on.¶
Some additional points addressed across these works are the need for specialized energy metrics for virtualized environments, because simply measuring the energy consumption of the CPU or the datacenter won't translate accordingly in network decisions being made. Also worth pointing out is the possibility of decentralized network structures contributing to energy saving since they would spare the packet a unnecessarily long travel to a central server -- the same concept is already applied to CDNs. Finally, the current green networking research and discussion needs to be expanded to include more security considerations.¶
As the research on green networking progressed, it naturally expanded to adjoined fields such as energy-aware security. Security mechanisms from all layers of the network protocol stack are widely considered as overhead since they often increase both computational and energy demands of a system. However, to dismiss security concerns on the modern-day Internet is unthinkable. The available alternative energy-wise is to use the appropriate mechanism for each task without either overprovisioning or failing to allocate enough resources.¶
In most of the works presented so far, the security considerations to the energy-aware networking discussion are mostly regarding extra attack surface brought by the energy measurement tools and controls. An attacker might use these mechanisms to put resources to sleep in critical moments, drain energy to cause damage such as overheating and battery loss, and finally, to tamper with the energy measurement, which would cause misguided energy saving policies being put in place [I.D.draft-irtf-nmrg-green-ps-03]. Though these are all important considerations, they are security risks for energy-saving mechanisms and not energy-saving techniques for security mechanisms.¶
A possible research direction builds on the initial assumptions about energy measurement to encompass widely used security mechanisms. Comparing energy usage with the afforded security benefits can provide valuable insight for network administrators to select the appropriate tool for each task. Therefore, the first step towards efficient green security is to avoid the two extremes -- saving energy at the cost of endangering the application, and allocating unrestricted resources to secure a much simpler task. An example widely discussed in both literature and the media is the use of crypto assets, which should be avoided where other mechanisms suffice due to their huge energy consumption [RFC9547].¶
This document presents a non-exhaustive list of possible research challenges regarding energy-aware security mechanisms, outlined from the existing works on green networking:¶
How can the energy consumption of existing network security mechanisms be measured? This research challenge borrows from the general research on green networking for the assessment of metrics and the frameworks capable of providing them.¶
Which of these metrics are up for industry-wide standardization? Security protocols often have greater costs if compared with other networking protocols. Energy consumption metrics should take functionality into account to avoid compromising security properties.¶
Is it possible to perform a cost-benefit analysis comparing performance with energy usage, to assess if energy can be saved with little harm to safety and functionality?¶
How to best compare two or more security mechanisms to assess which one is best for a task, energy-wise? This broad research challenge encompasses the previous items, depending on the definition of categories and metrics for comparison regarding both security and energy usage.¶
To be added.¶
To be added.¶