| Securing
A Wireless World .............
.....
Aesthetic Scientist Interview
with Neil Daswani, Ph.D., Research Engineer, DoCoMo USA Labs
By Richard Felix and Nina Davis, 2005
Q: Can you tell us something about your background, and your first
scientific inspiration?
A: I was born in New Jersey. I spent most of my childhood in Edison,
New Jersey, which got its name from Thomas Edison. It is very close
to where Thomas Edison actually invented the light bulb. Going back
to my childhood, I knew then that I wanted to be an inventor of
some kind.
I became interested in computer science early on. My dad bought
me a Commodore 64 somewhere in my teen years. One great thing about
computers back then is that they came with these owners’ manuals
that would teach you how to program your computer, which is a completely
wild thing. Cars, for instance, don’t come with a manual that
tells you how to internally reconfigure them. But it was great,
because I learned about the inner workings of computers, and since
then that interest has just continued to develop.
Q: When did you dive deeper into computer science?
A: I think my first turn on into real science came at Columbia,
when I started taking some of the courses about computer science
theory and I learned about the amazing amount of depth in this field.
Until that point, I understood how you can engineer solutions using
technology, but there I started learning about the mathematics of
computer science. You can prove that there are certain problems
that computers cannot solve. For instance, writing a program that
would actually figure out whether or not another program does what
it is supposed to do is theoretically impossible. You could write
a program that might get some of the answers right some of the time,
but I could produce a case in which it doesn’t work right.
A lot of work in this area of automation theory was done by Alan
Turing in the 1920s, and I found it just amazing that you can actually
produce mathematical proofs of such things — it conveyed the
level of depth in this field to me.
From a practical standpoint, I had more the tendencies of an engineer,
but this amazing depth in the field made computer science really
exciting. I wanted to help create new technology in addition to
just applying technology to solve existing business problems.
Q: What did you do to pursue your interests in actually
creating technology?
A: I applied for a job at Bellcore, Bell Communications Research.
I had always been interested in computers, and I thought of them
as these things that you program or play games on. Most people don’t
think of telephones as computers, but there is a very, very intelligent
network behind our phone calls. When you pick up the phone and you
hear the dial tone, it seems something that just happens automatically,
but it’s not automatic. The second you pick up the phone,
a central office detects a voltage differential across the line
and very quickly a database looks up if you’ve paid your phone
bill. If you have, then it basically figures out that it should
give you a dial tone. The FCC has a requirement saying that within
a couple hundred milliseconds we need to get you that dial tone,
so there is actually a very intelligent computer system behind the
circuit-switched telephone system. I realized that a lot of the
principles you learn in computer science about making computers
easy to use are instilled in this simple device called the phone.
It’s just that they hid all of the intelligence behind the
network. If you think about it, our phones work very, very well.
You’ve probably never had a phone crash on you, or had a phone
tell you it had a virus.
Q: Not quite never, I have heard of some Treos and Microsoft
software-enabled SmartPhones that have crashed.
A: What’s interesting is that now we’re moving into
a world where we’ve been merging the Internet together with
this old circuit-switched network. In the old circuit-switched network,
the idea was to make the end devices very simple and very dumb because
we want the average everyday consumer to interact with them and
not ever have any problems. The idea is similar to Sun Microsystems’s
mantra that “the network is the computer.” On the other
hand, Bill Gate’s viewpoint is that everybody should have
a PC, and you should have lots of flexibility and functionality
available to you. In the Bill Gates view of the world, the result
is that in addition to flexibility and functionality, you can have
a lot of problems. People have tons of problems with their PCs,
but comparatively few problems with their phones. Since 1995, convergence
has started between the two kinds of networks and as a result, we’ve
seen Treos which are merging together circuit-switched technology
with PC-like functionality, and they can crash and they can have
problems.
Q: What are some of the big challenges you see going forward?
A: The challenge for an operator like DoCoMo is to provide the
reliability and security that the traditional circuit-switched phones
gave you and at the same time, provide an extremely high level of
functionality and flexibility. That’s just one challenge,
but if you think about that challenge, it is actually very hard.
If you think about the challenges that we have on the Internet —
worms and viruses and denial of service attacks, there is a news
story about such security issues on an almost weekly basis. Internet
users have tolerated this so far. They’ve had these complex
PCs with not actually the best software on them, and they’ve
just had to deal with it.
But as we start taking what used to be this ‘vanilla’
phone network and start expanding it to provide more and more and
more functionality, to the extent that any programmer or any developer
can now write an application for a cell phone network, we’re
going to start seeing a lot of the same problems. Our challenge
here within the Network Services and Security lab is to focus on
developing technologies, security protocols, and algorithms so that
users can have that flexibility without having to suffer from all
the problems they have with their PCs.
Q: What are some big differences between the older networks
and where we are going?
A: One big difference is that the old circuit-switched networks
were completely managed by the operators, the telecommunications
companies, and they could keep a lot of control over the network
and make sure bad guys didn’t break in as much. There were
still problems but not as bad a situation as that on the Internet
today. On the Internet anybody can write a program that communicates
with other programs. So our job is very hard because we’ve
got to let anybody program our network, but not let our users be
vulnerable to attack. We need to assume that the bad guys are out
there, they’re always going to have control over some part
of our network and yet, to the user we need to make it look like
this network is completely reliable even though some of the nodes
on the network are compromised.
Q: Would it mean having something like a little firewall
in each phone before you download ring-tones?
A: On the Internet, we’ve already seen this. The problems
have gotten so bad on PCs that people have to download personal
firewalls and anti-virus scanners to manage the threat to their
PCs, and update them every week. As a technologist, I think this
is an untenable situation. Why should we ask everyday users to do
this kind of management? It shouldn’t be their job. They should
just be worried about deciding who they want to interact with and
what they want to do, without worrying about viruses or the network.
Mobile firewall products could be part of the solution, and some
have been prototyped right here at our lab. But I think the operators
should take care of the management of these devices for consumers.
We could have mobile-firewall types of products running within the
network that users have no idea about. The operators should handle
updating and managing mobile firewalls and other types of network
defenses, and just provide reliable service instead of requiring
users to do additional work.
Q: So you believe in making communications and information
technology easier, more transparent and user-friendly?
A: Yes. If you look at consumer electronics, your remote controls
and your microwave, you push the button and it works. Why haven’t
we done this in the area of information technology? I don’t
know. The Japanese are very good at making consumer electronics
easy to use, and inexpensive. They are also good at designing user
interfaces, so I think we can learn from the Japanese on how to
do this. This is one reason I came to DoCoMo; it’s one of
the things I’m interested in learning, and in return, I want
to make contributions to securing future 3G and 4G networks so users
won’t have their phones plagued with the issues they have
to deal with today on their PCs.
A lot of companies have wanted to make ‘anywhere, anytime’
information technology, but we still haven’t accomplished
that goal by any means. For example, when I’m driving or in
the shower, I want to be able to just say, ‘Computer, please
remind me to figure out the best hotel in Fiji for my honeymoon.’
How are you going to solve this? The future is wireless. People
are putting a number of 802.11 access points in their homes and
that’s a first step. Maybe in the future we’ll have
sensors all over the house and in the car, which communicate with
access points. So when you call out to the computer from the shower
or the car, it will eventually relay the information back to an
access point and get it back to some server that contains your personal
data, and do the updates. But to accomplish this vision of ‘anything,
anywhere, anytime, anyplace,’ we’re going to have to
have the appropriate access network technology, search technology,
and data integration technology. All of these different technologies
will need to come together to provide that complete seamless user
experience.
Q: In one way or another, has the seamless user experience
always been your focus?
A: I had always been very interested in software programs that
impact the physical world in some way. One of my first projects
at Stanford was a system that allowed you to buy something from
a vending machine with your PDA. It was great — I programmed
a digital wallet for the Palm Pilot, implemented a mathematical
digital cash scheme, and the great thing was that it would result
in me getting a candy bar. Getting candy bars is great for computer
scientists, and having the ability to encode ideas that are in your
mind into software, and having it impact the physical world has
always been very interesting to me. Even as a kid I used to build
video games. Just having that ability to create was wonderful, and
I still love being able to create.
Q: You have the creative nature, but do you also like that
excitement of making something tangible and part of the end-user
experience?
A: That’s true. I also felt that empowerment through my other
experiences. While I was at Stanford I took a break from my Ph.D.
to help get a company called Yodlee off the ground. Yodlee has made
a lot of advancements in making online financial tools much easier
to use, so you can enter all of your user names and passwords for
your online banking account, your online brokerage account, your
online travel account into one place, and Yodlee’s service
will go ahead and aggregate all of that data from many different
sources and allow you to see it in one place. It functions as something
of a trusted authority for that data.
I had asked the founders at Yodlee if they had a wireless strategy,
because people would want to be able to access this information
and have it delivered to them anywhere, anytime, anyplace. At the
time they didn’t, so they offered me the job of building their
wireless products. My advisor at Stanford, Hector Molina-Garcia,
graciously let me take a leave, and I spent time at Yodlee. Rajeev
Motwani, the head of the Ph.D. program committee at the time, once
joked with me that participating in a startup is often part of the
Stanford Ph.D. program. After being on leave and working at Yodlee
for some time, I wanted to finish my Ph.D., in case at some point
in my life I would want to become a professor.
I have this fundamental belief that wireless is the future. One
reason I joined DoCoMo is because I want to help create part of
that future. That’s been a running theme throughout the research
that I did at Stanford. I started this journey with digital cash
on Palm Pilot devices, and those devices eventually morphed into
cell phones, and now we see people paying with cell phones. When
I joined Yodlee, it was my first serious effort to work towards
the wireless future, this ‘anytime, anyplace, anywhere’
concept with at least the aggregated financial information that
Yodlee had. That was my first go at it, and although the market
didn’t fully support the wireless aspect at the time, that
doesn’t mean I gave up on the overall vision. It meant that
at some point in the future, I could help build products that are
going to make that vision come true. Now I’m here at DoCoMo
where I’m continuing to work on helping make various wireless
realities come true. I’m convinced that we’ll eventually
be able to make wireless networks secure, that we’ll be able
to offer a certain set of secure wireless functionalities.
Q: Can you expand on what needs to be done to make that
wireless future secure?
A: One point is that back in the 1960s and 70s, many different
wired networks came together to form today’s Internet, private
networks, modem-based bulletin board systems, Ethernet networks,
Token Ring networks, and the like. All these networks came together
through ARPA’s Internet project. Today, what are taking place
in the world of wireless is similar — 802.11, 802.16, 3G ,
Bluetooth, RFID, and WiMax. We’ve got this multitude of wireless
technologies that are very heterogeneous, and they’re coming
together. It is like a rewind back to the 60s and 70s in that what
is going in the wireless Internet is what happened with the wire-based
Internet back then, but there is one very interesting difference.
That difference is that security was not one of the design goals
when the wired Internet was coming together in the 60s and 70s.
Back then it was a set of universities and all top-tier organizations
and institutions that mostly trusted each other, so it was not important
to think about security as a design criterion when they created
the network. Now, as we look at what’s going on in wireless
networks and this integration, we can learn from what happened in
the past and say that it’s about time to start bringing all
these wireless network technologies together in a secure fashion.
Q: How do you do that, given the secure designs required
that you have just described?
A: We now need to make security a key design criterion, because
on the wireless Internet we don’t want to have worms and viruses
and denial of service attacks and the bad stuff that’s happening
on the wired Internet. I think that DoCoMo has the opportunity to
do wireless Inter-networking correctly, so that we can make the
products easy and simple for the average consumer to use.
I’m glad that here at the lab DoCoMo is taking the bull by
the horns, and starting the kind of projects we need to create a
secure wireless Internet, so that in the future, if an average consumer
has the choice of buying anything that works on the wire-based Internet
versus over the wireless Internet, they’ll choose the wireless
Internet — not only because it lets them do anything they
want anywhere they might be, but because it’s more secure.
There will be some niche applications where you actually need very,
very high bandwidth — higher than what 3G or 4G will be able
to give you — where you’d still use the wired Internet.
But I think that DoCoMo has the opportunity to make the wireless
Internet the preferred Internet by not only being easier to use
and giving you more flexibility to go anywhere you want, but also
by being much more secure.
Q: To close, do you have a favorite quote that inspires
you?
A: Edison said, “Genius is one percent inspiration and 99
percent perspiration.” But I also like the version “Innovation
is one percent inspiration and 99 percent perspiration.”
Q: That is very appropriate. Thank you for your time today.
|
