Upload
florence-walters
View
218
Download
2
Embed Size (px)
Citation preview
1
Mark [email protected]
Distributed Systems Group,Trinity College, Dublin
20.02.2010
Diploma in Health Informatics Networks
2
Objectives
• Understand some network terminology- enough to be able to read further on the topic.
• Understand some issues of network design.
• Issues concerning application of networking to health.
• Emphasis on practical aspects
3
Introduction to Networks
1. Introduction
2. Network characteristics
3. Network Software
4. Network Hardware
5. Security
6. Internet and the World Wide Web
7. Telemedicine
4
Section 1 – Introduction - Network Basics• In the 20th Century developments include
– worldwide telephone networks– the invention of television and radio– the unprecedented growth of the computer– launching of communication satellites
• The convergence of computers and communications is very significant.
• Initially computers were highly centralized, usually within a single room.
• Now – lots of small independent computers communicating to do a job. These are called Computer Networks
5
What is a Computer Network? (1/2)• An interconnected collection of
computers which are:– Co-operative
• Co-operative action is required between the components
– Autonomous• All components are capable of independent
action• Any resource is capable of refusing requests
– Mutually Suspicious• Components verify requests
6
What is a Computer Network? (2/2)• Any computer connected to a network
is known as a host.– Local host
• Your own computer
– Remote host• The computer elsewhere you are in contact
with
• There are hardware and software aspects to computer networks
7
(Digital) Bandwidth
• The amount of data per second a communications link can carry
• Typically referred to in bits per second– Note 1 byte == 8 bits
• The actual amount of useful data you can send will be less than the actual capacity– Overheads for
• Addressing• Routing• Error detection• Medium access
8
Latency / Delay
• Measure of the delay from sending a piece of data or request until it is processed at the destination– Exceptionally important for
• Video and audio– Voice over IP, Skype, Video conferencing
• Interactive systems– Inquiry based systems – patent records – Booking systems
• Needs careful investigation to determine the weak points– Is it the network or the computer?
9
Section 2 - Network characteristics• What Are Networks
• Network Types and Topologies
• Communication concepts
• Basic Message Types
10
What are Networks?
• Tanenbaum’s definition:"A network is an interconnected collection of autonomous computers"
IPv4
IPv6
ATM
TCP/IP
RIP
OSPF
???
11
Types of Networks
• Bus-based networks– Original Ethernet (802.3)
• Star-based networks– Switched (Modern) Ethernet (802.3ab)
• Ring-based networks– FDDI– Token Ring (802.5)
• Wireless networks– WiFi (802.11a/b/g/n), Bluetooth,
Hyperlan IrDA, WiMax, GSM, EDGE,3G
12
LAN Topologies
Bus architecture (Ethernet) Ring architecture (Token Ring)
Star architecture (switched Ethernet)
FDDI Ring
Double ring architecture (FDDI)
13
Types of Networks
• Classification based on diameter:1 m System
10 m Room
100 m Building
1 km Campus
10 km City
100 km Country
1,000 km Continent
10,000 km Planet
Multi-processor
LAN (Local Area Networks)
MAN (Metropolitan Area Networks)
WAN (Wide Area Networks)
The Internet
PAN (Personal Area Networks)
14
Local-Area Networks (LANs)
* Figure is courtesy of B. Forouzan
15
Wide-Area Networks (WANs)
• Latency• Administration/Jurisdiction
* Figure is courtesy of B. Forouzan
16
Simplex
* Figure is courtesy of B. Forouzan
17
Duplex
Half-Duplex
Full-Duplex
* Figure is courtesy of B. Forouzan
18
Point-to-Point & Multipoint
* Figure is courtesy of B. Forouzan
19
Basic Message Types
• Three basic message types– 1. Unicast - one sender to one receiver
Sender
Receiver
20
Basic Message Types
• Three basic message types– 1. Unicast - one sender and one receiver– 2. Broadcast - one sender, everybody
receives
• Broadcast addresses:– network ID +– all bits of host ID set– e.g. 134.226.255.255
Sender
21
• Three basic message types– Unicast - one sender and one receive– Broadcast - one sender, everybody
receives– Multicast - one sender and a group of
receivers
Basic Message Types
Sender
Receivers
22
Section 3 - Network Software
• Originally hardware matters were the main focus when building networks the software was an afterthought.
• Key Network Software concepts:– Layers– Protocols– Interfaces– Services
23
Layers
• The idea of introducing layers of software reduces the design complexity. It divides the large problem into smaller ones.
• The number, name, contents and function of each layer vary from network to network.
• However for each network the idea is that one layer offers something to a second layer without the second layer knowing how the first layer is implemented.
24
Protocols
• Provided two networks adhere to the same set of layers layer n on one machine can (virtually)communicate with layer n on another machine.
• The rules and conventions used in this conversation are known as the layer n protocol.
• A protocol is an agreement between the communicating parties as to how the communication proceeds.
25
Design Issues for the layers
• Addressing – identifying senders and receivers.
• Data transfer rules- Simplex, half duplex, Full duplex.
• Error control - Agree on a protocol. Implementation of the protocol.
• Order of the messages
• Fast sender swamping a slow receiver - feedback or an agreed size is required.
• Length of messages - Too large/too small.
• Multiplexing - use the channel for multiple unrelated conversations.
• Multiple routes - How to choose the route. Physical and logical choices.
26
Reference Models
• Two reference models are considered– The OSI (Open Systems Interconnection)
Reference Model –initiated in the 1970s matured in the late 1980s and early 1990s
– TCP/IP initiated through work carried out in the late 1960s, matured and adopted in early 1990s
27
Open Systems Interconnetion Model
• Developed by the International Standards Organisation (ISO)
• The model deals with connecting open systems i.e. systems that are open for communication with other systems.
Application
Presentation
Session
Transport
Network
Datalink
Physical
Application
Presentation
Session
Transport
Network
Datalink
Physical
Medium
28
Network Protocols
• Common “language” on the network• Define network components’ interactions
– Actions/requests– Responses
• Defined in standards– ISO Standards– IEEE Standards (mainly at physical and
mac)– ITU Recommendations– IETF Request For Comments (RFC)
29
Communication between End-Systems
* Figure is courtesy of B. Forouzan
30
Data Link Layer
* Figure is courtesy of B. Forouzan
31
Duties of the Data Link Layer
The data link layer is responsible for transmitting frames from one node to the next on the same network.
* Figure is courtesy of B. Forouzan
32
Packetizing & Addressing
• Packetizing: Encapsulating data in frame or cell i.e. adding header and trailer
• Addressing: Determining the address of the next hop (LANs) or the virtual circuit address (WANs)
* Figure is courtesy of B. Forouzan
33
Medium Access Control
• Control the access to a shared medium to prevent conflicts and collisions– Aloha– CSMA/CD or CSMA/CA
* Figure is courtesy of B. Forouzan
34
Analogy: Point-to-Point Communication• Simple Synchronization
Alice Bob
Phone conversation
35
Analogy: Shared Medium
• Synchronisation is more complex
36
Asynchronous Systems
• Round robin– Good if many stations have data to
transmit over extended period• Reservation
– Good for stream traffic e.g audio, video• Contention
– Good for bursty traffic– All stations contend for time– Distributed– Simple to implement– Efficient under moderate load– Tend to collapse under heavy load
37
Multiple-Access Protocols
* Figure is courtesy of B. Forouzan
38
LAN Technologies - Ethernet
• Developed by Metcalfe 1972/3 while at Xerox PARC
• Standards in 1978, 1995, 1998
• Types of Ethernet– Original Ethernet– Switched Ethernet– Fast Ethernet– Gigabit Ethernet
• Medium Access Control– CSMA/CD
• IEEE 802.2: Logical Link Control
Metcalfe’s Ethernet sketch
39
Ethernet Addresses – The ‘MAC’ Address• A unique 48 bit long number
– Eg 00:A0:4A:21:19:13
• Types of Addresses:– Unicast – delivered to one station– Multicast – delivered to a set of stations
• 01-80-C2-00-00-00 Spanning tree (for bridges)
• 03-00-00-00-00-01 NETBIOS
– Broadcast – delivered to all stations• FF-FF-FF-FF-FF-FF
vendor-specific
40
Full-duplex Switched Ethernet
• No collisions– One line to send– One line to transmit
* Figure is courtesy of B. Forouzan
41
Switches in Comms Rooms
42
Wireless (1/2)
• IEEE 802.11 standard of 1997 started the revolution with 2Mbps top speed– Now on 802.11g with 54Mbps– 802.11n to promise 150+Mbps– Referred by some as Wireless Ethernet– Shares significant similarities with original bus
style Ethernet• Reliability and Performance much less than
wired network– Current max speed 54Mbps shared by all on same
base station– Prone to interference and poor reception– Speed drops under poor conditions to reduce
errors– Range 100m+ in open much less in office situation
43
Wireless (2/2)
• Star like network– Your laptop talks to a ‘access point’ which
connects to your wired network– Laptop which move been access points to keep
the strongest signal• Uses the Industrial, Medical and Scientific
Band– No licence needed– Healthcare staff should be aware this shared
use and verify before installation that there won’t be a conflict
• Advantages– No need to install ethernet cabling everywhere– Network access everywhere in range
44
The Network Layer
• The Network Layer is concerned with controlling the operation of the subnet. A key design issue is determining how packets are routed from source to destination. They can be static, dynamic.
• Example issues to be agreed when building this layer– Routing mechanisms– How is subnet congestion to be dealt with– How are costings included- national
boundaries– Addressing mechanisms.– In broadcast networks the network layer
may be very thin or non-existent.
45
Position of the Network Layer
• Sends frames through data link layer• Accepts data from transport layer
46
Duties of Network Layer
• Problems the Network Layer needs to address:– Transfer over networks of various architectures– Addressing on a “global” scale– Adjusting to maximum transmission units
• Hop-to-hop delivery provided by data link layer• Transfer of packets between end systems
provided by network layer
47
Switching in the Internet
• Connection-oriented communication– Connection exists between sender and receiver
for duration of communication• Connection-less communication
– Data between sender and receiver
48
Yet another Layer ?!?
• Transport Layer – TCP • Why should you care?• Applications use TCP as main
communication mechanism– HTTP– Remote procedure calls (RPC)
• File Transfer
49
Network Layer vs Transport Layer
Network Layer Transport Layer
• Communication between two nodes
• Communication between processes
• Best effort delivery • Ordered, guaranteed delivery
• Connection-less communication
• Connection-oriented communication
50
Transport Layer
• Process-to-Process Delivery
51
IP Addresses & Port Numbers
• IP Addresses determine the host
• Port Numbers determine the application
52
Communication at Transport Layer• Comms at
Transport Layer from port to port
• IP implementation multiplexes depending on protocol field in IP header
53
Section 4 - Network Hardware
• Connecting hosts and networks require hardware devices which include..
• Networking and Internetworking Devices– Repeaters– Bridges– Hubs– Switches– Routers
54
Networking and Internetworking Devices• These devices can be divided into 3
categories – Repeaters, – Bridges, – Routers and Gateways.
• Repeaters and Bridges are used at the Networking of hosts
• Routers and Gateways are used for Internetworking
55
Repeaters and Bridges
• Repeaters– Operate at the physical layer. They
regenerate signals.
• Bridges– Operate at the physical and data link
layers.– They are used to divide a network into
segments and can control traffic flow and are useful for securing the network.
– They can also regenerate signals.
56
What is a Switch
• A layer 2 device – Data Link Layer• Builds a table of the MAC addresses of
devices attached on each port• ‘Store and Forward’
– Switch receives a packet– Verifies it is error free– Looks at its destination MAC– Sends the packet on
• ‘Cut Through’– Starts to forward packet once it reads the
destination address– No error checking
• Improved performance
Photo thanks to Cisco Systems
57
What is a Router
• A layer 3 device – – Works at physical, data link and network layers
e.g. Internet Protocol (IP) level– Is a bridge between a number of distinct
networks• Example your internal network and the internet beyond
• Range from simple devices• ADSL router for home users
– To• Extremely complex enterprise level
• Looks at the destination of each IP packet and determines where it would be sent on for its next hop– Tries to select the best route
58
Scan TypeNumber of Exams per
day Total (MB)General Radiographs 200 9600Ultrasound 20 60Doppler Ultrasound 30 90Bariums 5 400ERCP's 5 400CT 12 1800MRI 10 1500Nuclear Medicine 10 30Cardiac Angios 10 8000
Daily Totals 302 21,880Yearly Totals 78,520 5,688,800
Example Sizes of Medical Images
59
Uses of Networks in Healthcare?
• Communicating into/out of and between hospitals
• Paging Staff• Networking instrumentation• Maintenance of instrumentation• To aid communication
– Professional to professional. – Professional to patient. – Patient to patient.
• Sharing Information of all types
60
Section 5 - Security
• Secrecy– Keeping information out of the hands of
unauthorised users.
• Authentication– Making sure you are talking to the right
person.
• Data Integrity control– Making sure the data is correct.
• Security effects each layer in the network design.
61
No Network Is Secure
• Original Ethernet– Every host on the bus could see and capture
every transmission made• The physical network itself cannot be
considered to be secure– Wires can be tapped
• Wireless communications available to all within range with a suitable receiver
• Need to trade off the strength of security with the practicality of the measures– Users when faced with a complex process may
attempt to undermine the system• Sharing of passwords or not logging out
62
Wireless Networks
• Extremely vulnerable to attack– Anyone with a suitable radio can listen
• IEEE 802.11 originally used a 40 bit WEP key– Shared encryption key by all users of the
network– Later versions supported a 104 bit key– Proved to be very easy to crack in both
versions• WiFi Protected Access (WPA/WPA2)
– Based on 802.11i standard– EAP extensible Authentication Protocol
» Authentication framework not a protocol» Can integrate with existing authentication systems» 802.1x
63
• Best practice in Network Management is to heavily restrict access to external users or to block it totally– Avoid potential security issues– Protect from hackers
• What of legitimate users– People who work at other locations– Particularly relevant concerns in the
Healthcare Domain
64
VPN – Virtual Private Network
• Not strictly a security solution• Two implementations
– Connecting you to a remote network– A network within a network
• Allows you to access resources on another network as if you where connected directly
• A secure encrypted tunnel between your computer and others on the same network
• Typically requires a dedicated ‘VPN box’ on the office end network to provide the service
65
VPN - Connecting you to a remote network
• Ideal for a single user– Work from home, on the road, other
institution• User needs VPN client software
– Setup can be complex for users– Need to implicitly log in to access the
network• Not transparent
– Potential security risk if users computer is breeched• Hacker may have access into network
66
Methods of Attack (1/3)
• Impersonation– Using someone else’s password or a terminal that
is already logged on.• Active wire-tapping
– Connecting a device(authorised/unauthorised) to a communication link to obtain access to data through the generation of false messages.
• Passive wire-tapping– Monitoring data coming over a communication link.
• Traffic flow analysis– Analysing the frequency of data traffic, seeing
which data is encrypted and which is not.• Eavesdropping
– interception of information
67
Methods of Attack (2/3)
• Replay– Play back a recording of a communication
• Routing Table modification – Sending messages to the wrong address or multiple
addresses.• Audit Trail Information Modification
– To cover up an attack.• Operational Staff Table Modification
– To change access rights.• Bogus Frame insert
– Inserting bogus information as a frame.• Data Portion Modification
– Modify the data portion of a message.• Viruses
68
Methods of Attack (3/3)
• Sequencing Information Modification – Change the order of the pieces of information.
• Message Deletion – Removing the message completely
• Protocol Control Information modification – To send data to a different location.
• Misuse of resources – Swamping communication lines – Denial of service
• Interruption of power supply – Denial of service
• Malicious physical damage – Denial of service
• Theft– Parts of computers or entire computers could be stolen.
Confidentiality issues arise.
69
Disposal of computer hardware
• You typically contract a third party to securely shred paperwork, but you skip a used computer.– Computer can store a virtually unlimited amount of
data in a easy to search format• Serious privacy issues concerning medical
records• Computer may have no confidential information
but!– Usernames, passwords, security certificates and so
on for networked information may be stored on the computer, thus allowing access
• Essential the contents of the hard disk be wiped not just deleted– Most operating systems have the ability to do this– Or remove hard drive and use a sledgehammer
70
Section 6 - The Internet and the World Wide Web
• Addressing and Domain Names
• Who is in charge
• Relationship between IP address and hostnames
• Arrangements for .ie domains
71
Internet Addressing and Domain Names• To be able to identify a host on the
internetwork, each host is assigned an address– Internet Protocol address.
• Addresses are assigned in a delegated manner.
• The Internet Corporation for Assigned Names and Numbers (ICANN) has responsibility for Internet Protocol (IP) address space allocation
• ICANN are the top body. They comprise IANA http://www.iana.org/
72
Internet Addressing and Domain Names• Users are assigned IP addresses by Internet
service providers (ISPs). ISPs obtain allocations of IP addresses from a local Internet registry (LIR) or national Internet registry (NIR), or from their appropriate Regional Internet Registry (RIR):– APNIC (Asia Pacific Network Information Centre)
- Asia/Pacific Region– ARIN (American Registry for Internet Numbers) -
North America and Sub-Sahara Africa– LACNIC (Regional Latin-American and Caribbean
IP Address Registry) – Latin America and some Caribbean Islands
– RIPE NCC (Réseaux IP Européens) - Europe, the Middle East, Central Asia, and African countries located north of the equator
73
Internet Addressing and Domain Names• The .org domain is operated by Public Interest
Registry. It is intended to serve the non commercial community, but all are eligible to register within .org.
• The .com domain is intended to serve the commercial community.
• The .gov domain is reserved exclusively for the United States Government. It is operated by the US General Services Administration.
• The .edu domain is reserved for postsecondary institutions accredited by an agency on the U.S. Department of Education's list of Nationally Recognized Accrediting Agencies and is registered only through Educause.
74
IP and Internet Addressing
• Currently there are two types of Internet Protocol (IP) addresses in active use: – IP version 4 (IPv4) and IP version 6 (IPv6).
• IPv4 is still the most commonly used version.
• IPv4 addresses are 32-bit numbers often expressed as 4 octets in "dotted decimal" notation (for example, 192.0.32.67).
• Deployment of the IPv6 protocol began in 1999. IPv6 addresses are 128-bit numbers and are conventionally expressed using hexadecimal strings (for example, 1080:0:0:0:8:800:200C:417A).
75
IP Addresses
• 32-bit number in IPv4– 4,294,967,296 addresses
• IP addresses are unique and universal– with some exceptions
• Dotted decimal notation:– Bytes of binary notation represented as
decimal separated by dot• Internet hosts have both IP addresses
and hostnames– wilde.cs.tcd.ie == 134.226.32.55
76
Mapping Domain Names
– Hostname - wilde.cs.tcd.ie– Internet Address - 134.226.32.55
• How does a machine translate a fully qualified hostname into an IP address?
• It consults its nearest Domain Name Server (DNS)
• The local Nameserver knows the mappings for local machines and – At least one root nameserver which knows
all nameservers for the top level domains.
77
.ie domains
• All registrations handled by the IE Domain Registry - www.iedr.ie– Was based in UCD until 2000, now a
independent non profit making body– You are required to prove a connection
to the domain name sought
• 4th Feb 2010– Total number of domains 137,661
• In Jan 1995– Total domains 347
78
Section 7 – Telemedicine
• Telemedicine is the rapid access to shared and remote medical expertise by means of telecommunications and information technologies, no matter where the patient or the relevant information is located. (CEC 1993)
• Telemedicine has been defined in General Terms as “Medicine practiced at a distance” and as such, it encompasses both diagnosis and treatment, as well as medical education. (Journal of Telemedicine and Telecare, 1995)
79
Definitions
• Telemedicine is the delivery of healthcare services, where distance is a critical factor, by all healthcare professionals using information and communications technologies for the exchange of valid information for diagnosis, treatment and prevention of disease and injuries, research and evaluation, and for the continuing education of healthcare providers, all in the interests of advancing the health of individuals and their communities. (World Health Organisation 1998)
80
Telemedicine
• Many different definitions of Telemedicine. Be aware of this.
• Telemedicine is a process not a technology. Can be applied to many different domains.
• Can be used for patient/clinician, patient/patient, clinician/clinician communication.
• Can be used to support training• As with all applications of technology,
appropriateness is the key. The application should be clinically driven.
81
Characteristics of Telemedicine systems• Interaction style- Real Time, Store and
Forward.• Data types- Text, Images, Sound, Video• Equipment • Action – Direct Intervention, Advice• Patient numbers – one patient, multiple
patients• Duration
82
Some Advantages and Obstacles of Telemedicine• Advantages
– Improved use of resources
– Continuing professional development
– Reduces unnecessary patient transfers
– Facilitates homecare for the elderly and the chronically ill
– Equitable access to care!– Links doctors with
remote centres of excellence
– Wireless links can be used in cases of lack of infrastructure
• Obstacles– Patient and
professional dissatisfaction in some specialities
– Lack of standards– Security issues– Legal and ethical
implications– Equipment failure– Lack of protocols of
care for these new types of interactions.
83
History
• Pre-electronic telemedicine– Accounts from the middle ages of a physician
examining a patient for plague- the patient and the physician were on opposite sides of the river.
– Prescribing by post was practised well before national postal systems were in place.
• Electronic telemedicine– Telegraphy- equipment was developed to send an X-
ray– Telephony- voice communication, computer networks– Radio- initially by morse code and later by voice.– Television- closed circuit television, video
conferencing– Wireless communication- use of mobile phone
technologies and satellites.
84
Research
• Why is Telemedicine not in widespread use?
• The technologies exist but the organisational and personal problems exist.
• Lots of funding has been allocated and has been spent on projects analysing, testing and evaluating technical requirements.
• More projects/research should be funded to show cost-effectiveness and evaluation of new Telemedicine applications.
85
Ethical and Legal Issues
• Some projects in Europe have looked at certain aspects of this area (SEISMED, ISHTAR, TrustHealth and SIREN). They have mainly been concerned with the security and confidentiality.
• More work needs to be done to research other aspects including accountability, responsibility, licensure, reimbursement, intellectual property rights, changes in consultation and referral patterns, defining the ‘owner of patients’, defining geographical catchment areas.
86
Economics/Evaluation
• Need to compare the new technology with an alternative way of working. What is the system costing at the moment?
• How to asses the cost of the new technology- equipment, software, installation, training, maintenance, legal, utilisation rates.
• How do we asses the benefits- people getting well, shorter stays in hospital, less time spent with the expert, patient not having to travel, expertise experienced by the remote healthcare professional.
• Methods are required if economic evaluation is to take place. Care should be taken when comparing costs across, domains, environments and time.
87
Practice
• Teleradiology• Telepathology• Teledermatology• Telecardiology• Telepsychiatry• Teleorthopaedics• Surgical Consultations• TeleENT• Tele-EEG• Minor Injuries
• Mobile Telemedicine
• Maritime Telemedicine
• Teleopthamology• Home Care• Telephone Services• Education• Telesurgery
88
Using Networks to Provide Equality of Care?• Network Infrastructures- Network
hardware and network software• Network users• Software applications• Legislation• Standards• Delivering care (need experts on site)
89
Network Infrastructure
• In order to avail of networked healthcare a network infrastructure must be in place.
• This infrastructure requires an initial investment, maintenance investment and investment to keep it up to date
• It is hard to see therefore even at the technology end how equality of care can be achieved.
90
Network Users
• In various countries, regions and hospitals different levels of technical skill exist.
• If we assume that all places have the same network infrastructure it still doesn’t allow us achieve equality of care
91
Software applications
• On top of the network infrastructure software applications.
• Depending on economics, skill and awareness of users differences can exist.
• Not everyone will be aware of the software applications that exist and the implications of choosing particular software e.g. from standards point of view
92
Legislation
• Be aware that using networks allows the user to bypass physical boundaries thus enabling a specialist in Ireland to communicate with a patient in England. There are legal implications to this that haven’t been addressed.
• Equality of care may not be possible due to these legalities. The closer you live to the specialist the better.
93
Standards
• In order to have healthcare delivered to all areas standards are required.
• Communication standards• Coding standards e.g. for diagnosing,
prescribing.• Data set format standards• Semantic standards• If all areas do not agree to the
standards then equality of care is not possible.
94
Experts on site
• Even if all the infrastructure, software applications, standards, legislation and skills are equal is it possible to get equality of care?
• Remember healthcare is ultimately delivered by human experts.
• Technology can only be used to support the current processes of healthcare delivery or to make new processes possible.