Overview of VPN Evolution of Private Networks

Overview of VPN Evolution of Private Networks Before the emergence and popularity virtual private networks have gained as a secure and cheaper medium for sensitive information to be accessed and transmitted between two or more corporate network over a public network such as the internet, other network technologies have been innovated and used to connect within business sites and across to other sites that are miles away from each other. In the sixties, sites were connected together to enable data transfer through the use of analog phone lines and 2,400-bps modems leased from ATT, businesses had no other faster modems they could choose from because the telephone companies were controlled by the government. It was not until the early eighties that businesses were able to connect to sites at higher speed using 9,600-bps modems because other telephone companies emerged as a result of the changes in government control and policy on telephone. During this period, there were not much mobile workers besides the modem links were static not as dynamic as what is available now. The analog phone lines were permanently wired to the sites and were specially selected lines (called conditional lines) that were specifically built for full time use by companies; these lines are different from regular phone lines. This technology ensured full bandwidth and privacy but this came at a great cost, i.e. payment is expected for the full ba ndwidth even if the line was used or not. Another innovation that was used for connecting sites which came out in the mid 1970s was the Digital Data Service (DDS). This was the first digital service with a connection of 56 Kbps and was used for private line. This service later became a major and useful innovation for wide area networks, which grew into other services that are popularly used today such as the T1 service which consists of 24 separate channels and each can carry up to 64 Kbps of either data or voice traffic. In the late 1970s the idea of VPN was initiated with the introduction of an innovation called the X.25. It is a Virtual Connection (VC) form of WAN packet switching which logically separates data streams. With this function, the service provider is able to send as many point-to-point VCs across a switch network infrastructure, depending each endpoints have a device that facilitates communication in the site. Sometime in the early 1980s, X.25 service providers offered VPN services to customers (i.e. businesses) who used network protocols at the time as well as early adopters of TCP/IP. Over years, in the 1990s other networking technologies were deployed for connecting private networks such as the high speed Frame relay and Asynchronous Transfer Mode (ATM) switching. This networking technologies were provided to give virtual connection to businesses at the speed of up to OC3 (155 Mbps). The components for setting up this kind of technologies involved the use of customer IP routers (customer premise equipment, or CPE) interconnected in a partial or full mesh of frame relay or ATM VCs to other CPE devices, in other words less equipments are needed for its set up. – Metz, C. (2003). Based on some definitions and some researchers like Mangan, T. (2001), the frame relay and ATM technology are referred the standard for VPN technology. These technologies gained so much popularity after the leased line in connecting sites and they were also easy to set up. With the increasing speed at which businesses grow and expand globally, thereby allowing staffs to be mobile and work offsite, the frame relay is not the best technology to use for remote access since it is just an overlay technology. In as much as the leased line is a better technology alternative for connecting business sites, it is excessively expensive to be owned. With the advent of the internet and its wide use in everyday transaction, businesses have adopted the technology for transmitting and accessing data across various sites by implementing a VPN connection, which is relatively cheap, flexible and scalable, between both sites in order to secure the data that are sent across the insecure internet from being tampered by unauthorized persons. VPN definition There are various definitions of a Virtual Private Network (VPN) which are given by various vendors which best describes their products. Several books, journals, whitepapers, conference papers and internet sites have various definitions of what the technology is, and these definitions are usually put in different words and sentence structure but mostly they say the same thing. In order to get a good understand of what the technology is all about, definitions given by several people from different sources will be looked at and a concise definition will be formulated from all definitions that will be used throughout this research work. â€Å"A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organizations network.† SearchSecurity.com (2008). â€Å"A VPN is a group of two or more computer systems, typically connected to a private network (a network built and maintained by an organization solely for its own use) with limited public-network access that communicates securely over a public network.† (Calsoft labs whitepaper, 2007) Aoyagi, S. et al. (2005) A Virtual Private Network (VPN) enables a private connection to a LAN through a public network such as the Internet. With a VPN, data is sent between two nodes across a public network in a manner that emulates a dial-link. There are two types of VPN systems, one is used for connecting LANs across the Internet, and the other is used to connect a remote node to a LAN across the Internet. â€Å"A VPN tunnel encapsulates data within IP packets to transport information that requires additional security or does not conform to internet addressing standards. The result is that remote users act as virtual nodes on the network into which they have tunnelled.† – Kaeo, M. (2004) p135. â€Å"A VPN is a virtual network connection that uses the internet to establish a connection that is secure.† Holden, G. (2003), p 286. â€Å"A VPN uses a public network, such as the internet, to facilitate communication; however it adds a layer of security by encrypting the data travelling between companies and authenticating users to ensure that only authorized users can access the VPN connection†. Mackey, D. (2003) p157 Randall, K. et al. (2002), p377 likened a Virtual Private Network (VPN) to a Tunnel Mode, as a means of transmitting data between two security gateways, such as two routers, that encrypts the entire IP packet and appends a new IP header entering the receiving gateways address in the destination address. â€Å"VPNs enable companies to connect geographically dispersed offices and remote workers via secure links to the private company network, using the public Internet as a backbone.† Lee, H. et al (2000) Looking at all these definitions closely from various authors, they all stress on security and connectivity. These are the essential features of VPNs because they are able to create a connection between two private networks over a public network by encapsulation and tunnelling protocols in transmitting data and also provide security by encryption and authentication in order to control access to data and resources on the company’s network. In other words a VPN is a network technology that securely connects two or more private networks over an insecure public network such as the internet, so as to enable internal access to files and resources and data transfer. Types of VPN There are three different VPN connectivity models that can be implemented over a public network: Remote-access VPNs: It provides remote access to an enterprise customer’s intranet or extranet over a shared infrastructure. Deploying a remote-access VPN enables corporations to reduce communications expenses by leveraging the local dial up infrastructures of internet service providers. At the same time VPN allows mobile workers, telecommuters, and day extenders to take advantage of broadband connectivity. Access VPNs impose security over analog, dial, ISDN, digital subscriber line (DSL), Mobile IP, and cable technologies that connect mobile users, telecommuters, and branch offices. Intranet VPNs: It links enterprise customer headquarters, remote offices, and branch offices in an internal network over a shared infrastructure. Remote and branch offices can use VPNs over existing Internet connections, thus providing a secure connection for remote offices. This eliminates costly dedicated connections and reduces WAN costs. Intranet VPNs allow access only to enterprise customer’s employees. Extranet VPNs: It links outside customers, partners, or communities of interest to an enterprise customer’s network over a shared infrastructure. Extranet VPNs differ from intranet VPNs in that they allow access to uses outside the enterprise. VPN configurations There are two main types of VPN configurations for deploying the VPN connection over a public network. These are; Site-to-site VPNs: This is sometimes referred to as secure gateway-to-gateway connections over the internet, private or outsourced networks. This configuration secures information sent across multiple LANS and between two or more office networks and this can be done effectively by routing packets across a secure VPN tunnel over the network between two gateway devices or routers. The secure VPN tunnel enables two private networks (sites) to share data through an insecure network without fear that the data will be intercepted by unauthorized persons outside the sites. The site-to-site VPN establishes a one-to-one peer relationship between two networks via the VPN tunnel Kaeo, M. (2004. Also Holden, G. (2003), describes a site-to-site VPN as a link between two or networks. This is mostly used in Intranet VPNs and sometimes in extranet VPNs. Client-to-Site VPNs: This is a configuration that involves a client at an insecure remote location who wants to access an internal data from outside the organization network’s LAN. Holden, G. (2003) explains a client-to-site VPN as a network made accessible to remote users who need dial-in access. While Kaeo, M. (2004) defined a client-to-site VPN as a collection of many tunnels that terminate on a common shared end point on the LAN side. In this configuration, the user needs to establish a connection to the VPN server in order to gain a secure route into the site’s LAN and this can be done by configuring a VPN client which could either be a computer operating system or hardware VPN – such as a router. By so doing, the connection enables the client to access and use internal network resources. This kind of configuration is also referred to as secure client-to-gateway connection. This is usually used in access VPNs and sometimes in extranet VPNs. VPN Topology VPN Components To create a VPN connection between sites or networks, it involves the use of some components. These components however contain some elements that need to be properly set up in order to aid the transmission of data from one network endpoint to another. These elements include: VPN server: This is either a computer system or router configured to accept connections from the client (i.e. a remote computer) who gains access by dialling in or connecting directly through the internet. This serves as one endpoint of the VPN tunnel. VPN client: This can either be a hardware based system; usually a router that serves as the endpoint of a gateway-to-gateway VPN connection, or a software based system; either an inbuilt or downloaded software program on the computer operating system that can be configured to function as an endpoint in a VPN, such as Windows XP, 2000 or vista or checkpoint client software. Tunnel – this is the link between the VPN server and client endpoints through which the data is sent. VPN protocols – These are set of standardised data transmission technologies the software and hardware systems use to create security rules and policies on data sent along the VPN. Types of VPN Systems The VPN components form the endpoints of the VPN connection from one private network to another through the public network. The choice of what components to use is dependent on various factors such as the size of the organization – is it a small, large or growing organization, the cost involved in implementing a VPN either by using new components or existing components and lastly, the choice of which of the components will is best for the connection. There are three components that can be used to set up a VPN connection, also a combination of any of these components can be used to set up a VPN connection. One way to set up a VPN is to use Hardware device. The hardware device is a VPN component that is designed to connect gateways or multiple LANS together over the public network by using secure protocols to ensure network and data security. There are two devices that are commonly used that perform these functions. One typical hardware based VPN device used is a router, which is used to encrypt and decrypt data that goes in and out of the network gateways. Another device is a VPN appliance, its objective is to terminate VPNs connection and join multiple LANs (Holden, G. 2003). This device creates a connection between multiple users or networks. The VPN hardware devices are more cost effective for fast growing organizations since they are built to handle more network traffic. It is a better choice when considering the network throughput and processing overhead. It is also a good choice when the routers used at each network ends are the same and controlled by the same organization. Another way to set up a VPN is to use a Software based component. The software component is a program, otherwise stored on the operating system of the system, which can be used to set up a VPN connection. It is easy to configure and more flexible and cost effective than the hardware VPN. They are suitable in networks that use different routers and firewalls or are best used between different organizations and network administrators – such as partner companies. The software VPNs allow traffic to be tunnelled based on address or protocols unlike hardware-based products, which generally tunnel all traffic that it handles. But software-based systems are generally harder to manage than hardware based systems. They require familiarity with the host operating system, the application itself, and appropriate security mechanisms. And some software VPN packages require changes to routing tables and network addressing schemes (Calsoft labs whitepaper, 2007). The third component, is the Firewall based VPN; it makes use of the firewall’s mechanisms as well as restricting access to the internal network. This kind of component ensures that the VPN traffic passes through the network gateway of the desired destination and non-VPN traffic is filtered according to the organization’s security policy, this is achieved by it performing address translation, making sure that requirements for strong authentication are in order and serving up real-time alarms and extensive logging. These three components can be combined together to set up a VPN in order add layers of security on the network. This can be a combination of hardware and software VPN or a combination of all three in the same device. There are several Hardware based VPN packages that offer software –only clients for remote installation, and incorporate some of the access control features more traditionally managed by firewalls or other perimeter security devices (Calsoft labs whitepaper, 2007). An example of such device is the Cisco 3000 Series VPN concentrator which gives users the option of operating in two modes: client and network extension mode. In the client mode the device acts as a software client enabling a client-to-host VPN connection while in the extension mode it acts as a hardware system enabling a site-to-site VPN connection. Also a combination of all these components by different vendors can be used to set up a VPN connection, but this comes with some challenges. The solution as proposed by Holden, G (2004) is to use a standard security protocol that is widely used and supported by all products. VPN Security Features The main purpose of VPN is to ensure security and connectivity (tunnel) over a public network and this cannot be done without some key activities being performed and policies set up. For VPNs to provide a cost–effective and better way of securing data over an insecure network it applies some security principles/measures. Data sent over the internet using the TCP/IP rule are called packets. A packet consists of the data and an IP header. The first thing that happens to a data being sent across a VPN is that it gets encrypted at the source endpoint and decrypted at the destination endpoint. Encryption is a method of protecting information from unauthorised persons by coding the information that can only be read by the recipient. The method, encryption, is done by using an algorithm which generates a key that allows information to be coded as unreadable by all and only readable to the recipient. The larger the number of data bits used to generate the key, the stronger the encryption and the harder it can be broken by intruders. Data encryption can be done in two ways; it can either be encrypted by transport mode or tunnel mode. These modes are process of transmitting data securely between two private networks. In transport mode, the data part (otherwise known as the payload) of the IP packet is encrypted and decrypted but not the header by both endpoint hosts. While in the tunnel mode both the data part and header of the IP packet are encrypted and decrypted between the gateways of the source computer and the destination computer. Another security measure implemented by VPN on data is IP Encapsulation. The VPN uses the principle of IP encapsulation to protect packets from being intercepted on the network by intruders by enclosing the actual IP packet in another IP packet having the source and destination address of the VPN gateways, therefore hiding the data being sent and the private networks IP address which â€Å"does not conform to internet addressing standards†. The third security measure is Authentication. This is a method of identifying a user by proving that the user is actually authorized to access and use internal files. Authenticating a, host, user or a computer that uses the VPN depends on the tunneling protocol established and also encryption for added security. The tunneling protocols that are widely used for authentication over a network are IPSec, PPTP, LT2P and SSL but the most commonly used is the IPSec. The hosts using VPN establish a Security Association (SA) and authenticate one another by exchanging keys which are generated by an algorithm (mathematical formula). These keys can either be symmetric key which is a private key that are exactly the same and only known by the hosts to verify the identity of one another or asymmetric key where each hosts has a private key that can be used to generate a public key. The sending host uses the other’s public key to encrypt information that can only be decrypted by the receiving host private key. The Point-to-Point Tunneling Protocol uses the Microsoft Challenge/Response Authentication Protocol (MS-CHAP) to authenticate computers using VPN by exchanging authentication packets to one another. Also the users connecting to VPN can be authenticated by what the user knows- a password (shared secret), what the user has – a smart card and what the user is – biometrics e.g. finger prints. VPN Tunnelling Protocols VPNs create secure connections, called tunnels, through public shared communication infrastructures such as the Internet. These tunnels are not physical entities, but logical constructs, created using encryption, security standards, and protocols Clemente, F. et al (2005). The VPN tunnelling protocol are set of standardised rules and policy that are employed on the transmitted data. There are various standard of protocol technologies used to create a VPN tunnel and each of these protocols is specially built with some unique security features. In this research work the protocols explained in this section are the most widely used. Internet Protocol Security (IPSec) The Internet Protocol Security (IPSec) has proposed in Internet Engineering Task Force (IETF) Request for Comment (RFC) database in RFC (2401), provides data packet integrity, confidentiality and authentication over IP networks. The IPSec policy consists of sets of rules that designate the traffic to be protected, the type of protection, such as authentication or confidentiality, and the required protection parameters, such as the encryption algorithm. (Jason, K. 2003, Hamed, H. et al 2005, Shue, C. et al 2005, Berger, T. 2006, Clemente, F. et al 2005, Liu, L. and Gao, W. 2007). The IPSec protocol provides security at the network layer and offers a collection of methods, protocols, algorithms and techniques to establish a secure VPN connection. There are two basic modes of IPSec connections, Transport mode and Tunnel mode. The transport mode, attaches an IPSec header to the IP header of the packet. The Tunnel mode is more flexible compared to the transport mode; it encapsulates the IP packet into another IP packet, also attaching an IPSec header to the outer IP packet. This mode protects the entire IP packet. The IPSec modes, are determined and agreed on by both corporate networks at each end of the VPN connection, are contained in the Security Association(SA) among other things. The SA is a set of policy and keys used to protect information such as the IPSec modes, symmetric ciphers, and keys which are used during secure data transmission. The IPSec uses two main protocols that are usually used with any of the modes, the Authentication Header (AH), and Encapsulating Security Payload (ESP). The authentication header contains a Security Parameter Index(SPI) and provides data authentication and integrity (MD5 or SHA-1 hash) on the whole IP packet but does not guarantee privacy (confidentiality) on the data. ESP guarantees privacy (confidentiality) on the data in addition to all the features AH provides. The ESP header includes an initialization field, which is used by symmetric block ciphers (Berger, T. 2006). Another essential protocol that IPSec uses in establishing the VPN tunnel is the Internet Key Exchange protocol (IKE). This protocol exchanges encryption keys and shares authentication data (RFC 2409) through UDP packets at port 500, and also relies on the Internet security association and key management protocol(ISAKMP) – this protocol allows both endpoints share a public key and authenticate themselves with digital certificates (RFC 2408). To create a VPN tunnel using the IPSec protocol, two things needs to be done. First, both networks need to agree on the SA for the IKE and this is done by using the Diffie – Hellman key exchange method to authenticate one another. After this is done, both network endpoints need to set the parameters for the VPN tunnel including symmetric cipher keys (and key expiry information), security policy, network routes, and other connection-relevant information. Point-to-Point Tunneling Protocol (PPTP) Point-to-Point Tunneling Protocol (PPTP) is a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks (Microsoft TechNet, 2008). PPTP operates at Layer 2 of the OSI model. PPTP, as specified in the RFC 2637 document, is a protocol that describes a means for carrying Point-to-Point protocol (PPP) – described in RFC 1661 – over an IP based network. It is created by a vendor consortium known as the PPTP industry forum which includes Microsoft Corporation, Ascend Communications, 3Com/Primary Access, ECI Telematics, US Robotics and Copper Mountain Networks. PPTP is the most commonly used protocol for dial-up access to the internet. Microsoft included PPTP support in Windows NT Server (version 4) and released a Dial-up Networking pack in Windows 95 and since then PPTP is supported in any Microsoft Windows version. The PPTP transfers two different types of packets over a VPN connection. The first is the Generic Routing Encapsulation (GRE) (described in RFC 1701 and RFC 1702) packet. It encapsulates PPP frames as tunneled data by attaching a GRE header to the PPP packet or frame. The PPP frame contains the initial PPP payload which is encrypted and encapsulated with PPP while the GRE header contains various control bits, sequence and tunnel numbers. The function of the GRE is to provide a flow- and congestion-control encapsulated datagram service for carrying PPP packets. The total sum up of the packet consists of a Data link header, IP header, GRE Header, PPP Header, Encrypted PPP payload and Data link trailer. The second type of packet is the PPTP control message or packet. The PPTP control packet includes control information such as connection requests and responses, connection parameters, and error messages and it consists of IP header, TCP header, PPTP control message and a data link traile r. In order to create, maintain and terminate the VPN tunnel, the PPTP uses a control connection between the remote client and the server using the TCP port 1723. This two different packets used by PPTP does not ensure privacy on the packet payload, so in order to enhance security on these packets, the PPTP supports encryption and authentication method same as used in PPP connections (Berger, T, 2006 and vpntools.com, 2006). To authenticate packets that pass through the VPN tunnel, PPTP uses any of the following protocols; Extensible Authentication protocol – Transport Layer Security (EAP-TLS), Microsoft Challenge Handshake Authentication Protocol (MS-CHAP), Shiva Password Authentication protocol (SPAP) and Password Authentication Protocol (PAP). For encryption, PPTP uses either the Microsoft Point to Point Encryption (MPPE) to encrypt PPP packets that passes between the remote computer and the remote access server by enhancing the confidentiality of PPP encapsulated packets (as described in RCF 3078) or uses the symmetric RC4 stream cipher to encrypt the GRE payload is encrypted. Layer 2 Tunneling Protocol (L2TP) The L2TP is an IETF standard established as a result of combining the best features of two protocols: Cisco’s Layer 2 Forwarding (L2F) protocol (described in RFC 2341) and Microsoft’s PPTP (Cisco Systems, 2008). L2TP facilitates the tunneling of PPP frames across an intervening network in a way that is as transparent as possible to both end-users and applications (RFC 2661). L2TP encapsulates the PPP packet (whose payload can either be encrypted or compressed or both can be done) into a User Datagram Protocol (UDP) packet at transport layer. The L2TP can be used over the internet as well as over private intranet and also can send PPP packets over X.25, Frame relay or ATM networks. The UDP packet consists of the following in this order: UDP header with source and destination address using port 1701, control bits representing options like version and length of the packet, sequence number and tunnel ID fields which is used to track the packet and identify the tunnel, the l ayer 2 frame which contains the following also: Media Access Code (MAC) addresses and the payload. To ensure security and enhance authenticity of the L2TP packet it is combined with IPSec by attaching an IPSec ESP header, using the IPSec transport mode. After combining IPSec to L2TP, the UDP packet is encrypted and encapsulated with an IPSec ESP header and trailer and ESP authentication trailer. The L2TP packet now consists the following: data link header, IP Header, IPSec ESP Header, UDP header, L2TP frame, IPSec ESP trailer, IPSec ESP Authentication trailer and Data Link trailer, resulting in excessive protocol overhead (Berger, T, 2006 and vpntools.com, 2006). Secure Socket Layer (SSL) Multiprotocol Label Switching Literature Review VPN Protocol Overhead The tunneling protocols also affect the performance of the network by adding processing overhead on the VPN connection. Implementing these secure technologies on any insecure public network like the internet comes with some weaknesses and this can be as a result of either the specific standards are not sophisticated enough to provide secure, stable and fast data links, or interaction with lower levelled protocols causes serious problems (Berger, T., 2006).For example the IPSec technology employs three kinds of protocols namely AH, ESP and IKE; in order to ensure security over the public network, this in turn adds overhead on the packet being sent. The IPSec uses two modes for transferring packets: transport and tunneling mode. The tunneling mode is the widely used because the tunnel can be used to access several resources and it encapsulate and encrypts all part of the IP packet within another IP packet. In a research paper by Shue, C. Et al (2005), an analysis was carried out in ord er to evaluate the performance of the overhead associated with IPSec on VPN servers, and the tunneling mode was used. The tunneling mode uses different technologies to ensure added security on the packet: it uses two different kinds of protocols namely ESP and IKE and various encryption algorithm and cryptographic key sizes, by so doing doubling the size of the packet. It is reported that overheads of the IKE protocol are considerably higher than those incurred by ESP for processing a data packet, also cryptographic operations contribute 32 − 60% of the overheads for IKE and 34 − 55% for ESP, and lastly, digital signature generation and Diffie-Hellman computations are the largest contributor of overheads during the IKE process and only a small amount of the overheads can be attributed to the symmetric key encryption and hashing. Also the layer 2 Tunneling Protocol (L2TP) implemented on the VPN connection originally does not cause any overhead since encryption, authentication and privacy mechanism is not used on the data packet. But when this protocol is combined with IPSec, it adds all the aforementioned mechanism on the packet and makes it very secure but this comes with added problems – protocol overhead, among other things. In this case both the IPSec and L2TP headers are added to the data packet which increases the size of the packet and by so doing, it decreases the VPN performance. (Berger, T., 2006) The Internet, the Problem. There are some articles and journals that clearly argues that VPN does not directly incur processing overhead on the network instead the internet affects the performance. According to an article that was posted on the internet by VPN Consultants in San Francisco Bay Area on FAQ on Security, it was argued that most performance slowdowns will in fact result from inconsistent Internet connections rather than by encryption processing overhead. Also, according to Liu, L. and Gao, W. (2007), explains that IPv4 ( this is an internet protocol that is widely deployed) based networks have inherent deficiencies which have become obstacles to the evolution of networks. They argue that VPNs implemented on the network i.e. the internet automatically inherits some of these problems, such as, big overhead of the net-transport, lack of quality assurance of Service (QoS), NAT traversing problem, and so on. They propose that VPNs implemented on IPv6 (Internet Protocol version 6), which is known as â€Å"the next generation protocol† can solve this problems effectively. Packet Loss A VPN tunnel can sometimes suffer high packet loss and reordering of packets problems. Reordering can cause problems for some bridged protocols, and high pack

Artificial Intelligence Essay -- Essays Papers

Artificial Intelligence Computers are everywhere today. It would be impossible to go your entire life without using a computer. Cars, ATMs, and TVs we use everyday, and all contain computers. It is for this reason that computers and their software have to become more intelligent to make our lives easier and computers more accessible. Intelligent computer systems can and do benefit us all; however people have constantly warned that making computers too intelligent can be to our disadvantage. Artificial intelligence, or AI, is a field of computer science that attempts to simulate characteristics of human intelligence or senses. These include learning, reasoning, and adapting. This field studies the designs of intelligent agents, or a system that acts intelligibly. The term artificial intelligence is confusing and misleading however. Artificial intelligence is still a form of intelligence, but perhaps â€Å"synthetic intelligence† is a better name because it is not natural intelligence. This is why the name â€Å"computational intelligence†, or CI, is sometimes preferred. Artificial intelligence is used in many objects that we use everyday: cars, microwaves, personal computers, and videogames. There are many different goals for AI, depending upon your field or view. Computer science attempts to make computer systems do what only humans could do in the past. Computational philosophy tries to understand human intelligence at a computer level. AI also has applications in medical programs, factories, robots, and many other tasks. There are several different disciplines of artificial intelligence. They are: different are expert systems, natural languages, simulation of human sensory capabilities, robotics... ...pable of much growth in the years to come. In a few years maybe it will be possible to create systems that are in every way equal to or superior to humans. That can be a scary thought, however impossible it may sound. For now we will just continue to use these systems to our greatest advantage. References Chung, Randolph, and Lynellen D. S. Perry. â€Å"Robotics: introduction.† Crossroads. 4.3 (1998): 2. Klerfors, Daniels. Artificial Neural Networks. Nov. 1998. St. Louis. U. Nov. 2001. http://hem.hj.se/~de96klda/NeuralNetworks.htm. Nadis, Steve. â€Å"We Can Rebuild You.† MIT’s Technology Review. 100 (1997): 16-18. Poole, David, Alan Mackworth, and Randy Goebel. Computational Intelligence, a logical approach. New York: Oxford University Press, 1998. Turner, Raymond. Logics for Artificial Intelligence. New York: John Wiley & Sons, 1984.

The Return: Midnight Chapter 10

Damon was making his way up the beautiful rose-covered trel is below the window of the bedchamber of M. le Princess Jessalyn D'Aubigne, a very wealthy, beautiful, and much-admired girl who had the bluest blood of any vampire in the Dark Dimension, according to the books he'd bought. In fact, he'd listened to the locals and it was rumored that Sage himself had changed her two years ago, and had given her this bijoux castle to live in. Delicate gem that it appeared, though, the little castle had already presented Damon with several problems. There had been that razor-wire fence, on which he ripped his leather jacket; an unusual y dexterous and stubborn guard whom it had real y been a pity to strangle; an inner moat that had almost taken him unawares; and a few dogs that he had treated with the Saber-tranquilizer routine – using Mrs. Flowers's sleeping powder, which he'd brought with him from Earth. It would have been easier to poison them, but Jessalyn was reputed to have a very soft heart for animals and he needed her for at least three days. That should be long enough to make him a vampire – if they did nothing else during those days. Now, as he pul ed himself silently up the trel is, he mental y added long rose thorns to the list of inconveniences. He also rehearsed his first speech to Jessalyn. She had been – was – would forever be – eighteen. But it was a young eighteen, since she had only two years'experience at being a vampire. He comforted himself with this as he climbed silently into a window. Still silently, moving slowly in case the princess had guardian animals in her bedchamber, Damon parted layer after layer of filmy, translucent black curtains that kept the blood-red light of the sun from shining into the chamber. His boots sank into the thick pile of a black rug. Making it out of the enfolding curtains, Damon saw that the entire chamber was decorated in a simple theme by a master of contrast. Jet-black and off-black. black. He liked it a lot. There was an enormous bed with more bil owing filmy black curtains almost encasing it. The only way to approach it was from the foot, where the diaphanous curtains were thinner. Standing there in the cathedral-like silence of the great chamber, Damon looked at the slight figure under the black silk sheets, among dozens of smal throw pil ows. She was a jewel like the castle. Delicate bones. A look of utter innocence as she slept. An ethereal river of fine, scarlet hair spil ing about her. He could see individual hairs straying on the black sheets. She looked a little like Bonnie. Damon was pleased. He pul ed out the same knife he had put to Elena's throat, and just for a moment hesitated – but no, this was no time to be thinking of Elena's golden warmth. Everything depended on this fragile-shouldered child in front of him. He put the point of the knife to his chest, deliberately placing it wide of his heart in case some blood had to be spil ed†¦and coughed. Nothing happened. The princess, who was wearing a black negligee that showed frail-looking arms as fine and pale as porcelain, went on sleeping. Damon noticed that the nails on her smal fingers were lacquered the exact scarlet of her hair. The two large pil ar candles set in tal black stands were giving off an enticing perfume, as wel as being clocks – the farther down they burned, the easier to tel time. The lighting was perfect – everything was perfect – except that Jessalyn was stil asleep. Damon coughed again, loudly – and bumped the bed. The princess woke, starting up and simultaneously bringing two sheathed blades out of her hair. â€Å"Who is it? Is someone there?†She was looking in every direction but the right one. â€Å"It's only me, your highness.†Damon pitched his voice low, but fraught with unrequited need. â€Å"You don't have to be afraid,†he added, now that she'd at last gotten the right direction and seen him. He knelt by the foot of her bed. He'd miscalculated a bit. The bed was so large and high that his chest and the knife were far below Jessalyn's line of sight. â€Å"Here I wil take my life,†he announced, very loudly to make sure that Jessalyn was keeping up with the program. After a moment or two the princess's head popped up over the foot of the bed. She balanced herself with hands spread wide and narrow shoulders hunched close to her. At this distance he could see that her eyes were green – a complicated green consisting of many different rings and speckles. At first she just hissed at him and lifted her knives held in hands whose fingers were tipped with nails of scarlet. Damon bore with her. She would learn in time that al this wasn't real y necessary; that in fact it had gone out of fashion in the real world decades ago and was only kept alive by pulp fiction and old movies. â€Å"Here at your feet I slay myself,†he said again, to make sure she didn't miss a syl able, or the entire point, for that matter. â€Å"You – yourself?†She was suspicious. â€Å"Who are you? How did you get here? Why would you do such a thing?† â€Å"I got here through the road of my madness. I did it out of what I know is madness I can no longer live with.† â€Å"What madness? And are you going to do it now?†the princess asked with interest. â€Å"Because if you're not, I'l have to cal my guards and – wait a minute,†she interrupted herself. She grabbed his knife before he could stop her and licked it. â€Å"This is a metal blade,†she told him, tossing it back. â€Å"I know.†Damon let his head fal so that hair curtained his eyes and said painful y: â€Å"I am†¦a human, your highness.† He was covertly watching through his lashes and he saw that Jessalyn brightened up. â€Å"I thought you were just some weak, useless vampire,†she said absently. â€Å"But now that I look at you†¦Ã¢â‚¬ A rose petal of a pink tongue came out and licked her lips. â€Å"There's no point in wasting the good stuff, is there?† She was like Bonnie. She said exactly what she thought, when she thought it. Something inside Damon wanted to laugh. He stood again, looking at the girl on the bed with al the fire and passion of which he was capable – and felt that it wasn't enough. Thinking about the real Bonnie, alone and unhappy, was†¦wel , passion-quenching. But what else could he do? Suddenly he knew what he could do. Before, when he'd stopped himself from thinking of Elena, he had cut off any genuine passion or desire. But he was doing this for Elena, as much as for himself. Elena couldn't be his Princess of Darkness if he couldn't be her Prince. This time, when he looked down at M. le Princess, it was differently. He could feel the atmosphere change. â€Å"Highness, I have no right even to speak to you,†he said, deliberately putting one booted foot on the metal scrol work that formed the frame of the bed. â€Å"You know as wel as I that you can kil me with a single blow†¦say, here† – pointing to a spot on his jaw – â€Å"but you have already slain me – â€Å" Jessalyn looked confused, but waited. † – with love. I fel in love with you the moment I saw you. You could break my neck, or – as I would say if I were permitted to touch your perfumed white hand – you could curl those fingers around my throat and strangle me. I beg you to do it.† Jessalyn was beginning to look puzzled but excited. Blushing, she held out one smal hand to Damon, but clearly without any intention of strangling him. â€Å"Please, you must,†Damon said earnestly, never taking his eyes off hers. â€Å"That is the only thing I ask of you: that you kil me yourself instead of cal ing your guards so that the last sight I see wil be your beautiful face.† â€Å"You're il ,†Jessalyn decided, stil looking flustered. â€Å"There have been other unbalanced minds who have made their way past the first wal of my castle – although never to my chambers. I'l give you to the doctors so that they can make you wel .† â€Å"Please,†said Damon, who had forged his way through the last of the filmy black hangings and was now looming over the sitting princess. â€Å"Grant me instant death, rather than leaving me to die a little each day. You don't know what I've done. I can't stop dreaming of you. I've fol owed you from shop to shop when you went out. I am already dying now as you ravish me with your nobility and radiance, knowing that I am no more than the paving stones you walk on. No doctor can change that.† Jessalyn was clearly considering. Obviously, no one had ever talked to her like this. Her green eyes fixed on his lips, the lower of which was stil bleeding. Damon gave an indifferent little laugh and said, â€Å"One of your guards caught me and very properly tried to kil me before I could reach you and disturb your sleep. I'm afraid I had to kil him to get here,†he said, standing between one pil ar candle and the girl on the bed so that his shadow was thrown over her. Jessalyn's eyes widened in approval even as the rest of her seemed more fragile than ever. â€Å"It's stil bleeding,†she whispered. â€Å"I could – â€Å" â€Å"You can do anything you want,†Damon encouraged her with a wry quirk of a smile on his lips. It was true. She could. â€Å"Then come here.†She thumped a place by the nearest pil ow on the bed. â€Å"What are you cal ed?† â€Å"Damon,†he said as he stripped off his jacket and lay down, chin propped on one elbow, with the air of one not unused to such things. â€Å"Just that? Damon?† â€Å"You can cut it stil shorter. I am nothing but Shame now,†he replied, taking another minute to think of Elena and to hold Jessalyn's eyes hypnotical y. â€Å"I was a vampire – a powerful and proud one – on Earth – but I was tricked by a kitsune†¦Ã¢â‚¬ He told her a garbled version of Stefan's story, omitting Elena or any nonsense about wanting to be human. He said that when he managed to escape the prison that had taken his vampire self, he decided to end his own human life. But at that moment, he had seen Princess Jessalyn and thought that, serving her, he would be happy with his sorry lot. Alas, he said, it only fed his disgraceful feelings for her highness. â€Å"Now my madness has driven me to actual y accost you in your own chambers. Make an example of me, your highness, that wil cause other evildoers to tremble. Burn me, have me flogged and quartered, put my head on a pike to cause those who might do you il to cast themselves into a fire first.†He was now in bed with her, leaning back a little to expose his bare throat. â€Å"Don't be sil y,†Jessalyn said, with a little catch in her voice. â€Å"Even the meanest of my servants wants to live.† â€Å"Perhaps the ones that never see you do. Scul ions, stable boys – but I cannot live, knowing that I can never have you.† The princess looked Damon over, blushed, gazed for a moment into his eyes†¦and then she bit him. â€Å"I'l get Stefan to go down to the root cel ar,†Elena said to Meredith, who was angrily thumbing tears out of her eyes. â€Å"You know we can't do that. With the police right here in the house – â€Å" â€Å"Then I'll do it – â€Å" â€Å"You can't! You know you can't, Elena, or you wouldn't have come to me!† Elena looked at her friend closely. â€Å"Meredith, you've been donating blood al along,†she whispered. â€Å"You never seemed even slightly bothered†¦Ã¢â‚¬  â€Å"He only took a tiny bit – always less from me than anyone. And always from my arm. I just pretended I was having blood drawn at the doctor's. No problem. It wasn't even bad with Damon back in the Dark Dimension.† â€Å"But now†¦Ã¢â‚¬ Elena blinked. â€Å"Now – what?† â€Å"Now,†Meredith said with a faraway expression, â€Å"Stefan knows that I'm a hunter-slayer. That I even have a fighting stave. And now I have to†¦to submit to†¦Ã¢â‚¬  Elena had gooseflesh. She felt as if the distance from her to Meredith in the room was getting larger. â€Å"A hunter-slayer?†she said, bewildered. â€Å"And what's a fighting stave?† â€Å"There's no time to explain now! Oh, Elena†¦Ã¢â‚¬  If Plan A was Meredith and Plan B was Matt, there was real y no choice. Plan C had to be Elena herself. Her blood was much stronger than anyone else's anyway, so ful of Power that Stefan would only need a – â€Å"No!†Meredith whispered right in Elena's ear, somehow managing to hiss a word without a single sibilant. â€Å"They're coming down the stairs. We have to find Stefan now! Can you tel him to meet me in the little bedroom behind the parlor?† â€Å"Yes, but – â€Å" â€Å"Do it!† And I stil don't know what a fighting stave is, Elena thought, al owing Meredith to take her arms and propel her toward the bedroom. But I know what a â€Å"hunter-slayer†sounds like, and I definitely don't like it. And that weapon – it makes a stake look like a plastic picnic knife. Stil , she sent to Stefan, who was fol owing the sheriffs downstairs: Meredith is going to donate as much blood as you need to Influence them. There's no time to argue. Come here fast and for God's sake look cheerful and reassuring. Stefan didn't sound cooperative. I can't take enough from her for our minds to touch. It might – Elena lost her temper. She was frightened; she was suspicious of one of her two best friends – a horrible feeling – and she was desperate. She needed Stefan to do just as she said. Get here fast! was al she projected, but she had the feeling that she'd hit him with al of the feelings ful force, because he suddenly turned concerned and gentle. I will, love, he said simply. While the female police officer was searching the kitchen and the male the living room, Stefan stepped into the smal first-floor guest room, with its single rumpled bed. The lamps were turned off but with his night vision he could see Elena and Meredith perfectly wel by the curtains. Meredith was holding herself as stiffly as an acrophobic bungee jumper. Take all you need without permanently harming her – and try to put her to sleep, too. And don't invade her mind too deeply – I'll take care of it. You'd better get out in the hallway, let them see at least one of us, love, Stefan replied soundlessly. Elena was obviously simultaneously frightened for and defensive about her friend and had sped right into micromanagement mode. While this was usual y a good thing, if there was one thing Stefan knew about – even if it was the only thing he knew – it was taking blood. â€Å"I want to ask for peace between our families,†he said, reaching one hand toward Meredith. She hesitated and Stefan, even trying his hardest, could not help but hearing her thoughts, like smal , scuttling creatures at the base of her mind. What was she committing herself to? In what sense did he mean family? It's really just a formality, he told her, trying to gain ground on another front: her acceptance of the touch of his thoughts to hers. Never mind it. â€Å"No,†Meredith said. â€Å"It's important. I want to trust you, Stefan. Only you, but†¦I didn't get the stave until after Klaus was dead.† He thought swiftly. â€Å"Then you didn't know what you were – â€Å" â€Å"No. I knew. But my parents were never active. It was Grandpa who told me about the stave.† Stefan felt a surge of unexpected pleasure. â€Å"So your grandfather's better now?† â€Å"No†¦sort of.†Meredith's thoughts were confusing. His voice changed, she was thinking. Stefan was truly happy that Grandpa's better. Even most humans wouldn't care – not really. â€Å"Of course I care,†Stefan said. â€Å"For one thing, he helped save al our lives – and the town. For another, he's a very brave man – he must have been – to survive an attack by an Old One.† Suddenly, Meredith's cold hand was around his wrist and words were tumbling from her lips in a rush that Stefan could barely understand. But her thoughts stood bright and clear under those words, and through them he got the meaning. â€Å"Al I can know about what happened when I was very young is what I've been told. My parents told me things. My parents changed my birthday – they actual y changed the day we celebrate my birthday on – because a vampire attacked my grandpa, and then my grandpa tried to kil me. They've always said that. But how do they know? They weren't there – that's part of what they say. And what's more likely, that my grandpa attacked me or that the vampire did?†She stopped, panting, trembling al over like a white-tailed doe caught in the forest. Caught, and thinking she was doomed, and unable to run. Stefan put out a hand that he deliberately made warm around Meredith's cold one. â€Å"I won't attack you,†he said simply. â€Å"And I won't disturb any old memories. Good enough?† Meredith nodded. After her cathartic story Stefan knew she wanted as few words as possible. â€Å"Don't be afraid,†he murmured, just as he had thought the soothing phrase into the mind of many an animal he'd chased through the Old Wood. It's all right. There's no reason to fear me. She couldn't help being afraid, but Stefan soothed her as he soothed the forest animals, drawing her into the darkest shadow of the room, calming her with soft words even as his canines screamed at him to bite. He had to fold down the side of her blouse to expose her long, olive-skinned column of neck, and as he did the calming words turned into soft endearments and the kind of reassuring noises he would use to comfort a baby. And at last, when Meredith's breathing had slowed and evened and her eyes had drifted shut, he used the greatest of care to slide his aching fangs into her artery. Meredith barely quivered. Everything was softness as he easily skimmed over the surface of her mind, too, seeing only what he already knew about her: her life with Elena and Bonnie and Caroline. Parties and school, plans and ambitions. Picnics. A swimming hole. Laughter. Tranquility that spread out like a great pool. The need for calm, for control. Al this stretching back as far as she could remember†¦ The farthest depths that she could remember were here at the center†¦where there was a sudden plunging dip. Stefan had promised himself he would not go deeply into her mind, but he was being pul ed, helpless, being dragged down by the whirlpool. The waters closed over his head and he was drawn at tremendous speed to the very depths of a second pool, this one not composed of tranquility, but of rage and fear. And then he saw what had happened, what was happening, what would forever be happening – there at Meredith's stil center.

Humanitarian Crisis and Genocide - 2063 Words

Abstract: Humanitarian crises and international politics goes hand in hand. One can cause the other, while the only way to fix the other is to rely on politics. This paper will highlight the cause of genocide, violent massacres and crisis, how to solve them, and key roles politicians and nations must take up wholeheartedly in order to make a difference. Personal and political reconciliation must occur in the parties involved ever want to have a mutual co existence. Humanitarian Crisis and Reconciliation To understand the impact of humanitarian crises and how international politics play a role, a common definition of such crises must be understood. In his book â€Å"Humanitarian Crises and the International†¦show more content†¦The aftermath meant that the predominately Tutsi-led Rwandan government was left with the staggering task of instituting justice, restoring some type of order and to begin reconciliation within Rwandan society. But justice is farm from being reached. In America, it is our constitutional right to a fair and speedy trial that, we hope, in the end delivers some sort of justice. But for two years following the Rwandan massacre, courts were shut down and when they reopened, 125,000 arrests regarding the massacre were made in a single year (Kohen, 65). Over the years, however, various human rights organizations for the prisons criticized the Rwandan government for their treatment of those inmates. They were also criticized for the amount of time the detai nees, also called genocidaires, were imprisoned without trial. Their response to these accusations was to simply conduct mass releases of these inmates without proper trial, giving accused genocidaires a second shot at freedom that has outraged not only the citizens of Africa, but people worldwide as well. But how can such a deeply scorned nation recover from tragedies such as these? Reconciliation generally is defined as a process that leads to developing normal interaction between ethnic and political opponents based on mutual acceptance. Author Ari Kohen believes the Rwandan government has neither fostered reconciliation or allowed for justice to be served. He states â€Å"the Rwandan government,Show MoreRelatedThe Humanitarian Genocide1103 Words   |  5 PagesHumans tend to feel morally compelled to help others in times of tragedy and chaos; however, there are limitations on the force of compassion. During recent and historical genocides, many outsiders’ universes of o bligation have narrowed due to social and political factors, turning them into bystanders of ethnic crisis. Similarly, the world was unresponsive to the ethnic eradication of Tamils in Sri Lanka since 1983. For twenty-six years, tens of thousands of helpless Tamils suffered as human shieldsRead More The Crisis in Darfur, Sudan Essay832 Words   |  4 PagesThe Crisis in Darfur, Sudan Genocide, the attempt to destroy a people because of their presumed race or ethnicity, remains alive and well. The definition of genocide as given in the Websters Dictionary is The deliberate and systematic extermination of a national, racial, political, or cultural group. This definition depicts the situation in 1994 of Rwanda, a small and poor central African country. What makes this crisis particularly shocking is the structural character of the violence:Read MoreThe Legal Foundation For Humanitarian Intervention Essay1219 Words   |  5 PagesThe legal foundation for humanitarian intervention was established in the United Nations Universal Declaration of Human Rights and the Convention on the Prevention of Genocide and Punishment of the Crime of Genocide (Lecture 11/15/16). Genocide, as decided by the, Convention on the Prevention and Punishment of the Crime of Genocide: genocide, whether committed in time of peace or in time of war, is a crime under international law which they (contracted members) undertake to prevent and to punishRead More Compare and Contrast Between Rwanda and Darfur Genocide, from the Constructivism and Realism Perspectives1508 Words   |  7 PagesThe analysis of the genocides that took place both in Rwanda and Sudan’s Darfur region exhibit some similarities as well as differences. The character of violence was s imilar in both cases, but in Rwanda the violence was more intense, participatory, and extraordinary. The violence in these two places took place in an environment that had experienced civil wars. It was a period of political transition which was further aggravated by ethnic nationalism and a conflict of ethnic populations that wereRead MoreWhat Caused the Darfur Genocide? Essay894 Words   |  4 Pagespeople from around 100 tribes. In response to the attack, the Janjaweed, which is the government-supported Arab tribesman, raided non-Arab villages in Darfur to create a Pan-Arab state by eradicating all the non-Arab farmers from the land. The Darfur genocide arose when the Sudan Liberation Movement and the JEM, which is the largest rebel group in Darfur, entered Al-Fashir, the capital city of North Darfur and attacked the sleeping garrison. There were 32 technicians, pilots and soldiers captured andRead MoreModern Genocide in Africa Essay928 Words   |  4 Pageshave been two instances of genocide: the 1972 mass killings of Hutus by the Tutsi-dominated government, and the 1993 mass killings of the Tutsis by the Hutu populace. Both of these events in Burundi received different levels of attention by the international community and the western media due to a lack of foreign governmental interest, political distraction, and an unwillingness to acknowledge the severity of these atrocities in Burundi. Interestingly, events of genocide occurring at times withoutRead MoreThe Cuban Missile Crisis : The Cold War1472 Words   |  6 Pages. The Cuban missile crisis was one event that helped ignite the Cold War. It was a thi rteen day confrontation between the United States and the Soviet Union over Soviet airborne missiles deployed in Cuba. It was the closest the Cold War came to escalating into a full blown nuclear war. It was an intense, 13-day political and military standoff in October 1962 over the installation of nuclear-armed Soviet missiles on Cuba, just 90 miles from US. The Cuban Missile Crisis was really about the locationRead MoreCrisis Diplomacy1351 Words   |  6 PagesThis essay will focus on the organisations involved in Libya and will discuss the diplomatic intervention that the organisations used in the Libyan crisis. The essay will firstly define the important factors and explain how everything works together. Diplomacy is defined as the conducting of negotiations between representatives of states. This may refer to international diplomacy, the conduct of international relations through the communication of professional diplomats in the essence of certainRead MoreEssay on Informative Speech713 Words   |  3 Pages2013 Darfur Genocide Specific Purpose: I want to inform my audience on the genocide that occurred in Darfur that started in 2003 and the impact it has made on the United Nations policy of international aid. Introduction I. In high school I was given the opportunity to volunteer as a tour guide at the National Holocaust Museum. a. Part of a new exhibit that was opened at my time there was a â€Å"Never Again† exhibit that shines lights on current genocides. b. What is Genocide? Genocide is a term toRead MoreNews Media and the Coverage of Darfur765 Words   |  3 Pagesand/or hard to understand like a genocide. Lets face it, when people come home from a long, hard day at work, they want to be entertained, not forced to think of the bad things happening in the world. Plus, thanks to a sub-par educational system in the United States that teaches to the test and lets important subjects such as geography and social sciences fall by the wayside, many people dont even know where these places are that are experiencing humanitarian crises. They cant be expected to