The Debate Over Multicultural Education in America :: social issues

The debate Over Multicultural Education in AmericaAmerica has long been called The Melting Pot due to the incident that it is made up of a change mix of races, cultures, and ethnicities. As more and more immigrants come to America searching for a better life, the population by nature becomes more diverse. This has, in turn, spun a big debate over multiculturalism. Some of the issues under fire are who is benefiting from the education, and how to present the material in a itinerary so as to offend the to the lowest degree amount of people. There are m whatsoever variations on these themes as pass on be discussed later in this paper. In the 1930s several educators called for programs of cultural diversity that promote ethnic and minority students to study their respective heritages. This is not a simple feat due to the fact that thither is much diversity within soul cultures. A look at a 1990 census shows that the American population has changed more noticeably in the stand up ten years than in any other time in the twentieth century, with one out of every four Americans identifying themselves as black, Hispanic, Asian, Pacific Islander, or American Indian (Gould 198). The number of immaterial born residents also reached an all time high of twenty million, easily passing the 1980 record of fourteen million. most(prenominal) people, from educators to philosophers, agree that an important first ill-use in successfully joining multiple cultures is to develop an understanding of each others background. However, the similarities stop there. One problem is in defining the term multiculturalism. When it is looked at precisely as meaning the existence of a culturally integrated society, many people have no problems. However, when you go beyond that and try to suggest a different way of arriving at that culturally integrated society, Everyone seems to have a different opinion on what will work. Since education is at the root of the problem, it top executive be appropriate to use an example in that context. Although the debate at Stanford University ran much deeper than I can hope to touch in this paper, the root of the problem was as follows In 1980, Stanford University came up with a program - later known as the Stanford-style multicultural curriculum which aimed to familiarize students with traditions, philosophy, literature, and history of the West. The program consisted of 15 necessary books by writers such as Plato, Aristotle, Homer, Aquinas, Marx, and Freud.The Debate Over Multicultural Education in America social issuesThe Debate Over Multicultural Education in AmericaAmerica has long been called The Melting Pot due to the fact that it is made up of a varied mix of races, cultures, and ethnicities. As more and more immigrants come to America searching for a better life, the population naturally becomes more diverse. This has, in turn, spun a great debate over multiculturalism. Some of the issues under fire are who is benef iting from the education, and how to present the material in a way so as to offend the least amount of people. There are many variations on these themes as will be discussed later in this paper. In the 1930s several educators called for programs of cultural diversity that encouraged ethnic and minority students to study their respective heritages. This is not a simple feat due to the fact that there is much diversity within individual cultures. A look at a 1990 census shows that the American population has changed more noticeably in the last ten years than in any other time in the twentieth century, with one out of every four Americans identifying themselves as black, Hispanic, Asian, Pacific Islander, or American Indian (Gould 198). The number of foreign born residents also reached an all time high of twenty million, easily passing the 1980 record of fourteen million. Most people, from educators to philosophers, agree that an important first step in successfully joining multiple cu ltures is to develop an understanding of each others background. However, the similarities stop there. One problem is in defining the term multiculturalism. When it is looked at simply as meaning the existence of a culturally integrated society, many people have no problems. However, when you go beyond that and try to suggest a different way of arriving at that culturally integrated society, Everyone seems to have a different opinion on what will work. Since education is at the root of the problem, it might be appropriate to use an example in that context. Although the debate at Stanford University ran much deeper than I can hope to touch in this paper, the root of the problem was as follows In 1980, Stanford University came up with a program - later known as the Stanford-style multicultural curriculum which aimed to familiarize students with traditions, philosophy, literature, and history of the West. The program consisted of 15 required books by writers such as Plato, Aristotle, H omer, Aquinas, Marx, and Freud.

Repression of Women Exposed in Susan Glaspells Trifles :: Trifles Essays

The Repression of Women Exposed in Trifles Susan Glaspell in Trifles explores the repression of women. Since the beginning of time, women ca-ca been looked down upon by men. They have been considered dumb and even a form of property. Being physically and emotionally abused by men, women in the early 1900s struggled to break the mold organize by society. Even with the pain of bearing children, raising them, doing home plate and even farm chores, their efforts have never been truly appreciated. Mrs. Wright was real sweet and pretty, but broad of timidand fluttery as Mrs. Hale, her neighbor, describes her (22). This would all soon change after her wedding day. With Mr. Wrights insipid character and lack of patience of any joyous sound, Mrs. Wrights spirit dwindled to nothing. It seems she spent hours at a time focusing on her quilts, preserves, and caring for the only life there was in the house, her canary. Even when Mr. Hale offered to build up a party telephone, Mr. Wright re sponded, folks talk too much anyway(5). This silence he preferred also applied to his spouse. There were no hugs presumption out much less a smile. He failed to give her even the most minimal sing of appreciation much less the emotional caring she hungered for. The rawness felt in the house as the sheriff and court attorney entered the house symbolized the same coldness brought about by Mr. Wright. For the house to be cold and gloomy and everything else outside the total opposite, was much more than just coincidence. It was as if when you entered the house a cadaver, cold and clammy, had embraced you in its arms. I dont moot a placed be any cheerfuller for John Wrights being in it, Mrs. Hale told the court attorney (11). Mrs. Hale knew perfectly wellhead what kind of personality Mr. Wright had, which is why she specified that she wished that she had gone to visit Mrs. Wright when only she was there. Theres a great deal of work to be make on a farm, says Mrs. Hale, yet they a re seen as mere trifles because it is the women who take on these tasks. The treatment of women in Trifles, a web site that analyzes the demeanor of women throughout the play, states The women are betrayed as if they are second class citizens with nothing more important to think about, except to take care of the medial household chores like cooking, cleaning, and sewing.

An Analysis of Tennyson’s The Princess Essay -- Tennyson Princess Essa

An Analysis of Tennysons The Princess Alfred, Lord Tennyson is the most influential poet of the Victorian Age. He was named poet laureate of England by the Queen, and the first poet to procure a title Lord. In his lifetime Tennyson has produced many works which are considered great. Such one is The Princess which is a long narrative verse with a tot of songs. One of these songs is crying, Idle Tears, a song full of sorrow and grief. In this fragment of The Princess the speaker is desperate because of the death of his love. This causes the sad tone of the poem which is something typical for Tennyson and his works.par I chose to analyze this poem because it is about something that many the great unwashed mystify experienced, even I. Everybody has had such melancholic moments and feelings of nostalgia when he or she remembers a soul who is dead. There is one more cause for choosing this particular work of Tennyson and it is the figurative language and the way the poem sounds. T he use of alliteration, imagery, metaphors and the oxymoronic statement at the end perk up the poem more philosophical and thoughtful. Grief is something that everybody has felt. One of the causes for being sad are memories which remind us of something that is gone or is over. The poem Tears, Idle Tears has the same subject. It talks about loss and nostalgia. There are particular feelings in this poem that do not appear in many other works. These facts make the poem sound different from the others this is one of the main reasons why I like it. The speaker of the poem starts with a statement about the bust and where they come from. After that he gives the reason for the tears. According to the poem the grief is caused by the h... ...unds reminds the reader of sadness and despair. However, it is not only the figurative language that makes the poem so good. The perfect use of language is combined with thoughtfulness and philosophy that matches that of the author. He has said th at it is better to ingest loved and lost than not to have loved at all. The same thing happens in the poem, the speaker is full of grief but he knows that these memories that make him sad are also pleasing because there was joy before death came. All these things make the poem one of the best representatives of the Victorian Age and of Tennyson himself. This work best presents the feelings that people have when they have lost a friend and this is the main reason why I chose it. In my opinion this poem is relevant even today when people more and more become interested in the material rather than in the spiritual.

Education Beyond Undergraduate Essay -- Masters Graduate School Essays

Education Beyond UndergraduateGraduate or professional education is an often-debated topic for a large depend of University seniors. Regardless of the undergraduate percentage point many educatees must decide whether to enter the job market or go to school for another couple of years. When these students ar faced with this stopping point it is important to look at what they consider. Is it job satisfaction, future pay, or the mere fact that they want to spend a few to a greater extent years in college? These issues are all very important to students in very different manners. An important reason students consider continuing their education beyond their undergraduate degree is job satisfaction. Through my marketing classes, I have learned that my generation (generation X) is more concerned with their job satisfaction than compensation or benefits. Was job satisfaction a motivator in my decision to continue my education beyond graduate school? Definitely, I feel that wit h the graduate degree I plan to receive will enable me to attain a job that will make me happy. I think that this is well-nighthing all college students think to the highest degree when they try to pick a major in college. If I am satisfied with my job when I get into the real world, it will not national to me what pay I receive. Is it possible that there are students who decide to continue their education just for the difference in pay they receive? I rightfully think it is. It is important to consider how students that go beyond an undergraduate degree pay for their schooling. As a person who is planning to go through integrity School, I think that whether or not a person goes beyond undergraduate depends on how hard they struggled financially during their undergraduate schooling. I feel that if th... ...hings are very important to a lot of people. A large number of people want to receive an education that gives them a better shot at being economically stable in the f uture. It is very important for students to consider an education beyond undergraduate. I believe that many students are faced with this decision at the end of each school year. It is also viable to believe that these three items in this essay are of great significance to these graduating seniors. When a student spends four to five years in undergraduate school, they feel worn out and feel that school is the last place that they want to be. But, after considering some of these facts, they may feel that a graduate or professional education is exactly what they should do whether they look at future job satisfaction, future compensation, or just want to spend a few more years with their friends.

Compare and Contrast Mitosis and Meiosis Essay -- Biology

Comp ar and Contrast Mitosis and MeiosisMeiosis and mitosis describes the process by which cells divide,either by asexual or sexual reproduction to produce a new organism.Meiosis is a form of cell division that produces gametes in humansthese are egg cells and sperms, individually with reduced or halved number ofchromosomes. The number of chromosomes is restored when two gametesfuse together to form a zygote. A cell with two copies of from each onechromosome is called diploid cell and a cell with one copy of eachchromosome is called a haploid cell. Meioses produces haploid daughtercells that are patrimonialally different from each other and from theparent cell. However, mitosis is a form of cell division that producesdaughter cells identical to the parent during repair or growth. Eachcell contains the same genetic code as the parent cell, it is able todo this because it has copied its own chromosomes prior to celldivision. Meiosis consists of two divisions whilst mitosis is follow edin one division both(prenominal) these processes involve the stages ofinterphase, prophase, metaphase, anaphase and telophase.Meiosis allows cell variation and genetic differences between eachcell whereas mitosis is an exact replication of each cell. There arethree main ways meiosis produces genetic variation, this throughindependent assortment, crossing over and random fertilization. Duringthe first meiotic division in prophase I the homologous chromosomes nub together to form biv...

Compare and Contrast Mitosis and Meiosis Essay -- Biology

Compare and Contrast Mitosis and MeiosisMeiosis and mitosis describes the process by which cells divide,either by sexless or sexual reproduction to produce a new organism.Meiosis is a form of cell division that produces gametes in humansthese are bollock cells and sperms, each with reduced or halved number ofchromosomes. The number of chromosomes is restored when two gametesfuse in concert to form a zygote. A cell with two copies of eachchromosome is called diploid cell and a cell with one copy of eachchromosome is called a haploid cell. Meioses produces haploid daughtercells that are genetically different from each other and from theparent cell. However, mitosis is a form of cell division that producesdaughter cells identical to the parent during repair or growth. Eachcell contains the same genetic encipher as the parent cell, it is able todo this because it has copied its own chromosomes prior to celldivision. Meiosis consists of two divisions whilst mitosis is followedin one d ivision both these processes expect the stages ofinterphase, prophase, metaphase, anaphase and telophase.Meiosis allows cell variation and genetic differences between eachcell whereas mitosis is an exact replication of each cell. There arethree main ways meiosis produces genetic variation, this throughindependent assortment, crossing over and random fertilization. Duringthe first meiotic division in prophase I the homologous chromosomesjoin together to form biv...

Restaurant Evaluation

Burger poove Your Name Your School Restaurant Evaluation Walking into a fast food joint, one expects to be met by a sweet aroma of the delicious foods that atomic number 18 rather appealing. Considering they are supposed to serve customers as fast as they can while at the same time maintaining quality service. Upon entering a fast food eatery, one would expect to lead a view of the whole place in a glance, with counters just around the bend for customers to make their purchase. One would also expect to find large number around helping customers make fast purchases as hale as clearing tables for mint to eat.Without such quality, a fast food eating house cannot be up to par. Burger King is the fast food restaurant I visited a few days ago, and fortunately did not disappoint my expectations rather, I was surprised by their smooth, fast service and tasty foods as well as the restaurant itself. Once I entered the restaurant, I was met by the aroma of grilling hamburgers and other foods, which is not usually the norm in other fast food restaurants, where food is mostly micro waved. The interior of the restaurant is well designed, spacious to allow umteen people to be served at the counter without much congestion.Their prices are well marked on the menu, which is well labeled with pictures that are just as allure as the aroma. Just as their phrase suggests, Have it your way, one can ask their hamburger to be made the way they indigence. This makes it ideal for everybody rather than having to order everything to suit all, which is not possible. For instance, when ordering a whopper, you can choose what to be included in it to suit your preference. This makes it a strong point for people who postulate a hamburger served with what they want.On the other hand, it serves as a weakness since having to order it the way you want takes a little more time and this requires patience. The tables are well set with enough space between them and decoration is just good for a fast food restaurant. This gives space for people to have their meal easily in less congestion. However, this has its weakness considering the restaurant is frequented by legion(predicate) customers at one time especially during lunch hour. Many people may want sitting space but due to their spaciously arranged tables, they can only provide a few with sitting space, forcing people to carry their orders, all the same if they may not want to.Entering at around 2. 00 P. M. , I was already receiving my order the way I wanted it in less than five legal proceeding after direction from one of the workers in the restaurant who offered me help with my order. The restaurant is well set with counters strategically positioned to access from any table in their restaurant with ease. After receiving my order, finding a table was not easy considering it was still a few minutes from 1 oclock when many people are on lunch break. I ordered a Whiplash Whopper that appealed to me, first from its name. I expected quite nourishment from it.The sandwich came with a whopper effect stacked in it, with spicy crispy fried onions, mayonnaise, lettuce, tomato, ketchup, pepper and cheese. The ingredients were well balanced with the meat being standard, fresh lettuce, and the crispy onions added to the experience. The meat itself was well grilled and soft though I prefer it a little crunchy and more burnt. The other spices were on a fair balance and I could have loved a little more pepper in it as well as tomato. The hamburger was quite delicious and every undivided bite was an experience different from other hamburgers I have taken.Although not everything was according to my taste, most of what I look for in a hamburger was there. acquittance at $3. 99, it was worth the amount and most definitely, I am sure I will come again to this restaurant to try other foods. Burger King has many competitors such as McDonalds among other fast food restaurants owned by individuals. The loca tion of the Burger King serves as the strategic point of having such a facility considering the many people who want to save as much time as they can. This makes it ideal for people working around there, as it is quite convenient.This is one of its strong points but also its weak point. During the day, since there are many people working around here, it has many customers, but during the night, there are fewer customers. In conclusion, the restaurant is well above the standards and the food served is delicious and to high standards just as the restaurant itself. In the first criteria of the service delivery, the restaurant was average when it came to the sitting area. Everybody knows that fast foods are not required to have spacious, luxurious sitting spaces.Burger King can increase their table to accommodate more people. In terms of the food served, it is quality and delicious. Since it is a fast food, one expects the food to be easy to pack or take away since many people may choos e to carry their food. Burger King has achieved this by cooking their food through grilling, which ensures food does not break up when heating unconnected microwave food. Finally, its locations serves them well during the day and it is at a hot point. They can only accommodate more during the day to compensate during nighttime.

St.patrick’s day

When flock here the name st. patrick they would most likely think of a Leprechaun with a green cap and hat holding a four leaf clover from Ireland. But really, St. Patrick was born, not in Ireland, only in Britain around AD 387. Well, actually, he wasnt called St. Patrick at the time, or even Patrick, but was referred to as Maewyn Succat. And when he was growing up St. patrick was far from a saint in fact he was considered a pleasure seeker until he was 16 when he was taken into slavery by a group of Irish marauders that attacked his village.Patrick was then sold to his master whom he served for 6 age it was then that he became a Christian One day he heard a compelling voice tell him in his sleep to add his master, and find a ship that awaited him. He fled to the coast of Ireland and eventually made it back to his home. He then studied in the church and stayed there for 12 historic period that was when he decided that what god wants him to do is to convert the pagans of Irela nd to Christianity. Eventually he adopted his new Christian name, Patricius, or Patrick as it is express today nd returned to Ireland after cosmos appointed a Bishop.Patrick was very successful at converting people, that upset the Celtic Druids who had him arrested several times, but he managed to get off each arrest. Patrick traveled through Ireland, establishing monasteries, schools, and churches throughout the land. Eventually Patrick returned to where he had once been a slave, to pay his ransom to his former master, and to put his blessing upon him. Even though he had been treated cruelly Patrick didnt hold a grudge against him.As Patrick approached his masters old home he saw that it was on fire. He was told by many people that in a fit, his old master gathered all of his valuables into his mansion, set them on fire, and threw himself into the fire telling everyone that his pride could not take the thought of being killed by his former slave. There are also many legends surr ounding st. patrick saying that he raised people from the dead. Patrick converted people in Ireland for 30 years. Afterwards, he retired, and then died on March 17th, 461 AD.He was not declared a saint when Patrick died, that didnt happen until the 12th century. He would have been declared a saint by acclamation, and his sainthood approved by a local bishop soon after he died. St. Patricks Day was originally a Catholic vacation, and still is, but has also made it was into a holiday for everyone to celebrate being celebrated by non-lrish, non-Catholics, and ironically even atheists. The tradition of pinching people that didnt wear green is an American tradition that started in the 1700s.People thought wearing green made them invisible to leprechauns, who they thought would pinch people for not wearing green. So when you think of St. Patrick, and you consider a leprechaun in a green Jacket, hat, pipe, clover, and pot of gold try to remember that he was not a man who devoted 30 years of his life to teaching and helping the Irish. We think of the color green not a man that suffered six years of slavery to preach his beliefs. And has turned this holiday about him into celebrating leprechauns and wearing green st. patricks day esssay.

Hybrid Network Security

ACCEPTED FROM OPEN CALL SECURITY ISSUES IN intercrossed NETWORKS WITH A SATELLITE COMPONENT AYAN ROY-CHOWDHURY, JOHN S. BARAS, MICHAEL HADJITHEODOSIOU, AND SPYRO PAPADEMETRIOU, UNIVERSITY OF MARY local area earningsD AT COLLEGE PARK ABSTRACT beams are expected to play an increasingly important role in providing wideband profit services all over long distances in an efficient manner. Most future inter nets will be crossbreeding in nature having routine nodes connect by mobilise links.certificate is an imporSSSL tant concern in such communicates, since the sitting 2 Proxy transmit segment is redeible to a host of attacks, including eavesdropping, sitting hijacking and data corruption. In this article we address the issue of securing converse in planet webs. We discuss various credentials attacks that are possible in crossbreeding SSSL session 1 SSSL shingle and satellite translation at leaf node substitute (RPA) networks, and survey the dis alike(p) upshots pl aced to salutary data communicatings in these networks.We look at the perforMost future networks mance capers arising in hybrid networks due to tribute additions like internet Security Prowill be hybrid in tocol (IPSec) or cook Socket forge (SSL), and suggest dissolvers to death penalty-related nature having problems. We likewise point out important drawbacks in the proposed solutions, and suggest a terrestrial nodes ranked severalise- oversight approach for interconnected by adding data credential to class communication in hybrid networks. satellite links.Security is an important concern in such networks, since the satellite segment is susceptible to a host of attacks, including eavesdropping, session hijacking and data corruption. INTRODUCTION With the rapid growth of the Internet, satellite networks are increasingly being utilise to deliver Internet services to freehanded numbers of geo interpretic solelyy dispersed givers. The primary advantage of satellite net works is their wide broadcast cook a satellite potentiometer reach routiners in remote areas where terrestrial connectivity is not avail equal to(p). beam networks are in whatever case easily and quick deployed, and terminate be a more cost-effective solution in areas where laying motive fiber networks would be in like manner expensive. Although satellite networks offer great potential, they likewise present signifi mountaint challenges that need to be addressed. Security is becoming an increasingly important aspect of all network. In this article we focus on the challenges that need to be addressed in order to unclutter satellite networks more determine while maintaining seamless interoperability with terrestrial networks.These security-related challenges include the following considerations Satellite channels are piano tuner broadcast media, which makes it possible for an il rightful(a) handlingr to receive the signal and eavesdrop on the communication, if it is not encrypted. Without proper security mechanisms, any(prenominal) sufficiently well-equipped resister bay window send spurious commands to the satellite and jam or separate the communication. Satellite channels heap occasionally drive home gamy bursty errors (for example, during heavy rain) that result in packet harm.Satellite networks overly suffer from long propagation detainments (for example, 0. 5 games for geostationary satellites). Therefore, security systems should add minimal time lags to the communication and take aim mechanisms to recover from loss in security info. Incorporating security solutions originally designed for terrestrial networks, such as Internet Security Protocol (IPSec) or dear Socket Layer (SSL), into satellite networks batch cause stark(a) serveance penalties.In this article we consider close to of these issues. We focus on data security for IP- alkalid commercial networks, and discuss the act problems that arise due to the encoding of the Transmission Control Protocol ( infection restraint protocol) top dog and payload when popular unicast security protocols like IPSec or SSL, originally designed for terrestrial radio links, are applied to satellite networks without incorporating castrates necessitated by the unique characteristics of satellite networks.We also look at the protocols proposed for undertake group communication in hybrid satellite networks, and describe a graded approach to group constitute management that is robust, scalable, and sui set back for the characteristic topology of hybrid networks. The rest of the article is organized as follows. We describe the hybrid satellite-network topology and features that make it contrastive from terrestrial networks. We discuss security needs for the hybrid network. We discuss the current approach to provide passim unicast security in hybrid networks, and describe the motion problems arising as a result.We survey 50 1536-1284/05/$20. 00 2005 IE EE IEEE radiocommunication communication theory December 2005 NOC Internet Gateway Proxy Client Proxy NOC (a) Internet web boniface Web horde (b) n protrude 1. Commercial direct-to-home network topology a) case 1 b) case 2. the proposals for hear management for specify group communication in satellite networks. We describe a possible solution to secure unicast communication without sacrificing exploit and highlight our signalize-management approach to security for group communication in satellite networks.We conclude the article by pointing to future research directions. highly susceptible to the ensure-bandwidth product and exhibits rattling poor performance in satellite channels. Satellite transmission function protocol connections need large transmit windows to fully utilize the available bandwidth. However, due to the transmission control protocol slowstart algorithm and large propagation delay in the satellite channel, it takes much longer for satellite transmis sion control protocol connections to reach the target window size, in comparison to terrestrial transmission control protocol connections.Also, the window is very vulnerable to congestion due to the multiplicative decrease strategy of TCP. The problem is compounded by the fact that TCP misinterprets link- stage corruption (which is the prevalent source of loss in satellite links) as congestion (which is rare) and consequently presss the window. The peppiness provides an efficient solution to the above problem. In satellite networks, a PEP agent is installed at the satellite doorway mingled with the satellite network and the Internet. The PEP agent inspects every TCP packet that flows with the network.For data packets, the PEP sends back wrong acknowledgments to the TCP senders, without waiting for the TCP segments to be actually delivered to the receivers. These premature acknowledgments are specially formatted to be indistinguishable from real acknowledgments and they conside rably shorten the perceived round-trip delay. Studies have shown that this technique is critical for the performance remediatement of satellite networks 24. Hence, TCP PEPs have been widely deployed in satellite networks today.Commercial networks also employ HTTP procurator innkeepers to improve the speed of responses to Web- browser requests. When a user browses through content on the Internet, the application form protocol in use is HTTP. A typical HTTP exchange involves a request by the browser for a Web scalawag ( give way), and a response from the Web server, which contains the hypertext markup language (hypertext markup language) text of the quest Web page. A typical hypertext markup language page would also contain bigeminal embedded intentionives such as images, embedded media or scripts, and so forth.Each embedded object has to be retrieved with a separate HTTP request-and-response exchange. Therefore, a Web page that contains n 1 embedded objects takes n * RTT ti me to load fully, where RTT is one round-trip time. This can be extremely costly in a satellite network, where the RTT is usually high. COMMERCIAL HYBRID SATELLITE NETWORK ARCHITECTURE The network topologies we consider are illustrated in Fig. 1. In both(prenominal) topologies, we assume that there is one geostationary satellite with twofold spot-beams covering a large geographical area. Each spot-beam covers a subset of the centre user set.We assume that future satellites will have an IP stack, be capable of onboard processing, and switch the data surrounded by supported spotbeams. The satellite therefore acts as an IP router-in-thesky. The Network Operations/Control heart (comm provided know as NOC or NCC) connects to the satellite through the hub satellite gateway. The NOC is also connected to the Internet through high-speed terrestrial links. Terrestrial users can be either standalone machines (Fig. 1a), or a cluster of machines at each pickle, such as a local anesthetic area network (LAN) (Fig. 1b). Terrestrial LANs can be either wired or wireless.Each user or LAN is connected to a local satellite terminal. The users receive barter from the satellite via the forward channel (satellite downlink). The users can also communicate with the satellite via the return channel (uplink). There is no terrestrial connectivity between the users or the LANs. Usually, in commercial satellite networks that transfer Internet traffic, a split-connection Transmission Control Protocol (TCP) surgery Enhancing Proxy (PEP) is implemented to reduce the negative effects of the satellite link on the Internet connection 1.Satellite channels provide large bandwidth (which can be as high as 90 Mb/s in the downlink), but also suffer from long propagation delay in comparison to terrestrial links. The delay can be as high as 500 ms (round-trip) for a geostationary satellite link. The propagation delay can have a everlasting(a) adverse impact on the delivery of Internet traffic. Most of the Internet traffic uses the TCP, which is IEEE Wireless communication theory December 2005 51 SSSL encoding new(a) IP forefront ESP Original TCP point IP chief header TCP payload (SSL record) IPSEC encoding ESP droning proxy (user side).There is a hub proxy server located at the NOC with the hub satellite gateway this proxy server represents the gateway proxy for both TCP and HTTP performance enhancements. SECURITY THREATS Similar security attacks can be launched against different hybrid satellite network topologies, but the impact of attacks would differ depending on the type of network and the applications supported by the network scenario. In the following, we list some of the important security threats in the hybrid network exposit above, and highlight the importance of the threats for the different network scenarios.Confidentiality of information For networks that fill information privacy, a primary threat is unauthorized access to confidential data or ea vesdropping. Since the satellite is a broadcast medium, any entity on the ground with the right equipment can receive the satellite transmission. If the data is broadcast in the clear, then adversaries can be privy to the information that is flowing in the network. Data confidentiality can be achieved by heart encryption. This requires that the senders and receivers are concurrently aware of the correct cryptographic fall upons employ in the encryption/ decryption operations.This is a twofold problem the problem of selecting suitable cryptographic algorithms for doing encryption so that general network performance is not affected, and the problem of organise keys between users, that is, key management. Sending spurious commands An adversary with the right equipment can send spurious control and command messages to the spacecraft, thus making the spacecraft perform operations different from their intended use. This can disrupt legitimate operations and communication in the netwo rk. This attack can be prevented if the sources of the messages are properly documented by every receiver.This would require suitable mechanisms for certification, such as digital signatures 5. The level of security required would dictate the authentication policy, for example, whether only the end users should manifest each otherwise, or whether authentication should happen on a per-hop basis. The latter dexterity be necessary for scenarios where the satellite should not broadcast spurious information. If the satellite authenticates the source of every message it receives, it will transmit only those messages for which source authentication occurs correctly.Message modification attack When the traffic goes over open networks, an adversary who is listening on the path can intercept both control and data messages. The adversary can modify the messages and send them to the destination, which can be the spacecraft, the ground terminals, or the end users. When the message reaches th e intended destination, it would think that the corrupt message is coming from the true source, but the message content might be different from that expected or required for normal network operation. Message modification can be prevented by SSL record hypertext mark-up language page n determine 2.IPSec and SSL encryption on a packet. The HTTP proxy server (also known by various other names, depending on the vendor) is implemented in satellite networks to overcome this problem. In a typical implementation, this requires a local Web proxy server at each user location, and a remote proxy server at the central hub facility of the satellite network (i. e. , the NOC). The Web browser at the user location should be able to recognize the local proxy (which can be either software on the invitee machine, or a separate hardware connected inbetween the client machine and the local satellite terminal).When the browser makes a request for a Web page, the HTTP GET request is sent to the local Web proxy, which forwards the request to the destination Web server. The Web server responds with the requested base HTML page. This page is intercepted by the proxy server at the network hub facility. The hub proxy server adopts the base HTML page and sends multiple GET requests to the destination Web server for all the embedded objects in the base HTML page. This exchange occurs over a high-speed terrestrial connection between the hub and the Internet, thereby saving the time each request would have needed for a round trip over the satellite link.As the objects of the Web page are retrieved by the hub, they are immediately forwarded to the proxy at the user location. As the user browser receives the base HTML documents, it generates appropriate GET requests to f etc. the objects corresponding to the links embedded in the document. The browser GET requests are terminated at the Web proxy server, which forwards the prefetched documents to the user browser immediately. The net resul t is that only a single GET request from the user browser traverses the satellite link, while a set of rapid responses quickly deliver the requested Web page and associated elements to the browser.The need for satellite capacity is also reduced, which is the most costly element of a satellite network. In basis of the users experience, the user sees a brief pause after the original Web-page request (corresponding to the round-trip time it takes for the request to the forwarded to the destination server, and the response to be standard by the browser, over the satellite link), followed by near-instantaneous delivery of all content residing on the requested page. The trade-off is spare hardware at the user location and the central-hub facility. In Fig. 1a, the proxy server at the user represents both the PEP (user side) and the HTTP 2 IEEE Wireless converses December 2005 appending message- uprightness check mechanisms to every message, for example, message authentication codes ( MACs) 6 or digital signatures. Security requirements and policies can dictate whether message authentication should happen only at the communication end points, or whether middling nodes should also verify the integrity of every message. Denial-of-service attack Some attacks on security can be facilitated if strong security mechanisms are put in billet for performing message-integrity checks or authenticating users.Consider the case where the satellite does authentication and integrity checks on all messages before broadcasting. An adversary can send a large number of spurious messages to the satellite, thus making the satellite spend significant computational cycles processing the spurious messages, which could be cleanse spent broadcasting legitimate messages. Since the satellite has limited processing power, such an attack can be very effective, especially if strong cryptographic mechanisms like digital signatures are used for authentication and message integrity.This is a den ial-of-service (DOS) attack. Although this DOS attack can be launched against any node in a network, a satellite network can be particularly susceptible to such an attack, since the satellite is a single point of failure and can be easily overwhelmed if do to perform too much computation. New IP header ESP Original IP TCP header header header TCP payload ESP trailer Encryption with K1 Original IPSEC ESP tunnel temper encryption New IP header ESP Original IP TCP header header header TCP payload ESP trailer Encryption with K2Encryption with K1 Layered IPSEC ESP tunnel mode incryption n type 3. IPSec and layered IPSec encryption. list K1 is overlap between endpoints only. Key K2 is shared between endpoints and TCP PEPs. 1 embedded objects takes n * RTT to be loaded, an increase in delay by a factor of n. IPSEC FOR SECURITY AT THE NETWORK LAYER Several proposals for data confidentiality and authentication in satellite networks call for use of IPSec, which has been widely adopted by the Internet Engineering Task Force (IETF) for security at the network layer.IPSec and SSL are used supremely of each other. IPSec creates an end-to-end tunnel at the network layer for the secure transfer of traffic. The two end-points in the communication negotiate security parameters known as the security association (SA) before traffic can be encrypted. Once the SA has been established in the handshake phase, the IP packets are encrypted exploitation the algorithms and the keys specified in the SA. This is done when the IP-encrypted security payload (IPSec ESP) 9 is used.The IPSec ESP provides for both data encryption and authentication. IPSec provides strong security for data confidentiality and authentication, but it has a heavy byte overhead in the ESP mode, IPSec adds 10 bytes of overhead to the header and trailer. In addition, if authentication is used, ESP adds 16 bytes or more for the integrity check value, and another 8 bytes or more of initialization vector (IV) if t he encryption algorithm uses an IV. Also, IPSec has been designed generally to secure point-to-point communication it s not well suited for group communication, due to the lack of the dynamic key-establishment procedure necessary to for secure communication in groups where the membership changes with time. In addition, IPSec does not suffer for authentication at modal(a) nodes, but this might be useful in some security situations. A widely researched problem when using IPSec in satellite networks is its inability to coexist with PEPs. The keys used for encryption in the IPSec ESP are known only to the two endpoints and therefore any intermediate node in the network cannot decrypt the traffic.IPSec ESP has two modes of operation tunnel mode and seizure mode. In tunnel mode, the entire IP packet is encrypted and a new IP header and ESP header are generated and attached to the encrypted packet (Fig. 3), which adds an supererogatory SECURING END-TO-END UNICAST COMMUNICATION USING IPSEC OR SSL inquiry on satellite security has focused on using the existing standardized technology, originally designed for terrestrial networks, to fix well-known security holes in satellite networks. Two such protocols that are widely used for secure unicast communication are IPSec 7 and SSL 8.Figure 2 illustrates the encryption regions of SSL and IPSec. SECURE SOCKET LAYER FOR SECURE WEB TRAFFIC The SSL protocol secures the Web-browsing connection on an as-needed basis. When the client requests a secure connection or the server demands one, SSL is activated to secure the HTTP connection. The resulting connection is popularly known as secure HTTP (or HTTPS) and it encrypts the application-layer HTTP data end-to-end between the client and the server. In the protocol stack, the SSL layer sits between the application and the transport layers.Therefore, SSL encryption hides the TCP payload from all nodes in the network, except the client and the server. SSL encryption does not ki ck the HTTP proxy to engage correctly. The HTML Web page encrypted into the SSL records is readable only by the client and the server who have the decryption keys. The keys are not available to the proxy, and therefore the proxy cannot read the HTML Web page. Consequently, the hub proxy server cannot send requests to the Web server for the embedded objects in the page and, therefore, HTML object prefetching cannot take place.The net result is that a Web page with n IEEE Wireless communication theory December 2005 53 The HTTP proxy also cannot function when the IPSec ESP is used. Since the HTML page is encrypted end-toend, the HTTP proxy cannot read the Web page in order to prefetch the embedded objects. Therefore, use of IPSec leads to a severe degradation in performance for both the TCP PEP and HTTP proxy. SSSL translation at hub proxy (HPA) SSSL session 2 SSL session 3 Proxy Client Internet Gateway NOC SSSL session 1 SSSL tremble and translation at client proxy (RPA) Proxy We b server Figure 4. The SSL Internet Page Accelerator concept for efficient HTTPS over satellite. 20 bytes of overhead in addition to the overhead mentioned above. Encrypting the original IP header provides very strong security by disabling attacks (such as traffic analysis, etc. ). In transport mode, the payload portion of the IP packet is encrypted and a new ESP header is attached to the packet after the original IP header, which is in the clear. In either mode, the IP packet payload, which includes the TCP header, is encrypted with keys known only to the end points.Therefore, a TCP PEP, which is an intermediate node in the communication path, cannot read or modify the TCP header, since the PEP does not know the keys. Consequently, the PEP cannot function, thus leading to degradation in the performance of the TCP protocol. The HTTP proxy also cannot function when the IPSec ESP is used. Since the HTML page is encrypted end-to-end, the HTTP proxy cannot read the Web page in order to prefetch the embedded objects. Therefore, use of IPSec leads to a severe degradation in performance for both the TCP PEP and HTTP proxy.It is important to note that the problems that arise from the use of the SSL protocol or the IPSec ESP are independent of one another. It is conceivable that both protocols are used coincidingly, for example, when a secure Web page is accessed via a secure VPN tunnel. However, in such cases the performance issues do not change and the effect would be equivalent to using the IPSec ESP alone. On the other hand, if SSL alone is used, then the performance would be better, since the TCP PEP can function correctly in this scenario. 10 and layered IPSec 11, the idea is to encrypt different regions of the IP packet using different keys (Fig. ). The TCP payload is encrypted with key K1, which is shared only between the endpoints. The original IP header and the TCP header are encrypted with key K2, which is shared between the end points and also with intermed iate authorized nodes such as the TCP PEP. Therefore, the TCP PEP can decrypt the header portion of the ESP packet with K2 and read the TCP header to do its performance optimizations. But the PEP cannot read the TCP payload and thus cannot access the actual data, since it does not posses the key K1. The layered IPSec approach allows TCP PEPs to function effectively.However, the method does not solve the problem of HTTP proxy servers. The HTML page is encrypted with key K1 as part of the TCP payload, and K1 is not shared with any intermediate node. Therefore, the Web page is not accessible to the HTTP proxy and no object prefetching can be accomplished. Olechna et al. 12 have suggested two solutions to the IPSec problem. In the first approach, the base proposes moving the TCP PEP gateways to the endpoints. The TCP optimizations are done on the traffic in the clear, and then the traffic is encrypted using IPSec.There is no TCP PEP at the satellite hub. This approach improves the perf ormance, but when a packet is lost or received in error TCP goes into congestionavoidance phase and the transmission is reduced by half. The second proposed approach, which bridge players effectively with this problem, is to split the secure connection into two at the satellite gateway. One connection is between the client and the gateway, and the second connection is between the gateway and the Internet server. This allows the gateway to decrypt the IPSec packet and read the headers and thereby do performance optimizations.This requires trust in the satellite gateway, which can now read all the traffic. This might be unacceptable to users who require strong end-to-end security. Several modified TCP protocols have been proposed that perform better than the original specification in the event of channel errors or delay, or when IPSec is used. A discussion of PROPOSED SOLUTIONS TO MITIGATE PERFORMANCE PROBLEMS WITH SSL OR IPSEC Several proposals have been made in academia and industr y to deal with performance problems that arise from using IPSec and SSL in satellite networks.The concept of transformationing up IPSec encryption into multiple encryption regions or zones on a single packet has been proposed independently in 10, 11. Although the finer details in the two approaches are different, the basic idea is the same. know as multilayer IPSec (ML-IPSec) 54 IEEE Wireless Communications December 2005 Group keys (TEK) K1,8 Internal keys (KEK) K1,4 K5,8 Path of keys for M8 K1,2 K3,4 K5,6 K7,8 Leaf keys Members Group key K2 K1,12 Group key K1 K1,8 K9,12 K1 K2 K3 K4 K5 K6 K7 K8 M1 M2 M3 M4 M5 M6 M7 M8 (a) K1K2 K3 K4K5 K6 K7K8 K9 K10K11K12 M1M2M3M4M5M6M7M8 G1 G2 G3 G4 Members Gateways (b) Figure 5. transparent key hierarchy and its extension to satellite networks a) with eight members b) ML-IPSec integrated LKH shoetree with users and gateways. these TCP enhancements can be found in 13. The problem of HTTP proxy performance when SSL is used has been addressed at heart the industry by breaking up the end-to-end single SSL connection between client and server into multiple SSL connections 14. In this solution, the client browser creates a secure HTTP connection with the remote page accelerator (RPA) at the client satellite terminal, a second connection is created between theRPA and the hub page accelerator (HPA), and a leash connection is between the HPA and the server (Fig. 4). The RPA performs all necessary handshake with the client browser. The HPA can decrypt the SSL traffic from the server and perform the desired object prefetching. Taken together, this allows delivery of secure Web content with little performance degradation and with little change to the standard protocols. The major(ip) drawback to this scheme is that it requires a high level of trust in the intermediate nodes. The HPA, which is a third-party entity, can read all the sensitive Web traffic that passes between the client and the server.This might be unacceptable when absolute end-to-end security is desired. is O(logN) (where N is the number of members in the group), which is less than the O(N) keys required if the GC arranged the members in a flat topology. To allow PEPs to function correctly when network-layer security is used, 15 proposes the use of ML-IPSec. The paper proposes using a single LKH tree to manage the group key K2, used to encrypt the transport layer header (known to end users and trusted gateways), and the group key K1, known only to the end users and used for encrypting the transport layer data. As shown in Fig. b, users M 1 M 8 are leaf nodes in a subtree of degree three, and gateways G 1 G 4 are leaf nodes in a subtree of degree two. The decide key of the member node subtree, K 1,8 , is used to encrypt the transport payload. The root of the overall key tree, K1,12, is used to encrypt the transport header. All member nodes know both K1,8 and K1,12, but the gateways know K 1,12 only (apart from the internal keys in the gatewa y subtree). How the LKH tree would be managed is not stated in 15. This is important, since the users and the gateways might not be in the same administrative or security domain.The paper also considers all users and gateways as a flat network for key distribution purposes, rather than taking into account the hierarchical nature of the network topology. The use of LKH for key management in satellite links has also been proposed in 18, which suggests algorithms for dynamically managing the LKH tree in case of member joins and leaves. Duquerroy et al. 19 proposed SatIPSec, for key distribution and secure communication for both unicast and multicast in a satellite network.The solution is based on IPSec, with the addition of flat multicast key exchange (FMKE) to support key management for secure group communication. Management of SAs for both unicast and multicast communication is integrated into the FMKE protocol. FMKE also incorporates reliability mechanisms so as to guarantee reliabl e key distribution in the lossy satellite setting. However, FMKE manages SAs between the satellite terminals or gateways only and does not extend to the end users. Therefore, end-to-end security is not provided when using SatIPSec.The RPA performs all necessary handshaking with the client browser. The HPA can decrypt the SSL traffic from the server and perform the desired object prefetching. Taken together, this allows delivery of secure Web content with little performance degradation and with little change to the standard protocols. KEY MANAGEMENT PROPOSALS FOR SECURE GROUP COMMUNICATION IN HYBRID NETWORKS Some research has been done with soul algorithms that serve as tools in building keymanagement protocols in order to facilitate secure group communication in hybrid satellite networks.Howarth et al. 15 have proposed the use of logical key hierarchy (LKH) 16, 17 for efficient key management for multicast groups in a satellite network. LKH makes use of a centralized key manager or group controller (GC), which constructs a logical key tree with the group members as the leaves of the tree (Fig. 5a). The internal nodes of the tree are the key encrypting keys (KEK), which are used to securely transport key updates to the group. The root of the tree is the session key or traffic-encrypting key (TEK), which is used to encrypt the session traffic.The number of keys that need to be updated when a member node joins or leaves the group IEEE Wireless Communications December 2005 55 New IP header ESP Original TCP HTML header IP header header object links Base HTML page Encryption with K2 ESP trailer Encryption with K1 n Figure 6. Layered IPSec with modifications for HTTP optimization. Also, FMKE treats all the satellite terminals it services (which are called SatIPSec clients) in a flat topology, and establishes separate secure channels to all SatIPSec clients. This will not scale when there are a large number of clients.Also, SatIPSec does not consider the dynamic joi ns and leaves of members in the group communication setting a client needs to be preauthorized for all the groups it wants to take part in. The protocol also requires complete trust in the group controller and key server (GCKS), which is a third party that is responsible for managing the SAs between the clients. All clients need to have preshared secrets with the GCKS. IPSEC AND SSL IN HYBRID NETWORKS OUR APPROACH We look at separate solutions to the performance problem arising out of using SSL and IPSec in hybrid networks, and also consider how the two approaches can be combined.HTTP OVER IPSEC TUNNEL One viable method is to break up the end-to-end IPSec tunnel into multiple connections. This is similar to the solution proposed in 12. But while their approach looks at only the TCP enhancements, we add the use of the HTTP proxy as well. In our approach, the IPSec connection from the client is terminated at the client proxy. The proxy creates its own IPSec connection to the gateway TCP proxy. A third IPSec connection is created from the gateway TCP proxy to the Web server. Schematically, this is similar to Fig. , with IPSec connections replacing the SSL connections in the figure. The IPSec handshaking between the client and the server is spoofed by the client proxy on the client end, and by the TCP hub proxy on the server end. In this model, the Web traffic can be read completely by the client proxy and the hub proxy. The two proxies are able to perform the TCP enhancements because they can read the TCP header. In addition, the hub HTTP proxy can perform HTML object prefetching from the server because it can read the base HTML page as it is returned to the client on a HTTP request.When the client browser generates staggered requests for the embedded objects upon receiving the base HTML page, the client proxy is responsible for returning local acknowledgments to the requests, and sending all the objects to the client browser at one time. The design is therefore fully able to maintain the functionality of the TCP and HTTP proxies. It also encrypts the traffic so that it can be seen only by the client, the server, and the two intermediate proxy servers. The design also makes minimal changes to existing standard protocols. However, the design also requires that there be full trust in the proxy servers.Also, there is additional overhead in setting up three IPSec connections, as opposed to one (as in the end-to-end case). The overhead in encryption/decryption also increases by a factor of three for every IP packet, since the intermediate proxies need to decrypt the TCP header and the HTML content. When the security requirement is that the traffic be unclear to intermediate nodes, the above approach will not work. In this situation, we propose extending the layered IPSec approach in order to allow portions of the HTML content to be also accessible to the proxy servers.Assume for layered IPSec that the keys are K1 and K2. K1 is known only to th e client and the server, while K2 is known to the client, the Web server, and the intermediate proxy servers at the client and the gateway. When the client makes HTTP requests, the requests are encrypted using K2, so that the client proxy server can read the requests and send local acknowledgments. Additional software at the Web server parses the requested HTML page so as to obtain all the embedded object links. These object links are collated into a new HTML page that contains only the object links, and this new page is encrypted with K2.The base HTML page that contains all the information and the object links is encrypted with K1. some(prenominal) the encrypted base HTML page and the encrypted object links HTML page are sent in reply. Therefore, the encrypted ESP packet looks as it is depicted in Fig. 6. Upon receiving the IPSec packet from the Web server, the hub proxy is able to read the object links (since it has K2) and therefore do prefetching for the embedded links. In addi tion, the hub proxy can also read the TCP header and perform TCP enhancements.However, the HTML base-page data cannot be read by the hub proxy, since it does not have K1. The encrypted base HTML page can only be read by the client when the IPSec packet reaches the destination. This design allows the TCP and HTTP proxies to perform effectively while maintaining a high level of end-to-end security. However, the security is not as strong as in traditional IPSec, since the intermediate proxies do get some information insofar as they can read the links of the embedded objects, even though they cannot read the application data.This is the major trade-off necessary to achieve acceptable performance in this design. In addition, the model requires changes to be made to the IPSec protocol so that layered IPSec is supported with the HTTP performance additions. A major issue in the above model is the handshaking mechanism required to set up the layered IPSec connection. To maintain a high level of security, we propose that the connection be set up primarily between the client and the server, who negotiate both K1 and K2, apart from other parameters of the security association.The handshaking mechanism then provides K2 securely to both the client and the hub proxy servers. The client and the hub proxy servers are required to authenticate themselves correctly before they can receive the secondary key or access the IPSec traffic. 56 IEEE Wireless Communications December 2005 DSSL main mode (K1) DSSL main mode (K2) Internet Gateway Proxy (K2) Client (K1, K2) NOC DSSL primary and secondary modes Original TCP IP header header Proxy SSL record Primary SSL record Proxy (K2) Web server (K1,K2) Encryption with K2 Encryption with K1IP packet format for DSSL n Figure 7. Dual-mode SSL for HTTP optimization. HTTP OVER SSL When the HTTP traffic is secured using SSL only, and there is no IPSec tunnel in use, several approaches are possible to ensure acceptable performance. If the securi ty requirement of the client and the Web server allow for trusted intermediate nodes, then the SSL accelerator concept of 14 can be a viable solution. This would require no change to the protocols at the expense of higher overhead in order to set up multiple SSL connections between the client, proxy, and Web server.When the security policy does not allow for trusted third parties, a different approach is needed. We propose the use of a modified SSL protocol, which we term dual-mode SSL (DSSL). As shown in Fig. 7, the secure connection in DSSL has two modes an end-to-end main mode connection between the client and the Web server, and a secondary mode connection that has the hub HTTP proxy as an intermediate node. When secure HTTP traffic is requested, the DSSL main mode connection is first negotiated between the client and the server.As part of the handshake for the main mode, the client and the Web server also negotiate the parameters for the secondary mode. Let K1 be the encryptio n key for the main mode, and K2 be the encryption key for the secondary mode. The client transfers the parameters of the secondary mode to the client and hub HTTP proxy servers only after the proxy servers authenticate themselves to the client. When the client makes an HTTP request, the client proxy sends local replies to the client browser, as discussed previously.The Web server, on receiving the request, parses the requested HTML page to obtain the embedded object links, which are collated into a new HTML page. The object links HTML page is then encrypted by DSSL using K2 to create the proxy SSL record. DSSL encrypts the base HTML page using K1 to create the primary SSL record. The two records are appended together and sent to the client in an IP packet (Fig. 7). The hub proxy intercepts the IP packet, extracts the object links from the proxy SSL record using K2, and prefetches the embedded objects.The Web server always encrypts the actual objects using K1, so that the hub proxy c annot read the base HTML page data. The hub proxy transfers all the embedded objects together to the client at one time. Therefore, the HTTP proxy functionality is uphold in DSSL while maintaining the end-to-end security of the HTML page contents. However, the security is less than in the end-to-end SSL connection case, since the HTTP proxy can read the object links. In standard SSL, the proxy servers can read no part of the base HTML page, not even the object links.We believe this slight drop-off in security is acceptable, given the considerable improvement in performance using this method. The DSSL design is more complex in comparison to SSL since it requires the creation of an additional connection, and therefore involves a higher overhead. There is also the added overhead of multiple encryptions and decryptions with two different keys, and the complexity of parsing the HTML page for the object links. All these require changes to the base SSL protocol. The DSSL concept is simil ar to the multiplechannel SSL concept proposed in 20.However, the authors do not differentiate encryption in primary and secondary SSL records but instead suggest that HTTP traffic with lower security requirements be encrypted exclusively with keys known to intermediate nodes. For our security requirements, that approach would not be acceptable. Differential Encryption in wiz SSL Record The use of a proxy SSL record is not necessary if various parts of the HTML page can be encrypted with The DSSL design is more complex in comparison to SSL since it requires the creation of an additional connection, and therefore involves a higher overhead.There is also the added overhead of multiple encryptions and decryptions with two different keys. IEEE Wireless Communications December 2005 57 Secondary SSL encryption Primary SSL encryption New IP header ESP Original TCP Proxy SSL header IP header header record Secondary IPSec encryption Primary SSL record ESP trailer Primary IPSec encryption n Figure 8. sheaf format for dual-mode SSL with IPSec. different keys. In that case, the Web server can encrypt the object links in the HTML page with key K2 and the rest of the HTML page contents with key K1, thus creating a single SSL record with different encryption.The hub proxy server can parse the SSL record and decrypt only the object links with key K2, before forwarding the IP packet to the client proxy. We assume that the primary and secondary encryption keys K1 and K2 have been set up and distributed as described in the previous sections, with K1 known to the client and the Web server only, while K2 is known to the client, the Web server, and the intermediate proxy servers. A similar technique can be applied when IPSec encryption is used instead of SSL encryption.The advantage here is that the size of the packet does not increase, although there is the overhead of distributing key K2 to the proxy servers to be considered. HTTPS OVER IPSEC For the sake of completeness, we consider the situation where a secure Web page is requested over an IPSec tunnel. This method involves redundancy of resources, since use of SSL when IPSec is being used does not provide any substantially added security. However, our approach can take care of the performance in this scenario as well. In this situation, we propose integrating DSSL with layered IPSec.Then the secondary keys for both the layered IPSec connection and the DSSL connection are shared with the proxy servers. The secondary key for layered IPSec is shared with both the TCP proxy and the HTTP proxy. When layered IPSec encrypts the packet, the secondary key encryption extends up to the proxy SSL record. The TCP proxy servers can therefore decrypt the TCP header of the ESP packet, and the HTTP proxy server can decrypt the proxy SSL record. Consequently, performance optimizations for both TCP and HTTP are allowed without letting the intermediate servers read the HTML page.A schematic of the IPSec packet in this setting is shown in Fig. 8. A HIERARCHICAL APPROACH TO KEY MANAGEMENT FOR DATA SECURITY IN HYBRID NETWORKS In 21, we have proposed a key-management fashion model for distributing cryptographic keys securely and in a scalable manner to users taking part in group communication in a hybrid satellite network. The prey is to ensure data confidentiality, by encrypting the data traffic with group keys known to all the group members. The key-management framework is built on top of the multicast routing architecture.We have considered the hybrid network topology shown in Fig. 1b and designed a multicast routing architecture to allow users to communicate seamlessly between multiple terrestrial LANs (also referred to as subnetworks) 22. Our routing design makes specific use of asynchronous transfer mode (ATM) point-to-multipoint routing 23 over the satellite links, and Protocol-Independent Multicast Sparse-Mode (PIM-SM) multicast routing 24 in terrestrial LANs. We have extended PIM-SM to all ow multiple rendezvous points (RPs) in each multicast group.The satellite gateway in each LAN acts as the local RP for the LAN and creates the local multicast trees for group members in spite of appearance the LAN. The local multicast trees are connected together over the satellite links by using the ATM point-to-multipoint virtual connection, thereby creating one end-to-end multicast tree for each group, encompassing all the LANs with group members in them. The multicast routing architecture is thus adapted closely to the hierarchical network topology, and allows for building efficient multicast trees with low control and data overhead.The design of the key-management protocol is independent of the routing algorithm, although it is based on the same underlying principle, that is, a hierarchical breakup of the network based on the topology. We branch the network into two levels the lower level, comprised of terrestrial LANs where the users are located, and a higher level consisti ng of the satellite, the NOC, and the satellite gateways or RPs in each LAN, which together form an underwrite (Fig. 9a) interconnecting terrestrial LANs. The RPs act as the bridge between the two levels.Key management is done separately in the two levels. In each LAN we introduce a local group controller (called the subnetwork key controller or SKC) to manage the keys for all groups agile in the LAN. The SKC is responsible for access control of all members of all groups that are industrious in its LAN, generating the group keys for all local groups, and updating the keys on group-member joins and leaves when a group is active. The keys managed by an SKC are entirely local to its LAN, and do not affect the key management in any other LAN in the network.The SKC uses the LKH algorithm to manage keys in its LAN, creating a logical key tree that we term the SN channelize. Each group active in a LAN has its own SN tree diagram. The leaves of the SN Tree for a group correspond to the longterm shared secrets between the SKC and the local users in the LAN who are active as sources and/or receivers in the group. The root of the SN Tree corresponds to the session key that is used for encrypting the group traffic at bottom the LAN at any particular instant.On member joins and leaves, the session key, and all the keys on the path from the root to the leaf node corresponding to the member joining/leaving, are updated, while all other keys in the SN Tree remain unchanged. The overlay has its own key management, 58 IEEE Wireless Communications December 2005 Overlay RP tree root key Level-1 Satellite Overlay network NOC Gateway Gateway Gateway SN tree SKC RP (root) RP (leaf) SKC RP tree RP (leaf) Gateway Level-0 SKC Subnet n Subnet 1 Subnet 2 (a) Subnet 3Subnetwork Subnetwork (b) Subnetwork n Figure 9. A hierarchical approach to key management in hybrid networks a) hierarchy in the hybrid network b) tiered tree key management. also based on the LKH algorithm. At the ove rlay level, the key management for a particular group is controlled by the satellite gateway/RP (known as the root RP for that group) of the LAN that has group sources active for the longest continuous period in the group. The logical key tree for any group thus formed at the overlay is termed the RP Tree.The root RP is responsible for generating keys for the RPs of the LANs who subscribe to the particular group, that is, have sources and/or receivers active in the LAN. Each group has its own RP Tree. The design ensures that the NOC cannot receive/transmit data to any active group, unless it explicitly subscribes to the group as a member node. However, LANs joining any particular group initially register with the NOC, which maintains a group membership table for all active groups, so that at all times the NOC is aware of the LANs which are participating in all active groups.The NOC is also responsible for selecting the root RP of the RP Tree for each group, which it does based on th e earliest-to-join policy. The root RP also might be different for different groups, since the LAN with the longest continuously active sources might be different for different groups. Our algorithm has the provision to allow the root RP for any group to change this happens if the currently active root RP leaves the group, when all sources/receivers within its local LAN cease to participate in the group.Our algorithm therefore builds a hierarchy of logical key trees that closely follow the hierarchy in the network topology, as shown in Fig. 9b. We term this framework Tiered Tree-based Key Management. In this hierarchy of key trees, the gateway RPs are responsible for performing key translation on all the multicast group traffic as it transmits the data from local sources to receivers in remote LANs, or when it receives group traffic from remote sources for local receivers. This translation is necessary since the data traffic is encrypted with the RP Tree session key in the overlay, and with the SN Tree session ey within the local LAN, with the two session keys being independent of one another. The detailed design of Tiered Tree-based Key Management, analysis of its security, and experimental results can be found in 25. The primary objective in our design is to minimize the amount of key-management control traffic n Figure 10. Tiered tree framework total key management traffic vs. RP tree traffic for three groups (Y-axis shows the traffic in bytes per second X-axis is the simulation duration in minutes). hat flows over the satellite links, due to the long delay involved as well as susceptibility to channel errors. We have attempted to ensure that the security of the data traffic does not add any overhead in terms of delay other than that absolutely unavoidable, and that the security protocol does not contribute to deadlocks in group-data dissemination where some group members in certain LANs cannot read the data due to having wrong keys. From the simulation re sults, Fig. 10 shows the reduction in key-control traffic over the satellite links using our tiered-tree approach.The graph compares the total key-management IEEE Wireless Communications December 2005 59 Our solution is a generic solution aimed specifically at multicast key management and does not deal with an end-to-end security solution for secure communication or give any implementation specifics. information sent in the network for three simultaneous groups (i. e. , sent over the RP trees, sent over the satellite links, and all SN trees limited to local LANs), to the total key information sent on the RP trees (satellite links) only.As the graph shows, the resource savings on the satellite links is substantial when the tiered-tree scheme is used. Even though the group dynamics are high, the amount of message exchanges are very few in the RP tree, that is, over the satellite links. If a flat key-management hierarchy had been used instead, the total key-management traffic would ha ve been sent over the satellite links, thus leading to increased delay and increasing the possibility that the correct keys do not reach all the members at the same time.Our solution is therefore very scalable. It also acknowledges the fact that the group members might be located in different security domains and, therefore, a single network-wide security management might not be possible. This is a more realistic scenario, since terrestrial LANs might be individual company domains, while the satellite overlay foot is usually owned by a separate entity that provides network connectivity to the LANs, and is not responsible for generating the network traffic.This framework addresses the problem that all users might not be visible to a single, centralized security authority, and the dynamics of user joins or leaves in one LAN should not create an overhead to users in other LANs. Also, in widearea satellite networks we consider that the satellite channel conditions at a given point in t ime might be different in different sections of the network. There might be loss in information due to bad channel conditions in some network segments however, this should not disrupt communication in network segments where the channel conditions are better.Solutions which treat all users in a single tree will not be able to perform as robustly under such conditions. Our solution is also similar to the ML-IPSec concept in that the satellite terminals are only partially trusted they are allowed to do partial decryption/encryption of the IP packets for efficient routing. However, it is a generic solution aimed specifically at multicast key management and does not deal with an end-to-end security solution for secure communication or give any implementation specifics. approaches for typical topologies and validating the proposed designs by simulation.Lastly, we have described our hierarchical approach of key management for providing data security in hybrid networks. We are continuing ou r research in this area and examining designs to integrate our keymanagement protocol with the unicast case. A considerable amount of work needs to be done with regard to secure protocols for hybrid networks, specifically for the case where users are mobile. Here we have touched upon only a small subset of the problems. None of the proposed solutions, including our own, address the question of user authentication or message integrity for group communication.However, we believe the security problems discussed here will receive boost treatment from the research community, and this work will be a useful contribution to the field. ACKNOWLEDGMENT The authors would like to thank the anonymous reviewers for their valuable comments and suggestions. The research reported here is supported by the National Aeronautics and Space Administration (NASA) Marshall Space Flight Center under award no. NCC8-235. The views expressed in this article are solely the responsibility of the authors and do no t reflect the views or position of NASA or any of its components.REFERENCES 1 J. Border et al. , Performance Enhancing Proxies Intended to Mitigate Link-Related Degradations, IETF RFC 3135, June 2001. 2 V. Arora et al. , Effective Extensions of Internet in Hybrid Satellite-Terrestrial Networks, University of Maryland, College Park, Tech. Rep. CSHCN TR 96-2, 1996. 3 V. Bharadwaj, Improving TCP Performance over HighBandwidth Geostationary Satellite Links, University of Maryland, College Park, Tech. Rep. ISR TR MS-99-12, 1999. 4 N. Ehsan, M. Liu, and R. Ragland, Evaluation of Performance Enhancing Proxies in Internet over Satellite, Wiley Intl.J. Commun. Sys. , vol. 16, Aug. 2003, pp. 51334. 5 NIST, Digital Signature Standard (DSS), may 19, 1994. 6 H. Krawczyk, M. Bellare, and R. Canetti, HMAC KeyedHashing for Message Authentication, IETF RFC 2104, Feb. 1997. 7 R. Atkinson and S. Kent, Security Architecture for the Internet Protocol, IETF RFC 2401, Nov. 1998. 8 IETF Transport Layer Se curity Working Group, The SSL Protocol Version 3. 0, Nov. 1996, available at http//wp. netscape. com/eng/ssl3/draft302. txt 9 R. Atkinson and S. Kent, IP Encapsulating Security Payload (ESP), IETF RFC 2406, Nov. 998. 10 Y. Zhang, A Multilayer IP Security Protocol for TCP Performance Enhancement in Wireless Networks, IEEE JSAC, vol. 22, no. 4, 2004, pp. 76776. 11 M. Karir and J. Baras, LES Layered Encryption Security, Proc. ICN04, Guadeloupe (French Caribbean), Mar. 2004. 12 E. Olechna, P. Feighery, and S. Hryckiewicz, Virtual Private Network Issues development Satellite Based Networks, MILCOM 2001, vol. 2, 2001, pp. 78589. 13 P. Chitre, M. Karir, and M. Hadjitheodosiou, TCP in the IPSec Environment, AIAA ICSSC 2004, Monterey, CA, may 2004. 14 SSL Accelerator, Spacenet Inc. , available at http//www. spacenet. com/technology/advantages/ssl. ht ml 15 M. P. Howarth et al. , Dynamics of Key Management in Secure Satellite Multicast, IEEE JSAC, vol. 22, no. 2, 2004, pp. 30819. 16 C. Wong , M. Gouda, and S. S. Lam, Secure Group Communications Using Key Graphs, IEEE/ACM Trans. Net. , vol. 8, 2000, pp. 1630. CONCLUSION Security is a critical component in hybrid IPbased satellite networks. In this article we have focused on some of the challenges that lie ahead.We have discussed the unique characteristics of hybrid satellite networks that make the problem of ensuring secure communication different from that of purely terrestrial networks. We have presented a survey of the various security solutions that have been proposed, and discussed their advantages and disadvantages. We have proposed several approaches to solve the performance problems of TCP and HTTP in satellite networks arising from secure communication. However, a lot of further work needs to be done to validate our approaches, and we are in the process of developing specific detailed security 0 IEEE Wireless Communications December 2005 17 D. Wallner, E. Harder, and R. Agee, Key Management for Multicast Issue s and Architectures, IETF RFC 2627, June 1999, available at http//www. apps. ietf. org/rfc/ rfc2627. html 18 G. Noubir and L. von Allmen, Security Issues in Internet Protocols over Satellite Links, Proc. IEEE VTC 99, Amsterdam, The Netherlands, 1999. 19 L. Duquerroy et al. , SatIPSec An Optimized Solution for Securing Multicast and Unicast Satellite Transmissions, 22nd AIAA Intl. Commun. Sat. Sys.Conf. and Exhibit, Monterey, CA, May 2004. 20 Y. Song, V. Leung, and K. Beznosov, Supporting Endto-End Security across Proxies with Multiple-Channel SSL, Proc. 19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004, pp. 32337. 21 A. Roy-Chowdhury and J. Baras, Key Management for Secure Multicast in Hybrid Satellite Networks, 19th IFIP Info. Sec. Conf. , Toulouse, France, Aug. 2004. 22 A. Roy-Chowdhury and J. Baras, Framework for IP Multicast in Satellite ATM Networks, AIAA ICSSC 2004, Monterey, CA, May 2004. 23 G.Armitage, Support for Multicast over UNI 3. 0/3. 1 Based ATM Networks, Inter net RFC 2022, Nov. 1996. 24 S. Deering et al. , The PIM Architecture for Wide-Area Multicast Routing, IEEE/ACM Trans. Net. , vol. 4, no. 2, 1996, pp. 15362. 25 A. Roy-Chowdhury, IP Routing and Key Management for Secure Multicast in Satellite ATM Networks, Masters thesis, University of Maryland, College Park, 2003, available at http//techreports. isr. umd. edu/reports/2004/ MS2004-1. pdf Paper Award, 2004 WiSe Conference. He holds three patents.His research interests include wireless networks and MANET, wireless network security and information assurance, integration of logic programming and nonlinear programming for trade-off analysis, multicriteria optimization, noncooperative and cooperative dynamic games, robust control of nonlinear systems and hybrid automata, mathematical and statistical physics algorithms for control and communication systems, distributed asynchronous control and communication systems, object-oriented modeling of complex engineering systems, satellite and hybr id communication networks, network management, fast Internet services over hybrid wireless networks, stochastic systems, planning and optimization, intelligent control and learning, biologically inspired algorithms for signal processing, and demodulator networks. MICHAEL HADJITHEODOSIOU M received an M. A. (honours) in electrical and information sciences from the University of Cambridge, United Kingdom, in 1989, an M. S. in electrical and computer engineering from the University of California, Irvine in 1992, and a Ph. D. n engineering (specializing in satellite communications) from the Centre for Satellite Engineering seek (CSER) at the University of Surrey, United Kingdom, in 1995. Among his awards are a scholarship award for studies at the University of Cambridge from the Cambridge Commonwealth Trust (19841986) a Fulbright Scholarship for post-graduate work in the United States (19891991) a Research Fellowship from the U. K. Engineering and Physical Sciences Research Council (E PSRC) (1992) and the Canadian National Science and Engineering Research Council (NSERC) post-doctoral fellowship award (1995). He worked as a research fellow in the Communication Systems group of CSER (19911995) and spent a year as a visiting fellow at the Canadian Government Communications Research Center (CRC) (19951996).In November 1996 he joined the Center for Satellite and Hybrid Communication Networks (CSHCN) at the Institute for Systems Research, University of Maryland, College Park, where he is currently an assistant research scientist. He is an expert on space communications and satellite networks. His research interests include performance optimization of wireless and hybrid networks, security and protocol support issues for satellite systems, and design optimization of next-generation broadband satellite networks and applications. He is currently working on supporting the communication needs of NASA enterprises and the communication architecture enabling space exploration .He is currently serving as secretary of the IEEE Satellite and Space Communications Technical Committee. SPYRO PAPADEMETRIOU received his B. S. in computer science from George Mason University, Fairfax, Virginia. Since then he has been actively involved in Internet research and development within both industry and academia. He was the principal Internet researcher at Synectics Corp. , where he developed network and database software. He worked as a researcher at the University of Marylands Institute for Systems Research, where he designed and developed their first networking laboratory, which is part of the CSHCN. At Inktomi Corp. he spearheaded client acceleration research and was a member the content-distribution network design team.These resulted in several patent filings, of which he holds one. The latter also resulted in American Onlines Web client accelerator product. before long he is with Orbital Data Corp. working on network and application optimization. His research inte rests include network optimization, application optimization, satellite and terrestrial wireless networking, delay-tolerant networks, sensor networks, distributed systems, and network software architecture. We have touched upon only a small subset of the problems. None of the proposed solutions, including our own, address the question of user authentication or message integrity for group communication. BIOGRAPHIESAYAN ROY-CHOWDHURY (emailprotected umd. edu) received his B. E. in electronics and telecommunications engineering in 1998 from Jadavapur University, India, and his M. S. in electrical engineering in 2003 from the University of Maryland, College Park, where he is currently a Ph. D. student. Between 1998 and 2000 he worked as a senior software engineer at Wipro Technologies, India. His research focuses on the design of protocols and frameworks for secure communication in hybrid networks. He is working on secure protocols for unicast and multicast routing in networks that have wired and wireless terrestrial components interconnected by satellite links.He is also looking into key management techniques for secure data transmission for these network architectures, and efficient user-authentication mechanisms for the same. As part of these topics, he is also investigating performance problems for network communication in satellite networks when security is involved. J OHN S. B ARAS F received a B. S. in electrical engineering from National Technical University of Athens, Greece, in 1970, and M. S. and Ph. D. degrees in applied mathematics from Harvard University in 1971 and 1973, respectively. He was founding director of the Institute for Systems Research (one of the first six NSF Engineering Research Centers) from 1985 to 1991.Since August 1973 he has been with the Electrical and Computer Engineering Department and apply Mathematics Faculty at the University of Maryland, College Park. In 1990 he was appointed to the Lockheed Martin Chair in Systems Enginee ring. Since 1991 he has been director of the Center for Hybrid and Satellite Communication Networks (a NASA Research Partnership Center). Among his awards are the 1980 Outstanding Paper A

Into The Wild: Test Essay

McCandless was brave enough to do things most people would non all the same hypothesize about doing. He was looking for more adventure and freedom than todays inn gives people, comments one of Chriss friends (Krakauer 174). What modern decree offers did not appeal to Chris McCandless he wanted a different life that most people had themselves. He saw the influences society puts on our lives and decided he did not want to live that way. No pineer would he answer to Chris McCandless he was now Alexander Supertramp, master of his own destiny (23). McCandless, now know as Alexander Supertramp, did not want to be held keystone in any way to insure he would get full freedom he changed his name so he was able to actuate fresh. McCandless took charge of his new life and was brave to be able to alone leave everything he knew and was well-off with to start new. Whatever makes you happy you should pursue, McCandless did just that even with all the negative people telling him it was a bad idea. People find happiness in multiple ways through relationships, nature, religion, and valety more ways. In a letter to Franz, Alex writes, You are wrong if you think joy emanates only or in general from human relationships.God has placed it all around us (57). McCandless knew that although it is nice to have relationships you can find happiness in nature and that is where he make up true happiness. He is smiling in the picture, and there is no mistaking the look in his eyes Chris McCandless was at peace, serene as a monk gone to God (199). Before McCandlesss death he took a picture and in the picture he was at peace and happy even though he was alone and going through the pain of starvation. He was happy because he finally found true happiness. McCandless found happiness in ways most did not, once he found what do him happy he pursued in no matter what the consequences were. In the final mailing-card he sent to Wayne Westerberg, McCandless hadwritten, if this adventure proves fatal and you dont ever hear from me again I want you to know youre a capital man. I now walk into the wild (133). He wrote this to acknowledge the chance that he might not survive. He does not want to die exclusively he knows that he is embarking on a dangerous adventure.McCandless also feels that the whole adventure is worth it, however, for the real experience of living completely independently and freely, and his intensity was expressed at the end of the final postcard to Westerberg. People called McCandless foolish for his mistakes but everyone makes mistakes. Instead of feeling distraught over this turn of events, moreover, McCandless was exhilarated He saw the flash flood as an opportunity to shed unnecessary baggage (29). Although he made a mistake of sleeping in an land where there are flash floods and lost his car, he accepted it and used it as a way to get further into his adventure by just living off what he needed. Chastity and moral purity were qualities McC andless mulled over long and often (65). Although Chris made fatal mistakes he knew what was right and wrong and would think about it a lot. McCandless overall had respect and good morals but made fatal mistakes which led to his death. Awkwardly, stiff with fear, I started working my way back down. The rime gradually thickened.After descending about eighty feet, I got back on reasonably solid ground. I stopped for a long time to let my nerves settle, then leaned back from my tools and stared up at the face above, searching for a hint of solid ice, for few variation in the underlying rock strata, for anything that would allow passage over the frosted slabs. (137) That quote really explains what a brave man he is and how he can vanquish obstacles that the others like Rosellini, McCunn, and Waterman couldnt. People who did not think McCandless was courageous thought he was a young foolish man who caused many pain with his deviation and death. Chris did make mistakes but so did other s and that does not mean he is foolish. He did not want to cause others pain but he needed to start fresh and away from everyone he knew. Alex is a nut in my book, wrote a resident of Healy, the hamlet at the head of the Stampede Trail. The author describes a man who has given away a small fortune, forsaken a living family, abandoned his car, watch and map and burned the last of his money before traipsing off into the wild west of Healy(71). Although McCandless did all of those things, he did it to have a freshstart.He did not want to be held back from anything and in the end it made him happy. A reader of the Outside magazine asked, Why would any son cause his parents and family such permanent and perplexing pain?(71) McCandless did not want to cause his love ones pain but ended up causing them pain since the only way he could find true happiness was to leave everyone he loved. Although some may not be able to see the reasons McCandless left all his opportunities and loved ones beh ind to go on an adventure that caused him his death, he only did it because that was what made him happy. Chris McCandless was a young man that went against society and found happiness in things most people would be afraid to try. He had the bravery it took to go against society to find his happiness and although he made mistakes he did what he enjoyed even if people thought he was foolish. People should not judge others for what they do that makes them happy and being brave enough to do something different than what most do.

Review & Critical Thinking: Music of the World Essay

1. What are the Hurrian songs? Why are they important?The Hurrian songs are a set of fragmentary relics as well as a closely complete example of notated practice of medicine from around 1400 BCE. They are important because it was the first piece of evidence that there was written practice of medicineal pieces and these songs were played during important feeling events such that as marriages and royal family births.2. What is the Natya Shastra? Why is it important?The Natya Shastra is a written discourse on the performing arts, including euphony, dance, stage performances, and that alike. The importance of music to ancient India is scoop out seen through Natya Shastra. It was also important because it gave quite detailed information on the types of instruments that were utilise at the time and forms of music that was popular.3. Who were troubadours? What was their music like?Troubadours were traveling poet-musicians who traveled from place to place, singing and performing for the upper class. Their music was generally monophonic and accompanied themselves with an instrument like the lyre or drums. 4. What are the modes in Western music? Describe at least one mode in Western music. There are seven different modes Dorian, Ionian, Phrygian, Lydian, Mixolydian, Aeolian, and Locrian. Dorian mode in C begins and ends on D.5. What is polyphonic music? How does it differ from monophonic music? Polyphonic music uses two or more independent melodies whereas monophonic music has only one independent melody.Critical Thinking Questions1. Why did early humans develop music? What are some of the ways that they were thought to create music? Some scholars believe that music developed from natural sounds and rhythms and humans mimicked these sounds, as they are known to mimic the noises they hear. Therefore early music was likely unproblematic sounds repeated for enjoyment and to create reactions from animals during hunting. Some of the ways they were thought to create music was through their own voices and created instruments. 2. Why is the study ofprehistoric and ancient music important? What can we learn from it? The study of prehistoric and ancient music is important because it gives us insight and understanding of where we evolved from and how we advanced in music up until this very day, and we wouldnt know just how well we advanced if we did not study prehistoric and ancient music. From this we can learn how the musical instruments in both time periods were used and what use they may have had. 3. What roles did music play in the life of prehistoric and ancient people? Are the roles similar to or different from the roles that it plays today? In the past music was not as big of a deal as it is today.Some individuals may have used music for entertainment but the main use of music in prehistoric and ancient times was for religious reasons such that of ceremonies. The roles are different in that we use music for a multitude of reasons, whether it be to wake us up for school or aid us in sleeping or even when we need something to cheer us up by and by a long and hard day or maybe something to calm us peck after a heated argument. We use music today for our enjoyment as well as for our emotions.4. What were the effects of musical notation on music, society, and composers? medication notation allows for multiple people to be able to learn to play an instrument without hearing it as well as having written documents of composers long after they have passed. It also allows a composer to create music without always having to remember it at the top of their head. 5. Describe medieval musics relationship with the Catholic Church. How was the music influenced by the Church? The Catholic Church influenced medieval music during the Middle Ages through chanting and performances by monks but soon developed songful sounds which were harmonized together. The Catholic Church did not use musical instruments and those who attended their p erformances liked the noise that was being produced by the church.

Classical Music and Jazz Music Essay

Music has always been an in-chief(postnominal) element for the humanity. Exist many different kinds of medication. For aspire of this paper Im going to compare classical music with jazz music. This two types of music belong to the category of complex art music. A comparison of classical and jazz music yield some similarities and different and could also lead to an appreciation of this two important category of music.The music called classical, was set in stores and performed regularly by symphonies around the world, in the time of 1600 up to the present. Unlike jazz was found in the early 1900 as some leap band leaders in the southern U.S. began playing this type of music that combined ragtime and blues. Most of the major composer of the classical music until the 20th speed of light were Europeans and the jazz was exposed first by two musicians. Both type of music were know on different parts of Europe.In classical music, both(prenominal) large orchestras and small ensemble ar e use. The largest part of the orchestra consist of the string section consisting of violins, violas, cellos, string basses and wind instruments. On the other hand jazz music can be played by small group of people. In jazz they use different instruments like clarinet, tuba, cornet, baritone, drums and piano. Similarly to classical music, jazz used some wind instruments.In addition we have a different of audience of this two kind of music. The jazz music attracts an really cultural and pelvis audience. This is because jazz concerts usually are in opens spaces around the world and in night clubs and you dont need to remunerate a ticket to go and appreciate the music. Unlike classical music attracts more elite and rich people. This is because the concerts of classical music are on different amphitheaters and closed spaces and you need to pay for a expensive ticket.To conclude, we can say that this to types of music have their unique style, but both of them represents two approaches t o Art Music. This two types of music are important and carry a great and special history. Also this to type of music, allow people to relax while hearing this music. If I need to pick mingled with this two types of music, I prefer the jazz music because is more accessibly for us and its transmit more emotions.