The Internet is a worldwide system of interconnected computers and computer networks that use the TCP/IP protocol suite. In May 1993, the Internet included 10,000 IP networks interconnecting more than one million computers and millions of users throughout the world. Systems (nodes) on the Internet are connected to each other through routers (sometimes called "gateways"), and share a common name and address space. The Internet is the successor to ARPAnet, initially sponsored by the Defense Department's Advanced Research Projects Agency ("ARPA"). The National Science Foundation still provides a subsidy for the Internet backbone, but that subsidy is being restructured, 2 and the Internet increasingly is privately funded, and there is a growing commercialization. The Internet is a unique part of the existing national information infrastructure because of the following characteristics: 3

1. It is an open architecture, meaning that one computer system can connect to others simply by adhering to the TCP/IP standards. It is not necessary for users of one computer system to use the same hardware or software as another computing system with which they wish to communicate, or even to know the nature of the hardware and software in the other system.

2. It is a distributed architecture, meaning that different parts of the eventual bundle of information content and related services desired by users may be supplied by different Internet nodes, operated by different persons or entities.

3. Although institutions connecting to the Internet must pay for their own hardware, software, and communications lines, there is no charge for access to other nodes on the Internet nor, with rare exceptions, to information resources made available through those nodes.

4. Historically the vast majority of Internet users were members of institutions like universities that had Internet connections and such users are not charged directly for Internet usage. Now the Internet is evolving to accommodate pay-as- you-go use.

Information providers and consumers connected to the Internet can exchange electronic mail ("EMail"), transfer files in both directions, and remotely log in to any other computer system or network connected to the Internet. The telnet protocol permits one computer connected to the Internet to log in to another computer even though the two computers have completely different hardware and operating systems. (After remotely logging in a user usually must have an account on the remote computer before proceeding, unless he is using a public account to access Gopher or similar interface on the remote system.) The ftp protocol permits users to move files to and from remote systems. This protocol is indifferent to file formats. Thus, for example, one Internet site could "publish" an Apple Macintosh file on a non-Macintosh Internet node, and other Internet nodes could retrieve that file even though they do not have Macintosh computing systems. Or, VAX files can be published and retrieved by PC clones. "Anonymous ftp" is a widespread form of electronic publishing on the Internet. A publisher simply places a file on a special file directory on an Internet server, and anyone, without needing an account on that computer, and without having a pre-established account (hence "anonymous") can retrieve the file through the ftp protocol.

A variety of protocols have been built on top of telnet and ftp that make it easier to use the Internet, including Gopher (a menuing system that permits users to read and transfer files through selecting from menu items), Wide Area Information Service (an elaboration of international standard Z39.50, which permits free text searching of diverse information resources that are linked to the Internet via the WAIS protocol), and World Wide Web with its associated client interfaces NetScape and Mosaic, which permit hypertext and hypermedia resources to be published and accessed on the Internet. The World Wide Web hypertext pointers may point to other Internet servers, thus permitting a provider of information to make it available without needing to have his own copy of all of the information resources a user may want. Archie, Jughead, and Veronica, are three automated finding tools that permit free-text searching of virtually all public files, 4 and Gopher menu entries on the Internet, respectively. 5

The Internet makes it easy to distribute information in a multiple locations. When producers of information are connected to the Internet, it is less necessary than it is using conventional technologies for all of the elements eventually making up a particular information product to be on the same computer. Rather, certain portions of content can be on one computer while other portions of content are on another computer in a different geographic location, while indexes, locators, and finding aids are on a third computer in a third location, and billing and payment information on yet a fourth computer in a fourth location. 6

The Internet makes it easier to implement what computer scientists call client/server and distributed database theories. The Internet makes it possible to expand the kinds of resource, data, and program sharing that makes Local Area Networks attractive far beyond the confines of the "local area."

Distributed supply of information value is important to ordinary users and citizens, and to small producers of information products, because it expands the choices readily available to information consumers and allows a producer of only a narrow range of information content or services to enter the market without having to offer a full range of service and content.

Internet service providers

Three kinds of Internet service providers are important in the overall Internet architecture: backbone networks, mid-level networks (sometimes called regional networks) and connection services. Although the three types of services overlap, 7 it is helpful to think about the three functions distinctly.

Historically, the Internet and its predecessors were composed of three levels. At the top, was the Internet backbone, a high bandwidth, federally subsidized collection of TCP/IP compliant switches and communications paths built on top of dedicated lines leased from telephone companies. At the bottom were universities and research centers with Local Area Networks connecting their own computing systems. Between the two were regional networks, best understood as cooperative-like arrangements connecting the universities and research facilities in a particular geographic regions to each other and to the backbone. NEARnet in New England, NYSERnet in New York, BARRNET in the San Francisco Bay area, PREPnet in Pennsylvania, SURAnet in the southeast, and THEnet in Texas all are examples.

There is no legal duty for these mid-level networks to confine their activities to geographic regions, and as the Internet has expanded and become more diverse and commercial, most originally-regional networks have offered services beyond their own regions and thus are more appropriately known as mid- level networks now. Indeed Bolt, Baranek & Newman, a highly respected consulting and technical services contractor has bought both NEARnet, BARRNET, and SURAnet and intends to strengthen their presence in commercial markets.

Most mid-level networks connect to other mid-level networks through backbone service providers like CIX, a consortium of commercial Internet service provider, ANS, the contractor for the federally subsidized NSFnet, which is not supposed to handle commercial traffic, or ANS Core, a commercial affiliate of ANS, recently bought by America Online. Increasingly mid-level networks connect directly to each other, obviating the need for backbone services.

At the bottom, there is a growing market for Internet connection services for a more diverse population of users.

Internet connection services

Historically, most individuals and small work groups connected to the Internet through computing systems, Local Area Networks and mid-level connections, supplied by the universities or research facilities with which they were affiliated. As the Internet has become attractive to a wider variety of users, a demand has grown for someone to supply connection services for persons not affiliated with institutions that historically had Internet connections. Performance Systems International ("PSI") is one of the largest vendors of Internet connection services. It offers a variety of plans to larger corporations, with varying bandwidth, levels of service, and price, and increasingly offers lower-priced service packages to individuals, and small entities like law firms.

There are three ways for an individual user to connect his desktop computer to the Internet. The best, but most expensive, way is the traditional institutional connection through a dedicated line at 56 kbps or 1.5 mbps to an Internet service provider. The cost is about $1000 per month. Until recently, the cheapest form of connection was a terminal connection, and though more cumbersome, it was attractive to some individuals and very small entities. They accessed the Internet by establishing accounts on host computers which have Internet connections, and dialing into the host through modems and ordinary telephone lines, to establish terminal connections. The third type of connection offers more functionality to low-volume users and now is the most attractive. It involves making the user's desktop computer an actual Internet node over a dialup telephone connection, using Point-to-Point Protocol ("PPP") or Serial Line Internet Protocol ("SLIP"). SLIP and PPP connections have become much more widely available and the price has fallen to the $15-20/month level in recent months, as both CompuServe and America Online offer such full-featured Internet connection. 8

Internet, compared with dialup bulletin boards

There are both theoretical and pragmatic advantages to Internet connections for information providers as compared with dialup bulletin boards. The theoretical advantage arises from the packet switching characteristic of the Internet compared with the circuit switching characteristics of the telephone system. When an end user accesses an electronic bulletin board, she ties up an entire 9 telephone circuit for the duration of her session. When she accesses the same provider through the Internet, she does not tie up an entire circuit, but only uses it for the relatively small fraction of the time required to send and receive packets. While a file is actually being downloaded, the difference is small; when she is browsing, thinking, or waiting for something to happen on her computer or the provider's computer, the difference is great. The difference in efficiency may not mean much to the end user, particularly one that directly accesses the Internet through a modem. But the difference can be significant to network intermediaries and to the provider because it translates directly into fewer circuits (telephone lines) required to give the same level of service. For example, a very small provider can handle only one user at a time with a dialup bulletin board and one phone line, but could handle multiple simultaneous users with the same single telephone line and an Internet connection.

Because many Internet connections involve use of regular voice telephone connections for at least part of the connection, it is natural to wonder how the efficiencies associated with packet switching are possible when a part of the route is an analog (voice) telephone. The answer is essentially the one suggested in the preceding paragraph, which distinguishes between the end user's perspective and the provider's or intermediary's perspective. When an end user accesses a dialup bulletin board, the entire route is a voice grade analog telephone circuit (with the analog signals perhaps being digitized and multiplexed over part of the route). When the end user accesses an information service through an X25 public data network ("PDN") like SprintNet or Tymnet, as is commonly done with CompuServe, WESTLAW, and LEXIS, an analog telephone connection is used to the PDN point of presence closest to the end user - usually the nearest metropolitan area - and packet switching is used from that point of presence to the information service computer. When an end user accesses the Internet via a modem and SLIP connection, the route is voice grade analog to the point of presence of the Internet services provider like CERFnet or PSI, and packet switched from there. When the end user uses an institutional connection to the Internet, the entire route is packet switched.

Internet security

The prospect of full-featured Internet connections raises security concerns with many computer system administrators. They correctly recognize that the exposure of computer systems to intrusion increases when those systems are connected to networks. It is also true, however, that the power of modern automation depends on computer network connections. Avoiding security problems by refusing to establish connections is like avoiding security problems by refusing to have computers. There are well recognized security techniques that minimize the risks of Internet connections. The most straightforward involve the establishment of "firewall machines" to serve as buffers between the worldwide Internet that contains intruders and the presumably secure internal networks. A firewall employs two types of precautions. First, it utilizes one or more computers to serve as "chokes" -- specialized routers -- and specialized "gates." A choke and the gate prevent outsider from establishing connections directly to any internal server or workstation. The choke directs all outside transactions to the gate, which in turn can route certain kinds of traffic and transactions to internal servers and workstations. "The choke is a kind of intelligent filter: it is set up so that only the gate machine can talk to the outside world." 10 The gate usually is "stripped down" to eliminate high risk services like UNIX's rlogin and rexec, while allowing the most useful electronic publishing and interactive protocol such as telnet, FTP, SMTP, NMTP, name, and domain. 11 This machine can be the anonymous FTP server, but it should not be the general file server for any internal network. 12

The firewall insulates the law firm's LAN from the external Internet, preventing unauthorized access to the LAN. Additionally, a proxy service can be used as part of the firewall to allow members and employees of the firm to access the outside Internet while still preventing outsiders from initiating access to the LAN. With proper security measures, a LAN connected to the Internet is not any less secure than a LAN not connected to the Internet.

Footnotes

1 http://www.www.vcilp.org/; gopher to gopher.law.vill.edu; anonymous FTP to www.vcilp.org; or telnet to www.vcilp.org and login as gopher or www.

2 See NSF, May 6, 1993 Solicitation for Network Access Point Manager, Routing Arbiter, Regional Network Providers, and Very High Speed Backbone Network Services Provider for NSFNET and NREN Program (soliciting proposals for five- year contracts).

3 Most conceptions of the NII view it as switched broadband network. Under this view, the Internet is a precursor of the NII because it is a fully switched public network - although it is not yet broadband.

4 Archie searches all files accessible through anonymous ftp.

5 Veronica and Jughead search gopher- reachable resources.

6 Gopher and World Wide Web servers implement this distributed information concept. The content is on one or more Internet-connected computers, while the pointers represented by the Gopher menu or the World Wide Web tagged text are on one or more different computers.

7 For example, mid-level providers may connect with each other directly, thus providing backbone services. Backbone service providers may offer connections directly to some high volume end-users, thus supplying both mid-level and connection services. Many mid-level networks provide connection services.

8 See VCILP Technical Note, How to Connect to the Internet (1995) for more details on how to establish connections.

9 Only the SLIP or PPP line between the two modems is tied up.

10 Simson Garfinkel & Gene Spafford, Practical Unix Security, 298 (1991).

11 Garfinkel & Spafford at 297. The Garfinkel & Spafford book is a good technical-level explanation of unix security for system administrators. It is one of the books in the O'Reilly & Associates series.

12 This firewall configuration is one that exists naturally for organizations that have Novell Local Area Networks, equip workstations on those networks with TCP/IP software, and connect the Local Area Networks in turn to a UNIX Internet server. Each workstation can access the Internet server, but -- as long as TCP/IP Netware Loadable Modules are not put on the Novell server -- persons accessing the Internet server from the outside cannot access the Novell server for the Local Area Networks. Nor can they access individual workstations except when those workstations actually are running the TCP/IP software.