Universities Tapped To Build Secure Net

Wes Felter writes "InfoWorld reports that the National Science Foundation (NSF) has enlisted five university computer science departments to develop a secure, decentralized Internet infrastructure. I thought the Internet was already decentralized, so I'm curious about what exactly they're fixing. The article quotes Frans Kaashoek from MIT PDOS, which is working on decentralized software such as Chord."

Agents, Security

[goombah99]

If you want a decentralized secure system you have to create a system that does not need an omnisceint trusted party. In otherwords you need an agent based system where each agent's local utility function is such that by optimizing it, it approximates the global utility function. This does not enforce security, but by clever design of the local utility function could make for a bobust system even with "evil" agents.

Re:Agents, Security

[Zeinfeld]

If you want a decentralized secure system you have to create a system that does not need an omnisceint trusted party.

So goes the dogma. The problem is that if you stick to that dogma the systems tend to be full of technology that is there just to get rid of the posibility of a single master party.

A much better approach in practice is to separate out the logical and infrastructure elements of the problem. For example the Internet currently depends on there being only one logical service set associated with a particular IP address (convoluted phraseology due to the existence of anycast). That is you do not want there to be two companies that claim to 'own' the same IP address.

Some folk want it to be possible for two people to share a DNS name. That is not a good idea either.

What is a good idea is for services like Google to be able to return multiple listings for the same query..

In other words, there is a need for unique identifiers which for the sake of convenience we call names and addresses. There is also a need for keyword identifiers that can be shared by many parties.

The broken internet

[Kickstart70]

The internet is horribly vulnerable as it is. It's not so much a problem of pure decentralization as it is one of too many people/requests to handle through too tight a pipe if the other pipe goes down.

As an example...if one day some serious news happened that caused everyone to get on the net at once (Kyoto Earthquake, OJ Simpson on the freeway, Iraq drops a nuclear bomb), and this coincided with a failure of some large piece of hardware along the western coast (under extreme load), the remaining paths for much of this area would be so bogged down as to be useless. Effectively the internet would break under the pressure.

What needs to happen to avoid the problem here is have many more paths for the data to flow, which requires better hardware and further decentralization (would love to see everyone's cable modem be a small internet router for people's data to travel through). Barring that, with the increased worldwide participation on the net expect that some days you just won't be able to use it.

Kickstart

Re:The broken internet

[shren]

would love to see everyone's cable modem be a small internet router for people's data to travel through

Is it just me, or is that statement total technobabble? Say I put a router in my house. Where does the data go through it to?

Re:The broken internet

[jonadab]

> Is it just me, or is that statement total technobabble? Say I put
> a router in my house. Where does the data go through it to?

The OP was probably confused about what cable modems do, but he
brings up an interesting point...

With a heirarchical routing system like what TCP/IP uses, it can
pretty much only go upstream to the backbone. It is possible for
a network to be designed so that there's no backbone, and the data
can be routed wherever there are open connections -- so that if you
have ethernet connections to the people in the houses nextdoor and
a wireless connection to your relatives across town and another to
your mobile phone (which connects to your phone service provider)
and a DSL connection to an ISP, data could be routed in one of
these connections and out the other.

Such a system would have higher latency, because it would have
more hops, but the bandwidth could be okay, if _everybody_ runs
fiber to the house nextdoor. TCP/IP won't work, because it can't
do routing in that kind of environment; some kind of routing
protocol would have to be devised that understood the topology
of such a network (perhaps by using latitude and longitude as
metrics for the routing, along with other factors such as "how
busy is the network in that direction"). The really major problem
with such a system is, how much do you charge your neighbors to
route their data, and what about the people whose data your
neighbors are routing (through you), and so on? Unless everyone
suddenly becomes a fair player (haha), the network protocols
(or their implementation) would have to include some kind of
reciprocal quota system or somesuch, which would add complexity
and drive the latency up, possibly beyond usefulness.

Clarification

[I_am_Rambi]

DHT is like having a file cabinet distributed over numerous servers

Is this DHT going to be decentralized so different servers are throughout the country? If so, would yahoo hold files for google? If it is this way, it sounds like my credit card data would be insecure. (Say a p0rn site is holding data for ebay)

Or is it more like a backup of the server that is in the same room? If it is this way, don't most organizations that host their own site have more than one server with the same data?

Or am I just totally confused?

No longer decentralized.

[Ashurbanipal]

> I thought the Internet was already decentralized, so I'm curious about what exactly they're fixing.

Since every release of BIND ties us more thoroughly to ICANN-dominated centralised name control, I'd guess that DNS would be what they are fixing.

It used to be easy to use alternative roots in conjunction with the "authoritative" (authoritarian?) roots... but now it's one or the other. Caveat - I haven't tried the BIND alternatives yet, there are only so many hours in the day.

The namespace of the Internet is hosed, even USENET's namespace.namespace.namespace is more useful. And the geographic separation of the root nameservers doesn't matter much when all change authority is vested in a single entity.

insert RIAA joke here

[Merik]

"The researchers hope that they can create a robust, distributed network that could essentially act as a secure storage system for the Internet. Governments, institutions and businesses worldwide could theoretically choose to place their data in the secure system, which would minimize the effects of outage or attack."

This seems it would reduce an individual entity's loss to an attack with the idea of, everyone loses a little rather than one losing alot. But it also seems, even though the details in this article are lacking, that physical security of boxes would become more important.

Should the british goverment, a university, and whoever else, trust a small buisness in san diego to house its part data.

the only way this would work from a security stand point would be to make the information that is spread out over 50 or so computers not accessible from the machine its hosted in on. and it seems this would be pretty much impossible(er.. hackerd00ds) from a purely software approach....

do you trust me with your data? um... i dont

Its the storage stupid!

[DaoudaW]

C'mon guys did you even read the article. NSF is not proposing changing the structure of the web, rather they are hoping to utilize the structure to make data more secure by storing it in decentralized fashion. No one server will contain enough data to reconstruct the file, any server can crash and the file will still be available.