MIT Communications Futures Program
Evolving communications
paradigms and Security
Karen Sollins
MIT CSAIL
January 23, 2007
MIT CFP
Overview: pulling on several
threads
• Evolving communications
paradigms
• Evolving social model
• Evolving security challenge
Sollins, 1/23/08
2
MIT CFP
Communications: E2E
• Point-to-point
– Letters/email
– Telephones
– TCP connections
• Broadcast/multicast
– Print media - underneath 1:1
– Radio/TV
– IP multicast
• From source to destination: some
direct, some store-and-forward (e.g.
intermediate servers)
Sollins, 1/23/08
3
MIT CFP
Client/server: mostly E2E
• Remote invocation of specific
server
• Distribution of “server”: clusters,
load balancing, even some P2P
systems (collaborating servers)
• P2P systems: each element can
be both client and server
Sollins, 1/23/08
4
MIT CFP
Intermediated communication:
losing E2E
• Middle boxes
– Forwarding (e.g. home for mobiles)
– Firewall
– Caching
– Rendezvous (e.g. for multimedia
conferencing)
• Beginning to break direct,
realtime communication
Sollins, 1/23/08
5
MIT CFP
It’s the content
• WWW and URLs
• Time and space separation
– Not a question of when (realtime, etc.)
– Not a question of where
– Question of what
• Identification
• Search
• Pub/sub
– Specification of what something is
– Specification of interest or subscription
– Current examples: social networking, news
subscription services, …
Sollins, 1/23/08
6
MIT CFP
Key components
•
•
•
•
Information
(Set of) Publishers
(Set of) Subscribers
Attributes: how to publish or
subscribe
• Policies: (publisher, {attributes}) or
(subscriber, {attributes})
• Trust model
Note: Can be simplified to achieve any
of the other models, subsumes them.
Sollins, 1/23/08
7
MIT CFP
The evolving social model:
Trust and security
• Letter-writing: recognize
handwriting
• Telephone: recognize voice
• Email: recognize email address
• TCP: recognize IP address
• Trust based on
– Confidence in unmodified delivery
– Confidence in correctness of
source
Sollins, 1/23/08
8
MIT CFP
And along came…
(in the Internet)
• Forgeable email addresses
• Forgeable IP addresses
• The Morris worm
• Viruses and other malware
• Business opportunities
• Enterprise and other organizational controls
• ISPs
• …
Note: not all “bad”, just competing objectives
Sollins, 1/23/08
9
MIT CFP
Tussle: competing concerns
• Question: why do we care?
– Sharing
– Cooperation
– Exposed contention
• Question: can we design for it?
• Question: is it monolithic?
–
–
–
–
Economics
Security
Social status
…
• Question: where are the control points?
–
–
–
–
Sollins, 1/23/08
Regulation
Specification
Design/implementation
Operation
10
MIT CFP
Security challenge: Trust
model
• Not universal: regional, topical,…  context
(e.g. Nissembaum, social networks)
• Not binary or pairwise: scalable,
commutative, …  value-based,
community-based
• Not immutable  evaluatable, assignable
Consider: if assignable must have ability to
assign “to something”. Therefore require
appropriately defined identities.
Sollins, 1/23/08
11
MIT CFP
Advertisement (disclaimer
here)
The Security and Privacy Working
Group: current agenda
To explore the nature of identity
required in an information-based
communications paradigm, as a
basis for examining the nature
and capabilities required for trust
and security
Sollins, 1/23/08
12