Thinking about Privacy and Security in a Mobile Virtual Internet for the MIT Community David P. Reed MIT CFP Draft May 2007 A Mobile Architecture for MIT Community Make networks that support mobile community members interoperable at the right functional level Multiconnected User centered Application spans heterogeneous technology Attributes of Network Mobility: devices move (frequently, not rapidly) Awareness: devices can sense, and adapt Accomodating: environment accomodates new devices Transport independent: minimize dependency on specialized transport networks Concerns to ensure Heterogeneous in function Heterogeneous in implementation Evolvable/futureproof Composable devices/functions/... Safe and respectful (rather than security) Sharing is controlled Enhancing WLANs No “association delay” Standardized position sensing and presence sensing Beyond “service discovery” Enhancing “cellular data networks” Build on MVNO concept Home Location Registry and AAA/AN services provided by MIT in concert with a cellular provider New protocol layers that support awareness, multiconnected devices, transport independence, event distribution Enhanced Identity and Authorization Put user in control of negotiated authorization to access network resources Support multiple identities, temporary identities, agency relationships Enhanced coordination protocols Many events are of interest to a variety of devices, based on context Network exists to distribute event notifications Internetworked publish subscribe protocols: event = {producer, topic, consumer, timestamp, message} [where producer, topic, consumer are unique Ids or names] Privacy and Security Personal privacy in a network of shared sensors, shared events and shared context Protection from harassment, stalking Protection of underlay infrastructure Protection from “leakage” Non-discretionary agency Value of traditional COMSEC Document focused – but what are the documents? Resource focused – but applications span resources routinely Topology based – but we share a common world Need to invent a new framework Need rich agency infrastructure (beyond Federated Identity) Use context and sensor information as part of decisions Safety is a larger term than security Negotiation