|
|
| (184 intermediate revisions by 4 users not shown) |
| Line 1: |
Line 1: |
| =Title=
| | #REDIRECT [[Internet Attribution: Between Privacy and Cruciality]] |
| Requirements for Attribution on the Internet
| |
| | |
| =Abstract=
| |
| | |
| =Introduction=
| |
| | |
| =The attribution dilemma=
| |
| ==What is the attribution problem==
| |
| ==Why we need Attribution==
| |
| *DoS
| |
| ==Attribution Attacks==
| |
| * Stepping stone attack
| |
| * Forgery
| |
| ** Identity theft
| |
| | |
| =Requirements for internet attribution system=
| |
| (Unstructured draft)
| |
| | |
| * Any potentially destructive act should be traceable to a person (and/or organization, group, etc)
| |
| * Traceability should not violate any current privacy-related laws and moral principles
| |
| * Attribution mapping should not be a bijection, in other words action should map to persons, but not vice versa
| |
| * Traceability information should be distributed
| |
| * It should be impossible to collect all traceability data in one place
| |
| * Personal data should be stored by trusted authorities (e.g. governments)
| |
| * Traceability information and personal data should be separated, a connection to be revealed only when needed
| |
| * Attribution system should be incrementally deployable
| |
| * Cost of setting up and maintaining the system for a particular body (person, organization, network) should be considerably less than average losses under current lack of attribution (e.g. DoS, identity theft, etc)
| |
| | |
| =Related Work=
| |
| 2004: [http://ieeexplore.ieee.org.proxy.library.carleton.ca/stamp/stamp.jsp?tp=&arnumber=1437851 This] paper uses both <i>link identification</i> and <i>filtering</i> for achieving IP traceback WITHOUT the presence of high network cooperation.
| |
| | |
| =Requirements=
| |