Distributed OS: Winter 2011: Difference between revisions
Line 33: | Line 33: | ||
Group members: keith, Andrew, David Barrera | Group members: keith, Andrew, David Barrera | ||
* | |||
**Have the machine routing packets(could be ISP provider) detect suspicious packets, | |||
**if the packets are signed, then those suspicious packets could be blocked, | |||
**the sender could be put on a black list. | |||
===2: Stopping phishing=== | ===2: Stopping phishing=== |
Revision as of 22:10, 19 January 2011
Readings
January 13, 2011: CCR (two papers)
January 18, 2011: OceanStore and Pond
Internet Governance
Problems to Solve
- Attack computers with almost no consequences
- DDoS
- botnets
- capture and analyze private traffic
- distribute malware
- tampering with traffic
- Unauthorized access to data and resources
- Impersonate computers, individuals, applications
- Fraud, theft
- regulate behavior
Design Principles
- subjects of governance: programs and computers
- bind programs and computers to humans & human organizations, but recognize binding is imperfect
- recognize that "bad" behavior is always possible. "good" behavior is enforced through incentives and sanctions.
- rules will change. Even rules for rule changes will change. Need a "living document" governing how rules are chosen and enforced.
Scenarios
1: Stopping DDoS
Group members: Seyyed, Andrew Schoenrock, Thomas McMahon
Group members: keith, Andrew, David Barrera
-
- Have the machine routing packets(could be ISP provider) detect suspicious packets,
- if the packets are signed, then those suspicious packets could be blocked,
- the sender could be put on a black list.
2: Stopping phishing
Group members: Waheed Ahmed, Nicolas Lessard, Raghad Al-Awwad
- A way of automatically checking the signature of a message to make sure it really is from a trusted source.
- ie: "Nation of Banks, did your member TD send me a message to reset my password?"
3: Limiting the spread of malware
Group members: keith, Andrew, David Barrera
4: Bandwidth hogs
Group members: Mike Preston, Fahim Rahman, Michael Du Plessis
- limit bandwidth for each user
- if user has significant bandwidth demands for a certain period of time
- add them to a watch list
- monitor their behaviour