A link to the paper: Difference between revisions
No edit summary |
Requirements added (draft) |
||
| Line 14: | Line 14: | ||
* Forgery | * Forgery | ||
** Identity theft | ** Identity theft | ||
=Requirements for internet attribution system= | |||
(Unstructured draft) | |||
* Any potentially destructive act should be traceable to a person (and/or organization, group, etc) | |||
* Traceability should not violate any current privacy-related laws and moral principles | |||
* Attribution mapping should not be a bijection, in other words action should map to persons, but not vice versa | |||
* Traceability information should be distributed | |||
* It should be impossible to collect all traceability data in one place | |||
* Personal data should be stored by trusted authorities (e.g. governments) | |||
* Traceability information and personal data should be separated, a connection to be revealed only when needed | |||
* Attribution system should be incrementally deployable | |||
* Cost of setting up and maintaining the system for a particular body (person, organization, network) should be considerably less than average losses under current lack of attribution (e.g. DoS, identity theft, etc) | |||
=Related Work= | =Related Work= | ||
Revision as of 15:00, 17 March 2011
Title
Requirements for Attribution on the Internet
Abstract
Introduction
The attribution dilemma
What is the attribution problem
Why we need Attribution
- DoS
Attribution Attacks
- Stepping stone attack
- Forgery
- Identity theft
Requirements for internet attribution system
(Unstructured draft)
- Any potentially destructive act should be traceable to a person (and/or organization, group, etc)
- Traceability should not violate any current privacy-related laws and moral principles
- Attribution mapping should not be a bijection, in other words action should map to persons, but not vice versa
- Traceability information should be distributed
- It should be impossible to collect all traceability data in one place
- Personal data should be stored by trusted authorities (e.g. governments)
- Traceability information and personal data should be separated, a connection to be revealed only when needed
- Attribution system should be incrementally deployable
- Cost of setting up and maintaining the system for a particular body (person, organization, network) should be considerably less than average losses under current lack of attribution (e.g. DoS, identity theft, etc)
Related Work
2004: This paper uses both link identification and filtering for achieving IP traceback WITHOUT the presence of high network cooperation.