Difference between revisions of "Talk:DistOS-2011W Attribution"
(Created page with "=Challenges= In order to develop an effective attribution system for computers the following challenges need to be addressed: ==Identification== This is probably the biggest c…") |
|||
| Line 1: | Line 1: | ||
=What Is Attribution?= | |||
* Binding an act to the Agent. | |||
=Why do we want Attribution?= | |||
== How does this affect us?== | |||
=When do we want Attribution? | |||
=When do we not want Attribution?= | |||
=How is attribution done today?= | |||
==Cookies== | |||
===Pros=== | |||
===Cons=== | |||
===What is missing?=== | |||
==Login/ Required Authentication== | |||
===Pros=== | |||
===Cons=== | |||
===What is missing?=== | |||
=How should attribution be done?= | |||
=Challenges= | =Challenges= | ||
Revision as of 13:53, 17 March 2011
What Is Attribution?
- Binding an act to the Agent.
Why do we want Attribution?
How does this affect us?
=When do we want Attribution?
When do we not want Attribution?
How is attribution done today?
Cookies
Pros
Cons
What is missing?
Login/ Required Authentication
Pros
Cons
What is missing?
How should attribution be done?
Challenges
In order to develop an effective attribution system for computers the following challenges need to be addressed:
Identification
This is probably the biggest challenge of them all; how to identify users. Identification needs to be unique enough that no two users can ever have the same identification. A strong question is, to what level should this identification be? Is it enough to stop at the computer level, or should it stop at the user level.
- If we choose to only identify computers, and leave responsibility to the owner of the computer, what should happen in the case of a stolen computer that is used to commit virtual crime. Maybe to cover this case it should be treated like cars and have insurance against to protect against theft.
- In the case of identification at the human level, what information should be used in the identification. What information are people willing to give up. People generally like the partial anonymity over the internet, doing this is pretty much asking people to give that up. But maybe this is needed for the better of everyone.
Privacy
Being that people like the anonymity of surfing the internet, identification of who is where should only be made possible in the aftereffect when called upon. In other words, people should be able to surf the web anonymously, but in the event that maybe a DOS attach is executed, it can easily be traced back to the attacker.
Deployment
There are billions of computers already connected to the internet all over the world today. Development of an attribution system should take this into account.
Tracing
This is another key thing to consider. People may argue that this is not an aspect of attribution. On the other hand, tracing is the main or sole reason behind the need for attribution in the first place. Not considering it part of attribution is like BMW not considering the driver in the development of their vehicles.
Storage
This ties into identification; where should these identifications be stored and who should be granted access to them.