[Gzz-commits] gzz/Documentation/misc/hemppah-progradu prograd...

[Hermanni Hyytiälä]

CVSROOT:        /cvsroot/gzz
Module name:    gzz
Changes by:     Hermanni Hyytiälä <address@hidden>      03/01/21 04:03:19

Modified files:
        Documentation/misc/hemppah-progradu: progradu.bib 
                                             research_problems 

Log message:
        Summary of existing security issues

CVSWeb URLs:
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/Documentation/misc/hemppah-progradu/progradu.bib.diff?tr1=1.43&tr2=1.44&r1=text&r2=text
http://savannah.gnu.org/cgi-bin/viewcvs/gzz/gzz/Documentation/misc/hemppah-progradu/research_problems.diff?tr1=1.24&tr2=1.25&r1=text&r2=text

Patches:
Index: gzz/Documentation/misc/hemppah-progradu/progradu.bib
diff -u gzz/Documentation/misc/hemppah-progradu/progradu.bib:1.43 
gzz/Documentation/misc/hemppah-progradu/progradu.bib:1.44
--- gzz/Documentation/misc/hemppah-progradu/progradu.bib:1.43   Thu Jan 16 
07:11:13 2003
+++ gzz/Documentation/misc/hemppah-progradu/progradu.bib        Tue Jan 21 
04:03:19 2003
@@ -1520,4 +1520,13 @@
         publisher = {ACM Press},
 }
 
address@hidden,
+        author = "Amos Fiat, Jared Saia",
+        title = "Censorship Resistant Peer-to-Peer Content Addressable 
Networks",
+        booktitle = "Thirteenth ACM-SIAM Symposium on Discrete Algorithms",
+        month = "Jan",
+        year = "2002",
+        url = "citeseer.nj.nec.com/fiat02censorship.html"
+}
+
 
Index: gzz/Documentation/misc/hemppah-progradu/research_problems
diff -u gzz/Documentation/misc/hemppah-progradu/research_problems:1.24 
gzz/Documentation/misc/hemppah-progradu/research_problems:1.25
--- gzz/Documentation/misc/hemppah-progradu/research_problems:1.24      Mon Jan 
20 09:31:52 2003
+++ gzz/Documentation/misc/hemppah-progradu/research_problems   Tue Jan 21 
04:03:19 2003
@@ -768,12 +768,14 @@
 Tomorrow's computer environment will involve vast, constant media downloads.  
ZigZag structure offers a scalable, rational system of registration and storage 
which can handle this very cleanly.
 3.  A new form of SPATIAL PROGRAMMING, table-driven in zzspace, may simplify 
programming and computer environments in general.
 
-5. Security
--Could we use SDSI/SPKI in our system (it's hierarchical), like in ConChord
+5. Problmes related to P2P
+
+5.1. Misc
+-Could we use SDSI/SPKI in our system (it's hierarchical), like in ConChord 
\cite{ajmani02conchord}
 -is there any other implementations of SDSI/SPKI-like systems ?
 -SDSI/SPKI is not optimal for us, but somewhat working solution
--in our model: trust = trust knowone
--give a brief explanation of current techiques in accountability and trus
+-in our model: trust = trust no one
+-give a brief explanation of current techiques in accountability and trust
 
 Tuomas' example scenario (in finnish):
 
@@ -788,3 +790,139 @@
 mutta sitten poistamalla ne serverit
 
 What will happen if, jyu's network connection is broken ? Inside jyu, how do 
we will self-organise ?
+
+Half-life phenomenon \cite{libennowell01observations}
+Current decentralized, but structured \cite{chord, can, pastry, Tapestry etc.) 
ignores the fact 
+that a P2P system is never in 'ideal' state. P2P system is always evolving 
system.
+
+Half-life concept:
+'Let there be N live nodes at time t. The doubling from time t is the time 
that pass before
+N new additional nodes arrive into the system. The halving time from time t is 
the time
+requires for half of the living nodes at time t to leave the system. The 
half-life from 
+time t is smaller of the properties stated above. The half-life of the entire 
system is the 
+minimum half-life overl all times t.'
+
+Heterogeneity
+Current decentralized, but structured \cite{chord, can, pastry, Tapestry etc.) 
designs assume
+that all participating peers are equal, in terms of processing power, memory 
and network bandwidth.
+However, recent measurement study \cite{saroiu02measurementstudyp2p} exhibits 
the fact that in p2p networks, 
+there is a great amount of heterogeneity among participating peers.
+
+5.2. Open Problems in p2p data-sharing \cite{daswani03openproblems}
+
+Search
+a) Query rigidity
+
+b) Autonomy, efficiency and Robustness
+
+c) Quality of Service, QoS
+
+Security
+a) Availability (Gzz: priority 3)
+
+b) Data Authenticity (Gzz: priority 1)
+
+c) Anonymity (Gzz: priority 4)
+
+d) Access Control (Gzz: priority 2)
+
+5.3. General security issues related to decentralized, but structured 
strategies
+
+Secure routing requires \cite{castro02securerouting}:
+1) a secure assignment of node identifiers
+2) secure routing table maintenance
+3) secure message forwarding
+
+General security considerations \cite{sit02securitycons}
+1) Define verifiable system invariants (and verify them!)
+2) Allow querier to observe lookup progress
+3) Assign keys to nodes in a verifiable way
+4) Server selection in routing may be abused
+5) Cross-check routing tables using random queries
+6) Avoid single points of respinsability
+
+
+5.4. Open questions related to decentralized, but structured routing 
\cite{ratnasamy02routing}
+
+Question 1: 
+Can one achieve O(log n) pathlengths (or better) with O(1) neighbors? 
+
+Question 2:
+If so, are there other properties that are made worse in these hybrid routing 
algorithms ?
+
+Question 3: 
+Can one characterize the static resilience of the various algorithms ? What 
aspetcs of these
+ algorithms lead to good resilience ?
+
+Question 4:
+To what extent are the observed path lengths better that the rather 
pessimistic bounds provided
+ by the presence of these special neighbors ?
+
+Question 5:
+How long does it take, on average, to recover complete routing state ? And 
what is the cost of
+ doing so ?
+
+Question 6:
+Can one identify design rules that lead to shorter and/or cheaper recoveries ?
+
+Question 7:
+Do routing hotspots exist and, if so, how can one deal with them ?
+
+Question 8:
+Can one formally characterize the effectiveness of these proximity routing 
approaches ?
+
+Question 9:
+Can on show that proximity neighbor selection is always better that proximity 
routing ? Is
+ this difference significant ?
+
+Question 10:
+If one had the full n^2 distance matrix, could one do optimal neighbor 
selection in algortihms
+ other that Plaxton/Tapestry
+
+Question 11:
+Can on choose identifiers in a one dimensional key space that will adequately 
capture the
+ geographic layout of nodes ?
+
+Question 12:
+Can the two local techniques of proximity routing and proximity neighbor 
selection achieve most
+ of the benefit of global geographic layout ?
+
+Question 13:
+Does geographic layout have an impact on resilience, hotspots, and other 
aspects of performance ?
+
+Question 14:
+Can one redesign these routing algorithms to exploit heterogeneity ?
+
+Question 15: 
+Does cloning plus proximity routing and neighbor selection lead to significant 
improved performance 
+when the node capablities are extremely heterogeneous ?
+
+5.5. Proposed solutions to open problems
+
+Decentralized, but structured
+a) Censorship Resistant Peer-to-Peer Content Addressable Networks 
\cite7fiat02censorship},
+-system is resilient to adversial and controlled attacks
+-however, they assume that number of deleted peers is constant
+-not effiecient methods for maintaining dynamic netoworks 
+b) Dynamically Fault-Tolerant Content Addressable Networks 
\cite{saia02dynamicfaultcontentnetwork}
+-support for dynamic deletions
+-however, still assume a constant number of participating peers
+-not effiecient methods for maintaining dynamic netoworks
+c) Butterflies and Peer-to-Peer Networks \cite{datar02butterflie}
+-support for dynamic deletions and dynamic number of participants
+-not effiecient methods for maintaining dynamic netoworks
+
+Open problems, which remain to be addressed for fault tolerant decentralized, 
but structured strategies
+
+a) Is it possible to and efficient and dynamic fault tolerant decentralized, 
but structured system, which
+allows e.g. multiple rounds of adversary attack ?
+b) Could multi-butterflier be used in and efficient manner to construct a span 
resistant network ?
+c) Are there lower bounds for average degree of nodes, query path length etc. 
for a network that is
+fault tolerant to linear number of adversial faults ?
+
+ 
+6. Proposed frameworks
+
+a) A Framework for Resource Management in Peer-to-Peer Networks 
\cite{frise02p2pframework}
+
+b) Anthill: A Framework for the Development of Agent-Based Peer-to-Peer 
Systems \cite{babaoglu02anthill}