PeerPoint An Open P2p requirements Definition and Design Specification Proposal
III. PeerPoint Requirements: Security and Anonymity
Download 0.69 Mb.
|
III. PeerPoint Requirements: Security and AnonymitySecurity can never be 100%. It is often based on trust and reputation, which we need for a web without gatekeepers. Privacy and anonymity can be thought of as a forms of security. Security by obscurity is an important principle. Many writers take the view that there is no such thing as anonymity on the internet (search “no such thing as anonymity on the internet” for sources) due to data mining and pattern analysis technologies. Kat Orphanides writes: “Even if you disable cookies, your browser could easily share enough information to give you a unique signature on the web. I've been testing the computers I use on the Electronic Frontier Foundation'sPanopticlick website, which reports the identifying information your browser is sharing and compares it against data it has already collected from other users. So far, every system I've tested has been uniquely identifiable.” Perhaps if identity can be discovered heuristically, that’s the way PeerPoint should go, rather than using certificates, tokens, etc. On the other hand, perhaps part of Peerpoint’s requirements should be methods for obfuscating such identifying patterns to preserve anonymity when that is a user’s desire. Is it possible to distinguish between legitimate (e.g. political) and illegitimate (e.g. criminal) reasons for anonymity? Freedom not Fear (freedomnotfear.org and eff.com)
TrustCloud: A Framework for Accountability and Trust in Cloud Computing (hp.com) CryptoParty Handbook This 392 page, Creative Commons licensed handbook is designed to help those with no prior experience to protect their basic human right to Privacy in networked, digital domains. By covering a broad array of topics and use contexts it is written to help anyone wishing to understand and then quickly mitigate many kinds of vulnerability using free, open-source tools. IV. PeerPoint Requirements: semantic web ontologyV. PeerPoint Requirements: system libraryVI. Library of P2P Middleware and APIsVII. PeerPoint Requirements: distributed data storemisc: Storage Quota Management API (W3C) VIII. Trust/reputation MetricsPeerPoint Requirements: - user ratings/reports of peer nodes - white/black lists of peers (by individuals, groups, communities, institutions, etc) - hierarchical ID/trust certificate authorities (groups, communities, trusted institutions, states, etc.) xID In accordance with The Standards of LIFE forInformation, the xID specification uses a distributed storage model that allows data to be held in separated silos that are as close to the people they serve as is practical, given the security requirements. It also specifies the nature of a transaction between trusted and untrusted systems that returns verification results without exposing or compromising the contents of the identity record. The xID system is concerned solely with identity, and does not store any other data than the xID records. Related data, such as medical records or legal records, are stored separately, and include xID certificate references. - A heuristic method for predicting trustworthiness of a potential peer (“You may like these peer nodes...”)
system collects and distributes by design.” (Tony <p2p-hackers@lists.zooko.com> p2p-hackers Digest, Vol 69, Issue 12) Resources:
On the Web, vast amounts of data are created every day. Most of the companies I examined in my thesis are looking for ways to make this data available and useful to users, for instance by calculating so-called “trust scores” with the help of algorithms. These scores, which are based on data from social networks and other sources (that provide things like damage reports, peer reviews and transaction history) are supposed to help strangers judge each other’s trustworthiness. This information facilitates and accelerates the process of building trust between strangers on the Web. Since you take your trust score with you whatever platform you are on, it encourages good behavior. A person who has worked hard to build up an online reputation will not want to jeopardize that. My research also showed that it is crucial for companies offering these systems to remain as transparent as possible about how their trust scores are derived. Since trust is complex and every platform requires different dimensions of trust, every person should be able to understand the score and decide themselves whether they want to trust a person or not. Being a good driver is very different, for example, from being a friendly and reliable CouchSurfing host. Another issue with creating trust and identity systems in general is data privacy. The functioning of these trust systems heavily depends on the users’ willingness to give a third party their data in return for building their online reputation, and not everyone is willing to do that. Especially in countries outside the U.S. people seem to be reluctant to reveal their personal data to third parties. It’s thus crucial for companies working on trust systems to gain the trust of users and P2P platforms. As Simon Baumann, PR Spokesperson at the German ride-sharing company Carpooling.com noted, “the question is always, how trustworthy the trust system is.” Breiifly, Breiifly Blog Legit aims to be the Credit System of the Sharing Economy. We correlate data across marketplaces, creating a holistic picture of a user's reputation. Legit measures real, transaction-based accountability without relying on social network data. Overall behavior improves when everyone is held accountable. Real-time alerts keep you up to date so you can act before damage is caused. Plus, the good reputation that users build on other marketplaces empowers them on yours. Slope One is a family of algorithms used forcollaborative filtering, introduced in a 2005 paper by Daniel Lemire and Anna Maclachlan. Arguably, it is the simplest form of non-trivial item-based collaborative filtering based on ratings. Their simplicity makes it especially easy to implement them efficiently while their accuracy is often on par with more complicated and computationally expensive algorithms. (Wikipedia) Directory: wp-content -> uploads -> 2013 2013 -> International post doctoral research fellowship programme final report title of the research 2013 -> Seals Family History 1565 to 2004 2013 -> Rao bulletin 15 July 2013 html edition this bulletin contains the following articles 2013 -> R institute of technology school of foreign languages 2013 -> Provisional Programme – subject to change thursday 10th april 2013 -> June, 2013 National hiv testing Day Month Men’s Health Week Hurricane Safety Month 2013 -> In memory of the residents of the Parish Chesham Bois that served their country during wwii 2013 -> Federal contract awards in georgia april 2013 Download 0.69 Mb. Share with your friends:
|