Presentation is loading. Please wait.

Presentation is loading. Please wait.

(we need your advice!) Jon Peterson MIT– December 2010 IETF & Privacy.

Published byRosemary Byrd Modified over 8 years ago

Similar presentations

Presentation on theme: "(we need your advice!) Jon Peterson MIT– December 2010 IETF & Privacy."— Presentation transcript:

1 (we need your advice!) Jon Peterson MIT– December 2010 IETF & Privacy

2 The IETF builds protocols Protocols assume architectures –Ideally, these protocols should be useful in a variety of architectures. –However, certain protocols are not useful in some. We don’t mandate implementation style and deployment characteristics, but we constrain them in various ways. Example: DNS was designed to have a single root. Ostensibly, the network intermediaries makes simple forwarding decisions, doesn’t inspect or log packets in any deeper semantics Today, we have plenty of reason to fear otherwise

3 Architecting for privacy What does an application need to share to get a service delivered, and with whom? –Intermediation SIP, for example, uses intermediaries to route requests –However, intermediaries inspect many other elements of requests How can SIP share with intermediaries only the information they need to do their job? (RFC 3323 is a start) –How do we get other protocol designs to learn from this experience? –ALTO (ongoing right now) How can the user share enough with the network for it to be useful and vice-versa?

4 IPv6 Privacy Addresses In IPv6 stateless addressing, the Interface identifier was constructed based on the MAC address. –This raised privacy concerns. –RFC 4941 supported a dynamically generated IPv6 Interface identifier. Questions: –Threat model: Who are we attempting to hide the address from? ISP, eavesdropper (where?), other communication partner, government (police, fire, medical)? –The same mechanisms that allow ISPs to track users are used to provide location for emergency services and to deal with certain security attacks (botnets).

5 “Hemispheres” in ALTO H1 H2 We, the network operators want to do ALTO, but we will not disclose info about the network topology and state We, the P2P users and P2P vendors want to do ALTO, but we will not disclose info about the overlay How to bring them together?

6 Customizing data per recipient Classic “presence” problem –I might want to share different presence information with my friend than with my boss (RFC 2778) –Had we defined “presence” as a unique rather than a potentially manifold property, however, would this be possible? Some presence architectures admit of only one view of presence, which is either shared with a particular recipient or not –We layer our basic architecture for geolocation privacy on top of this (RFC 4119) However, just because you choose to share information selectively, what about those you shared it with? –Policy framework in geopriv for expressing usage preferences about retention, redistribution, and so on

7 What we need Guidance to authors of protocol specifications on at least four fronts: –How do we build privacy threat models? –How do we design protocols that do not fall into obvious privacy traps? –What are some common ways around traps that you can’t get out of? –How do we document traps that we don’t how how to get out of? draft-morris-privacy-considerations

Download ppt "(we need your advice!) Jon Peterson MIT– December 2010 IETF & Privacy."

Similar presentations

SIP and Instant Messaging. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.

SIP and Instant Messaging. SIP Summit SIP and Instant Messaging What Does Presence Have to Do With SIP? How to Deliver.
Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.

Deployment Considerations for Dual-stack Lite IETF 80 Prague Yiu Lee, Roberta Magione, Carl Williams, Christian Jacquenet Mohamed Boucadair.
CST 415 - Computer Networks NAT CST 415 4/10/2017 CST 415 - Computer Networks.

CST Computer Networks NAT CST 415 4/10/2017 CST Computer Networks.
 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.

 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
Marla Azinger, Frontier Communications

Marla Azinger, Frontier Communications
IPv6 Privacy Hannes Tschofenig, Tara Whalen. Agenda Privacy Threats Layering Addressing Policy Questionnaire.

IPv6 Privacy Hannes Tschofenig, Tara Whalen. Agenda Privacy Threats Layering Addressing Policy Questionnaire.
Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.

Issues of Security and Privacy in Networking in the CBA Karen Sollins Laboratory for Computer Science July 17, 2002.
B. Davie, L. Peterson et al. draft-davie-cdni-framework-00.txt.

B. Davie, L. Peterson et al. draft-davie-cdni-framework-00.txt.
(4.4) Internet Protocols Layered approach to Internet Software 1.

(4.4) Internet Protocols Layered approach to Internet Software 1.
IETF ECRIT update Marc Linsner 5/11/10. ECRIT Charter (or a piece of it) ………The group will show how the availability of location data and call routing.

IETF ECRIT update Marc Linsner 5/11/10. ECRIT Charter (or a piece of it) ………The group will show how the availability of location data and call routing.
IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.

IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.
Origins of ECRIT IETF has been working on location since 2000 –Spatial BoF, eventually GEOPRIV chartered in 2001 GEOPRIV provides location information.

Origins of ECRIT IETF has been working on location since 2000 –Spatial BoF, eventually GEOPRIV chartered in 2001 GEOPRIV provides location information.
How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.

How do Networks work – Really The purposes of set of slides is to show networks really work. Most people (including technical people) don’t know Many people.
1 © 2015 Cisco and/or its affiliates. All rights reserved. IRTF icnrg interim meeting, 1/13/2015 Where are the opportunities for ICN in Sensor Networks?

1 © 2015 Cisco and/or its affiliates. All rights reserved. IRTF icnrg interim meeting, 1/13/2015 Where are the opportunities for ICN in Sensor Networks?
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
Networks and Distributed Systems: Project Ideas

Networks and Distributed Systems: Project Ideas
Chapter 1 Read (again) chapter 1.

Chapter 1 Read (again) chapter 1.
Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.

Identity, Spheres and Privacy Rules Henning Schulzrinne (with Hannes Tschofenig and Richard Barnes) Workshop on Identity, Information and Context October.
Circuit & Application Level Gateways CS-431 Dick Steflik.

Circuit & Application Level Gateways CS-431 Dick Steflik.
Postmodern Internet Architecture Defense Zhaosheng Zhu Kevin Tan.

Postmodern Internet Architecture Defense Zhaosheng Zhu Kevin Tan.

Similar presentations

Ads by Google