Governing by Negotiation: The Internet Naming System

This Article is about the governance of the Internet naming system. The subject is fascinating, not simply because the naming system is an important system affecting the Internet, although it is; and not because the Internet is important, although it is. The subject is fascinating because it offers a rare opportunity to examine and learn from the evolution of an incoherent governance structure. The naming system is special in that it is the product of a new technology; it reflects the changes and pressures brought by the new technology, and involves the interests of government and private entities, domestic and international. And while this combination is complex and special, the players are known and their motivations are quite familiar: a quest for power and money, a professional pride and national patriotism, and deep commitments to various ideologies. Can we predict or even speculate with some certainty how this governance system will develop? Regardless of whether we can, what lessons can we learn from what we see? How should we approach the questions? How can we generalize our findings

Governing by Negotiation: The Internet Naming System

This Article is about the governance of the Internet naming system. The subject is fascinating, not simply because the naming system is an important system affecting the Internet, although it is; and not because the Internet is important, although it is. The subject is fascinating because it offers a rare opportunity to examine and learn from the evolution of an incoherent governance structure. The naming system is special in that it is the product of a new technology; it reflects the changes and pressures brought by the new technology, and involves the interests of government and private entities, domestic and international. And while this combination is complex and special, the players are known and their motivations are quite familiar: a quest for power and money, a professional pride and national patriotism, and deep commitments to various ideologies. Can we predict or even speculate with some certainty how this governance system will develop? Regardless of whether we can, what lessons can we learn from what we see? How should we approach the questions? How can we generalize our findings? The governance of the naming system involves the actors in the system\u27s infrastructure - the registries, registrars, governments, the Internet Service Providers, and the Internet Corporation for Assigned Names and Numbers ( ICANN ). The naming system is designed as a pyramid, with the one source root at the top.\u27 This pyramid is operated by a number of entities. The naming system presents many questions. Does ICANN\u27s policy-making power matter; and if so, to whom? I do not deal with these issues, but I address them briefly because they constitute part of the context of my inquiry. ICANN\u27s policy-making is an important matter. It coordinates some activities among the actors in the naming system infrastructure. It offers, mostly through others, some services for the actors in the infrastructure. It has authority to create new Top Level Domain Names in the United States under .us, or otherwise. It has authority to create new country code Top Level Domain Names ( ccTLDs ), and to approve (or disapprove) the delegation of the operating power of top level domain names, including ccTLDs. It is involved in, and can affect, matters concerning conflicts between trademark holders and domain name holders. It is involved in determining whether a particular entity is an organization entitled to use .org, or an educational institution entitled to use .edu. ICANN may have the power to determine the use of domain names in languages other than English. And the list can be extended to the qualifications and the duties of registrars and registries that manage top-level domain names at different levels.2 ICANN\u27s powers involve money. Every power that ICANN may exercise and every request that must be directed to it, can, and usually does, carry a price tag. ICANN can set charges for whatever services, permissions, consents, or requests for consents it entertains. To the extent that ICANN can define the scope of its powers and the price tags that it attaches to the exercise of its powers, it may indeed build a significant empire that involves the infrastructure of the Internet naming system and affects the operations of the Internet

Location Independent Names for Nomadic Computers

Recent advances in the Domain Name System (DNS) and the Dynamic Host Configuration Protocol (DHCP) have enabled a new approach to supporting mobile users: location independent naming. In this approach, machines use the same hostname from any internet location, but use an IP address that corresponds to their current location. We describe a protocol that implements location independent naming for nomadic computers, i.e., machines that do not need transparent mobility. Our protocol allows hosts to move across security domains, uses existing protocols, and preserves existing trust relationships. Therefore, it preserves the performance and security of normal IP for nomadic computers at the expense of not providing the transparent mobility of Mobile IP. We contend that this is a reasonable trade-off for nomadic computing

SECURE BOOTSTRAPPING AND ACCESS CONTROL IN NDN-BASED SMART HOME SYSTEMS

Smart home systems utilize network-enabled sensors to collect environmental data and provide various services to home residents. Such a system must be designed with security mechanisms to protect the safety and privacy of the residents. More specifically, we need to secure the production, dissemination, and consumption of smart home data, as well as prevent any unauthorized access to the services provided by the system. In this work, we study how to build a secure smart home system in the context of Named Data Networking, a future Internet architecture that has unique advantages in securing Internet of Things. We focus on solving two security problems: (a) mutual authentication between a new device and an existing smart home system to bootstrap the device, and (b) controlling access to smart home data. We designed a naming hierarchy for a smart home system and the corresponding trust model. Based on the naming and trust model, we designed bootstrapping protocols which enforce mutual cryptographic challenges, and a programming template which facilitates Name-based Access Control. We have designed and implemented an application that incorporates these solutions. Evaluation result shows: (a) the bootstrapping protocols can defend against replay attacks with a small computation overhead, and (b) Name-Based Access Control can provide accurate time schedules to restrict access to fine-grained data types with a small computation overhead

Towards persistent resource identification with the uniform resource name

The exponential growth of the Internet, and the subsequent reliance on the resources it connects, has exposed a clear need for an Internet identifier which remains accessible over time. Such identifiers have been dubbed persistent identifiers owing to the promise of reliability they imply. Persistent naming systems exist at present, however it is the resolution of these systems into what Kunze, (2003) calls persistent actionable identifiers which is the focus of this work. Actionable identifiers can be thought of as identifiers which are accessible in a simple fashion such as through a web browser or through a specific application. This thesis identifies the Uniform Resource Name (URN) as an appropriate identification scheme for persistent resource naming. Evaluation of current URN systems finds that no practical means of global URN resolution is currently available. Two ,new approaches to URN resolution, unique in their use of the Domain Name System (DNS) are introduced. The proposed designs are assessed according to their Usability, Security and Evolution and an implementation described for an example URN namespace of language identifiers

Names, addresses and identities in ambient networks

Ambient Networks interconnect independent realms that may use different local network technologies and may belong to different administrative or legal entities. At the core of these advanced internetworking concepts is a flexible naming architecture based on dynamic indirections between names, addresses and identities. This paper gives an overview of the connectivity abstractions of Ambient Networks and then describes its naming architecture in detail, comparing and contrasting them to other related next-generation network architectures

Ambient networks: Bridging heterogeneous network domains

Providing end-to-end communication in heterogeneous internetworking environments is a challenge. Two fundamental problems are bridging between different internetworking technologies and hiding of network complexity and differences from both applications and application developers. This paper presents abstraction and naming mechanisms that address these challenges in the Ambient Networks project. Connectivity abstractions hide the differences of heterogeneous internetworking technologies and enable applications to operate across them. A common naming framework enables end-to-end communication across otherwise independent internetworks and supports advanced networking capabilities, such as indirection or delegation, through dynamic bindings between named entities

User-Relative Names for Globally Connected Personal Devices

Nontechnical users who own increasingly ubiquitous network-enabled personal devices such as laptops, digital cameras, and smart phones need a simple, intuitive, and secure way to share information and services between their devices. User Information Architecture, or UIA, is a novel naming and peer-to-peer connectivity architecture addressing this need. Users assign UIA names by "introducing" devices to each other on a common local-area network, but these names remain securely bound to their target as devices migrate. Multiple devices owned by the same user, once introduced, automatically merge their namespaces to form a distributed "personal cluster" that the owner can access or modify from any of his devices. Instead of requiring users to allocate globally unique names from a central authority, UIA enables users to assign their own "user-relative" names both to their own devices and to other users. With UIA, for example, Alice can always access her iPod from any of her own personal devices at any location via the name "ipod", and her friend Bob can access her iPod via a relative name like "ipod.Alice".Comment: 7 pages, 1 figure, 1 tabl