Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

CoShare: An Efficient Approach for Redundancy Allocation in NFV

An appealing feature of Network Function Virtualization (NFV) is that in an NFV-based network, a network function (NF) instance may be placed at any node. On the one hand this offers great flexibility in allocation of redundant instances, but on the other hand it makes the allocation a unique and difficult challenge. One particular concern is that there is inherent correlation among nodes due to the structure of the network, thus requiring special care in this allocation. To this aim, our novel approach, called CoShare, is proposed. Firstly, its design takes into consideration the effect of network structural dependency, which might result in the unavailability of nodes of a network after failure of a node. Secondly, to efficiently make use of resources, CoShare proposes the idea of shared reservation, where multiple flows may be allowed to share the same reserved backup capacity at an NF instance. Furthermore, CoShare factors in the heterogeneity in nodes, NF instances and availability requirements of flows in the design. The results from a number of experiments conducted using realistic network topologies show that the integration of structural dependency allows meeting availability requirements for more flows compared to a baseline approach. Specifically, CoShare is able to meet diverse availability requirements in a resource-efficient manner, requiring, e.g., up to 85% in some studied cases, less resource overbuild than the baseline approach that uses the idea of dedicated reservation commonly adopted for redundancy allocation in NFV

Optimal route reflection topology design

An Autonomous System (AS) is a group of Internet Protocol-based networks with a single and clearly defined external routing policy, usually under single ownership, trust or administrative control. The AS represents a connected group of one or more blocks of IP addresses, called IP prefixes, that have been assigned to that organization and provides a single routing policy to systems outside the AS. The Internet is composed of the interconnection of several thousands of ASes, which use the Border Gateway Protocol (BGP) to exchange network prefixes (aggregations of IP addresses) reachability advertisements. BGP advertisements (or updates) are sent over BGP sessions administratively set between pairs of routers. BGP is a path vector routing protocol and is used to span different ASes. A path vector protocol defines a route as a pairing between a destination and the attributes of the path to that destination. Interior Border Gateway Protocol (iBGP) refers to the BGP neighbor relationship within the same AS. When BGP neighbor relationship are formed between two peers belonging to different AS are called Exterior Border Gateway Protocol (eBGP). In the last case, BGP routers are called Autonomous System Border Routers (ASBRs), while those running only iBGP sessions are referred to as Internal Routers (IRs). Traditional iBGP implementations require a full-mesh of sessions among routers of each AS