The Geopolitical vs the Network Political: Internet Designers and Governance

With the recognition that communication networks in general and the Internet in particular are not only infrastructural but socio-technical in nature comes the responsibility to think such networks through from the perspective of how they influence – and/or are – forms of power and governance. The notion of citizenship is one that appears relative to both social and technical systems, and thus at their conjuncture, because it is the concept through which the rights and responsibilities of individuals relative to governance are refracted. It was in fact the case that citizenship was a concern for those responsible for technical design of the Internet as that history both unfolded through and is recorded in the technical document series known as the Internet Requests for Comments, or RFCs. This paper analyzes the two types of citizenship of concern from the perspective of Internet design – geopolitical (oriented around the state) and network political (oriented around the network) – and interactions between the two as they were discussed within and affected the Internet design process. These network-inspired ideas about citizenship in turn contribute to the ongoing discussion about the evolution of new forms of citizenship in today’s environment, including in particular those that are global and/or technological in nature.US National Science Foundation Grant No. 082326

Software-implemented attack tolerance for critical information retrieval

The fast-growing reliance of our daily life upon online information services often demands an appropriate level of privacy protection as well as highly available service provision. However, most existing solutions have attempted to address these problems separately. This thesis investigates and presents a solution that provides both privacy protection and fault tolerance for online information retrieval. A new approach to Attack-Tolerant Information Retrieval (ATIR) is developed based on an extension of existing theoretical results for Private Information Retrieval (PIR). ATIR uses replicated services to protect a user's privacy and to ensure service availability. In particular, ATIR can tolerate any collusion of up to t servers for privacy violation and up to ƒ faulty (either crashed or malicious) servers in a system with k replicated servers, provided that k ≥ t + ƒ + 1 where t ≥ 1 and ƒ ≤ t. In contrast to other related approaches, ATIR relies on neither enforced trust assumptions, such as the use of tanker-resistant hardware and trusted third parties, nor an increased number of replicated servers. While the best solution known so far requires k (≥ 3t + 1) replicated servers to cope with t malicious servers and any collusion of up to t servers with an O(n^*^) communication complexity, ATIR uses fewer servers with a much improved communication cost, O(n1/2)(where n is the size of a database managed by a server).The majority of current PIR research resides on a theoretical level. This thesis provides both theoretical schemes and their practical implementations with good performance results. In a LAN environment, it takes well under half a second to use an ATIR service for calculations over data sets with a size of up to 1MB. The performance of the ATIR systems remains at the same level even in the presence of server crashes and malicious attacks. Both analytical results and experimental evaluation show that ATIR offers an attractive and practical solution for ever-increasing online information applications

Proposed Model for Outsourcing PKI

PKI is often referred to as a pervasive substrate. This terminology is used to describe the technological layer that permeates the entirety of the organisation on which PKI services are established. From the mid 1970s when Whitfield Diffie and Martin Hellman published their paper New Directions in Cryptography the concept of Public Key Cryptography, for the first time, allowed two entities with no previous relationship to communicate secure information over unsecured channels. PKI provides the infrastructure that allows Public Key Cryptography to function within a hierarchical structure, providing between two entities, an acceptable level of trust. Outsourcing is the process of acquiring sources or services from an external source. With the modular structure of today's organisations it can also mean that goods and services can be procured from one segment of the organisation to another through inhouse service-supplier agreements. Outsourcing has evolved from the days of heavy industry and manufacturing in the 1960s to the total solution management of today. This dissertation brings together the concepts of both PKI and Outsourcing. It details our AB-5C Model for organisations to outsource a PKI system within the scope of the businesses strategic goals and objectives. Our proposed model takes into account the need to use existing models, procedures and practices in support of an outsourced PKI Model. These include a process or processes to ensure that any outsourced solution adds value to the organisation, and that there is a business strategy that allows the alignment of the outsourcing strategy to the organisations strategic plan