Attribution in the Future Internet: The Second Summer of the Sisterhood

Abstract: Attribution is the binding of data to an entity. An attribution framework is an infrastructure for managing attributes and their values. It consists of four components: a set of entities (actors) having an interest in attribution with respect to a transaction; a set of data to be attributed; the level of assurance with which values of attributes can be determined, and with which they can be associated with an entity; and a policy negotiation engine that actors use to negotiate an acceptable set of attributes and levels of assurance for their values in order to conduct a transaction (the "policy"). The actors include the sender and recipient, the sender's and recipient's organizations, ISPs, backbones, and political entities. This paper assumes that such a general attribution framework has been implemented. It examines the implications of such a framework upon the Internet, and upon transactions (specifically, the sending and receiving of packets) among actors. The embedding of attribution requirements in policies controlling communications between parties raises the question of who can communicate with whom. Specifically, how does the use and enforcement of policies based upon attributes affect users of the Internet? We examine this question in two contexts: that of the societal revolution known as "Arab Spring", and that of elections in the United States. We present requirements and the attributes that must be supplied to meet those requirements. We then examine some of the implications of supplying the attributes from the point of view of servers, clients, and intermediaries (such a ISPs and governments). We conclude with a discussion of when attribution is desirable, and when the inability to attribute actions is desirable