Recursively invoking Linnaeus: A Taxonomy for Naming Systems

Naming is a central element of a distributed or network system design. Appropriate design choices are central. This paper explores a taxonomy of naming systems, and engineering tradeoffs as an aid to the namespace designer. The three orthogonal components of the taxonomy are the characteristics of the namespace itself, name assignment, and name resolution. Within each of these, we explore a number of distinct characteristics. The position of this paper is that engineering design of naming systems should be informed by the possibilities and tradeoffs that those possibilities represent. The paper includes a review of a sampling of naming system designs that reflect different choices within the taxonomy and discussion about why those choices were made.This effort was sponsored by the Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel Command, USAF, under agreement number F30602-00-2-0553

Design Issues in Internet 0 Federation

Internet 0 is proposed as a local area network that supports extremely small network devices with very little capacity for computation, storage, or communication. Internet 0 addresses the issue of connecting very small, inexpensive devices such as lightbulbs and heating vents with their controllers. To achieve this effectively, Internet 0 assumes both that operating between communicating end-nodes should not require third-party support, and that IP will be available all the way to those end-nodes. Several simplifying assumptions are made in Internet 0 to achieve this. The objective of this paper is to explore issues of design in a context where federation of an Internet 0 net either with other Internet 0 nets or the global Internet becomes important. The question we ask is whether the end-node in such an Internet 0 needs to know more or behave differently in such a federated environment, and how one might achieve such federation. We explore three aspects of network design in this study: addressing and routing, traffic collision and congestion control, and security. In each case, based on analysis, we conclude that to reach our goals in a generalizable and extensible fashion, a third party service will be needed to act as an intermediary, and propose that a single service should provide all the required federation services.Singapore-MIT Alliance (SMA

Big Data Privacy Scenarios

This paper is the first in a series on privacy in Big Data. As an outgrowth of a series of workshops on the topic, the Big Data Privacy Working Group undertook a study of a series of use scenarios to highlight the challenges to privacy that arise in the Big Data arena. This is a report on those scenarios. The deeper question explored by this exercise is what is distinctive about privacy in the context of Big Data. In addition, we discuss an initial list of issues for privacy that derive specifically from the nature of Big Data. These derive from observations across the real world scenarios and use cases explored in this project as well as wider reading and discussions:* Scale: The sheer size of the datasets leads to challenges in creating, managing and applying privacy policies.* Diversity: The increased likelihood of more and more diverse participants in Big Data collection, management, and use, leads to differing agendas and objectives. By nature, this is likely to lead to contradictory agendas and objectives.* Integration: With increased data management technologies (e.g. cloud services, data lakes, and so forth), integration across datasets, with new and often surprising opportunities for cross-product inferences, will also come new information about individuals and their behaviors.* Impact on secondary participants: Because many pieces of information are reflective of not only the targeted subject, but secondary, often unattended, participants, the inferences and resulting information will increasingly be reflective of other people, not originally considered as the subject of privacy concerns and approaches.* Need for emergent policies for emergent information: As inferences over merged data sets occur, emergent information or understanding will occur. Although each unique data set may have existing privacy policies and enforcement mechanisms, it is not clear that it is possible to develop the requisite and appropriate emerged privacy policies and appropriate enforcement of them automatically

IoT Big Data Security and Privacy vs. Innovation

In this paper, we address the conflict in the collection, use and management of Big Data at the intersection of security and privacy requirements and the demand of innovative uses of the data. This problem is exaggerated in the context of the Internet of Things (IoT). We propose a three-part decomposition of the design space, in order to clarify requirements and constraints. To reach this final analysis, we begin by clarifying the challenges in the design space: (1) there is little agreement on what is meant by IoT, and in particular the security and privacy implications of different definitions; (2) we then consider the requirement and constraints on the big data that result from various IoT system designs; (3) in parallel, we examine the intricacies of the demand for innovation from the both the legal and economic perspectives. In this context, we then can decompose the set of drivers and objectives for security/privacy of data as well as innovation into (1) the regulatory and social policy context, (2) economic and business context, and (3) technology and design context. By identifying these distinct objectives for the design of IoT Big Data management, we propose that more effective design and control is possible at the intersection of these forces, through an iterative process of review and redesign

Copying Complex Structures in a Distributed System

This thesis presents a model of a distributed system. The universe of objects in the distributed system is divided into mutually exclusive sets, each set corresponding to a context. This model allows naming beyond the context boundaries, but limits communication across such boundaries to message passing only

Abstract Designing for Scale and Differentiation

Submitted for publication Naïve pictures of the Internet frequently portray a small collection of hosts or LAN’s connected by a “cloud ” of connectivity. The truth is more complex. The IP-level structure of the Internet is composed from a large number of constituent networks, each of which differs in some or all of transmission technologies, routing protocols, administrative models, security policies, QoS capabilities, pricing mechanisms, and similar attributes. On top of this, a whole new structure of application-layer overlays and content distribution networks, equally diverse in the sorts of ways mentioned above, is rapidly evolving. Virtually any horizontal slice through the current Internet structure reveals a loosely coupled federation of separately defined, operated, and managed entities, interconnected to varying degrees, and often differing drastically in internal requirements and implementation. Intuitively, it is natural to think of each of these entities as existing in a region of the network, with each region having coherent internal technology and policies, and each region managing its interactions with other regions of the net according to some defined set of rules and policies. In this paper, we propose that a key design element in an architecture for extremely large scale, wide distribution and heterogeneous networks is a grouping and partitioning mechanism we call the region. Furthermore we postulate that such a mechanism can provide increased functionality and management o