Information Technology Reference
In-Depth Information
at the same time possibilities for multiple exploits of Internet technology that are
visible at higher levels but rooted at the bottom of its protocol stack.
The self-* properties of autonomic communication promise to change existing bal-
ance between feature rich network edges and stupid core. The hope is to eliminate
many if not all security threats found currently in IP-based networks by eliminating
possible exploits. An autonomic network element empowered by self-* capabilities
will not only able to detect an attack but also to act cooperatively with other elements
of a trusted community against the reason. The power of autonomics is in community
awareness; however community building and maintenance requires some sort of hose
keeping — in-network information exchange between lower protocol layers.
Alike routing — the dominant Internet house-keeping information exchange for
topology and connectivity awareness, we propose packet processing information
exchange between network nodes for trust awareness. Similar approaches were pro-
posed recently: forensic [5] and wafer-thin control plane [6] efforts aim at de-
anonymisation of attackers by correlating seemingly disjoint events collected from
network observations. Here we go one step further — enable network itself to support
this.
Like telephone networks are designed with Trust By Wire principle in mind, the
main principle we want to investigate is the Trust By Workflow, meaning that auto-
nomic nodes that cooperate at media delivery level can eventually elaborate signifi-
cant trust based on successful history of common work. Observing that network nodes
are performing very repetitive work, and following the routing with a clue motivation
[7] we generalise this principle for potentially any network function.
Workflow information is readily available in network nodes. Media processing in a
node uses a lot of local state data for decision making: Where to forward this data-
gram? Is this micro flow admitted to EF service class? Is this port number allowed for
the requesting host? Is this peer allowed to upload a file on another peer's computer?
After a decision is made the result is usually dropped or at best logged.
Most challenging, yet possible is trust in ad hoc communication scenario, with no
infrastructure to host trusted third party, etc. When a pair of nodes realises that they
belong to the same path shared by significant traffic volume they start exchanging
their workflows for served traffic with the aim to agree on an optimization of a com-
mon service. This pair-wise process leads to a bootstrapping of a community (e.g. per
path) of nodes; it starts with confirmation of the obvious. Exchange of workflows
pertaining to a common media flow — information with firmly verifiable evidence,
can be advanced after trust is achieved. We propose to use content adaptation: the
more advanced is the trust the finer grained details are exchanged. Thus the amount of
data exchanged is very close to constant, subject to media traffic volumes served.
The paper is not about a trust establishment protocol, or fitness function calcula-
tion, though those are sketched as means to demonstrate our concepts; it's rather
about a new paradigm of in-network community communication that enables trust and
immunity. The rest of the paper is organized as follows. Section two builds a model of
node's functionality and describes the vision of autonomic network, it introduces also
the basic notation of protocol expressions that is used and extended throughout the
paper to describe behaviours. Section three starts with a example, introduces some
reasonable etiquette rules for cooperation, and picks some reasonable fitness function.
It concludes with considerations of bootstrapping and finally demonstrates self-
Search WWH ::




Custom Search