Maintaining State (login and conversations)
- Login via a stateless protocol, maintain state with cookies
- Stateful protocols
- Synchronize state via a Merkle DAG (Git Repo) or CRDT
Topologies of Harm
Elio Grieco
1-july-2024
Where
Talk given at the 2024-07-01 meeting of the SouthWest Cyber Security Forum.
Slides available at: https://eliogrieco.com/topologies-of-harm/
What
The security of a system is an intrinsic part of its design.
The topology (or shape) of a digital system determines many of its security characteristics.
Why
What we’re doing today isn’t working.
The biggest gains to our collective security and wellbeing can be had by switching to topologies that align with the original goals of the internet.
Terms
Let’s define a few terms that might be helpful when discussing this topic…
Topology
Our focus:
- Centralized
- Decentralized/Federated
- Distributed
Trust
- Certificate Authorities
- Web of Trust
- Trust Mapping
- Zero Trust
Addressing
- Positional addressing
- Content based addressing
Other Terms
- Cloud
- Local First Applications
- State management
- Replication
Parkerian Hexad
The Parkerian Hexad attributes are the following:
- Confidentiality
- Possession or Control
- Integrity
- Authenticity
- Availability
- Utility
Components
Identity
Uses of identity:
- Authentication
- Authorization
- Discovery
- Routing
- Confidentiality (encryption)
Discovery and Search
- DNS
- Search Engines
- DHT
- Flood Search
Data Transport
- Circuit Switched
- Packet Switched
Data Storage
- Replication
- Error correcting codes
- Encryption at rest
Advantages of Distributed Topologies
Verification of Keys/Identity
Knowledge Horizons
Attacks
- Impersonation
- Sybil attacks
- Man in the Middle
- Onwership Transfer
- Denial of Service
Issues
- CDA 230
- Data longevity
- Censorship
- Algorithmic manipulation
Popular Topologies
Currently in Use
- Client-Server
- Decentralized/Federated
- Cloud
- Pub Sub/Gossip Protocols
- Mixnets (Tor)
Up and Coming
- Blockchain/Distributed Ledger
- Distributed/Peer to Peer
- BitTorrent
- IPFS
- Hyphanet/Freenet
- Open-net/Darknet/Brightnet
Topologies of Harm Elio Grieco 1-july-2024