Hosting Wide-Area Network Testbeds: Policy Considerations Larry Peterson Princeton University.

Slides:



Advertisements
Similar presentations
Rob Smets A user centred approach IPv6 deployment monitoring.
Advertisements

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
1 Planetary Network Testbed Larry Peterson Princeton University.
PlanetLab What is PlanetLab? A group of computers available as a testbed for computer networking and distributed systems research.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
Xen , Linux Vserver , Planet Lab
Fundamentals of Computer Security Geetika Sharma Fall 2008.
Chapter 21 Successfully Implementing The Information System
One-Click Hosting Services: A File-Sharing Hideout Demetris Antoniades Evangelos P. Markatos ICS-FORTH Heraklion,
1 In VINI Veritas: Realistic and Controlled Network Experimentation Jennifer Rexford with Andy Bavier, Nick Feamster, Mark Huang, and Larry Peterson
INTRANET SECURITY Catherine Alexis CMPT 585 Computer and Data Security Dr Stefan Robila.
Paul Solomine Security of P2P Systems. P2P Systems Used to download copyrighted files illegally. The RIAA is watching you… Spyware! General users become.
Review for Exam 4 School of Business Eastern Illinois University © Abdou Illia, Fall 2006.
Web server security Dr Jim Briggs WEBP security1.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
E-Commerce: Regulatory, Ethical, and Social Environments
OCR Computing for GCSE © Hodder Education 2011
Presented by Manager, MIS.  GRIDCo’s intentions for publishing an Acceptable Use Policy are not to impose restrictions that are contrary to GRIDCo’s.
In the Belly of the Breach: What Every In-House Counsel Needs to Know about Data Breach Response ACC International Legal Affairs Committee Legal Quick.
1. What is the DMCA? Digital Millennium Copyright Act. Signed into law in Provides the legal framework for copyright holders to claim copyright.
1 Naming with the Domain Name System. 2 Internet Applications Domain Name System Electronic mail IP telephony Remote login File transfer All use client-server.
1 One-Click Hosting Services: A File-Sharing Hideout Demetris Antoniades Evangelos P. Markatos ICS-FORTH Heraklion,
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
Deep Packet Inspection Matthew Carson. What is Deep Packet Inspection? A form of packet filtering which examines the data portion of an internet packet.
Network Operating Systems versus Operating Systems Computer Networks.
ECE4112 Lab 7: Honeypots and Network Monitoring and Forensics Group 13 + Group 14 Allen Brewer Jiayue (Simon) Chen Daniel Chu Chinmay Patel.
Objectives Configure routing in Windows Server 2008 Configure Routing and Remote Access Services in Windows Server 2008 Network Address Translation 1.
1 Chapter Overview Using the New Connection Wizard to configure network and Internet connections Using the New Connection Wizard to configure outbound.
Vulnerabilities in peer to peer communications Web Security Sravan Kunnuri.
Forensic and Investigative Accounting Chapter 14 Internet Forensics Analysis: Profiling the Cybercriminal © 2005, CCH INCORPORATED 4025 W. Peterson Ave.
Forensic and Investigative Accounting Chapter 14 Digital Forensics Analysis © 2011 CCH. All Rights Reserved W. Peterson Ave. Chicago, IL
Healing the Web: An Overview of CoDeeN & Related Projects Vivek Pai, Larry Peterson + many others Princeton University.
Network and Systems Security Security Awareness, Risk Management, Policies and Network Architecture.
FIREWALLS Vivek Srinivasan. Contents Introduction Need for firewalls Different types of firewalls Conclusion.
Module 4: Configuring ISA Server as a Firewall. Overview Using ISA Server as a Firewall Examining Perimeter Networks and Templates Configuring System.
Krerk Piromsopa. Network Security Krerk Piromsopa. Department of Computer Engineering. Chulalongkorn University.
Chapter 17 E-Commerce and Digital Law
Protecting Students on the School Computer Network Enfield High School.
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
ISP Policy Position: For A university should monitor university networks and connected computers for improper activities such as copyright infringement.
PlanetLab Policies: Learning on the Job Larry Peterson Princeton University.
1 Implementing Monitoring and Reporting. 2 Why Should Implement Monitoring? One of the biggest complaints we hear about firewall products from almost.
Lecture 22 Network Security CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Hesham El-Rewini.
1 Testbeds Breakout Tom Anderson Jeff Chase Doug Comer Brett Fleisch Frans Kaashoek Jay Lepreau Hank Levy Larry Peterson Mothy Roscoe Mehul Shah Ion Stoica.
CS460 Final Project Service Provider Scenario David Bergman Dong Jin Richard Bae Scott Greene Suraj Nellikar Wee Hong Yeo Virtual Customer: Mark Scifres.
October 10, 2007 Fenwick & West Conference Center EFF 2007 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior.
Discovery 2 Internetworking Module 8 JEOPARDY K. Martin.
May 11, 2009 Golden Gate University EFF 2009 Bootcamp 2.0 Best Practices for OSPs: Law Enforcement Information Requests Kurt Opsahl, Senior Staff Attorney.
Computer Science and Engineering Computer System Security CSE 5339/7339 Session 25 November 16, 2004.
Module 10: Windows Firewall and Caching Fundamentals.
Legal Issues Now that we have looked at ethics, some of these issues are also dealt by the law. We will consider laws in the following catagories: Intellectual.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
Intellectual Property. Confidential Information Duty not to disclose confidential information about a business that would cause harm to the business or.
A CCEPTABLE U SE P OLICY Adrienne Ochs EDU D EFINITION Set of rules enforced by one who runs a network, website or a large computer system that.
Lecture 9 ETHICAL AND SOCIAL ISSUES IN INFORMATION SYSTEMS (continued) © Prentice Hall
1 A Blueprint for Introducing Disruptive Technology into the Internet Larry Peterson Princeton University / Intel Research.
Internet Privacy Define PRIVACY? How important is internet privacy to you? What privacy settings do you utilize for your social media sites?
Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.
ANONYMIZING / WEB PRIVACY. TOOLS: STAYING ANONYMOUS ON THE INTERNET Proxy Server Tor.
General Information: This document was created for use in the "Bridges to Computing" project of Brooklyn College. You are invited and encouraged to use.
Chapter 7: Using Network Clients The Complete Guide To Linux System Administration.
آشنایی با سیستم های امنیتی دیواره آتش نمایشگاه بین المللی Comex 2010.
Successfully Implementing The Information System Systems Analysis and Design Kendall and Kendall Fifth Edition.
SIEM Rotem Mesika System security engineering
Working at a Small-to-Medium Business or ISP – Chapter 8
Internet and Intranet.
Internet and Intranet.
Internet and Intranet.
Internet and Intranet.
Presentation transcript:

Hosting Wide-Area Network Testbeds: Policy Considerations Larry Peterson Princeton University

CoBlitz Service Has sustained rates approaching 10Gbps Also used… UniversityChannel (videos of public policy lectures) Fedora Linux distributions CiteSeer papers Polish presidential debates

PlanetLab ~1000 machines spanning 450+ sites and 40 countries Supports distributed virtualization hundreds of experiments, each running in its own slice

PlanetLab (cont) Background –Operational for six years –~1000 nodes / 450+ sites / researchers –4-6TB / 1 million unique IP addresses (each day) Actors –PlanetLab Central (PLC) ä testbed operator / trusted intermediary –Hosting Sites ä universities, corporate labs, national research networks (e.g., I2) –Researchers ä granted a slice of the global testbed –Third Parties ä end-users, content providers, attackers, ISPs

PlanetLab (cont) Measurement Studies –network probes ä traceroute, ping –application probes ä HTTP, DNS, BitTorrent –edge probes ä knowingly & unknowingly Deployment Studies –opt-in strategy ä client, server, neither –Privacy ä log files and measurement data –abusing services ä spam, unauthorized access, illegal content

Policies/Advice Do not police content –DMCA is relevant Prefer opt-out to opt-in –IRB oversight (of human studies) not required Protect privacy of log files –ECPA & SCA are relevant Research is distinctive –CALEA is not relevant Adhere to best practices –avoid random probes (CMA - UK) –prevent service abuse (CFAA)

Three-Way “Agreement” Researchers –follow established best practices –honor opt-out requests –keep log files private ä respond to legal requests to access logs –be responsive to complaints

Agreement (cont) Hosting Sites –place nodes in a DMZ ä do not filter ports or ICMP ping packets –forward complaints and concerns to the testbed operators –do not disconnect nodes as this affects all researchers –worst case: bring nodes into safe mode pending resolution

Agreement (cont) Network Testbed Operators –actively monitor and secure nodes –bring suspicious nodes into safe mode for further investigation –be responsive to complaints –suspend slices that do not adhere to best practices ä suspend users that consistently ignore best practices –engage research community in defining best practices ä educate researchers as to these practices –honor opt-out

Links Paper: PlanetLab: CoBlitz: codeen.cs.princeton.edu/coblitz/

Backup Slides

Acronyms CALEA –Communication Assistance for Law Enforcement Act CFAA –Computer Fraud & Abuse Act CMA –Computer Misuse Act (UK) DMCA –Digital Millennium Copyright Act ECPA –Electronic Communications Protection Act SCA –Stored Communications Act

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.