EDN/Criteria: Unterschied zwischen den Versionen

Aus C3D2
Zur Navigation springen Zur Suche springen
(where this criteria come from)
 
(7 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt)
Zeile 1: Zeile 1:
== Criteria ==
= Criteria =


The new internet should met the following criteria as good as possible.
The new internet should meet the following criteria.
The quality of security and privacy might vary between the different exposed services.
The quality of security and privacy might vary between the different exposed services.


Where this criteria come from - under construction


=== I. Privacy and Security Criteria ===
== I. Privacy and Security Criteria ==


Data security is at the core of our technical approach. It is not sufficient to only secure the
Data security is at the core of our technical approach. It is not sufficient to only secure the
Zeile 25: Zeile 24:




=== II. Performance, Reliability and Usability criteria ===
== II. Performance, Reliability and Usability Criteria ==


Beyond the application of cutting-edge security standards, our concept emphasizes
Beyond the application of cutting-edge security standards, our concept emphasizes
Zeile 48: Zeile 47:
# '''Resource contribution incentives''': The network provides incentives for peers to contribute more resources than they consume;
# '''Resource contribution incentives''': The network provides incentives for peers to contribute more resources than they consume;


=== III. Software Criteria ===
== III. Software Criteria ==


# '''Free software''' with free as in liberty.
# '''Free software''' with free as in liberty.
Zeile 58: Zeile 57:
# '''Secure Updating''': It is possible to securely update system components;
# '''Secure Updating''': It is possible to securely update system components;
# '''Reproducible Builds''': Available as reproducible builds
# '''Reproducible Builds''': Available as reproducible builds
# '''Holistic solution''': which means it encompasses all layers of the OSI model and beyond, i.e. from the strongly delay and packet loss tolerant physical layer through an automatically configured, encrypted and anonymizing middle layer to services on the upper layer such as social networking, P2P transfer or generic data storage;
# '''Holistic solution''': it includes [https://en.wikipedia.org/wiki/Osi_layer OSI-layer] two to seven.


=== IV. Society and Legal Criteria ===
== IV. Society and Legal Criteria ==


# '''Public support''': ethically, politically and financially supported by public entities;
# '''Public support''': ethically, politically and financially supported by public entities;
Zeile 67: Zeile 66:
## they do not gain access to any data of constitutional relevance, in particular not the social graph which the user is not entitled to share with external third parties as other people are affected by such gesture;
## they do not gain access to any data of constitutional relevance, in particular not the social graph which the user is not entitled to share with external third parties as other people are affected by such gesture;
# '''Participation''': The network is '''open''': that means everyone can easily participate (after installation of the protocol stack);
# '''Participation''': The network is '''open''': that means everyone can easily participate (after installation of the protocol stack);
== References ==
The following criteria are inherited from the
* [https://wiki.socialswarm.net/Software Social-Swarm]-working group
* [https://libreplanet.org/wiki/GNU/consensus/berlin-2013 GNU consensus]-working group
* [https://www.wauland.de/files/2014-03-25_InternetForThe21stCentury.pdf  The-21st-century-vision paper] of the [http://youbroketheinternet.org/ #youbroketheinternet]-working group
* [https://ethercalc.org/7a9kz9vx3n counterantidisintermediation]-working group
* [http://www.stoa.europarl.europa.eu/stoa/webdav/site/cms/shared/2_events/workshops/2015/20151208/main.pdf  GNUnet publication] for "Protecting online privacy by enhancing IT security and strengthening EU IT capabilities"- event of the European Parliament
* and developed by [https://libreplanet.org/wiki/User:CvL lynX] and Dmos.
* Pfitzmann, Andreas; Hansen, Marit (2010): [https://dud.inf.tu-dresden.de/literatur/Anon_Terminology_v0.34.pdf A terminology for talking about privacy by data minimization]

Aktuelle Version vom 5. Juni 2016, 18:45 Uhr

Criteria

The new internet should meet the following criteria. The quality of security and privacy might vary between the different exposed services.


I. Privacy and Security Criteria

Data security is at the core of our technical approach. It is not sufficient to only secure the contents of communications. We also want to prevent the systematic collection of communication profiles (metadata), as the analysis of the social graph of a population poses a particular threat to democracy.

  1. Free Software: consistent use of free and open software, putting the system under permanent public scrutiny and giving users control over their computation;
  2. Encryption:
    1. End-to-end-encryption: ubiquitous end-to-end encryption, removing the necessity to trust any third parties that might access our data while it is being transmitted or stored. No intermediate actors gain access to the exchanged content.
    2. Perfect Forward Secrecy: encryption is regularly renewed in such a way that past communications cannot be retroactively be decrypted upon access to key material.
    3. Link Encryption
  3. Meta data protection: obfuscation of transmission patterns, preventing the analysis of social relations, behavior patterns and topical interests of the participants in a network;
  4. Authentication: by direct interaction or by common social contacts, no trust delegation to external third party authorities. When interacting among private persons, the counterpart is directly or socially authenticated by default. When interacting with businesses, customers choose whether to stay fully anonymous, to adopt a long-term pseudonymity (equivalent to accepting a web cookie) or to authenticate themselves as a physical person. An integrated payment system enables an economy where the customer can remain anonymous.
  5. Decentralization: Essential to removing single points of failures and highly concentrated data flow from the calculation. Without distribution it is not enough: Whenever there is a fixed server in charge of a certain person it will gain access to all of that person's metadata. Even worse if that server is operating in a Federation kind of style or the application assumes its server to be in any way a safe place to store private data;
  6. Distributed data flow and storage: making bulk collection of data economically unattractive. No traditional server nodes may gain access to either content or metadata of communications, therefore only a distributed system of agnostic relay nodes can provide scalability, intermediate storage and anonymity from third parties all at once;


II. Performance, Reliability and Usability Criteria

Beyond the application of cutting-edge security standards, our concept emphasizes scalability and usability. We want to establish an attractive technological platform for applications that can be used by large user bases and businesses worldwide. Using a modular approach, we are integrating existing best practices and results from the scientific community to build a coherent system.

  1. Easy to install
  2. Usage: the user interface is intuitively usable;
  3. Accessibility: The interface(s) of the software are accessible (to people with impairments/disabilities);
  4. Functionality representation: the user interface represents in an easy way the functionality that is laying beneath;
  5. Efficient distribution: heterogeneous distribution trees, because we need to interconnect billions of users without resorting to cloud technology
  6. Security vs. Performance: The network shall be as performing as it can be, considering the grade of security for the specific services;
  7. Available public data: The infrastructure enables caching and intelligent distribution of public data, yet provides anonymous access to it (Examples known to fulfill this requirement: Maidsafe, Secushare, Freenet) -> Knowledge representation and file sharing in P2P networks;
  8. Resilience: The network has to be resilient: stable, adaptable, fault-tolerant (e.g. against jamming);
  9. Robust against fluctuating node participation;
  10. Real-time communication: The infrastructure supports also real-time communication;
  11. Partial resource sovereignty: The amount of bandwidth for private usage can be configured;
  12. Energy consumption restrictions: The nodes can be mobile, but technology in mobile devices must be aware of energy consumption restrictions;
  13. Sneakernet: Whenever necessary, data exchange may also happen by taking a storage device physically from one place to another (Briar, GNUnet transports etc.);
  14. Resource contribution incentives: The network provides incentives for peers to contribute more resources than they consume;

III. Software Criteria

  1. Free software with free as in liberty.
  2. Code Criteria, The code providing the GNU Internet protocol stack must be:
    1. logically verified,
    2. efficient,
    3. well documented,
    4. well tested,
  3. Secure Updating: It is possible to securely update system components;
  4. Reproducible Builds: Available as reproducible builds
  5. Holistic solution: it includes OSI-layer two to seven.

IV. Society and Legal Criteria

  1. Public support: ethically, politically and financially supported by public entities;
  2. Restrictions to proprietary applications: they may use the new Internet protocol stack under the conditions that:
    1. they run in a securely sand-boxed environment;
    2. they do not gain access to any data of constitutional relevance, in particular not the social graph which the user is not entitled to share with external third parties as other people are affected by such gesture;
  3. Participation: The network is open: that means everyone can easily participate (after installation of the protocol stack);

References

The following criteria are inherited from the