The Internet is defined and designed to be the ultimate Distributed System, and it has created powers of art, of commerce, of education, and science not even dreamed of by fantasy or science fiction as little as a century ago. Like all tools, the Internet only reached its potential when used in ways its inventors never considered, and not all of the Internet's impact so far as been a net good to society. Because so much personal information and financial transactions are now online, criminals now have greater access to their victims than at any time in history, and because the technology market is so fast paced as to outrun the headlights of QA, every online victim is more vulnerable than ever before. As we undertake any study of distributed system security, and especially a study of information sharing or collaboration, we must contextualize our inquiry within a framework of history and economics. It's not enough to ask, "What's happening and what can we do about it?" We must also ponder, "How did we get here and have we created structural incentives that led to current circumstances and structural disadvantages that have got us stuck here?" We know how to share information and we know how to make information sharing better -- but do we know why information should be shared or how to incentivize such sharing? And, how do our technical choices influence those incentives? In this keynote address, the author will broadly survey some structural defects in the world's response to distributed systems risk, across three major topic areas: (1) Innovation; (2) Investment; and (3) Standards. We hope to offer the audience a context for inquiry that will eventually lead the Internet security industry out of its current and immensely profitable swamp and toward long term solutions to our more fundamental problems.
[1]
Jun Murai,et al.
NCAP - Distributed network capture with shared analysis
,
2011
.
[2]
Paul Vixie,et al.
DNS and BIND Security Issues
,
1995,
USENIX Security Symposium.
[3]
Virginia Dickson,et al.
Collaboration plus! The development of an information literacy and communication program
,
2004
.
[4]
Paul Vixie.
Preventing Child Neglect in DNSSECbis Using Lookaside Validation (DLV)
,
2005,
IEICE Trans. Commun..
[5]
Patricia A. Kreitz.
PARTNERSHIPS AND CONNECTIONS: Librarians as knowledge builders: Strategic partnering for service and advocacy
,
2004
.
[6]
Paul Vixie.
Federated Domain Name Service Using DNS Metazones
,
2006,
IEICE Trans. Commun..
[7]
Paul Vixie.
DNS Complexity
,
2007,
ACM Queue.
[8]
Steve O'Connor.
Collaborative strategies for low-use research materials
,
2004
.
[9]
Jill Markgraf,et al.
Collaboration Between Distance Education Faculty and the Library
,
2002
.
[10]
Paul Vixie,et al.
Rate-limiting State
,
2014,
ACM Queue.
[11]
Wenke Lee,et al.
Increased DNS forgery resistance through 0x20-bit encoding: security via leet queries
,
2008,
CCS.
[12]
Larry L. Hardesty,et al.
Successful Partnering to Transform the College Library: An Interview with Richard Ekman
,
2004
.