Wednesday, September 16, 2009

cloud idea for future privacy architecture work

two areas (not unrelated) people want to do better security (both privacy and access control) are
1. social networks
2. cloud computing

I'm going to ignore the (hard) problem of traffic analysis and full on pseudanonymity for this blog for now...

since social nets run (mainly) in the clode, lets see if we can use 1 hammer for both rusty nails:

traditionally, we'd like to have a full subject/object matrix of capabilities - in general, for cntrolling who can see/use/alter what, for n objects, with k attributes and z access styles, we could end up with z*k*n^2 entries.
This doesn't scale for computers, and it doesn't scale for people.

In reality, many systems reduce the problem by two means
a) hierarchy (or multiple hierarchies with domain specific roots) reducing the space to k*z*ln(n) - think unix file systems and r/w/x
b) groups. n.b. with enough groups, you can do the entire s/o matrix of course, but that kind of defeats the purpose (which is simplification by aggregation)....think unix file systems and sudo and r/w/x for u/g/o, and then add newgrp etc etc

People do this sort of thing manually in their online existence by having multiple social net accounts and managing their friend lists differently on each one.

The problem (something Boris Dragovic did his phd on here a few years back) is that a hierarchy doesn't always capture what you want, but an ad hoc collection of exceptions
breaks things and makes things hard to remember for poor old humans again

so lets introduce two new things
1. Dunbar's work on social groups and layers of trust
2. games and BAR-T

In 1, we have a way to express trust relations which auto-magically gives us groups - the layers of trust in a social network are known to decrease as you move out from kinship, through friendship, through colelagues, then acquaintences. But, its dynamic, jim, and not necessarily, dynamic as we know it....
In 2, we have behaviours that are trustworthy (altruism, rational, byzantine) and measureabl, and can be attested to by witnesses....

SO we can build a system that creates defaults and learns and relearns the right settings in the (number of) hierarchy(s), and number of groups and access rights for each layer of the onion, both socially and technically.

We can also incorporate downgrading (or your reputation,creditworthiness, or access rights) forgetting (or un-friending) in the same architecure -

activity keeps friendships alive and rational or altruistic acivity keeps a cloud access right alive at some level.

Now we need a data structure that is an efficient representation of a tree but within a sparse representation of a (easy to update) matrix...that should be easy...

No comments: