So how does anonymity works in the network system? As I mentioned before, it seems kind of ironical to achieve anonymity in the networking society since the whole system is based upon connection and communication. Without knowing who and where, how do you even communicate?
Roger Dingleton, the system designer of Free Haven project, makes it clear that the perfect anonymity in the networking system is not only impossible to achieve but also useless. Instead, the anonymity is achieved by manipulating the existing idea of networking. To do that, it is important to identify the agents in the system, their path and possible attacking scenario. To make it clear, I want to mention that these factors are identified from the structure of information publishing system.
There are three possible agents in the system - author, publisher and reader. Author is the one who creates the information. Publisher is the one who place that information in the server space. Reader is the one who access to the information. The flow of the information is pretty uni-directional, and it is super easy to find where it is coming from and where it goes. To achieve the anonymity, it is necessary to complicate the flow of the information inside of the network.
In the network, author, publisher, server, docmument and query can be anonymous and different benefit can be achieved by making them anonymous. It is pretty straight forward to predict what is the benefit of making author and publisher to be anonymous. However, when their identity is revealed there's nowhere for them to get away from being anonymous. (I am assuming that author and publisher are accused purely by being anonymous regardless of their action.) Below are explanation for more complex anonymity.
Server anonymity : No server can be linked to a document. When the document is picked by adversary and author and publisher is given, the adversary is no closer to knowing which server or servers on the network actually possess the document.
Document anonymity : A server does not know which document is stored.
Query anonymity: A server does not know which document it is serving when satisfying server’s request.
What is interesting for me is that the disguise of the event of communication can get complex depends on what is anonymous. Even though the agent is specified, if the adversary can't identify what kind of information it is, how it is delivered, and where it is, it is hard to accuse the agents of the system.I mentioned earlier that it is not necessary to achieve perfect anonymity inside of the networking system. In the end, the goal of being anonymous is to protect the agents in the network from outside recognition. At the same time, the network won't be able to function under perfect anonymity. Therefore, the networking environment rather tries to be pseudonymous instead of being anonymous. Unlike anonymity, which does not allow any link, pseudonymity enables different actions in the net. For example, the actions in the network allows pseudonym to acquire reputation which influences how much data a server can store and provide incentives based upon that. Yet pseudonymous system provide the protection of profile leak by not telling the true name and location of the agents, that can possibly lead to the real world accusation.
No comments:
Post a Comment