Privacy and Anonymity

Previous page
Table of content
Next page

Most of us have some things that we would rather keep to ourselves. The things that we conceal are private, and the rest we deem public. Although the things that we reveal are "open" to the public, we often still consider them to be a part of our being something that we would like to retain ownership of, or control access to.

People can regain ownership and exercise a significant amount of control through managing their identity. Anonymity and pseudonymity permit them to reduce their identity to characteristics they hope to manage. At the same time, they often reconstruct their persona, demarcating new personal boundaries including those that define privacy.

Note

Anonymity has an obviously negative effect on identity-based security and services, such as nonrepudiation and accountability. P2P applications can be built around activity-based security and services instead.


Computer systems are similar. There are walls about personal information, software and physical devices. In an open networked environment, some of the system is exposed to the public through physical or logical interfaces. We use security systems to choose what is accessible and to protect ourselves from the activities of others.

As mentioned earlier, anonymity enables you to draw broad strokes around yourself, affording a great deal of protection by hiding your true name. Pseudonymity does the same thing, but offers the useful feature of being able to be consistently identified with a name. Pseudonymity is more flexible in that it allows for longer, more permanent relationships. However, pseudonymity is at a disadvantage to anonymity in that it is potentially traceable. Even so, users want even more control than the little that remains in the public realm. Suppose that a user who is known only as mm-man signs up for a daily news bulletin from the M&M fan club. He wants to be among the first to find out what color wins the worldwide vote and becomes the next official M&M color. Each day he receives interesting and useful news, including tips about exercises that he can perform at his desk to keep in shape. Then, one day he receives an unsolicited email from the Ab-Exerciser Company. Soon, he is getting emails from hundreds of companies, and some of them are offensive. mm-man would have appreciated it if the M&M fan club (or somebody else) would have treated his personal information with more care as something that was private.

Several of the techniques outlined earlier in the chapter can be used to enhance user privacy in this application. For example, mm-man can work with a third-party system that rejects email that does not have a credential issued by mm-man. Thinking of the sender as a peer and mm-man as another, you can see how peer-to-peer systems can be designed to support user requirements for privacy and provide the security necessary to safeguard all concerned.

Note

For readers interested in a discussion about identity, anonymity, psuedonymity, and other "nymities," see "The Theory of Nymity" at http://www.geektimes.com/michael/culture/humor/items/Geekish/theoryOfNymity.html. Although it's meant to be humorous, there are some interesting thoughts.


Several interesting examples of peer-to-peer systems that provide anonymity exist. One is Publius, a system that is designed to publish documents that resist censorship, while providing full anonymity to the author or publisher. Publius consists of an arbitrary number of Web servers that have the Publius software installed. The servers are independently owned, and there are no restrictions placed on the administrators.

When a writer publishes a document, the Publius software generates a key that is used to encrypt the document. The key is then split into "shares" that are distributed with a copy of the encrypted document to all the Publius servers. Each server receives a complete copy of the document and one share. Only a few of the shares are required to reconstruct the key. The Publius software then constructs a special URL that encodes the location of the shares and encrypted files on the Publius servers. To get the document, the Publius client obtains and parses the URL, and randomly picks as many Publius servers as are required to reconstruct the key. It then downloads the shares from those servers, reconstructs the key, and finally downloads one copy of the document.

Publius is censor-resistant in part because documents are distributed across a number of systems. Publius does not require any information about the author, so it is an anonymous service. However, as it's independently administered, it's possible that the Web servers log IP addresses that can potentially link the writer to a document.

An anonymizing proxy gives additional protection to the writer. Anonymizing proxies work by accepting the address that a client wants to connect to, making the connection on behalf of the user, and relaying the response. The address that is logged at the Publius Web server is the proxy's address. Additional information about Publius can be obtained from http://www.publius.com/.

Previous page
Table of content
Next page
JavaT P2P Unleashed
JavaT P2P Unleashed
ISBN: N/A
EAN: N/A
Year: 2002
Pages: 209
BUY ON AMAZON
FileMaker Pro 8: The Missing Manual
Cisco Voice Gateways and Gatekeepers
Cisco CallManager Fundamentals (2nd Edition)
After Effects and Photoshop: Animation and Production Effects for DV and Film, Second Edition
Visual Studio Tools for Office(c) Using C# with Excel, Word, Outlook, and InfoPath
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy