Accountable Coordination and Control - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

Accountable Coordination and Control

Description:

Accountable Coordination and Control Jeff Chase Duke University Computer Science – PowerPoint PPT presentation

Number of Views:92
Avg rating:3.0/5.0
Slides: 13
Provided by: JeffC329
Category:

less

Transcript and Presenter's Notes

Title: Accountable Coordination and Control


1
Accountable Coordination and Control
  • Jeff Chase
  • Duke University
  • Computer Science

2
Grand Challenges?
  • Distributed, adaptive infrastructure control
  • Control systems for electrical system, traffic,
    etc.
  • Enterprise information systems / workflow
  • Medicine Wallach, e-science Welsh
  • Commerce and finance
  • Supply chain, brokering/trading
  • Government
  • Control of systems we understand and own
  • Internet control plane
  • Network utilities / Grid

3
Still a Challenge
  • Use IT and distributed systems technology to
    manage real-world systems betteror greener
    Carla.
  • Shared
  • Federated
  • Local autonomy local sensors and local control
  • Decentralized/delegated power and authority
  • Global coordination
  • It really matters when things go wrong.
  • Failure of the enterprise
  • Sanctions and liability legal, financial,
    political

4
Some Worthy Challenges
  • Pervasive instrumentation / sensors
  • Dynamic, decentralized control/adaptation
  • Reliable and secure service from unreliable and
    insecure components.
  • Autonomic, self-diagnosing, self-healing
  • This talk accountability is a fundamental
    requirement with a fundamental impact on the
    structure of these systems.

5
Incentives are Paramount
  • P2P massive scale, anonymous participants,
    randomized dispersion of functions and roles.
  • What have we learned?
  • Complex systems are federated.
  • Any federated system is a game.
  • Self-interested actors
  • Local choices, emergent global behavior
  • Primacy of incentive/mechanism
  • Recognize and reward faithfulness and punish
    disruptive, faulty, or anti-social behavior.

6
The Social Contract
  • Participants obtain benefits from membership in a
    collective or community.
  • Well-structured communities are self-sustaining
  • Bottom-up growth and evolution / interconnection
  • Membership entails rights and obligations.
  • Negotiated roles rather than random assignment
  • Control networks and enterprises are at modest
    scale.
  • Low churn
  • Strong identity is possible.

7
Vulnerabilities and Defenses
  • Security trust establishment, integrity of
    communications
  • Extend the secure perimeterif you have one.
  • Authorization useful for rights, but not
    obligations
  • BFT all actors are vulnerable to attack and
    subversion
  • May manifest as a fault or disruptive behavior
  • But BFT is not enough tyranny of majority, must
    deal with strategic/rational behavior Alvisi,
    Dahlin
  • Accountability issues compliance with the
    contract, faithfulness to assigned roles,
    self-consistent behavior, correctness and
    effectiveness of action within the community.

8
Accountability
  • What did he know and when did he know it.
  • There were failures at all levels of
    government.
  • We must know who did what to whom when.
  • Maintain secure history of states and actions
    Shrira
  • Non-repudiability of history
  • Prevent actors from misrepresenting the claims or
    actions of themselves or other actors.
  • Assign responsibility for failures, and prove it
  • Auditing
  • Trust but verify.

9
Some Challenges
  • Transitive integrity in communication protocols
  • Recording and maintaining tamper-evident history
  • How to prove the absence of actions?
  • Reasoning about action history and causality
  • Supplement protocols to permit peers to verify
    self-consistent behavior and faithfulness.
  • Auditing or consistency checking by other actors
    against previous actions or states.

10
Framing?
  • Negative security framing applies
  • Catch problems early and limit the damage
  • Learn from history avoid repeating disasters
  • Build distributed service infrastructures that
    promote safe cooperation/coordination.
  • Overcome fear that discourages coordination
  • Sustainable distributed systems
  • Enable accountable institutions
  • E.g., Assure data quality for distributed
    information sharing, e.g., in exchange of medical
    records or scientific data.

11
Problems/thoughts
  • Devise practical techniques that enable an actor
    to prove that a claim or action is justified by
    its certified inputs according to accepted rules.
  • E.g., a router cannot advertise a path upstream
    unless it can show that the path is legitimate
    given advertisements received from its downstream
    neighbors.
  • Transitively unwind actions and beliefs resulting
    from claims and directives by an actor
    subsequently discovered to be faulty.
  • Are there common state representations and
    protocols that transfer to a wide range of
    services, i.e., toolkits to facilitate
    construction of accountable systems?
  • What is the role of non-repudiable messaging and
    accountability in systems that involve
    contractual arrangements?
  • What are the limits to services built without
    trust, relative to services that embody trust but
    whose behavior is audited to validate it against
    expected semantics?
  • How can we reconcile accountability with privacy?

12
http//www.cs.duke.edu/chase
Write a Comment
User Comments (0)
About PowerShow.com