DOCSLIB.ORG

Technology Stack for Decentralized Mobile Services

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Technology Stack for Decentralized Mobile Services Technology Stack for Decentralized Mobile Services Matouš Skála Technology Stack for Decentralized Mobile Services by Matouš Skála to obtain the degree of Master of Science at the Delft University of Technology, to be defended publicly on Monday August 31, 2020 at 3:00 PM. Student number: 4893964 Project duration: November 15, 2019 – August 31, 2020 Thesis committee: Dr.ir. J.A. Pouwelse, TU Delft, supervisor Dr. J.S. Rellermeyer, TU Delft Dr. N. Yorke-Smith, TU Delft An electronic version of this thesis is available at http://repository.tudelft.nl/. Preface When I was choosing my thesis topic, I originally came up with an idea of designing a decen- tralized social network. After realizing how ambitious that goal was, I later decided to focus on more fundamental issues first and create a library that would allow for building any de- centralized applications, running purely on an overlay network consisting of smartphones. Rather than reinventing the wheel, I took inspiration from an existing networking library de- veloped at TU Delft over the last decade and created its wire-compatible implementation in Kotlin. Interestingly, in the end, I have even implemented a trivial social network to demon- strate the usage of the library, returning back to the original idea. I would like to thank my supervisor Johan Pouwelse for an endless stream of fresh ideas and valuable feedback, and to PhD students of the Delft Blockchain Lab for numerous coffee meetings and for serving me as a walking documentation of the existing codebase. Matouš Skála Prague, August 2020 iii Contents 1 Introduction1 2 Problem Description3 2.1 Antitrust Battle Against Big Tech...........................3 2.2 The Threat of Super Apps...............................4 2.3 End-to-End Principle Challenged...........................4 2.4 Freedom of Trustworthy Communication......................5 2.5 Research Focus and Structure.............................6 3 State of the Art7 3.1 Decentralized Communication Platforms......................7 3.1.1 Fediverse....................................7 3.1.2 Briar.......................................8 3.1.3 Secure Scuttlebutt...............................8 3.1.4 libp2p...................................... 10 3.1.5 IPv8....................................... 11 3.2 NAT Traversal...................................... 11 3.2.1 Background on NAT Classification...................... 12 3.2.2 Hairpinning................................... 13 3.2.3 Carrier Grade NAT............................... 13 3.2.4 Port Forwarding................................. 13 3.2.5 Session Traversal Utilities for NAT (STUN).................. 14 3.2.6 Traversal Using Relays Around NAT (TURN)................. 14 3.3 Infrastructure-Less Communication......................... 15 3.3.1 Bluetooth.................................... 15 3.3.2 Bluetooth Low Energy............................. 16 3.3.3 Wi-Fi Direct................................... 16 3.3.4 Wi-Fi Aware................................... 16 4 Protocol Design 17 4.1 Identity and Keys.................................... 17 4.2 Peer Discovery..................................... 18 4.2.1 Bootstrap Server................................ 18 4.2.2 Multicast DNS................................. 18 4.2.3 Bluetooth Advertising............................. 18 4.3 Transport Layer..................................... 18 4.3.1 Reliable vs. Unreliable Transport....................... 19 4.3.2 UDP Socket Multiplexing........................... 19 4.3.3 Secure Communication............................ 19 4.3.4 Binary File Transfer over UDP......................... 19 v vi Contents 4.4 NAT Traversal with Peer Introductions........................ 20 4.5 Symmetric NAT Traversal............................... 21 4.5.1 Topological Assumptions........................... 21 4.5.2 NAT Type Detection.............................. 22 4.5.3 Extended Peer Introduction Protocol..................... 22 4.6 Communication with Nearby Devices........................ 24 4.6.1 Introduction to Bluetooth Low Energy.................... 24 4.6.2 BLE Communication Architecture...................... 24 4.7 TrustChain: Scalable Distributed Ledger....................... 26 5 Protocol Implementation 27 5.1 System Architecture.................................. 27 5.2 Communities...................................... 28 5.2.1 Discovery Community............................. 29 5.2.2 TrustChain Community............................ 29 5.3 Discovery Strategies.................................. 29 5.3.1 Random Walk.................................. 30 5.3.2 Periodic Similarity............................... 30 5.3.3 Random Churn................................. 30 5.3.4 Bluetooth Discovery Strategy......................... 30 5.4 Bootstrap Server.................................... 30 5.5 Project Structure.................................... 31 6 Decentralized Super App 33 6.1 PeerSocial: Decentralized Social Network...................... 33 6.1.1 Trustworthy Friendship Establishment.................... 33 6.1.2 Private Messaging Protocol.......................... 34 6.1.3 Public Post Feed................................ 37 6.2 TrustChain Explorer.................................. 38 6.3 Project Structure.................................... 38 7 Evaluation 41 7.1 Analysis and Puncturing of Carrier Grade NAT.................... 41 7.1.1 Experimental Setup.............................. 42 7.1.2 Results...................................... 43 7.2 Social Graph Scalability Experiment......................... 43 7.3 Bootstrap Performance................................ 43 7.4 Blob Transfer Rate................................... 44 7.5 Power Efficiency.................................... 45 7.6 Code Quality...................................... 46 8 Conclusion 47 Bibliography 49 1 Introduction The Internet was created with the idea that any two computers connected to the shared net- work should be able to communicate with each other. It has also been built on the principles of decentralization, without any central entity having the power to take the network down. Yet, 50 years later, we live in a world where most of the services are centralized and user data are stored on the servers owned by a few large profit-oriented companies. In recent years, the idea of decentralization has attracted many in the engineering and research community. Since the introduction of cryptocurrencies in the last decade, there have been many discussions on whether we can decentralize other services, such as social media, or web. With the trend of decentralization, applications are shifting from the client- server model to peer-to-peer, which brings many challenges and calls for a new networking stack. This thesis proposes and implements a protocol for peer to peer (P2P) communication between any two devices. It is implemented as a Kotlin library which can be used on a desk- top, smartphones, tablets, and IoT devices. It can be used to deploy a truly ubiquitous net- work overlay which is available anytime and everywhere. The protocol allows any two devices to establish a direct connection by taking advantage of NAT traversal techniques to connect peers behind different types of middleboxes. When the Internet connection is not available and peers are located in proximity, the connection can be established using Bluetooth Low Energy. The robustness of the NAT traversal mechanism has been tested by conducting a con- nectivity check between devices using the networks of major mobile network operators and home broadband providers in the Netherlands. The mechanism has been shown to be capa- ble of establishing a connection in all tested network conditions. To demonstrate the usage of the library, a decentralized social network with public feeds and private end-to-end encrypted messaging has been implemented. To get feedback on the APIs and general usability of the library, 4 teams of MSc students have been asked to develop non-trivial distributed applications on top of it. Compared to the state of the art solutions, the proposed library combines both nearby and Internet connectivity, does not require any central server, works on a variety of devices under challenging network conditions, and is completely open source. 1 2 Problem Description Over the last decade, the Internet and online services have become omnipresent in everyday lives of citizens across the world – communication, shopping, transportation, accommoda- tion, or financial services are only some examples of services where most of the economic activity has already shifted to the online world. Most of these services are operated by so- called Big Tech [33], the largest and most dominant companies in the information technology industry – Facebook, Amazon, Google to name a few. In fact, 7 most valuable companies in the world are now tech companies. It seems to be nearly impossible to function in a digital world outside of the ecosystems created by the big tech. For instance, we require permission from Google and Apple to publish software for mobile devices. Their monopoly power means no other meaningful method exists to reach billions of smartphone users with newly created apps. 2.1. Antitrust Battle Against Big Tech About 2 billion users interact with Facebook every day. It maintains 75% social media mar- ket share. In a truly free market, they would compete by superior features and providing the best services for their customers to increase consumer welfare. Instead, Facebook has cho- sen to mislead and exploit consumers
Load more

Recommended publications
  • Anonsocialmix: Anonymous P2P File Sharing Over Social Networks
    AnonSocialMix: Anonymous P2P File Sharing Over Social Networks Student Name: Rajdeep Mukherjee IIIT-D-MTech-CS-GEN-MT15051 July, 2017 Indraprastha Institute of Information Technology New Delhi Thesis Committee Dr. Sambuddho Chakravarty, IIIT Delhi (Advisor) Dr. Tanmoy Chakraborty, IIIT Delhi (Internal Examiner) Dr. Vinay Joseph Ribeiro, IIT Delhi (External Examiner) Submitted in partial fulfillment of the requirements for the Degree of M.Tech. in Computer Science, in Information Security Category ©2017 IIIT-D MTech-CS-GEN-17-MT15051 All rights reserved Certificate This is to certify that the thesis titled “AnonSocialMix: Anonymous P2P File Sharing Over Social Networks" submitted by Rajdeep Mukherjee for the partial fulfillment of the requirements for the degree of Master of Technology in Computer Science & Engineering is a record of the bonafide work carried out by him under my guidance and supervision in the Security and Privacy group at Indraprastha Institute of Information Technology, Delhi. This work has not been submitted anywhere else for the reward of any other degree. Dr.Sambuddho Chakravarty Indraprastha Institute of Information Technology, New Delhi 2 Abstract Peer-to-peer (P2P) file sharing accounts for one of the major sources of the Internet traffic. As privacy and anonymity issues continue to grow due to constant censorship and network surveil- lance, more and more Internet users are getting attracted towards the facilities for anonymous communication. Extensive research has been conducted over the years towards the design and development of several anonymous P2P file sharing protocols and systems. Size of the Anonymity Set plays a crucial role in determining the degree of anonymity being provided by such networks.
    [Show full text]
  • Pangea Jurisdiction and Pangea Arbitration Token (PAT)
    Pangea Jurisdiction and Pangea Arbitration Token (PAT) The Internet of Sovereignty Susanne Tarkowski Tempelhof, Eliott Teissonniere James Fennell Tempelhof and Dana Edwards Bitnation, Planet Earth, April 2017 Pangea Jurisdiction and Pangea Arbitration Token (PAT) The Internet of Sovereignty Susanne Tarkowski Tempelhof, Eliott Teissonniere, James Fennell Tempelhof and Dana Edwards Bitnation, Planet Earth, April 2017 <abstract_ The Pangea software is a Decentralized Opt-In Jurisdiction where Citizens can conduct peer- to-peer arbitration and create Nations. Pangea uses the Panthalassa mesh, which is built using Secure Scuttlebutt (SSB) and Interplanetary File System (IPFS) protocols. This enables Pangea to be highly resilient and secure, conferring resistance to emergent threats such as high- performance quantum cryptography. Pangea is blockchain agnostic but uses the Ethereum blockchain for the time being. In the future, other chains such as Bitcoin, EOS and Tezos can be integrated with Pangea. The Pangea Arbitration Token (PAT) is an ERC20 compatible in-app token for the Pangea Jurisdiction. The PAT token rewards good reputation and is issued on Pangea when Citizens accumulate non-tradable reputation tokens through creating a contract, successfully completing a contract or resolving a dispute attached to a contract. PAT is an algorithmic reputation token, an arbitration currency based on performance rather than purchasing power, popularity or attention. The distribution mechanism for PAT tokens on Pangea is an autonomous agent, Lucy, which will initially launch on Ethereum as a smart contract. This mechanism is blockchain agnostic and can be ported to any viable smart contract platform. An oracle created by Bitnation will help to facilitate this (semi-) autonomous distribution mechanism in a decentralized and secure fashion.
    [Show full text]
  • Distributed Deep Learning in Open Collaborations
    Distributed Deep Learning In Open Collaborations Michael Diskin∗y~ Alexey Bukhtiyarov∗| Max Ryabinin∗y~ Lucile Saulnierz Quentin Lhoestz Anton Sinitsiny~ Dmitry Popovy~ Dmitry Pyrkin~ Maxim Kashirin~ Alexander Borzunovy~ Albert Villanova del Moralz Denis Mazur| Ilia Kobelevy| Yacine Jernitez Thomas Wolfz Gennady Pekhimenko♦♠ y Yandex, Russia z Hugging Face, USA ~ HSE University, Russia | Moscow Institute of Physics and Technology, Russia } University of Toronto, Canada ♠ Vector Institute, Canada Abstract Modern deep learning applications require increasingly more compute to train state-of-the-art models. To address this demand, large corporations and institutions use dedicated High-Performance Computing clusters, whose construction and maintenance are both environmentally costly and well beyond the budget of most organizations. As a result, some research directions become the exclusive domain of a few large industrial and even fewer academic actors. To alleviate this disparity, smaller groups may pool their computational resources and run collaborative experiments that benefit all participants. This paradigm, known as grid- or volunteer computing, has seen successful applications in numerous scientific areas. However, using this approach for machine learning is difficult due to high latency, asymmetric bandwidth, and several challenges unique to volunteer computing. In this work, we carefully analyze these constraints and propose a novel algorithmic framework designed specifically for collaborative training. We demonstrate the effectiveness of our approach for SwAV and ALBERT pretraining in realistic conditions and achieve performance comparable to traditional setups at a fraction of the cost. arXiv:2106.10207v1 [cs.LG] 18 Jun 2021 Finally, we provide a detailed report of successful collaborative language model pretraining with 40 participants. 1 Introduction The deep learning community is becoming increasingly more reliant on transfer learning.
    [Show full text]
  • ஜ Torrent Is Not Seeding ஜ Скачать: Torrent Is Not Seeding
    ▬▬▬▬▬▬▬ஜ Torrent is not seeding ஜ▬▬▬▬▬▬▬ Скачать: ➤ Torrent is not seeding Download: ➤ Torrent is not seeding ▬▬▬▬▬▬▬ஜ Torrent is not seeding ஜ▬▬▬▬▬▬▬ . Torrent is not seeding We are a thriving community dedicated to helping users old and new understand and use torrents. I think is stable enough. A peer or downloader becomes a seed when it starts uploading the already downloaded content for other peers to download from. Do not send - not taken into account. Please check the Accepted clients list. When it completes you switch to a torrent is not seeding and dedicate that stream to simply uploading. My upload speed limit should be all I need instead of limiting upload slots. Then add the port you selected in step 5. Torrent files contain information like the file list, sizes, pieces, etc. Every piece received is first checked against the hash. If yes, please state the libtorrent version used by your distro. However, whether to seed or not, or how much to seed, depends on the availability of downloaders and the choice of the peer at the seeding end. I tried raising my connection limits to higher and higher numbers currently at 1000, 500, 500, 500 I have a static port so I can forward it. For legal torrents try. I advice you to use only one active seeding torrent when capturing. Current settings: DHT: off PeX: off Local peer discovery: on Anonymous mode: off Max downloads: 5 Max uploads: 7 Max active: 12 Do not count slow torrents in these limits: on no see ratio limits set. Each seed adds 1.
    [Show full text]
  • The Hidden Locality in Swarms
    13-th IEEE International Conference on Peer-to-Peer Computing The hidden locality in swarms John S. Otto and Fabian´ E. Bustamante Northwestern University {jotto,fabianb}@eecs.northwestern.edu Abstract—People use P2P systems such as BitTorrent to share We overcome the challenges of local peer discovery by an unprecedented variety and amount of content with others leveraging diurnal patterns and applying client-side techniques around the world. The random connection pattern used by to improve overall peer discovery. BitTorrent has been shown to result in reduced performance for users and costly cross-ISP traffic. Although several client-side Through an analysis of swarm population dynamics, we systems have been proposed to improve the locality of BitTorrent show that locality is present in swarms – if one looks at the traffic, their effectiveness is limited by the availability of local right time. For popular content swarms, 50% of ISPs seen in peers. the swarm have at least five local peers online during the ISP’s We show that sufficient locality is present in swarms – if peak hour. During an ISP’s peak hour, the relative fraction of one looks at the right time. We find that 50% of ISPs have at least five local peers online during the ISP’s peak hour, local peers – and therefore the local peer discovery rate – is typically in the evening, compared to only 20% of ISPs during typically 50% higher than the daily average. the median hour. To better discover these local peers, we show We evaluate client-side techniques that boost the peer how to increase the overall peer discovery rate by over two orders discovery rate by two orders of magnitude, enabling peers of magnitude using client-side techniques: leveraging additional to quickly discover online local peers.
    [Show full text]
  • Peertube Has Worked Twice As Hard to Free Your Videos from Youtube !
    PeerTube has worked twice as hard to free your videos from YouTube ! Thanks to your donations, we have been developing a software to free us all from YouTube & Co for a year. Why have we gone much further than the first release, (crowdfunded in the spring of 2018), you might ask? Well, that’s because we sincerely believe in the emancipatory power of PeerTube. This article is a part of « Contributopia’s travel journals ». From October to December of 2019, we will assess our many (donations-founded) actions, which are tax-deductible for French taxpayers. Donate here if you can. La version originale (en Français) de cet article est à lire ici. Federation and instances to avoid creating a new tech giant PeerTube’s aim is to create an emancipatory alternative to centralized platforms a la YouTube. In a centralized service, you sign-up with a single address, and each and every of your actions, videos and data are gathered on a single huge computer. For example, Google’s, that hosts YouTube (to be precise, they are server farms rather than huge computers, but on a symbolic level it is the same thing!). Centralisation, CC-By SA Fédération, CC-By SA LILA LILA PeerTube is a software. It can be installed on a server by anyone possessing the appropriate skills; say, for the sake of argument, Bernadette, College X and karate club Y. This is called an instance, i.e. a PeerTube host. In concrete terms, hosting an instance creates a website (let’s say, BernadetTube.fr, CollegeTube.org or KarateTube.net) on which you can watch videos and sign-up, so you can interact or upload your own content.
    [Show full text]
  • Developing P2P Protocols Across NAT Girish Venkatachalam
    Developing P2P Protocols across NAT Girish Venkatachalam Abstract Hole punching is a possible solution to solving the NAT problem for P2P protocols. Network address translators (NATs) are something every software engineer has heard of, not to mention networking professionals. NAT has become as ubiquitous as the Cisco router in networking terms. Fundamentally, a NAT device allows multiple machines to communicate with the Internet using a single globally unique IP address, effectively solving the scarce IPv4 address space problem. Though not a long-term solution, as originally envisaged in 1994, for better or worse, NAT technology is here to stay, even when IPv6 addresses become common. This is partly because IPv6 has to coexist with IPv4, and one of the ways to achieve that is by using NAT technology. This article is not so much a description of how a NAT works. There already is an excellent article on this subject by Geoff Huston (see the on-line Resources). It is quite comprehensive, though plenty of other resources are available on the Internet as well. This article discusses a possible solution to solving the NAT problem for P2P protocols. What Is Wrong with NAT? NAT breaks the Internet more than it makes it. I may sound harsh here, but ask any peer-to-peer application developer, especially the VoIP folks, and they will tell you why. For instance, you never can do Web hosting behind a NAT device. At least, not without sufficient tweaking. Not only that, you cannot run any service such as FTP or rsync or any public service through a NAT device.
    [Show full text]
  • User Manual - Documentationcase - Help3:11-Cv-00651-IEG - Bittorrent - Delivering The-JMA World's Documentcontent 26-1 Filed 12/05/11 Page 2 of 4 11/30/11 3:15 PM
    Case 3:11-cv-00651-IEG -JMA Document 26-1 Filed 12/05/11 Page 1 of 4 EXHIBIT A User Manual - DocumentationCase - Help3:11-cv-00651-IEG - BitTorrent - Delivering the-JMA World's DocumentContent 26-1 Filed 12/05/11 Page 2 of 4 11/30/11 3:15 PM English Get Started Features Community Help Free Download Peers Help BitTorrent User Manual Appendix A: The BitTorrent Interface Main Window Detailed Info Pane FAQ Peers The Peers tab is where you'll find information about all the peers you are currently connected to on Videos & Guides the selected torrent. The following is a description of each column: IP displays the peer's IP address and the flag of the country they're from. If Resolve IPs is enabled, Forums the country flag and hostname will be displayed instead. % displays the approximate percent of the torrent job the peer has completed. User Manual Client displays the BitTorrent client that the peer reports it is using. If BitTorrent suspects the client Chapter 01: Introduction to of spoofing (faking) its client ID, it will note it as such. BitTorrent Debug displays information that might be useful in debugging problems. Chapter 02: Basic Guides Down Speed is the averaged speed at which you are downloading data from the peer. Chapter 03: Advanced Guides Downloaded is the amount of data you have downloaded from the peer since the torrent job was Appendix A: The BitTorrent added. Interface Flags displays various letters, each carrying a special meaning about the state of the connection: Appendix B: Advanced ?: your client unchoked the peer but
    [Show full text]
  • Challenges in the Decentralised Web: the Mastodon Case∗
    Challenges in the Decentralised Web: The Mastodon Case∗ Aravindh Raman1, Sagar Joglekar1, Emiliano De Cristofaro2;3, Nishanth Sastry1, and Gareth Tyson3;4 1King’s College London, 2University College London, 3Alan Turing Institute, 4Queen Mary University of London faravindh.raman,sagar.joglekar,[email protected], [email protected], [email protected] Abstract cols to let instances interact and aggregate their users to offer a globally integrated service. The Decentralised Web (DW) has recently seen a renewed mo- DW platforms intend to offer a number of benefits. For ex- mentum, with a number of DW platforms like Mastodon, Peer- ample, data is spread among many independent instances, thus Tube, and Hubzilla gaining increasing traction. These offer al- possibly making privacy-intrusive data mining more difficult. ternatives to traditional social networks like Twitter, YouTube, Data ownership is more transparent, and the lack of centralisa- and Facebook, by enabling the operation of web infrastruc- tion could make the overall system more robust against techni- ture and services without centralised ownership or control. cal, legal or regulatory attacks. Although their services differ greatly, modern DW platforms mostly rely on two key innovations: first, their open source However, these properties may also bring inherent chal- software allows anybody to setup independent servers (“in- lenges that are difficult to avoid, particularly when consid- stances”) that people can sign-up to and use within a local ering the natural pressures towards centralisation in both so- community; and second, they build on top of federation pro- cial [12, 49] and economic [42] systems.
    [Show full text]
  • Migration in the Stencil Pluralist Cloud Architecture
    Migration in the Stencil Pluralist Cloud Architecture Tai Liu Zain Tariq Tencent America LLC New York University Abu Dhabi [email protected] [email protected] Barath Raghavan Jay Chen University of Southern California International Computer Science Institute [email protected] [email protected] ABSTRACT There are many important technical design challenges in decen- A debate in the research community has buzzed in the background tralized infrastructure, including security, naming, and more. Our for years: should large-scale Internet services be centralized or de- goal is to narrow the focus to the key issues the architecture must centralized? Now-common centralized cloud and web services have adjudicate as opposed to an individual application or service. We downsides—user lock-in and loss of privacy and data control—that argue that we need a pluralist architecture: one that allows the are increasingly apparent. However, their decentralized counter- co-existence of applications and seamless migration between them. parts have struggled to gain adoption, suffer from their own prob- Not only can such an architecture prevent user lock in, but it can lems of scalability and trust, and eventually may result in the exact also ease the pain of developing decentralized applications. Put same lock-in they intended to prevent. another way, a pluralist architecture is one that picks no winners: In this paper, we explore the design of a pluralist cloud architec- instead, it allows a marketplace of services to be developed, and ture, Stencil, one that can serve as a narrow waist for user-facing provides enough scaffolding and restrictions to ensure that the services such as social media.
    [Show full text]
  • Social Network Based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K
    1 STor: Social Network based Anonymous Communication in Tor Peng Zhou, Xiapu Luo, Ang Chen, and Rocky K. C. Chang Department of Computing, The Hong Kong Polytechnic University, Hunghom, Hong Kong cspzhouroc,csxluo,csachen,csrchang @comp.polyu.edu.hk f g Abstract—Anonymity networks hide user identities with the help of relayed anonymity routers. However, the state-of-the-art anonymity networks do not provide an effective trust model. As a result, users cannot circumvent malicious or vulnerable routers, thus making them susceptible to malicious router based attacks (e.g., correlation attacks). In this paper, we propose a novel social network based trust model to help anonymity networks circumvent malicious routers and obtain secure anonymity. In particular, we design an input independent fuzzy model to determine trust relationships between friends based on qualitative and quantitative social attributes, both of which can be readily obtained from existing social networks. Moreover, we design an algorithm for propagating trust over an anonymity network. We integrate these two elements in STor, a novel social network based Tor. We have implemented STor by modifying the Tor’s source code and conducted experiments on PlanetLab to evaluate the effectiveness of STor. Both simulation and PlanetLab experiment results have demonstrated that STor can achieve secure anonymity by establishing trust-based circuits in a distributed way. Although the design of STor is based on Tor network, the social network based trust model can be adopted by other anonymity networks. Index Terms—Social Network, Anonymous Communication, Tor, Fuzzy Model F 1 INTRODUCTION alone can be easily bypassed by an attacker.
    [Show full text]
  • Guidelines for the Secure Deployment of Ipv6
    Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks NIST Special Publication 800-119 Guidelines for the Secure Deployment of IPv6 Recommendations of the National Institute of Standards and Technology Sheila Frankel Richard Graveman John Pearce Mark Rooks C O M P U T E R S E C U R I T Y Computer Security Division Information Technology Laboratory National Institute of Standards and Technology Gaithersburg, MD 20899-8930 December 2010 U.S. Department of Commerce Gary Locke, Secretary National Institute of Standards and Technology Dr. Patrick D. Gallagher, Director GUIDELINES FOR THE SECURE DEPLOYMENT OF IPV6 Reports on Computer Systems Technology The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analysis to advance the development and productive use of information technology. ITL’s responsibilities include the development of technical, physical, administrative, and management standards and guidelines for the cost-effective security and privacy of sensitive unclassified information in Federal computer systems. This Special Publication 800-series reports on ITL’s research, guidance, and outreach efforts in computer security and its collaborative activities with industry, government, and academic organizations. National Institute of Standards and Technology Special Publication 800-119 Natl. Inst. Stand. Technol. Spec. Publ. 800-119, 188 pages (Dec. 2010) Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately.
    [Show full text]