Privacy Issues in Peer-To-Peer SystemsAgendaStatus Report: GoalsWhat is P2P? What isn’t?Peer-to-Peer DefinedPeer-to-Peer: Hybrid SystemsPrivacy Concerns (Threat Models)Possible “Attackers”Legal Issues affecting P2P privacyCopyrightDigital Millennium Copyright Act of 1998 (DMCA)Who are “service providers”?Libel: CDACensorshipWho’s in legal trouble?Example P2P SystemsPossible Privacy Threats to P2P SystemsPossible Usability Threats to P2P SystemsExample P2P Applications and NetworksNapster: What is it?Napster: How does it work?Napster: Original Business and Public Policy GoalsNapster: Current Business and Public Policy GoalsNapster: How does it address the threats in our model?Napster: How does it address the threats in our model? (cont’d)Gnutella: What is it?Gnutella: How does it work?Gnutella: How does it work? (cont’d)Gnutella: Business and Public Policy GoalsGnutella: How does it address the threats in our model?Gnutella: How does it address the threats in our model? (cont’d)Gnutella: Scalability Issues and Bandwidth InequityGnutella: Scalability Issues and Bandwidth Inequity (cont’d)Copyright Violation Trackers on Napster and GnutellaMonitoring of Transactions on Napster and Gnutella (cont’d)SETI@home: What is it?SETI@home: How does it work?SETI@home: What are its business and public policy goals?SETI@home: How does it address the threats in our model?SETI@home: How does it address the threats in our model? (cont’d)Freenet: What is it?Freenet: How does it work?Freenet: How does it work? (cont’d)Slide 44Freenet: What are its business and public policy goals?Freenet: How does it address the threats in our model?Raj’s picturesFreeHaven: What is it?FreeHaven: How does it work?FreeHaven: What are its business and public policy goals?FreeHaven: How does it address the threats in our model?FreeHaven: How does it address the threats in our model? (cont’d)FreeHaven: How does it address the threats in our model? (Cont’d)Mojo Nation: What is it?Mojo Nation: How does it work?Mojo Nation: What are its business and public policy goalsMojo Nation: How does it address the threats in our model?Jabber/AIM: What are they?Jabber/AIM: How do they work?Jabber/AIM: What are their business and public policy goals?Jabber/AIM: How do they address the threats in our model?Jabber/AIM: How do they address the threats in our model? (Cont’d)Groove: What is it?Groove: How does it work?Groove: What are its business and public policy goals?Groove: How does it address the threats in our model?Groove: How does it address the threats in our model? (Cont’d)Privacy Issues in Privacy Issues in Peer-To-Peer Peer-To-Peer SystemsSystemsRaj Dandage, Tim Gorton, Raj Dandage, Tim Gorton, Ngozika Nwaneri, Mark Ngozika Nwaneri, Mark [email protected]@mit.edu4/26/014/26/01AgendaAgendaIntroduction & Status ReportIntroduction & Status ReportDefinition of peer-to-peerDefinition of peer-to-peerWhat it is, what is isn’t, what it used to be, what it should doWhat it is, what is isn’t, what it used to be, what it should doPrivacy Concerns (Threat Model)Privacy Concerns (Threat Model)What do we care about?What do we care about?Legal Issues affecting privacy on P2P systemsLegal Issues affecting privacy on P2P systemsWhat does that law care about?What does that law care about?A few examples of current P2P systemsA few examples of current P2P systemsAnalyze w.r.t. goals, privacy concerns, legal issues, etc.Analyze w.r.t. goals, privacy concerns, legal issues, etc.RecommendationsRecommendationsSynthesis, and ConclusionSynthesis, and ConclusionStatus Report: GoalsStatus Report: Goalsdevelop criteria for evaluating peer-to-peer applications develop criteria for evaluating peer-to-peer applications and architectures with regard to technical, business, and and architectures with regard to technical, business, and public policy goals public policy goals identify different peer-to-peer applications and identify different peer-to-peer applications and architectures architectures evaluate these applications and architectures in terms of evaluate these applications and architectures in terms of the goals set forth and privacy issues the goals set forth and privacy issues explore legal issues surrounding p2p architecturesexplore legal issues surrounding p2p architecturesdevelop recommendations for the modification and design develop recommendations for the modification and design of peer-to-peer systems in order to resolve privacy of peer-to-peer systems in order to resolve privacy concerns and encourage the design of privacy-enhancing concerns and encourage the design of privacy-enhancing systems systemsWhat is P2P? What isn’t?What is P2P? What isn’t?Old-school “P2P”Old-school “P2P”UsenetUsenetDNSDNSWWW HyperlinksWWW HyperlinksToday’s P2PToday’s P2PLeveraging a new Internet usage Leveraging a new Internet usage modelmodelTransient connectivity at the “fringes”Transient connectivity at the “fringes”Peer-to-Peer DefinedPeer-to-Peer DefinedPeer-to-peer is NOT simply illegally sharing Peer-to-peer is NOT simply illegally sharing copyrighted material. copyrighted material. Peer-to-peer computing is sharing of Peer-to-peer computing is sharing of computer resources and services by direct computer resources and services by direct exchange. It is about decentralized exchange. It is about decentralized networking applications. The “litmus test” networking applications. The “litmus test” for peer-to-peer: for peer-to-peer: ““does it allow for variable connectivity and does it allow for variable connectivity and temporary network addresses? temporary network addresses? does it give the nodes at the edges of the does it give the nodes at the edges of the network significant autonomy?”network significant autonomy?”Clay Shirky in Peer-to-PeerPeer-to-Peer: Hybrid Peer-to-Peer: Hybrid SystemsSystemsHybrid Systems (brokered peer-to-peer Hybrid Systems (brokered peer-to-peer system) uses a centralized server to system) uses a centralized server to connect to computers together before a connect to computers together before a direct exchange takes place.direct exchange takes place.Repeater – someone who publicly shares Repeater – someone who publicly shares files that they are not authors of; files that they are not authors of; Republishing someone else’s