On Tue, Nov 15, 2016 at 04:23:08PM +1300, Brian E Carpenter wrote: > Pedro,
Hi, > > For instance, disaster recovery scenarios require to establish > > network systems (virtual and physical) that should be autonomic and > > disconnected from any previously centralized infrastructure. > > Yes, we have already understood this problem, but there's a trade-off > between this and security - you want to come up quickly, and you want > to come up securely to prevent evil-doers. (You may have read that > less than two days ago, numerous homes in Christchurch NZ were burgled > during a tsunami evacuation. Similarly, I don't think it's safe to > assume that there will be no cyber attackers in a disaster area.) > > If the drone has even a slow link back to the Internet, that should be > sufficient for an autonomic domain to bootstrap securely. Although we > expect things to work with only one registrar per domain, that is a > software function. We can imagine that after a disaster this function > will start up somewhere, but not in its normal host. Of course, more > work is needed. Of course security is a big issue and its good to push it in the ANIMA model. However, my point is that there could be different mechanisms that can be used for the task without such link and providing the required security level (such as the previous reference to a block-chain based mechanism). Domains in emergency scenarios are well structured but very dynamic, due to the different situations they have to overcome. They can start with a centralized registrar entity but at some point new devices would need to form part of the domain without reaching the centralized registrar. They can rely a distributed mechanism that allows them to interact with other elements of the domain without reaching the registrar. Anyway, my point is that the registrar definition within the ANIMA model should be abstracted/generalized to support centralized, distributed, or even mixed approaches. Would it be possible within its current scope? > Regards > Brian Carpenter Regards, Pedro -- Pedro Martinez-Julia Network Science and Convergence Device Technology Laboratory Network System Research Institute National Institute of Information and Communications Technology (NICT) 4-2-1, Nukui-Kitamachi, Koganei, Tokyo 184-8795, Japan Email: [email protected] --------------------------------------------------------- *** Entia non sunt multiplicanda praeter necessitatem *** _______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
