(suppose we had..) Cooperative Measurement and Modeling of Open Networked Systems
Who we are:
Cooperative Association for Internet Data Analysis. A collaborative undertaking among organizations in the commercial, government, and research sectors aimed at promoting greater cooperation in the engineering and maintenance of a robust, scalable global Internet infrastructure.
We propose to use the spare capacity recently announced on Internet2's backbone (NLR's backbone also has spare capacity) to connect community and municipal (IPv6-only, if USG wants to promote IPv6) networks to each other, and to the global Internet. Peering would be conditionally available to government entities, academic institutions, and community wireless initiatives committed to advancing the cybersecurity research agenda. The conditions for attaching networks are: (1) make some operational data available to cyberinfrastructure researchers under appropriate legal data sharing frameworks; (2) work with public safety community to develop dual-use infrastructures that give public safety authorities joint access to private or hybrid infrastructure during emergencies. (3) cooperatively develop and abide by policies, including experimental ones, based on confirmed results of data analyses (e.g., migrate to IPv6).
We propose a collaboration to simultaneously solve four acute and growing problems facing the Internet: a self-reported financial crisis in the Internet infrastructure provider industry that limits investment into cybersecurity needs; a data acquisition crisis which has severely stunted the fields of cybersecurity research and network science; a fragmented and ineffective approach to public safety communications nation-wide; and a struggle for survival within emerging community and municipal networks, who are in an ideal position to assist with the first three problems but often lack resources and experience to make informed operational decisions, and are also continually threatened by incumbent-driven legislation.
The proposed project -- Cooperative Measurement and Modeling of Open Networked Systems (COMMONS) -- addresses the four highlighted problems, and without federal regulatory involvement (at least initially), which is still feared to be a cure worse than the disease(s) even by the regulators themselves. By offloading from commercial providers the responsibility for supporting Internet service delivery in unprofitable areas, we will measurably improve the financial situation of these providers. Second, COMMONS offers an unprecedented opportunity to establish standards of scientific integrity in the field of cyberinfrastructure research -- by providing rigorous empirical data against which to validate theories, models and simulations. Furthermore, because the COMMONS testbed will support public analysis of actual Internet traffic, it will inform debates on increasingly important technical, economic, policy, and social issues related to cybersecurity. Third, COMMONS infrastructure will provide an additional source of public safety communications, as well as a real-world platform for experimenting with how public safety needs can be accomodated by everyday communications infrastructure in times of emergency. Fourth, the COMMONS project not only allows struggling community networks to cost-share a financially daunting component of their operation, but it also provides a forum for the cooperating networks and the research community to share lessons learned with each other.
Ten methods COMMONS will use to improve cyberinfrastructure research capability:
- in cooperation with representatives from IRB'S around the country and Internet2's new Network Research Review Committee, develop guidelines for privacy-respecting cybersecurity research, similar to the Belmont report written for human subjects research
- use report developed in step (1) above to educate (a) legal scholars on how laws in different jurisdictions should be changed to support cybersecurity research; and (b) institutional research boards (IRBs) on how to update their processes to advance cybersecurity research
- create efficient buy-in processes for regional networks to cooperate; facilitate transparent negotiation among public and corporate interests for e.g., right-of-way, spectrum sharing
- guide participating networks in developing empirical analysis of cost, efficiency, and security of alternative ownership models, enabling a subfield of operational Internet research that does not currently exist
- maintain repository of freely available software tools for measurement and analysis of operationally relevant network data, refine tool functionality based on feedback from users
- through privacy-protecting projects such as PREDICT and DatCat, provide network data and meta-data to experts for independent research and analysis of security-related phenomena
- promote cooperative research and data collectives among trusted enclaves via funding and legal support, and provide secure technologies to share lessons learned with eachother ( see related proposal)
- collectively develop approaches to federated community network experimentation with new network, routing, and application technologies, using Interent2 or NLR as a backbone platform
- support projects such as "A Day in the Life of the Observable Internet" with both data and analysis targeted toward improving improving accountability and research methodologies of carriers and regulators
- accessible outreach to educate users (i.e., public) on how they can improve their security odds in cyberspace: (including appealing material like DOD's recent 'Science of Victory' video)
NSF, Internet2, NLR, Internet data experts, privacy and legal scholars.
How clear is the way forward?
Not so clear, but we're facing a unique opportunity in current I2 and NLR conditions, and we've had two workshops discussing the idea. On scale of 1-10, it's a 5.
How high are the hurdles?
Legislative changes will be needed to protect data-sharing. Similar to the bis.int proposal, if a National Office of Cyberspace emergencies in the next administration (hopefully they won't call it that), hurdles are not only navigable but must be lept anyway. With something like the NOC, hurdles are not only navigable but must be lept anyway.