schmittlauch/Hash2Pub
1
0
Fork 1
Code Issues 47 Pull requests Releases Wiki Activity

service data migration: validate origin of data pushes #64

New issue
Open
opened 2020-08-16 15:46:58 +02:00 by schmittlauch · 0 comments
schmittlauch commented 2020-08-16 15:46:58 +02:00
Owner
Copy link

In the current model, the migration of service data (stored posts, subscription lists) is push-based.
But also currently, data pushes can come anytime from any source, allowing insertion of arbitrary data out of the blue.

A mechanism is needed for only allowing data pushes from valid neighbour nodes, like the direct predecessor at join and leave, direct neighbours at stabilise, or redundancy nodes.

Possible solutions:

  • pass a random token via DHT protocoll to be presented by the remote service then, problem: DHT communication unencrypted
  • within a node, pass list of valid origins from DHT to service layer
In the current model, the migration of service data (stored posts, subscription lists) is push-based. But also currently, data pushes can come anytime from any source, allowing insertion of arbitrary data out of the blue. A mechanism is needed for only allowing data pushes from valid neighbour nodes, like the direct predecessor at join and leave, direct neighbours at stabilise, or redundancy nodes. Possible solutions: - pass a random token via DHT protocoll to be presented by the remote service then, problem: DHT communication unencrypted - within a node, pass list of valid origins from DHT to service layer
schmittlauch added the
security
 label 2020-08-16 15:46:58 +02:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
mainline
k-choices
measurement_logging
instrumentation
fix_networking
data_migration
refactorRingMap
instrumentation_prototype
Labels
Clear labels   
ActivityPub

   
advanced features

   
basic functionality

   
bug

   
DHT

   
evaluation

   
refactoring

   
security

   
test case

an edge case or usage pattern that needs a test

No labels
ActivityPub
advanced features
basic functionality
bug
DHT
evaluation
refactoring
security
test case
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: schmittlauch/Hash2Pub#64
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?