Student Projects

Several people have asked me to suggest student projects based on the ideas in the manifesto.

We don't just need programming skills to change the Internet. The Internet has a billion users, we need to consider the economic factors in order to make change. We need to get the usability engineering right. Consequently, many of these projects could be turned into an economics or usability project.

If you decide to work on these projects, please let me know and I will add a link to your project page if you have one.

Student projects can change the world: in 1993 the World Wide Web phenomenon started with a browser that was essentially a student project at NCSA. Mosaic was not the first Web browser by a long way but it was the one that began the breakthrough. Mosaic had that effect because the usability factors were right - Mosaic was the first Web browser that worked out of the box rather than requiring a day of debugging, it was the first to have a professional look and feel.

I have included references to sections of the dotCrime Manifesto (dCM) but these should be taken as the starting point for a design rather than a mandate.

Build Projects

If we are going to secure the Internet we need to build the tools to put ideas into practice. These projects should all be suitable for final year projects or group projects for a number of students.

Note that while I have written open source code and many of the resources I point to are open source, this does not mean that there is no value in working from proprietary systems.  I give open source resources because these provide the quickest start. If there is a thunderbird extension available, please consider developing an extension for Outlooor Notes k rather than producing a second one for the sake of it. There are important skills to be learned through both approaches. If you become a programmer you will inevitably find yourself in situations where you have to work with a system where you either don't have the source or find it unreadable.

Reverse Firewall (Programming)

Objective
Develop a reverse firewall (dCM Ch. 9) for use in a residential or enterprise environment. Evaluate the effectiveness and user impact of different reverse firewall rules. Consider how the rules might need to be adapted over time as applications such as video on demand and online gaming are deployed.
All network protocols have control elements and data elements. It is my hypothesis that while increased end user activity leads to increased demand on both, the demand on the data channel accelerates at a much faster rate than the demand on the control channel.
Resources
Many WiFi routers are based on open source operating systems. The Linksys WRT54G appears to be the current favorite for modding projects but it is not the only option. One important caveat to bear in mind is that consumer appliances are not designed for use as a development testbed and may not survive repeated attempts to program the flash memory. A desktop Linux box is likely to provide a more robust development environment.
Experiments

IPv6 Transition-Box (T-box) (Programming, Economics)

Objective
The Internet as originally designed only has room for 4 billion users. We currently have over a billion users and we are running out of IPv4 address space really fast.
Develop a network gateway device that transparently supports transition to IPv6 without any end user intervention.
In order for the transition to be genuinely transparent it must be possible for IPv4 and IPv6 to co-exist on the network side of the gateway. The device must be capable of working when it has an IPv4 address assigned or just IPv6 access and some form of IPv4 via a NAT.
Resources
The IETF has discussed IPv6 extensively, various assertions have been made to the effect that this is a solved problem. I strongly suspect that the planned IPv6 outage at the Philadelphia IETF is going to demonstrate that this is not the case.
Experiments

Incident Handling

Objective
Implement a peer to peer incident handling protocol (dCM Ch. 9).
PINCH is a proposal I made to implement the IETF INCH protocol in a peer to peer fashion. When a site received an attack purportedly from IP address X it would discover an incident reporting service using SRV records in the reverse DNS.
Resources
IETF INCH. Also consider how you might advertise an incident reporting mechanism for attacks against DKIM.
Experiments and further work.

Usable Email Security Client

Objective
Extend an existing mail user agent (MUA) to provide usable security features (dCM ch 13).
The client might be a desktop client or a Webmail service. Secure letterhead features might be implemented via the PKIX logotype mechanism or be supplied by an external feed.
The minimum components you would need to implement an edge-only client are a DKIM signature verification module, an automatic configuration module using DNS SRV records and a key discovery module. To implement a full end-to-end model you would need to add an XKMS client.
Resources
My platform of choice for this would probably be Mozilla Thunderbird, the code is open source, there is a large user base and it supports a plug in architecture. The only downside to this approach is that the component model is pretty ferocious and intollerant of the slightest mistake. Implementing DKIM efficiently will require a code component.
Experiments

Usable Email Security XKMS Server

Objective
Build an XKMS server to support the Usable Email Security Client.
The first stage would be to support key registration and discovery. This would allow the end user to generate a public key pair on their client and register it with the XKMS service.
The second (harder) stage would be to develop an XKMS validate service that  is capable of collecting data from a complex X.509 PKIX based infrastrucure such as the US government federal bridge CA.
Resources
XKMS is a W3C standard.
There are many Web Services resources around. You may wish to take a look at the Higgins project which I am told supports some XKMS protocol features. It also supports WS-Trust.
Experiments

Unified Identity Server

Objective
Build a unified identity server (dCM Ch 14-15).
Extend an existing email, instant messaging and VOIP application to make use of the identity server.
Implement systems to import social networking data from existing sources (linked in, FOAF etc).
Develop a mitigation strategy for unwanted communication (spam, non-priority).
Resources
The OpenID, SAML and CardSpace communities all have developer networks. They are the best place to start from.
Experiments

Domain Centric Administration

Objective
Implement a domain centric administration server and clients.
Enable existing legacy applications and appliances to automatically configure themselves.
Resources
For a first pass implementation I would use either Linux or Windows Server as the base. Using Windows server would allow for the rather interesting possibility of using a Windows Home Server as the hub of a home network.
Experiments

Default Deny Infrastructure

Objective
Implement a Default Deny Infrastructure.
Develop a maintenance tool that allows an administrator to quickly configure existing network devices and computers by creating an installing a device certificate tied to the MAC address.
Develop a systems operation console for the home or the enterprise. The console must detect the addition of a new device, authenticate it, determine if it is in the authentication database, determine the policy rules to be deployed, push them out to the hubs and routers.
Resources
The main network authentication protocol that is emerging is 802.1X.
Experiments

Parametric Device Driver

Objective
Develop a device driver for Windows, OS/X, Linux that supports a wide range of similar devices using a device profile provided by the machine.
Ideally it should be possible to support all three operating systems using a single, declarative device description that could be provided by the device itself, either directly or by (URI) reference.
Resources
The Semantic Web is likely to provide a lot of useful support here. You will need to develop an ontology of device characteristics, and capabilities. The ontology must be adaptable over time as new capabilities emerge (e.g. 1, 3, 6, 12 color printers)
Experiments

NAT Compatible Video Conferencing

Objective
Develop a Video Conferencing application that actually works through a NAT box without requiring specific configuration of the NAT box (e.g. forwarding of specific ports) or bridging through a NAT-free peer. You may use an external server to establish a communication session but not once the session is established.
The protocol should allow multiple computers behind the same NAT box to have open sessions at the same time. The protocol must work when the NAT box implements stateful inspection filtering.
Extend the protocol to add security enhancements (authenticity, confidentiality).
Resources
H.264 has become the defacto standard for next generation compression, although it is encumbered there are open source toolkits for it (obdisclaimer, I take no responsibility for the licensing).
Experiments

Design Projects

These projects are similar to the build projects but provide more opportunity to apply design skills such as design of cryptographic algorithms and protocols.

Meeting Scheduling Agent (Programing, Cryptography)

Objective
Develop an agent for scheduling meetings between multiple parties using different universal identity services.
The protocol should disclose the minimum possible information to each of the parties and to the scheduling agent itself.
Resources
(none yet)
Experiments

Open Source Signer Acceditation

Objective
A key principle in dCM is that all code that executes on a platform should be signed and accountable. The level of privileges granted to the running code being determined by the level of accountability established.
Commercial code signing schemes are intended to establish accountability for commercial code developers. How can accountability be established in open source projects? How can injection of malicious code be avoided in large and small open source projects?
Resources
(none yet)
Experiments

Usable WiFi Connectivity

Objective
Design a user interface for a wireless networking system that provides usable security with minimal user interaction while still providing for display of necessary legal notices, acceptance of terms etc.
Resources
See evil WiFi Twin
Experiments

Unencumbered Document Rights Management

Objective
Design an implement an end to end DRM scheme for document manaDesign an implement an end to end DRM scheme for document management (Word, HTML, OOXML, etc) that is based on 20 year old technology.
This is becomming a common real world problem due to the proliferation of patents, many of which add little or no value over earlier approaches. The signed assertion approach to DRM is in theory more powerful as it avoids the need for ubiquitous connectivity. But why do we need that today?
Resources
Ford-Wiener might be a useful starting point, although the work was done in 1994 and will therefore be encumbered for several years to come.
Experiments

Research Projects

Some topics are large enough to require several years of serious, innovative thought.

Trustworthy Linux / BSD

Build certain trustworthy components into Linux or BSD.
In particular it would be very nice in the context of an embedded device to be able to lock down the processor such that it was only possible to run code that is signed and trusted by the owner. The risk of malicious code being injected onto the machine is therefore avoided. Unix is used in a large number of embedded devices, if devices from coffee makers through to MRI scanners are vulnerable to code injection the consequences could be serious.

BGP Security

Objective
Design a deployable architecture for BGP security
Resources
Some security infrastructure is being deployed today, in particular digital certificates are being issued to holders of ASNs.
A good place to start would be to talk to operators at an Internet backbone provider, find out how they actually resolve injection of bogus routes today.
Experiments