Thoughts: Docker, Sociology, Mathematical Models of Security, Word Choice, and Death

Michael Stone, July 16, 2014, , (src), (all posts)

  1. Multi-container docker configuration is presently mired in complexity (examples: confd, gantryd) in part because docker makes it hard to deterministically assign addresses to containers. As a result, service- discovery must be done via dynamic control and agreement at “network run time”instead of at “network compile time”. Potential solutions:

    1. dnshash
    2. enable deterministic address assignment
  2. Translation, “problematisation”, “interessement”, “enrolment”, “mobilisation”, “boundary objects”, “data-information-knowledge-control”, and friends:

  3. Impossibility results, information flow control, non-interference, and inference control:

  4. Most of the world uses unfortunate definitions for words like “identity” and “authentication” but my current preferred definitions:

    • identity: a cluster of nyms

      • intuition: to me, an exemplary primitive ascription of identity is a claim like “one of the authors of message 23 is also a recipient of message 47”. As a result, I view “identities” as being particularly interesting subgraphs – e.g., those identified by interesting closure operators – on the graph of “evidence linking nyms to messages”.
    • authentication: a guarantee that, at the end of a protocol, some principals agree on a mapping of symbols to values

are way too surprising to reasonably be called "identity" or "authentication". (What to do!?)
  1. Somehow, I’ve never found traditional explanations of death very satisfying. Thus: if “life” is usefully undertsood as a particularly interesting collection of emergent properties, then what would a CAST analysis of some particular organism’s death look like?