Confidential computing

Confidential computing is a security and privacy-enhancing computational technique focused on protecting data in use. Confidential computing can be used in conjunction with storage and network encryption, which protect data at rest and data in transit respectively. It is designed to address software, protocol, cryptographic, and basic physical and supply-chain attacks, although some critics have demonstrated architectural and side-channel attacks effective against the technology. The technology protects data in use by performing computations in a hardware-based trusted execution environment (TEE). Confidential data is released to the TEE only once it is assessed to be trustworthy. Different types of confidential computing define the level of data isolation used, whether virtual machine, application, or function, and the technology can be deployed in on-premise data centers, edge locations, or the public cloud. It is often compared with other privacy-enhancing computational techniques such as fully homomorphic encryption, secure multi-party computation, and Trusted Computing. Confidential computing is promoted by the Confidential Computing Consortium (CCC) industry group, whose membership includes major providers of the technology. == Properties == Trusted execution environments (TEEs) "prevent unauthorized access or modification of applications and data while they are in use, thereby increasing the security level of organizations that manage sensitive and regulated data". Trusted execution environments can be instantiated on a computer's processing components such as a central processing unit (CPU) or a graphics processing unit (GPU). In their various implementations, TEEs can provide different levels of isolation including virtual machine, individual application, or compute functions. Typically, data in use in a computer's compute components and memory exists in a decrypted state and can be vulnerable to examination or tampering by unauthorized software or administrators. According to the CCC, confidential computing protects data in use through a minimum of three properties: Data confidentiality: "Unauthorized entities cannot view data while it is in use within the TEE". Data integrity: "Unauthorized entities cannot add, remove, or alter data while it is in use within the TEE". Code integrity: "Unauthorized entities cannot add, remove, or alter code executing in the TEE". In addition to trusted execution environments, remote cryptographic attestation is an essential part of confidential computing. The attestation process assesses the trustworthiness of a system and helps ensure that confidential data is released to a TEE only after it presents verifiable evidence that it is genuine and operating with an acceptable security posture. It allows the verifying party to assess the trustworthiness of a confidential computing environment through an "authentic, accurate, and timely report about the software and data state" of that environment. "Hardware-based attestation schemes rely on a trusted hardware component and associated firmware to execute attestation routines in a secure environment". Without attestation, a compromised system could deceive others into trusting it, claim it is running certain software in a TEE, and potentially compromise the confidentiality or integrity of the data being processed or the integrity of the trusted code. == Technical approaches == Technical approaches to confidential computing may vary in which software, infrastructure and administrator elements are allowed to access confidential data. The "trust boundary," which circumscribes a trusted computing base (TCB), defines which elements have the potential to access confidential data, whether they are acting benignly or maliciously. Confidential computing implementations enforce the defined trust boundary at a specific level of data isolation. The three main types of confidential computing are: Virtual machine isolation Application isolation, also known as process isolation Function isolation, also known as library isolation Virtual machine isolation removes the elements controlled by the computer infrastructure or cloud provider, but allows potential data access by elements inside a virtual machine running on the infrastructure. Application or process isolation permits data access only by authorized software applications or processes. Function or library isolation is designed to permit data access only by authorized subroutines or modules within a larger application, blocking access by any other system element, including unauthorized code in the larger application. == Threat model == As confidential computing is concerned with the protection of data in use, only certain threat models can be addressed by this technique. Other types of attacks are better addressed by other privacy-enhancing technologies. === In scope === The following threat vectors are generally considered in scope for confidential computing: Software attacks: including attacks on the host’s software and firmware. This may include the operating system, hypervisor, BIOS, other software and workloads. Protocol attacks: including "attacks on protocols associated with attestation as well as workload and data transport". This includes vulnerabilities in the "provisioning or placement of the workload" or data that could cause a compromise. Cryptographic attacks: including "vulnerabilities found in ciphers and algorithms due to a number of factors, including mathematical breakthroughs, availability of computing power and new computing approaches such as quantum computing". The CCC notes several caveats in this threat vector, including relative difficulty of upgrading cryptographic algorithms in hardware and recommendations that software and firmware be kept up-to-date. A multi-faceted, defense-in-depth strategy is recommended as a best practice. Basic physical attacks: including cold boot attacks, bus and cache snooping and plugging attack devices into an existing port, such as a PCI Express slot or USB port. Basic upstream supply-chain attacks: including attacks that would compromise TEEs through changes such as added debugging ports. The degree and mechanism of protection against these threats varies with specific confidential computing implementations. === Out of scope === Threats generally defined as out of scope for confidential computing include: Sophisticated physical attacks: including physical attacks that "require long-term and/or invasive access to hardware" such as chip scraping techniques and electron microscope probes. Upstream hardware supply-chain attacks: including attacks on the CPU manufacturing process, CPU supply chain in key injection/generation during manufacture. Attacks on components of a host system that are not directly providing the capabilities of the trusted execution environment are also generally out-of-scope. Availability attacks: confidential computing is designed to protect the confidentiality and integrity of protected data and code. It does not address availability attacks such as Denial of Service or Distributed Denial of Service attacks. == Use cases == Confidential computing can be deployed in the public cloud, on-premise data centers, or distributed "edge" locations, including network nodes, branch offices, industrial systems and others. === Data privacy and security === Confidential computing protects the confidentiality and integrity of data and code from the infrastructure provider, unauthorized or malicious software and system administrators, and other cloud tenants, which may be a concern for organizations seeking control over sensitive or regulated data. The additional security capabilities offered by confidential computing can help accelerate the transition of more sensitive workloads to the cloud or edge locations. === Multi-party analytics === Confidential computing can enable multiple parties to engage in joint analysis using confidential or regulated data inside a TEE while preserving privacy and regulatory compliance. In this case, all parties benefit from the shared analysis, but no party's sensitive data or confidential code is exposed to the other parties or system host. Examples include multiple healthcare organizations contributing data to medical research, or multiple banks collaborating to identify financial fraud or money laundering. Oxford University researchers proposed the alternative paradigm called "Confidential Remote Computing" (CRC), which supports confidential operations in Trusted Execution Environments across endpoint computers considering multiple stakeholders as mutually distrustful data, algorithm and hardware providers. === Confidential generative AI === Confidential computing technologies can be applied to various stages of a generative AI deployments to help increase data or model privacy, security, and regulatory compliance. TEEs and remote attestation can protect the integrity of data during AI model training, keep

Unit of work

A unit of work is a behavioral pattern in software development. Martin Fowler has defined it as everything one does during a business transaction which can affect the database. When the unit of work is finished, it will provide everything that needs to be done to change the database as a result of the work. A unit of work encapsulates one or more code repositories[de] and a list of actions to be performed which are necessary for the successful implementation of self-contained and consistent data change. A unit of work is also responsible for handling concurrency issues, and can be used for transactions and stability patterns.[de]

X2 transceiver

The X2 transceiver format is a 10 gigabit per second modular fiber optic interface intended for use in routers, switches and optical transport platforms. It is an early generation 10 gigabit interface related to the similar XENPAK and XPAK formats. X2 may be used with 10 Gigabit Ethernet or OC-192/STM-64 speed SDH/SONET equipment. X2 modules are smaller and consume less power than first-generation XENPAK modules, but larger and consume more energy than the newer XFP transceiver standard and SFP+ standards. As of 2016 this format is relatively uncommon and has been replaced by 10 Gbit/s SFP+ in most new equipment.

Web content development

Web content development is the process of researching, writing, gathering, organizing, and editing information for publication on websites. Website content may consist of prose, graphics, pictures, recordings, movies, or other digital assets that could be distributed by a hypertext transfer protocol server, and viewed by a web browser. == Web developers and content developers == When the World Wide Web began, web developers either developed online content themselves, or modified existing documents and coded them into hypertext markup language (HTML). In time, the field of website development came to encompass many technologies, so it became difficult for website developers to maintain so many different skills. Content developers are specialized website developers who have content generation skills such as graphic design, multimedia development, professional writing, and documentation. They can integrate content into new or existing websites without using information technology skills such as script language programming and database programming. Content developers or technical content developers can also be technical writers who produce technical documentation that helps people understand and use a product or service. This documentation includes online help, manuals, white papers, design specifications, developer guides, deployment guides, release notes, etc. == Search engine optimization == Content developers may also be search engine optimization specialists, or internet marketing professionals. High quality, unique content is what search engines are looking for. Content development specialists, therefore, have a very important role to play in the search engine optimization process. One issue currently plaguing the world of web content development is keyword-stuffed content which are prepared solely for the purpose of manipulating search engine rankings. The effect is that content is written to appeal to search engine (algorithms) rather than human readers. Search engine optimization specialists commonly submit content to article directories to build their website's authority on any given topic. Most article directories allow visitors to republish submitted content with the agreement that all links are maintained. This has become a method of search engine optimization for many websites today. If written according to SEO copywriting rules, the submitted content will bring benefits to the publisher (free SEO-friendly content for a webpage) as well as to the author (a hyperlink pointing to his/her website, placed on an SEO-friendly webpage). == New content types == Web content is no longer restricted to text. Search engines now index audio/visual media, including video, images, PDFs, and other elements of a web page. Website owners sometimes use content protection networks to scan for plagiarized content.

Digital studio

A digital studio provides both a technology-equipped space and technological/rhetorical support to students (commonly at a university) working individually or in groups on a variety of digital projects, such as designing a website, developing an electronic portfolio for a class, creating a blog, making edits, selecting images for a visual essay, or writing a script for a podcast. == History/theory == === Overview === Digital Studios are places with different names but similar objectives. They have risen in response to the need for resources dedicated to improving students' interactions with digital technologies for rhetorical ends. Digital Studios have often been theoretically and administratively linked to writing centers, which are sites where students can seek assistance with their text-based projects. The academic term that has been used for this kind of site (i.e. a writing center with a focus on digital and new media) is multiliteracy center. Besides having a multimodal focus, Digital Studios also make a departure from writing center model in allowing students the freedom to work in the Studio without one-on-one interaction with a writing tutor. === The rise of technology === ==== Computer literacy in popular culture ==== As early as 1983, computer literacy was being hailed in The New York Times as the "new goal in schools." As computer technology became more ubiquitous, and the World Wide Web became more popular and accessible, and as the teaching of computer skills became official US policy with the enactment of the "Technology Literacy Challenge" by the Clinton Administration in 1996, educators across disciplines began to investigate with renewed vigor the role of computer technology in curriculum as both a means and an end. ==== Scholarly interest in 'multiliteracies' ==== The same year that President Clinton initiated the "Technology Literacy Challenge", the New London Group (NLG) issued a call for scholars of literacy pedagogy to account for the burgeoning variety of text forms associated with information and multimedia technologies. This includes understanding and competent control of representational forms that are becoming increasingly significant in the overall communications environment, such as visual images and their relationship to the written word – for instance, visual design in desktop publishing or the interface of visual and linguistic meaning in multimedia. This account for new text forms, combined with a similar account for "increasingly globalized societies," is called 'multiliteracies' by the NLG. ==== Technological literacy in rhetoric and composition ==== Two years later, during the 1998 CCCC Chair's Address, Cynthia Selfe (who founded the peer-reviewed journal Computers and Composition in 1983) addressed professionals in the field of Rhetoric and Composition with an objective similar to that of the NLG, arguing that as a field, composition scholars had "paid technology issues precious little focused attention over the years." She called this lack of attention "dangerously shortsighted." What was needed, Selfe claimed, was for teachers to "pay attention" to "how technology is now inextricably linked with literacy and literacy education in this country." In a way, Selfe's call marked the beginning of a new scholarly interest in what Selfe called "critical technological literacy": Composition teachers, language arts teachers, and other literacy specialists need to recognize that the relevance of technology in the English studies disciplines is not simply a matter of helping students work effectively with communication software and hardware, but, rather, also a matter of helping them to understand and to be able to assess – to pay attention to – the social, economic, and pedagogical implications of new communication technologies and technological initiatives that affect their lives. Scholars who took up this call included Barbara Blakely Duffelmeyer, who conducted studies involving the incorporation of "critical computer literacy" (an adaptation of Selfe's term) into first-year composition. ==== Communications across media, inside and outside school ==== The years following Selfe's address saw more rapid advancements in mobile technologies, social media, and Web 2.0, creating even more new venues of composing for teachers to pay attention to. In her own CCCC Chair's Address in 2004, Kathleen Blake Yancey cited these new venues in her argument as a "new curriculum for the 21st century," one that would bring "together the writing outside of school and that of inside." Such a curriculum, she said: is located in a new vocabulary, a new set of practices, and a new set of outcomes; it will focus our research in new and provocative ways; it has as its goal the creation of thoughtful, informed, technologically adept writing publics. A professor at Clemson at the time of her speech, Yancey also argued for the creation of an undergraduate major in composition and rhetoric. She soon moved to Florida State University, where she helped to establish a new major in line with the one she argued for at CCCC called Editing, Writing, and Media (EWM). As teachers and administrators across the country looked to incorporate more digital technology into their curriculum, the need for spaces for digital composition and for support with the innumerable digital composing platforms became apparent. A Digital Studio is one such space. === Link with writing centers === With the need for support for students who would engage with digital writing and multimedia projects, professionals involved with work in writing centers began to draw comparisons between their traditional work — assisting students with alphabetic texts on the page — and a new kind of work: assisting students with their multimedia projects on the screen. John Trimbur predicted in 2000: My guess is that writing centers will more and more define themselves as multiliteracy centers. Many are already doing so – tutoring oral presentations, adding online tutorials, offering workshops in evaluating web sources, and being more conscious of document design. To my mind, new digital literacies will increasingly be incorporated into writing centers not just as sources of information or delivery systems for tutoring but as productive arts in their own right, and writing center work will, if anything, become more rhetorical in paying attention to the practices and effects of design in written and visual communication — more product-oriented and perhaps less like the composing conferences of the process movement. Later, just months before Yancey delivered her CCCC Chair's Address, Michael Pemberton, writing in the Writing Center Journal, asked: As we enter an era when electronic publishing and computer-mediated discourse are the norm, an era when new literary genres and new forms of communication emerge on, seemingly, a weekly basis, we must ask ourselves whether writing centers should continue to dwell exclusively in the linear, non-linked world of the printed page or whether they should plan to redefine themselves – and retrain themselves – to take residence in the emerging world of multimedia, hyperlinked, digital documents. To put it plainly, should we be preparing tutors to conference with students about hypertexts? Pemberton also surveyed (by his account) the forty-year history of how "writing centers [have] viewed new technologies," observing that "the relationship between writing centers and computer technology has been, overall, only a cordial one." Pemberton's article is evidence of the continuing discussion among writing center professionals about the need for support for students' digital creations, support which they saw as analogous to work in writing centers. In 2010, a collection edited by David Sheridan and James Inman, Multiliteracy Centers: Writing Center Work, New Media, and Multimodal Rhetoric, was published. Many of the chapters therein cite the above Trimbur and Pemberton quotes as they work to explain the exigence for the collection, the instances in which multiliteracy centers have been established (the founding of the Clemson Class of 1941 Studio for Student Communication is the subject of two chapters), and both theoretical and practical analyses of potential futures of such work. === 'Studio' vs. 'Center:' A break from the model === The conflation of digital studios and writing centers into multiliteracy centers is helpful in some respects, for example, administratively the two may be managed in similar ways and staffed by the same people. In other respects, it has been said that it is better to separate them into two distinct kinds of facilities. The very choice of naming a "writing center" or "digital studio" by either (or another) title, for instance, ought (according to some) to be informed by what kinds of student-activities are expected to take place there. A writing center is a place for individual students to seek help from individual writing

Dynamic epistemic logic

Dynamic epistemic logic (DEL) is a logical framework dealing with knowledge and information change. Typically, DEL focuses on situations involving multiple agents and studies how their knowledge changes when events occur. These events can change factual properties of the actual world (they are called ontic events): for example a red card is painted in blue. They can also bring about changes of knowledge without changing factual properties of the world (they are called epistemic events): for example, a card is revealed publicly (or privately) to be red. Originally, DEL focused on epistemic events. Only some of the basic ideas are present in this entry of the original DEL framework; more details about DEL in general can be found in the references. Due to the nature of its object of study and its abstract approach, DEL is related and has applications to numerous research areas, such as computer science (artificial intelligence), philosophy (formal epistemology), economics (game theory) and cognitive science. In computer science, DEL is for example very much related to multi-agent systems, which are systems where multiple intelligent agents interact and exchange information. As a combination of dynamic logic and epistemic logic, dynamic epistemic logic is a young field of research. It really started in 1989 with Plaza's logic of public announcement. Independently, Gerbrandy and Groeneveld proposed a system dealing moreover with private announcement and that was inspired by the work of Veltman. Another system was proposed by van Ditmarsch whose main inspiration was the Cluedo game. But the most influential and original system was the system proposed by Baltag, Moss and Solecki. This system can deal with all the types of situations studied in the works above and its underlying methodology is conceptually grounded. This entry will present some of its basic ideas. Formally, DEL extends ordinary epistemic logic by the inclusion of event models to describe actions, and a product update operator that defines how epistemic models are updated as the consequence of executing actions described through event models. Epistemic logic will first be recalled. Then, actions and events will enter into the picture and we will introduce the DEL framework. == Epistemic logic == Epistemic logic is a modal logic dealing with the notions of knowledge and belief. As a logic, it is concerned with understanding the process of reasoning about knowledge and belief: which principles relating the notions of knowledge and belief are intuitively plausible? Like epistemology, it stems from the Greek word ϵ π ι σ τ η μ η {\displaystyle \epsilon \pi \iota \sigma \tau \eta \mu \eta } or ‘episteme’ meaning knowledge. Epistemology is nevertheless more concerned with analyzing the very nature and scope of knowledge, addressing questions such as “What is the definition of knowledge?” or “How is knowledge acquired?”. In fact, epistemic logic grew out of epistemology in the Middle Ages thanks to the efforts of Burley and Ockham. The formal work, based on modal logic, that inaugurated contemporary research into epistemic logic dates back only to 1962 and is due to Hintikka. It then sparked in the 1960s discussions about the principles of knowledge and belief and many axioms for these notions were proposed and discussed. For example, the interaction axioms K p → B p {\displaystyle Kp\rightarrow Bp} and B p → K B p {\displaystyle Bp\rightarrow KBp} are often considered to be intuitive principles: if an agent Knows p {\displaystyle p} then (s)he also Believes p {\displaystyle p} , or if an agent Believes p {\displaystyle p} , then (s)he Knows that (s)he Believes p {\displaystyle p} . More recently, these kinds of philosophical theories were taken up by researchers in economics, artificial intelligence and theoretical computer science where reasoning about knowledge is a central topic. Due to the new setting in which epistemic logic was used, new perspectives and new features such as computability issues were then added to the research agenda of epistemic logic. === Syntax === In the sequel, A G T S = { 1 , … , n } {\displaystyle AGTS=\{1,\ldots ,n\}} is a finite set whose elements are called agents and P R O P {\displaystyle PROP} is a set of propositional letters. The epistemic language is an extension of the basic multi-modal language of modal logic with a common knowledge operator C A {\displaystyle C_{A}} and a distributed knowledge operator D A {\displaystyle D_{A}} . Formally, the epistemic language L EL C {\displaystyle {\mathcal {L}}_{\textsf {EL}}^{C}} is defined inductively by the following grammar in BNF: L EL C : ϕ ::= p ∣ ¬ ϕ ∣ ( ϕ ∧ ϕ ) ∣ K j ϕ ∣ C A ϕ ∣ D A ϕ {\displaystyle {\mathcal {L}}_{\textsf {EL}}^{C}:\phi ~~::=~~p~\mid ~\neg \phi ~\mid ~(\phi \land \phi )~\mid ~K_{j}\phi ~\mid ~C_{A}\phi ~\mid ~D_{A}\phi } where p ∈ P R O P {\displaystyle p\in PROP} , j ∈ A G T S {\displaystyle j\in {AGTS}} and A ⊆ A G T S {\displaystyle A\subseteq {AGTS}} . The basic epistemic language L E L {\displaystyle {\mathcal {L}}_{EL}} is the language L E L C {\displaystyle {\mathcal {L}}_{EL}^{C}} without the common knowledge and distributed knowledge operators. The formula ⊥ {\displaystyle \bot } is an abbreviation for ¬ p ∧ p {\displaystyle \neg p\land p} (for a given p ∈ P R O P {\displaystyle p\in PROP} ), ⟨ K j ⟩ ϕ {\displaystyle \langle K_{j}\rangle \phi } is an abbreviation for ¬ K j ¬ ϕ {\displaystyle \neg K_{j}\neg \phi } , E A ϕ {\displaystyle E_{A}\phi } is an abbreviation for ⋀ j ∈ A K j ϕ {\displaystyle \bigwedge \limits _{j\in A}K_{j}\phi } and C ϕ {\displaystyle C\phi } an abbreviation for C A G T S ϕ {\displaystyle C_{AGTS}\phi } . Group notions: general, common and distributed knowledge. In a multi-agent setting there are three important epistemic concepts: general knowledge, distributed knowledge and common knowledge. The notion of common knowledge was first studied by Lewis in the context of conventions. It was then applied to distributed systems and to game theory, where it allows to express that the rationality of the players, the rules of the game and the set of players are commonly known. General knowledge. General knowledge of ϕ {\displaystyle \phi } means that everybody in the group of agents A G T S {\displaystyle {AGTS}} knows that ϕ {\displaystyle \phi } . Formally, this corresponds to the following formula: E ϕ := ⋀ j ∈ A G T S K j ϕ . {\displaystyle E\phi :={\underset {j\in {AGTS}}{\bigwedge }}K_{j}\phi .} Common knowledge. Common knowledge of ϕ {\displaystyle \phi } means that everybody knows ϕ {\displaystyle \phi } but also that everybody knows that everybody knows ϕ {\displaystyle \phi } , that everybody knows that everybody knows that everybody knows ϕ {\displaystyle \phi } , and so on ad infinitum. Formally, this corresponds to the following formula C ϕ := E ϕ ∧ E E ϕ ∧ E E E ϕ ∧ … {\displaystyle C\phi :=E\phi \land EE\phi \land EEE\phi \land \ldots } As we do not allow infinite conjunction the notion of common knowledge will have to be introduced as a primitive in our language. Before defining the language with this new operator, we are going to give an example introduced by Lewis that illustrates the difference between the notions of general knowledge and common knowledge. Lewis wanted to know what kind of knowledge is needed so that the statement p {\displaystyle p} : “every driver must drive on the right” be a convention among a group of agents. In other words, he wanted to know what kind of knowledge is needed so that everybody feels safe to drive on the right. Suppose there are only two agents i {\displaystyle i} and j {\displaystyle j} . Then everybody knowing p {\displaystyle p} (formally E p {\displaystyle Ep} ) is not enough. Indeed, it might still be possible that the agent i {\displaystyle i} considers possible that the agent j {\displaystyle j} does not know p {\displaystyle p} (formally ¬ K i K j p {\displaystyle \neg K_{i}K_{j}p} ). In that case the agent i {\displaystyle i} will not feel safe to drive on the right because he might consider that the agent j {\displaystyle j} , not knowing p {\displaystyle p} , could drive on the left. To avoid this problem, we could then assume that everybody knows that everybody knows that p {\displaystyle p} (formally E E p {\displaystyle EEp} ). This is again not enough to ensure that everybody feels safe to drive on the right. Indeed, it might still be possible that agent i {\displaystyle i} considers possible that agent j {\displaystyle j} considers possible that agent i {\displaystyle i} does not know p {\displaystyle p} (formally ¬ K i K j K i p {\displaystyle \neg K_{i}K_{j}K_{i}p} ). In that case and from i {\displaystyle i} ’s point of view, j {\displaystyle j} considers possible that i {\displaystyle i} , not knowing p {\displaystyle p} , will drive on the left. So from i {\displaystyle i} ’s point of view, j {\displaystyle j} might drive on the left as well (by the same argument as abov

Digital media service

A digital media service (DMS) is an online service provider that sells access to digital library of content such as films, software, games, images, literature, etc. While no transfer of property is made, a nearly perfect duplicate of the data (song movie, etc.) is made on a customer's computer. Content is either primarily hosted on a dedicated server, which is owned by the service provider, or it is hosted primarily on the hard drives of its customers using a P2P protocol with, perhaps, a dedicated server to supplement. == History == One example of the older business model is the iTunes Store, which still markets and prices data as individual retail products. There are no examples of the latter business model in operation yet, but one is currently in development by Global Gaming Factory X and expected to begin operation some time after they acquire The Pirate Bay domain on August 27, 2009. A key difference between the two models is that the model which relies on its customer base for offering their bandwidth for other customers to access customer hosted data can operate at significantly lower costs than a company that seeks to limit data access to a per-download fee in order to supplement the cost of using its own hosting and bandwidth. The P2P model holds the potential for companies to offer unlimited access to the largest data library in the history of the internet to its customers for a reasonably low membership rate that is relevant to the cost of operation. While the market is virtually untouched, the P2P supplemented model will need entrepreneurs who are able to overcome a series of challenges in order to compete with the older business model as well as that which is offered for free (and often against the wishes of copyright holders) by hundreds of P2P communities on the internet. These challenges include, but are not limited to: Offering better data quality, speed, convenience and ease of use, protocol, sense of security, indexing and search organization, site up time, data library size, customer support, advertising, artist/copyright holder incentives and compensation, incentives and compensation for customers hosting data and providing bandwidth, guaranteed seeding (available access to indexed data at all times), than competitors.