A Feedback Control Approach to Mitigating Mistreatment

Abstract. We consider distributed collaborative caching groups where individual members are autonomous and self-aware. Such groups have been emerging in many new overlay and peer-to-peer applications. In a recent work of ours, we considered distributed caching protocols where group members (nodes) cooperate to satisfy requests for information objects either locally or remotely from the group, or otherwise from the origin server. In such setting, we identified the problem of a node being mistreated, i.e., its access cost for fetching information objects becoming worse with cooperation than without. We identified two causes of mistreatment: (1) the use of a common caching scheme which controls whether a node should not rely on other nodes in the group by keeping its own local copy of the object once retrieved from the group; and (2) the state interaction that can take place when the miss-request streams from other nodes in the group are allowed to affect the state of the local replacement algorithm. We also showed that both these issues can be addressed by introducing two simple additional parameters that affect the caching behavior (the reliance and the interaction parameters). In this paper, we argue against a static rule-of-thumb policy of setting these parameters since the performance, in terms of average object access cost, depends on a multitude of system parameters (namely, group size, cache sizes, demand skewness, and distances). We then propose a feedback control approach to mitigating mistreatment in distributed caching groups. In our approach, a node independently emulates its performance as if it were acting selfishly and then adapts its reliance and interaction parameters in the direction of reducing its measured access cost below its emulated selfish cost. To ensure good convergence and stability properties, we use a (Proportional-Integral-Differential) PID-style controller. Our simulation results show that our controller adapts to the minimal access cost and outperforms static-parameter schemes

Multimedia delivery in the future internet

The term “Networked Media” implies that all kinds of media including text, image, 3D graphics, audio and video are produced, distributed, shared, managed and consumed on-line through various networks, like the Internet, Fiber, WiFi, WiMAX, GPRS, 3G and so on, in a convergent manner [1]. This white paper is the contribution of the Media Delivery Platform (MDP) cluster and aims to cover the Networked challenges of the Networked Media in the transition to the Future of the Internet. Internet has evolved and changed the way we work and live. End users of the Internet have been confronted with a bewildering range of media, services and applications and of technological innovations concerning media formats, wireless networks, terminal types and capabilities. And there is little evidence that the pace of this innovation is slowing. Today, over one billion of users access the Internet on regular basis, more than 100 million users have downloaded at least one (multi)media file and over 47 millions of them do so regularly, searching in more than 160 Exabytes1 of content. In the near future these numbers are expected to exponentially rise. It is expected that the Internet content will be increased by at least a factor of 6, rising to more than 990 Exabytes before 2012, fuelled mainly by the users themselves. Moreover, it is envisaged that in a near- to mid-term future, the Internet will provide the means to share and distribute (new) multimedia content and services with superior quality and striking flexibility, in a trusted and personalized way, improving citizens’ quality of life, working conditions, edutainment and safety. In this evolving environment, new transport protocols, new multimedia encoding schemes, cross-layer inthe network adaptation, machine-to-machine communication (including RFIDs), rich 3D content as well as community networks and the use of peer-to-peer (P2P) overlays are expected to generate new models of interaction and cooperation, and be able to support enhanced perceived quality-of-experience (PQoE) and innovative applications “on the move”, like virtual collaboration environments, personalised services/ media, virtual sport groups, on-line gaming, edutainment. In this context, the interaction with content combined with interactive/multimedia search capabilities across distributed repositories, opportunistic P2P networks and the dynamic adaptation to the characteristics of diverse mobile terminals are expected to contribute towards such a vision. Based on work that has taken place in a number of EC co-funded projects, in Framework Program 6 (FP6) and Framework Program 7 (FP7), a group of experts and technology visionaries have voluntarily contributed in this white paper aiming to describe the status, the state-of-the art, the challenges and the way ahead in the area of Content Aware media delivery platforms

Fairness in Information Access Systems

Recommendation, information retrieval, and other information access systems pose unique challenges for investigating and applying the fairness and non-discrimination concepts that have been developed for studying other machine learning systems. While fair information access shares many commonalities with fair classification, the multistakeholder nature of information access applications, the rank-based problem setting, the centrality of personalization in many cases, and the role of user response complicate the problem of identifying precisely what types and operationalizations of fairness may be relevant, let alone measuring or promoting them. In this monograph, we present a taxonomy of the various dimensions of fair information access and survey the literature to date on this new and rapidly-growing topic. We preface this with brief introductions to information access and algorithmic fairness, to facilitate use of this work by scholars with experience in one (or neither) of these fields who wish to learn about their intersection. We conclude with several open problems in fair information access, along with some suggestions for how to approach research in this space

Enhancing Privacy and Fairness in Search Systems

Following a period of expedited progress in the capabilities of digital systems, the society begins to realize that systems designed to assist people in various tasks can also harm individuals and society. Mediating access to information and explicitly or implicitly ranking people in increasingly many applications, search systems have a substantial potential to contribute to such unwanted outcomes. Since they collect vast amounts of data about both searchers and search subjects, they have the potential to violate the privacy of both of these groups of users. Moreover, in applications where rankings influence people's economic livelihood outside of the platform, such as sharing economy or hiring support websites, search engines have an immense economic power over their users in that they control user exposure in ranked results. This thesis develops new models and methods broadly covering different aspects of privacy and fairness in search systems for both searchers and search subjects. Specifically, it makes the following contributions: (1) We propose a model for computing individually fair rankings where search subjects get exposure proportional to their relevance. The exposure is amortized over time using constrained optimization to overcome searcher attention biases while preserving ranking utility. (2) We propose a model for computing sensitive search exposure where each subject gets to know the sensitive queries that lead to her profile in the top-k search results. The problem of finding exposing queries is technically modeled as reverse nearest neighbor search, followed by a weekly-supervised learning to rank model ordering the queries by privacy-sensitivity. (3) We propose a model for quantifying privacy risks from textual data in online communities. The method builds on a topic model where each topic is annotated by a crowdsourced sensitivity score, and privacy risks are associated with a user's relevance to sensitive topics. We propose relevance measures capturing different dimensions of user interest in a topic and show how they correlate with human risk perceptions. (4) We propose a model for privacy-preserving personalized search where search queries of different users are split and merged into synthetic profiles. The model mediates the privacy-utility trade-off by keeping semantically coherent fragments of search histories within individual profiles, while trying to minimize the similarity of any of the synthetic profiles to the original user profiles. The models are evaluated using information retrieval techniques and user studies over a variety of datasets, ranging from query logs, through social media and community question answering postings, to item listings from sharing economy platforms.Nach einer Zeit schneller Fortschritte in den Fähigkeiten digitaler Systeme beginnt die Gesellschaft zu erkennen, dass Systeme, die Menschen bei verschiedenen Aufgaben unterstützen sollen, den Einzelnen und die Gesellschaft auch schädigen können. Suchsysteme haben ein erhebliches Potenzial, um zu solchen unerwünschten Ergebnissen beizutragen, weil sie den Zugang zu Informationen vermitteln und explizit oder implizit Menschen in immer mehr Anwendungen in Ranglisten anordnen. Da sie riesige Datenmengen sowohl über Suchende als auch über Gesuchte sammeln, können sie die Privatsphäre dieser beiden Benutzergruppen verletzen. In Anwendungen, in denen Ranglisten einen Einfluss auf den finanziellen Lebensunterhalt der Menschen außerhalb der Plattform haben, z. B. auf Sharing-Economy-Plattformen oder Jobbörsen, haben Suchmaschinen eine immense wirtschaftliche Macht über ihre Nutzer, indem sie die Sichtbarkeit von Personen in Suchergebnissen kontrollieren. In dieser Dissertation werden neue Modelle und Methoden entwickelt, die verschiedene Aspekte der Privatsphäre und der Fairness in Suchsystemen, sowohl für Suchende als auch für Gesuchte, abdecken. Insbesondere leistet die Arbeit folgende Beiträge: (1) Wir schlagen ein Modell für die Berechnung von fairen Rankings vor, bei denen Suchsubjekte entsprechend ihrer Relevanz angezeigt werden. Die Sichtbarkeit wird im Laufe der Zeit durch ein Optimierungsmodell adjustiert, um die Verzerrungen der Sichtbarkeit für Sucher zu kompensieren, während die Nützlichkeit des Rankings beibehalten bleibt. (2) Wir schlagen ein Modell für die Bestimmung kritischer Suchanfragen vor, in dem für jeden Nutzer Aanfragen, die zu seinem Nutzerprofil in den Top-k-Suchergebnissen führen, herausgefunden werden. Das Problem der Berechnung von exponierenden Suchanfragen wird als Reverse-Nearest-Neighbor-Suche modelliert. Solche kritischen Suchanfragen werden dann von einem Learning-to-Rank-Modell geordnet, um die sensitiven Suchanfragen herauszufinden. (3) Wir schlagen ein Modell zur Quantifizierung von Risiken für die Privatsphäre aus Textdaten in Online Communities vor. Die Methode baut auf einem Themenmodell auf, bei dem jedes Thema durch einen Crowdsourcing-Sensitivitätswert annotiert wird. Die Risiko-Scores sind mit der Relevanz eines Benutzers mit kritischen Themen verbunden. Wir schlagen Relevanzmaße vor, die unterschiedliche Dimensionen des Benutzerinteresses an einem Thema erfassen, und wir zeigen, wie diese Maße mit der Risikowahrnehmung von Menschen korrelieren. (4) Wir schlagen ein Modell für personalisierte Suche vor, in dem die Privatsphäre geschützt wird. In dem Modell werden Suchanfragen von Nutzer partitioniert und in synthetische Profile eingefügt. Das Modell erreicht einen guten Kompromiss zwischen der Suchsystemnützlichkeit und der Privatsphäre, indem semantisch kohärente Fragmente der Suchhistorie innerhalb einzelner Profile beibehalten werden, wobei gleichzeitig angestrebt wird, die Ähnlichkeit der synthetischen Profile mit den ursprünglichen Nutzerprofilen zu minimieren. Die Modelle werden mithilfe von Informationssuchtechniken und Nutzerstudien ausgewertet. Wir benutzen eine Vielzahl von Datensätzen, die von Abfrageprotokollen über soziale Medien Postings und die Fragen vom Q&A Forums bis hin zu Artikellistungen von Sharing-Economy-Plattformen reichen

Memories of enslavement as identity formation in the legal collections of the Pentateuch

Thesis (PhD)--Stellenbosch University, 2022.ENGLISH ABSTRACT: This dissertation is a study of memories of enslavement as identity formation embedded in the slave instructions of the legal collections of the Pentateuch. The personal experiences of the writer in his native country of Nigeria and the last twenty years in the USA, became the impetus for the scrutiny of these slave instructions. The constant tribal and religious conflicts in Northern Nigeria are usually accompanied by the mention of past experiences of slavery and colonialism. Similarly, the black community in the USA seems weighed down by the memories of slavery and segregation as it wrestles with the matters of dignity, poverty and lack of education that affect it disproportionately. These concerns caused the author to reflect on the biblical material in the Pentateuch that relates to memories of slavery as the communities seek an identity of their own. Hence, this dissertation, with the title “Memories of Enslavement as Identity Formation in the Legal Collection of the Pentateuch”, seeks to investigate how those passages addressed ancient Israel regarding the ethical treatment of the poor and downtrodden. The author approached the passages from the point of view of a historical-grammatical study, where attention is paid to the grammar and syntax of the text, and similarities and dissimilarities in the synoptic texts where they address the subject of slave instructions in the Covenant Code (CC) in Exodus 21:1-11; the Holiness Code (HC) in Leviticus 25:39-55; and the Deuteronomic Code (DC) in Deuteronomy 15:12-18. An observation of the contexts surrounding these instructions shed light on their individual contexts and the guiding interests of the authors. The references to Egypt as a house of slavery in these instructions is considered a literary device to jolt the memory and direct behaviour in the right direction for the treatment of workers, especially fellow Israelites. It appears that, in each instruction, the setting of the pre-exilic and post-exilic world events of the ANE had influenced the behaviour of the audience so that the appeal to consider kinship relationships was prominent in the Deuteronomic and Holiness codes, where the term “brother” is employed as the true identity of the Hebrew slave. First, the CC and DC limit the service of Hebrew slaves to six years. The HC, which appears to be the latest instruction, removes the term “slave” entirely and draws attention to the claims of Yahweh, that Israel was redeemed to be “servants” of God and not anyone else’s. Second, in the effort to guarantee the freedom of Israelite slaves at the Jubilee, the HC further removes “female slaves” as a possibility for Israelites. In the narrative sections of the Pentateuch, descriptive narrations of slavery require the attention of further research, because this dissertation focused narrowly on the slave instructions. Any further research into those narratives will yield helpful information on how oral cultures tell and retell stories as a collective, identity-forming mechanism. The dissertation seeks to bring to light analogies from the above Pentateuchal passages to the Nigerian experiences of tribal and religious relationships, as discussed in Chapter 2. The topic, “Memories of Enslavement as Identity Formation in the Legal Collections of the Pentateuch”, indicates the initial intention of the study. However, the historical-grammatical study revealed that memories are tied to kinship in ancient Israel – illustrated by the metaphors related to family. The exilic community found a strong tie in kinship through the recollection of a common past. The common identity, in turn, was at the heart of the theological and ethical call to acknowledge the authority of Yahweh as the true Lord of all Israel. The slave instructions provide a sense of theological and ethical direction for the audience of each instruction. Likewise, the instructions appear relevant for theological and ethical direction for the modern world. The theological-ethical motivations of the slave instructions are relevant for Nigeria and other countries struggling to devise an identity from the memories of slavery and colonialism.AFRIKAANSE OPSOMMING: Hierdie proefskrif stel ondersoek in na die herinneringe aan slawerny as identiteitsvorming ingebed in die slawebepalings van die regsversamelings van die Pentateug. Die persoonlike ervarings van die skrywer in sy land van herkoms, Nigerië, en die afgelope twintig jaar se verblyf in die VSA het aanleiding tot die ondersoek van die slawebepalings gegee. Die voortdurende stam- en godsdienstige konflik in Noord-Nigerië gaan dikwels gepaard met verwysings na vorige ervarings van slawerny en kolonialisme. Ooreenstemmend het die swart gemeenskap in die VSA druk ervaar van die herinneringe aan slawerny en segregasie tydens die stryd om waardigheid, armoede en gebrek aan opvoedingsgeleenthede aan te spreek. Hierdie besorgdhede het aanleiding gegee tot die bestudering van die regsversamelings van die Pentateug om vas te stel hoe dit verband hou met die herinneringe aan slawerny as deel van die proses waartydens ’n eie identiteit ontwikkel word. Vandaar die titel, “Herinneringe aan slawerny as identiteitsvorming in die regsversamelings van die Pentateug”, wat ondersoek instel na hoe hierdie gedeelte antieke Israel aangespreek het ten opsigte etiese optrede teenoor slawe, werkers en die verdruktes. Die skrywer benader die teksgedeeltes vanuit die hoek van histories-grammatiese eksegese, waarbinne aandag geskenk word aan die grammatika en sintaksis van die teks, asook ooreenkomste en verskille in die sinoptiese tekste wat die onderwerp van slawebepalings in die Verbondsboek (Ex 21:1-11), Heiligheidswetgewing (Lev 25:39-55) en die Deuteronomistiese wette (Deut 15:12-18) aanspreek. Aandag vir die literêre kontekste van hierdie bepalings werp lig op die individuele kontekste en die rigtinggewende belange van die skrywers. Die verwysings na Egipte as ’n slawehuis in hierdie bepalings word as ’n literêre middel beskou om herinnering aan te wakker en om gedrag te rig ten opsigte van die behandeling van werkers, veral mede-Israeliete. Dit blyk dat, in elke bepaling, die konteks van die voor-eksiliese, eksiliese en na-eksiliese wêreld van die Ou Nabye Ooste ’n invloed uitgeoefen het op die gedrag van die gehoor sodat die aanspraak op die inagneming van die verwantskapsverhoudings voorrang geniet het binne die Deuteronomiese en Heiligheidswette, waar die begrip “broer” gebruik word om uitdrukking aan die ware identiteit van die Hebreeuse slaaf te gee. Ten eerste beperk die Verbondsboek en die Deuteronomistiese wette die dienstydperk van Hebreeuse slawe tot ses jaar. Die Heiligheidswette, as die jongste bepalings, verwyder die begrip “slaaf” as geheel en fokus die aandag op die aansprake van Jahwe, dat Israel uit slawerny gered is om as “dienaars” van God en niemand anders op te tree. Tweedens, as deel van die poging om die vryheid van Israelitiese slawe tydens die Jubeljaar te waarborg, verwyder die Heiligheidswette “vroulike slawerny” as ’n moontlikheid vir Israeliete. In die verhalende dele van die Pentateug verlang die vertellende verwysings na slawerny verdere navorsing omdat hierdie proefskrif spesifiek op die slawebepalings gefokus het. Verdere navorsing oor hierdie vertellings behoort nuttige inligting te bied oor hoe mondelinge kulture stories vertel en hervertel het as deel van ’n identiteitsvormingsproses. Die proefskrif probeer om analogieë tussen bogenoemde gedeeltes van die Pentateug en die Nigeriese ervarings van stam- en godsdienstige verhoudings aan die lig te bring soos in hoofstuk twee bespreek. Die onderwerp, “Herinneringe aan Slawerny as Identiteitsvorming binne die Regsversamelings van die Pentateug” verwoord die aanvanklike bedoeling van die proefskrif. Die histories-grammatiese ondersoek toon hoe die herinneringe verband hou met verwantskap in antieke Israel – soos uitgebeeld deur die familiemetafore. Die ballingskapsgemeenskap het deur herinneringe aan ’n gemeenskaplike verlede sterk verwantskapsbande gebou. Die gemeenskaplike identiteit was op sy beurt die middelpunt van die teologiese en etiese oproep om Jahwe as die ware Here van Israel as geheel te erken. Die slawebepalings verskaf teologiese en etiese rigtinggewing vir elke bepaling se gehoor. Op ’n soortgelyke wyse blyk die slawebepalings van toepassing te wees vir teologiese en etiese koersgewing in die moderne wêreld. Die teologies-etiese motiverings vir die slawebepalings is ter sake vir Nigerië en ander lande wat worstel met identiteitsvorming te midde van herinneringe aan slawerny en kolonialisme.Doctora

A feedback control approach to mitigating mistreatment in distributed caching groups

We consider distributed collaborative caching groups where individual members are autonomous and self-aware. Such groups have been emerging in many new overlay and peer-to-peer applications. In a recent work of ours, we considered distributed caching protocols where group members (nodes) cooperate to satisfy requests for information objects either locally or remotely from the group, or otherwise from the origin server. In such setting, we identified the problem of a node being mistreated, i.e., its access cost for fetching information objects becoming worse with cooperation than without. We identified two causes of mistreatment: (1) the use of a common caching scheme which controls whether a node should not rely on other nodes in the group by keeping its own local copy of the object once retrieved from the group; and (2) the state interaction that can take place when the miss-request streams from other nodes in the group are allowed to affect the state of the local replacement algorithm. We also showed that both these issues can be addressed by introducing two simple additional parameters that affect the caching behavior (the reliance and the interaction parameters). In this paper, we argue against a static rule-of-thumb policy of setting these parameters since the performance, in terms of average object access cost, depends on a multitude of system parameters (namely, group size, cache sizes, demand skewness, and distances). We then propose a feedback control approach to mitigating mistreatment in distributed caching groups. In our approach, a node independently emulates its performance as if it were acting selfishly and then adapts its reliance and interaction parameters in the direction of reducing its measured access cost below its emulated selfish cost. To ensure good convergence and stability properties, we use a (Proportional-Integral-Differential) PID-style controller. Our simulation results show that our controller adapts to the minimal access cost and outperforms static-parameter schemes. © IFIP International Federation for Information Processing 2006

Het binnenste buiten. Liber amicorum ter gelegenheid van het emeritaat van prof. dr. Aernout H.J. Schmidt, hoogleraar Recht en Informatica te Leiden

FdR – Publicaties niet-programma gebonde

Last-Mile TLS Interception: Analysis and Observation of the Non-Public HTTPS Ecosystem

Transport Layer Security (TLS) is one of the most widely deployed cryptographic protocols on the Internet that provides confidentiality, integrity, and a certain degree of authenticity of the communications between clients and servers. Following Snowden's revelations on US surveillance programs, the adoption of TLS has steadily increased. However, encrypted traffic prevents legitimate inspection. Therefore, security solutions such as personal antiviruses and enterprise firewalls may intercept encrypted connections in search for malicious or unauthorized content. Therefore, the end-to-end property of TLS is broken by these TLS proxies (a.k.a. middleboxes) for arguably laudable reasons; yet, may pose a security risk. While TLS clients and servers have been analyzed to some extent, such proxies have remained unexplored until recently. We propose a framework for analyzing client-end TLS proxies, and apply it to 14 consumer antivirus and parental control applications as they break end-to-end TLS connections. Overall, the security of TLS connections was systematically worsened compared to the guarantees provided by modern browsers. Next, we aim at exploring the non-public HTTPS ecosystem, composed of locally-trusted proxy-issued certificates, from the user's perspective and from several countries in residential and enterprise settings. We focus our analysis on the long tail of interception events. We characterize the customers of network appliances, ranging from small/medium businesses and institutes to hospitals, hotels, resorts, insurance companies, and government agencies. We also discover regional cases of traffic interception malware/adware that mostly rely on the same Software Development Kit (i.e., NetFilter). Our scanning and analysis techniques allow us to identify more middleboxes and intercepting apps than previously found from privileged server vantages looking at billions of connections. We further perform a longitudinal study over six years of the evolution of a prominent traffic-intercepting adware found in our dataset: Wajam. We expose the TLS interception techniques it has used and the weaknesses it has introduced on hundreds of millions of user devices. This study also (re)opens the neglected problem of privacy-invasive adware, by showing how adware evolves sometimes stronger than even advanced malware and poses significant detection and reverse-engineering challenges. Overall, whether beneficial or not, TLS interception often has detrimental impacts on security without the end-user being alerted