178,467 research outputs found
Reasoning about the Reliability of Diverse Two-Channel Systems in which One Channel is "Possibly Perfect"
This paper considers the problem of reasoning about the reliability of fault-tolerant systems with two "channels" (i.e., components) of which one, A, supports only a claim of reliability, while the other, B, by virtue of extreme simplicity and extensive analysis, supports a plausible claim of "perfection." We begin with the case where either channel can bring the system to a safe state. We show that, conditional upon knowing pA (the probability that A fails on a randomly selected demand) and pB (the probability that channel B is imperfect), a conservative bound on the probability that the system fails on a randomly selected demand is simply pA.pB. That is, there is conditional independence between the events "A fails" and "B is imperfect." The second step of the reasoning involves epistemic uncertainty about (pA, pB) and we show that under quite plausible assumptions, a conservative bound on system pfd can be constructed from point estimates for just three parameters. We discuss the feasibility of establishing credible estimates for these parameters. We extend our analysis from faults of omission to those of commission, and then combine these to yield an analysis for monitored architectures of a kind proposed for aircraft
Actor-network procedures: Modeling multi-factor authentication, device pairing, social interactions
As computation spreads from computers to networks of computers, and migrates
into cyberspace, it ceases to be globally programmable, but it remains
programmable indirectly: network computations cannot be controlled, but they
can be steered by local constraints on network nodes. The tasks of
"programming" global behaviors through local constraints belong to the area of
security. The "program particles" that assure that a system of local
interactions leads towards some desired global goals are called security
protocols. As computation spreads beyond cyberspace, into physical and social
spaces, new security tasks and problems arise. As networks are extended by
physical sensors and controllers, including the humans, and interlaced with
social networks, the engineering concepts and techniques of computer security
blend with the social processes of security. These new connectors for
computational and social software require a new "discipline of programming" of
global behaviors through local constraints. Since the new discipline seems to
be emerging from a combination of established models of security protocols with
older methods of procedural programming, we use the name procedures for these
new connectors, that generalize protocols. In the present paper we propose
actor-networks as a formal model of computation in heterogenous networks of
computers, humans and their devices; and we introduce Procedure Derivation
Logic (PDL) as a framework for reasoning about security in actor-networks. On
the way, we survey the guiding ideas of Protocol Derivation Logic (also PDL)
that evolved through our work in security in last 10 years. Both formalisms are
geared towards graphic reasoning and tool support. We illustrate their workings
by analysing a popular form of two-factor authentication, and a multi-channel
device pairing procedure, devised for this occasion.Comment: 32 pages, 12 figures, 3 tables; journal submission; extended
references, added discussio
CryptoMaze: Atomic Off-Chain Payments in Payment Channel Network
Payment protocols developed to realize off-chain transactions in Payment
channel network (PCN) assumes the underlying routing algorithm transfers the
payment via a single path. However, a path may not have sufficient capacity to
route a transaction. It is inevitable to split the payment across multiple
paths. If we run independent instances of the protocol on each path, the
execution may fail in some of the paths, leading to partial transfer of funds.
A payer has to reattempt the entire process for the residual amount. We propose
a secure and privacy-preserving payment protocol, CryptoMaze. Instead of
independent paths, the funds are transferred from sender to receiver across
several payment channels responsible for routing, in a breadth-first fashion.
Payments are resolved faster at reduced setup cost, compared to existing
state-of-the-art. Correlation among the partial payments is captured,
guaranteeing atomicity. Further, two party ECDSA signature is used for
establishing scriptless locks among parties involved in the payment. It reduces
space overhead by leveraging on core Bitcoin scripts. We provide a formal model
in the Universal Composability framework and state the privacy goals achieved
by CryptoMaze. We compare the performance of our protocol with the existing
single path based payment protocol, Multi-hop HTLC, applied iteratively on one
path at a time on several instances. It is observed that CryptoMaze requires
less communication overhead and low execution time, demonstrating efficiency
and scalability.Comment: 30 pages, 9 figures, 1 tabl
International Labor Migration: A Responsible Role for Business
Outlines trends in labor migration in international supply chains and proposes an action plan for businesses to raise awareness and engage with suppliers to protect foreign workers' rights. Includes a case study of the Philippine government's policies
A Very Brief Introduction to Machine Learning With Applications to Communication Systems
Given the unprecedented availability of data and computing resources, there
is widespread renewed interest in applying data-driven machine learning methods
to problems for which the development of conventional engineering solutions is
challenged by modelling or algorithmic deficiencies. This tutorial-style paper
starts by addressing the questions of why and when such techniques can be
useful. It then provides a high-level introduction to the basics of supervised
and unsupervised learning. For both supervised and unsupervised learning,
exemplifying applications to communication networks are discussed by
distinguishing tasks carried out at the edge and at the cloud segments of the
network at different layers of the protocol stack
Reasoning About the Reliability of Multi-version, Diverse Real-Time Systems
This paper is concerned with the development of reliable real-time systems for use in high integrity applications. It advocates the use of diverse replicated channels, but does not require the dependencies between the channels to be evaluated. Rather it develops and extends the approach of Little wood and Rush by (for general systems) by investigating a two channel system in which one channel, A, is produced to a high level of reliability (i.e. has a very low failure rate), while the other, B, employs various forms of static analysis to sustain an argument that it is perfect (i.e. it will never miss a deadline). The first channel is fully functional, the second contains a more restricted computational model and contains only the critical computations. Potential dependencies between the channels (and their verification) are evaluated in terms of aleatory and epistemic uncertainty. At the aleatory level the events ''A fails" and ''B is imperfect" are independent. Moreover, unlike the general case, independence at the epistemic level is also proposed for common forms of implementation and analysis for real-time systems and their temporal requirements (deadlines). As a result, a systematic approach is advocated that can be applied in a real engineering context to produce highly reliable real-time systems, and to support numerical claims about the level of reliability achieved
- …