Asymptotically idempotent aggregation operators for trust management in multi-agent systems

The study of trust management in multi-agent system, especially distributed, has grown over the last years. Trust is a complex subject that has no general consensus in literature, but has emerged the importance of reasoning about it computationally. Reputation systems takes into consideration the history of an entity’s actions/behavior in order to compute trust, collecting and aggregating ratings from members in a community. In this scenario the aggregation problem becomes fundamental, in particular depending on the environment. In this paper we describe a technique based on a class of asymptotically idempotent aggregation operators, suitable particulary for distributed anonymous environments

Towards Secure Blockchain-enabled Internet of Vehicles: Optimizing Consensus Management Using Reputation and Contract Theory

In Internet of Vehicles (IoV), data sharing among vehicles is essential to improve driving safety and enhance vehicular services. To ensure data sharing security and traceability, highefficiency Delegated Proof-of-Stake consensus scheme as a hard security solution is utilized to establish blockchain-enabled IoV (BIoV). However, as miners are selected from miner candidates by stake-based voting, it is difficult to defend against voting collusion between the candidates and compromised high-stake vehicles, which introduces serious security challenges to the BIoV. To address such challenges, we propose a soft security enhancement solution including two stages: (i) miner selection and (ii) block verification. In the first stage, a reputation-based voting scheme for the blockchain is proposed to ensure secure miner selection. This scheme evaluates candidates' reputation by using both historical interactions and recommended opinions from other vehicles. The candidates with high reputation are selected to be active miners and standby miners. In the second stage, to prevent internal collusion among the active miners, a newly generated block is further verified and audited by the standby miners. To incentivize the standby miners to participate in block verification, we formulate interactions between the active miners and the standby miners by using contract theory, which takes block verification security and delay into consideration. Numerical results based on a real-world dataset indicate that our schemes are secure and efficient for data sharing in BIoV.Comment: 12 pages, submitted for possible journal publicatio

Systematizing Decentralization and Privacy: Lessons from 15 Years of Research and Deployments

Decentralized systems are a subset of distributed systems where multiple authorities control different components and no authority is fully trusted by all. This implies that any component in a decentralized system is potentially adversarial. We revise fifteen years of research on decentralization and privacy, and provide an overview of key systems, as well as key insights for designers of future systems. We show that decentralized designs can enhance privacy, integrity, and availability but also require careful trade-offs in terms of system complexity, properties provided, and degree of decentralization. These trade-offs need to be understood and navigated by designers. We argue that a combination of insights from cryptography, distributed systems, and mechanism design, aligned with the development of adequate incentives, are necessary to build scalable and successful privacy-preserving decentralized systems

TRIDEnT: Building Decentralized Incentives for Collaborative Security

Sophisticated mass attacks, especially when exploiting zero-day vulnerabilities, have the potential to cause destructive damage to organizations and critical infrastructure. To timely detect and contain such attacks, collaboration among the defenders is critical. By correlating real-time detection information (alerts) from multiple sources (collaborative intrusion detection), defenders can detect attacks and take the appropriate defensive measures in time. However, although the technical tools to facilitate collaboration exist, real-world adoption of such collaborative security mechanisms is still underwhelming. This is largely due to a lack of trust and participation incentives for companies and organizations. This paper proposes TRIDEnT, a novel collaborative platform that aims to enable and incentivize parties to exchange network alert data, thus increasing their overall detection capabilities. TRIDEnT allows parties that may be in a competitive relationship, to selectively advertise, sell and acquire security alerts in the form of (near) real-time peer-to-peer streams. To validate the basic principles behind TRIDEnT, we present an intuitive game-theoretic model of alert sharing, that is of independent interest, and show that collaboration is bound to take place infinitely often. Furthermore, to demonstrate the feasibility of our approach, we instantiate our design in a decentralized manner using Ethereum smart contracts and provide a fully functional prototype.Comment: 28 page

MobileTrust: Secure Knowledge Integration in VANETs

Vehicular Ad hoc NETworks (VANET) are becoming popular due to the emergence of the Internet of Things and ambient intelligence applications. In such networks, secure resource sharing functionality is accomplished by incorporating trust schemes. Current solutions adopt peer-to-peer technologies that can cover the large operational area. However, these systems fail to capture some inherent properties of VANETs, such as fast and ephemeral interaction, making robust trust evaluation of crowdsourcing challenging. In this article, we propose MobileTrust—a hybrid trust-based system for secure resource sharing in VANETs. The proposal is a breakthrough in centralized trust computing that utilizes cloud and upcoming 5G technologies to provide robust trust establishment with global scalability. The ad hoc communication is energy-efficient and protects the system against threats that are not countered by the current settings. To evaluate its performance and effectiveness, MobileTrust is modelled in the SUMO simulator and tested on the traffic features of the small-size German city of Eichstatt. Similar schemes are implemented in the same platform to provide a fair comparison. Moreover, MobileTrust is deployed on a typical embedded system platform and applied on a real smart car installation for monitoring traffic and road-state parameters of an urban application. The proposed system is developed under the EU-founded THREAT-ARREST project, to provide security, privacy, and trust in an intelligent and energy-aware transportation scenario, bringing closer the vision of sustainable circular economy