65,252 research outputs found
PDFS: Practical Data Feed Service for Smart Contracts
Smart contracts are a new paradigm that emerged with the rise of the
blockchain technology. They allow untrusting parties to arrange agreements.
These agreements are encoded as a programming language code and deployed on a
blockchain platform, where all participants execute them and maintain their
state. Smart contracts are promising since they are automated and
decentralized, thus limiting the involvement of third trusted parties, and can
contain monetary transfers. Due to these features, many people believe that
smart contracts will revolutionize the way we think of distributed
applications, information sharing, financial services, and infrastructures.
To release the potential of smart contracts, it is necessary to connect the
contracts with the outside world, such that they can understand and use
information from other infrastructures. For instance, smart contracts would
greatly benefit when they have access to web content. However, there are many
challenges associated with realizing such a system, and despite the existence
of many proposals, no solution is secure, provides easily-parsable data,
introduces small overheads, and is easy to deploy.
In this paper we propose PDFS, a practical system for data feeds that
combines the advantages of the previous schemes and introduces new
functionalities. PDFS extends content providers by including new features for
data transparency and consistency validations. This combination provides
multiple benefits like content which is easy to parse and efficient
authenticity verification without breaking natural trust chains. PDFS keeps
content providers auditable, mitigates their malicious activities (like data
modification or censorship), and allows them to create a new business model. We
show how PDFS is integrated with existing web services, report on a PDFS
implementation and present results from conducted case studies and experiments.Comment: Blockchain; Smart Contracts; Data Authentication; Ethereu
Supporting user-oriented analysis for multi-view domain-specific visual languages
This is the post-print version of the final paper published in Information and Software Technology. The published article is available from the link below. Changes resulting from the publishing process, such as peer review, editing, corrections, structural formatting, and other quality control mechanisms may not be reflected in this document. Changes may have been made to this work since it was submitted for publication. Copyright @ 2008 Elsevier B.V.The integration of usable and flexible analysis support in modelling environments is a key success factor in Model-Driven Development. In this paradigm, models are the core asset from which code is automatically generated, and thus ensuring model correctness is a fundamental quality control activity. For this purpose, a common approach is to transform the system models into formal semantic domains for verification. However, if the analysis results are not shown in a proper way to the end-user (e.g. in terms of the original language) they may become useless.
In this paper we present a novel DSVL called BaVeL that facilitates the flexible annotation of verification results obtained in semantic domains to different formats, including the context of the original language. BaVeL is used in combination with a consistency framework, providing support for all steps in a verification process: acquisition of additional input data, transformation of the system models into semantic domains, verification, and flexible annotation of analysis results.
The approach has been validated analytically by the cognitive dimensions framework, and empirically by its implementation and application to several DSVLs. Here we present a case study of a notation in the area of Digital Libraries, where the analysis is performed by transformations into Petri nets and a process algebra.Spanish Ministry of Education and Science and MODUWEB
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
- …