A symmetric protocol to establish service level agreements

We present a symmetrical protocol to repeatedly negotiate a desired service level between two parties, where the service levels are taken from some totally ordered finite domain. The agreed service level is selected from levels dynamically proposed by both parties and parties can only decrease the desired service level during a negotiation. The correctness of the protocol is stated using modal formulas and its behaviour is explained using behavioural reductions of the external behaviour modulo weak trace equivalence and divergence-preserving branching bisimulation. Our protocol originates from an industrial use case and it turned out to be remarkably tricky to design correctly

A symmetric protocol to establish service level agreements

We present a symmetrical protocol to repeatedly negotiate a desired service level between two parties, where the service levels are taken from some totally ordered finite domain. The agreed service level is selected from levels dynamically proposed by both parties and parties can only decrease the desired service level during a negotiation. The correctness of the protocol is stated using modal formulas and its behaviour is explained using behavioural reductions of the external behaviour modulo weak trace equivalence and divergence-preserving branching bisimulation. Our protocol originates from an industrial use case and it turned out to be remarkably tricky to design correctly

Obligations of trust for privacy and confidentiality in distributed transactions

Purpose – This paper aims to describe a bilateral symmetric approach to authorization, privacy protection and obligation enforcement in distributed transactions. The authors introduce the concept of the obligation of trust (OoT) protocol as a privacy assurance and authorization mechanism that is built upon the XACML standard. The OoT allows two communicating parties to dynamically exchange their privacy and authorization requirements and capabilities, which the authors term a notification of obligation (NoB), as well as their commitments to fulfilling each other's requirements, which the authors term signed acceptance of obligations (SAO). The authors seek to describe some applicability of these concepts and to show how they can be integrated into distributed authorization systems for stricter privacy and confidentiality control. Design/methodology/approach – Existing access control and privacy protection systems are typically unilateral and provider-centric, in that the enterprise service provider assigns the access rights, makes the access control decisions, and determines the privacy policy. There is no negotiation between the client and the service provider about which access control or privacy policy to use. The authors adopt a symmetric, more user-centric approach to privacy protection and authorization, which treats the client and service provider as peers, in which both can stipulate their requirements and capabilities, and hence negotiate terms which are equally acceptable to both parties. Findings – The authors demonstrate how the obligation of trust protocol can be used in a number of different scenarios to improve upon the mechanisms that are currently available today. Practical implications – This approach will serve to increase trust in distributed transactions since each communicating party receives a difficult to repudiate digitally signed acceptance of obligations, in a standard language (XACML), which can be automatically enforced by their respective computing machinery. Originality/value – The paper adds to current research in trust negotiation, privacy protection and authorization by combining all three together into one set of standardized protocols. Furthermore, by providing hard to repudiate signed acceptance of obligations messages, this strengthens the legal case of the injured party should a dispute arise

Securing the Internet of Things Infrastructure - Standards and Techniques

The Internet of Things (IoT) infrastructure is a conglomerate of electronic devices interconnected through the Internet, with the purpose of providing prompt and effective service to end-users. Applications running on an IoT infrastructure generally handle sensitive information such as a patient’s healthcare record, the position of a logistic vehicle, or the temperature readings obtained through wireless sensor nodes deployed in a bushland. The protection of such information from unlawful disclosure, tampering or modification, as well as the unscathed presence of IoT devices, in adversarial environments, is of prime concern. In this paper, a descriptive analysis of the security of standards and technologies for protecting the IoT communication channel from adversarial threats is provided. In addition, two paradigms for securing the IoT infrastructure, namely, common key based and paired key based, are proposed

The Growing Complexity of Internet Interconnection

End-to-End (E2E) packet delivery in the Internet is achieved through a system of interconnections between heterogeneous entities called Autonomous Systems (ASes). The initial pattern of AS interconnection in the Internet was relatively simple, involving mainly ISPs with a balanced mixture of inbound and outbound traffic. Changing market conditions and industrial organization of the Internet have jointly forced interconnections and associated contracts to become significantly more diverse and complex. The diversity of interconnection contracts is significant because efficient allocation of costs and revenues across the Internet value chain impacts the profitability of the industry. Not surprisingly, the challenges of recovering the fixed and usage-sensitive costs of network transport give rise to more complex settlements mechanisms than the simple bifurcated (transit and peering) model described in many earlier analyses of Internet interconnection (see BESEN et al., 2001; GREENSTEIN, 2005; or LAFFONT et al., 2003). In the following, we provide insight into recent operational developments, explaining why interconnection in the Internet has become more complex, the nature of interconnection bargaining processes, the implications for cost/revenue allocation and hence interconnection incentives, and what this means for public policy. This paper offers an abbreviated version of the original paper (see FARATIN et al., 2007b).internet interconnection, economics, public policy, routing, peering.

Asymmetry and Discrimination in Internet Peering Evidence from the LINX

Is the quality of interconnection between Internet operators affected by their asymmetry? While recent game theoretic literature provides contrasting answers to this question, there is a lack of empirical research. We introduce a novel dataset based on Internet routing policies, and study the interconnection decisions amongst the Internet Service Providers (ISPs) members of the London Internet Exchange Point (LINX). Our results show that interconnection quality degradation can be significantly explained by asymmetry between providers. We also show that Competition Authorities should focus more on the role played by the “centrality of an operatorâ€, rather than on its market share.Internet Peering, Two-sided Markets, Network Industries, Antitrust, Net Neutrality

Primitives for Contract-based Synchronization

We investigate how contracts can be used to regulate the interaction between processes. To do that, we study a variant of the concurrent constraints calculus presented in [1], featuring primitives for multi-party synchronization via contracts. We proceed in two directions. First, we exploit our primitives to model some contract-based interactions. Then, we discuss how several models for concurrency can be expressed through our primitives. In particular, we encode the pi-calculus and graph rewriting.Comment: In Proceedings ICE 2010, arXiv:1010.530

An Analysis of Service Trading Architectures

Automating the creation and management of SLAs in elec tronic commerce scenarios brings many advantages, such as increasing the speed in the contracting process or allowing providers to deploy an automated provision of services based on those SLAs. We focus on the service trading process, which is the process of locating, selecting, nego tiating, and creating SLAs. This process can be applied to a variety of scenarios and, hence, their requirements are also very different. Despite some service trading architectures have been proposed, currently there is no analysis about which one fits better in each scenario. In this paper, we define a set of properties for abstract service trading architectures based on an analysis of several practical scenarios. Then, we use it to analyse and compare the most relevant abstract architectures for service trad ing. In so doing, the main contribution of this article is a first approach to settle the basis for a qualitative selection of the best architecture for similar trading scenarios