8,215 research outputs found
A symmetric protocol to establish service level agreements
We present a symmetrical protocol to repeatedly negotiate a desired service
level between two parties, where the service levels are taken from some totally
ordered finite domain. The agreed service level is selected from levels
dynamically proposed by both parties and parties can only decrease the desired
service level during a negotiation. The correctness of the protocol is stated
using modal formulas and its behaviour is explained using behavioural
reductions of the external behaviour modulo weak trace equivalence and
divergence-preserving branching bisimulation. Our protocol originates from an
industrial use case and it turned out to be remarkably tricky to design
correctly
A symmetric protocol to establish service level agreements
We present a symmetrical protocol to repeatedly negotiate a desired service
level between two parties, where the service levels are taken from some totally
ordered finite domain. The agreed service level is selected from levels
dynamically proposed by both parties and parties can only decrease the desired
service level during a negotiation. The correctness of the protocol is stated
using modal formulas and its behaviour is explained using behavioural
reductions of the external behaviour modulo weak trace equivalence and
divergence-preserving branching bisimulation. Our protocol originates from an
industrial use case and it turned out to be remarkably tricky to design
correctly
Obligations of trust for privacy and confidentiality in distributed transactions
Purpose â This paper aims to describe a bilateral symmetric approach to authorization, privacy protection and obligation enforcement in distributed transactions. The authors introduce the concept of the obligation of trust (OoT) protocol as a privacy assurance and authorization mechanism that is built upon the XACML standard. The OoT allows two communicating parties to dynamically exchange their privacy and authorization requirements and capabilities, which the authors term a notification of obligation (NoB), as well as their commitments to fulfilling each other's requirements, which the authors term signed acceptance of obligations (SAO). The authors seek to describe some applicability of these concepts and to show how they can be integrated into distributed authorization systems for stricter privacy and confidentiality control.
Design/methodology/approach â Existing access control and privacy protection systems are typically unilateral and provider-centric, in that the enterprise service provider assigns the access rights, makes the access control decisions, and determines the privacy policy. There is no negotiation between the client and the service provider about which access control or privacy policy to use. The authors adopt a symmetric, more user-centric approach to privacy protection and authorization, which treats the client and service provider as peers, in which both can stipulate their requirements and capabilities, and hence negotiate terms which are equally acceptable to both parties.
Findings â The authors demonstrate how the obligation of trust protocol can be used in a number of different scenarios to improve upon the mechanisms that are currently available today.
Practical implications â This approach will serve to increase trust in distributed transactions since each communicating party receives a difficult to repudiate digitally signed acceptance of obligations, in a standard language (XACML), which can be automatically enforced by their respective computing machinery.
Originality/value â The paper adds to current research in trust negotiation, privacy protection and authorization by combining all three together into one set of standardized protocols. Furthermore, by providing hard to repudiate signed acceptance of obligations messages, this strengthens the legal case of the injured party should a dispute arise
Securing the Internet of Things Infrastructure - Standards and Techniques
The Internet of Things (IoT) infrastructure is a conglomerate of electronic devices interconnected through the Internet, with the purpose of providing prompt and effective service to end-users. Applications running on an IoT infrastructure generally handle sensitive information such as a patientâs healthcare record, the position of a logistic vehicle, or the temperature readings obtained through wireless sensor nodes deployed in a bushland. The protection of such information from unlawful disclosure, tampering or modification, as well as the unscathed presence of IoT devices, in adversarial environments, is of prime concern. In this paper, a descriptive analysis of the security of standards and technologies for protecting the IoT communication channel from adversarial threats is provided. In addition, two paradigms for securing the IoT infrastructure, namely, common key based and paired key based, are proposed
The Growing Complexity of Internet Interconnection
End-to-End (E2E) packet delivery in the Internet is achieved through a system of interconnections between heterogeneous entities called Autonomous Systems (ASes). The initial pattern of AS interconnection in the Internet was relatively simple, involving mainly ISPs with a balanced mixture of inbound and outbound traffic. Changing market conditions and industrial organization of the Internet have jointly forced interconnections and associated contracts to become significantly more diverse and complex. The diversity of interconnection contracts is significant because efficient allocation of costs and revenues across the Internet value chain impacts the profitability of the industry. Not surprisingly, the challenges of recovering the fixed and usage-sensitive costs of network transport give rise to more complex settlements mechanisms than the simple bifurcated (transit and peering) model described in many earlier analyses of Internet interconnection (see BESEN et al., 2001; GREENSTEIN, 2005; or LAFFONT et al., 2003). In the following, we provide insight into recent operational developments, explaining why interconnection in the Internet has become more complex, the nature of interconnection bargaining processes, the implications for cost/revenue allocation and hence interconnection incentives, and what this means for public policy. This paper offers an abbreviated version of the original paper (see FARATIN et al., 2007b).internet interconnection, economics, public policy, routing, peering.
Practical issues for the implementation of survivability and recovery techniques in optical networks
Asymmetry and Discrimination in Internet Peering Evidence from the LINX
Is the quality of interconnection between Internet operators affected by their asymmetry? While recent game theoretic literature provides contrasting answers to this question, there is a lack of empirical research. We introduce a novel dataset based on Internet routing policies, and study the interconnection decisions amongst the Internet Service Providers (ISPs) members of the London Internet Exchange Point (LINX). Our results show that interconnection quality degradation can be significantly explained by asymmetry between providers. We also show that Competition Authorities should focus more on the role played by the ĂąâŹĆcentrality of an operatorĂąâŹ, rather than on its market share.Internet Peering, Two-sided Markets, Network Industries, Antitrust, Net Neutrality
Primitives for Contract-based Synchronization
We investigate how contracts can be used to regulate the interaction between
processes. To do that, we study a variant of the concurrent constraints
calculus presented in [1], featuring primitives for multi-party synchronization
via contracts. We proceed in two directions. First, we exploit our primitives
to model some contract-based interactions. Then, we discuss how several models
for concurrency can be expressed through our primitives. In particular, we
encode the pi-calculus and graph rewriting.Comment: In Proceedings ICE 2010, arXiv:1010.530
An Analysis of Service Trading Architectures
Automating the creation and management of SLAs in elec tronic commerce scenarios brings many advantages, such as increasing
the speed in the contracting process or allowing providers to deploy an
automated provision of services based on those SLAs. We focus on the
service trading process, which is the process of locating, selecting, nego tiating, and creating SLAs. This process can be applied to a variety of
scenarios and, hence, their requirements are also very different. Despite
some service trading architectures have been proposed, currently there is
no analysis about which one fits better in each scenario. In this paper, we
define a set of properties for abstract service trading architectures based
on an analysis of several practical scenarios. Then, we use it to analyse
and compare the most relevant abstract architectures for service trad ing. In so doing, the main contribution of this article is a first approach
to settle the basis for a qualitative selection of the best architecture for
similar trading scenarios
- âŠ