What is a Blockchain? A Definition to Clarify the Role of the Blockchain in the Internet of Things

The use of the term blockchain is documented for disparate projects, from cryptocurrencies to applications for the Internet of Things (IoT), and many more. The concept of blockchain appears therefore blurred, as it is hard to believe that the same technology can empower applications that have extremely different requirements and exhibit dissimilar performance and security. This position paper elaborates on the theory of distributed systems to advance a clear definition of blockchain that allows us to clarify its role in the IoT. This definition inextricably binds together three elements that, as a whole, provide the blockchain with those unique features that distinguish it from other distributed ledger technologies: immutability, transparency and anonimity. We note however that immutability comes at the expense of remarkable resource consumption, transparency demands no confidentiality and anonymity prevents user identification and registration. This is in stark contrast to the requirements of most IoT applications that are made up of resource constrained devices, whose data need to be kept confidential and users to be clearly known. Building on the proposed definition, we derive new guidelines for selecting the proper distributed ledger technology depending on application requirements and trust models, identifying common pitfalls leading to improper applications of the blockchain. We finally indicate a feasible role of the blockchain for the IoT: myriads of local, IoT transactions can be aggregated off-chain and then be successfully recorded on an external blockchain as a means of public accountability when required

Internet: An Overview of Key Technology Policy Issues Affecting Its Use and Growth

The continued growth of the Internet for personal, government, and business purposes may be affected by a number of technology policy issues being debated by Congress. Among them are access to and regulation of broadband (high-speed) Internet services, computer and Internet security, Internet privacy, the impact of “spam,” concerns about what children may encounter (such as pornography) when using the Internet, management of the Internet Domain Name System, and government information technology management. This report provides overviews of those issues, plus appendices providing a list of pending legislation, a list of acronyms, a discussion of legislation passed in earlier Congresses, and a list of other CRS reports that provide more detail on these and related topics

The 60 Days of PVE Campaign: Lessons on Organizing an Online, Peer-to-Peer, Counter-radicalization Program

Combatting violent extremism can involve organizing Peer-to-Peer (P2P) preventing violent extremism (PVE) programs and social media campaigns. While hundreds of PVE campaigns have been launched around the world in recent months and years, very few of these campaigns have actually been reviewed, analyzed, or assessed in any systematic way. Metrics of success and failure have yet to be fully developed, and very little is publically known as to what might differentiate a great and successful P2P campaign from a mediocre one. This article will provide first-hand insight on orchestrating a publically funded, university-based, online, peer-to-peer PVE campaign – 60 Days of PVE – based on the experience of a group of Canadian graduate students. The article provides an account of the group’s approach to PVE. It highlights the entirety of the group’s campaign, from theory and conceptualization to branding, media strategy, and evaluation, and describes the campaign’s core objectives and implementation. The article also analyzes the campaign’s digital footprint and reach using data gleamed from social media. Finally, the article discusses the challenges and difficulties the group faced in running their campaign, lessons that are pertinent for others contemplating a similar endeavour

The Long Road to Computational Location Privacy: A Survey

The widespread adoption of continuously connected smartphones and tablets developed the usage of mobile applications, among which many use location to provide geolocated services. These services provide new prospects for users: getting directions to work in the morning, leaving a check-in at a restaurant at noon and checking next day's weather in the evening are possible right from any mobile device embedding a GPS chip. In these location-based applications, the user's location is sent to a server, which uses them to provide contextual and personalised answers. However, nothing prevents the latter from gathering, analysing and possibly sharing the collected information, which opens the door to many privacy threats. Indeed, mobility data can reveal sensitive information about users, among which one's home, work place or even religious and political preferences. For this reason, many privacy-preserving mechanisms have been proposed these last years to enhance location privacy while using geolocated services. This article surveys and organises contributions in this area from classical building blocks to the most recent developments of privacy threats and location privacy-preserving mechanisms. We divide the protection mechanisms between online and offline use cases, and organise them into six categories depending on the nature of their algorithm. Moreover, this article surveys the evaluation metrics used to assess protection mechanisms in terms of privacy, utility and performance. Finally, open challenges and new directions to address the problem of computational location privacy are pointed out and discussed

Digital Asset Regulation: Peering into the Past, Peering into the Future

Blockchain is often compared to the internet as a disruptive technology that will realign economic structures across the world. This analogy extends to law and regulation. Similar to internet-based services, digital assets raise a host of challenges for policymakers. They also pose general questions regarding the desirability and practicality of regulating decentralized systems. Such debates play out against a backdrop of concerns that regulatory action will chill innovation or push market activity to more tolerant jurisdictions. The story of internet policy in the late 1990s and early 2000s therefore provides important lessons for policymakers today when confronting digital assets. Two incidents are of particular significance: the Clinton administration’s 1997 Framework for Global Electronic Commerce and the judicial effort to address peer-to-peer (P2P) file sharing. The early internet regulatory debates demonstrated that action by all three branches of government was important to resolve uncertainties and distinguish legitimate from illegitimate market activity. The history illustrates that policymakers have many tools at their disposal beyond direct prohibitions or exclusions from requirements. Claims that regulation is inherently impossible or damaging to market development are generally overblown. Focusing on policy objectives, rather than starting from traditional categories that were historically developed based on those objectives, will help policymakers develop appropriate rules for novel digital asset markets such as decentralized finance (DeFi)

Dynamic trust negotiation for decentralised e-health collaborations

In the Internet-age, the geographical boundaries that have previously impinged upon inter-organisational collaborations have become decreasingly important. Of more importance for such collaborations is the notion and subsequent nature of security and trust - this is especially so in open collaborative environments like the Grid where resources can be both made available, subsequently accessed and used by remote users from a multitude of institutions with a variety of different privileges spanning across the collaboration. In this context, the ability to dynamically negotiate and subsequently enforce security policies driven by various levels of inter-organisational trust is essential. Numerous access control solutions exist today to address aspects of inter-organisational security. These include the use of centralised access control lists where all collaborating partners negotiate and agree on privileges required to access shared resources. Other solutions involve delegating aspects of access right management to trusted remote individuals in assigning privileges to their (remote) users. These solutions typically entail negotiations and delegations which are constrained by organisations, people and the static rules they impose. Such constraints often result in a lack of flexibility in what has been agreed; difficulties in reaching agreement, or once established, in subsequently maintaining these agreements. Furthermore, these solutions often reduce the autonomous capacity of collaborating organisations because of the need to satisfy collaborating partners demands. This can result in increased security risks or reducing the granularity of security policies. Underpinning this is the issue of trust. Specifically trust realisation between organisations, between individuals, and/or between entities or systems that are present in multi-domain authorities. Trust negotiation is one approach that allows and supports trust realisation. The thesis introduces a novel model called dynamic trust negotiation (DTN) that supports n-tier negotiation hops for trust realisation in multi-domain collaborative environments with specific focus on e-Health environments. DTN describes how trust pathways can be discovered and subsequently how remote security credentials can be mapped to local security credentials through trust contracts, thereby bridging the gap that makes decentralised security policies difficult to define and enforce. Furthermore, DTN shows how n-tier negotiation hops can limit the disclosure of access control policies and how semantic issues that exist with security attributes in decentralised environments can be reduced. The thesis presents the results from the application of DTN to various clinical trials and the implementation of DTN to Virtual Organisation for Trials of Epidemiological Studies (VOTES). The thesis concludes that DTN can address the issue of realising and establishing trust between systems or agents within the e-Health domain, such as the clinical trials domain

The use of mobile phones for human rights protection: the experiences of Zimbabwean Human Rights Non-Governmental Organisations

New technologies are emerging as a key part of the struggles for social change. In Africa, social change activists are increasingly relying on mobile phones to organise and mobilise protests for social change and to protect citizens from violence. Zimbabwe has experienced a long history of human rights violations stretching from the times of Rhodesia to post-coalition years. The violations have been in various forms, including the use of physical force and the constriction of political, media and electoral spaces. Human Rights NGOs, as part of civil society, have challenged the state over the violations in various ways, including through traditional and new media channels. Using case studies, namely the Zimbabwe Peace Project, (ZPP), Zimbabwe Lawyers for Human Rights (ZLHR), the Media Institute of Southern Africa (MISA, Zimbabwe) and the Election Resource Centre (ERC), the research investigates the potential of the mobile phone as a tool for contesting the constriction of media freedom, information access, freedom of expression and citizens’ right to human dignity, to life, political choice and free movement and association. The research is based on findings from interviews conducted between 2014 and 2016 with Zimbabwean human rights activists as well as from document analysis. The study established that the phone is a key tool through which NGOs and community activists (or volunteers) are offering protection to citizens by documenting, reporting and disseminating evidence of violence. It is also playing a significant role in legal interventions for victims of violence. Further, the device is empowering citizens to educate themselves about voting and mobilising for elections. Mobile technology is also facilitating the production of community media which is giving marginalised communities voices and opportunities to contribute towards, or participate in local and national dialogue and development. Equally important, it is opening pathways through which NGOs and human rights defenders are able to challenge state institutions that undermine the rule of law and justice. Finally, the study also established that in the face of legal, surveillance, interception and censorship strategies by the state, NGOs are mobilising networks, collaborative campaigns and circumvention and mobile-phone-mediated education and information tools to counter these strategies and tactics. The research is thus significant in terms of struggles from below in the context of new technologies for human rights and democratisation