114 research outputs found
Auditable secure network overlays for multi-domain distributed applications
The push for data sharing and data processing across organisational boundaries creates challenges at many levels of the software stack. Data sharing and processing rely on the participating parties agreeing on the permissible operations and expressing them into actionable contracts and policies. Converting these contracts and policies into a operational infrastructure is still a matter of research and therefore begs the question how should a digital data market place infrastructure look like? In this paper we investigate how communication fabric and applications can be tightly coupled into a multi-domain overlay network which enforces accountability. We prove our concepts with a prototype which shows how a simple workflow can run across organisational boundaries
Distributed Access Control with Blockchain
The specification and enforcement of network-wide policies in a single
administrative domain is common in today's networks and considered as already
resolved. However, this is not the case for multi-administrative domains, e.g.
among different enterprises. In such situation, new problems arise that
challenge classical solutions such as PKIs, which suffer from scalability and
granularity concerns. In this paper, we present an extension to Group-Based
Policy -- a widely used network policy language -- for the aforementioned
scenario. To do so, we take advantage of a permissioned blockchain
implementation (Hyperledger Fabric) to distribute access control policies in a
secure and auditable manner, preserving at the same time the independence of
each organization. Network administrators specify polices that are rendered
into blockchain transactions. A LISP control plane (RFC 6830) allows routers
performing the access control to query the blockchain for authorizations. We
have implemented an end-to-end experimental prototype and evaluated it in terms
of scalability and network latency.Comment: 7 pages, 9 figures, 2 table
Distributed Space Traffic Management Solutions with Emerging New Space Industry
Day-to-day services, from weather forecast to logistics, rely on space-based infrastructures whose integrity is
crucial to stakeholders and end-users worldwide. Current trends point towards congestion of the near-Earth space
environment increasing at a rate greater than existing systems support, and thus demand novel cost-efficient approaches
to traffic detection, characterization, tracking, and management to ensure space remains a safe, integral part of societies
and economies worldwide. Whereas machine-learning (ML) and artificial intelligence (AI) have been extensively
proposed to address congestion and alleviate big-data problems of the future, little has been done so far to tackle the
need for transnational coordination and conflict-resolution in the context of space traffic management (STM).
In STM, there is an ever-growing need for distributing information and coordinating actions (e.g., avoidance
manoeuvres) to reduce the operational costs borne by individual entities and to decrease the latencies of actionable
responses taken upon the detection of hazardous conditions by one-to-two orders of magnitude. However, these needs
are not exclusive to STM, as evidenced by the widespread adoption of solutions to distributing, coordinating, and
automating actions in other industries such as air traffic management (ATM), where a short-range airborne collision
avoidance system (ACAS) automatically coordinates evasive manoeuvres whenever a conjunction is detected. Within
this context, this paper aims at establishing a roadmap of promising technologies (e.g., blockchain), protocols and
processes that could be adapted from different domains (railway, automotive, aerial, and maritime) to build an
integrated traffic coordination and communication architecture to simplify and harmonise stakeholders’ satellite
operations.
This paper is organised into seven sections. First, Section 1 introduces the problem of STM, highlighting its
complexity. Following this introduction, Section 2 discusses needs and requirements of various stakeholders such as
commercial operators, space situational awareness (SSA) service providers, launch-service providers, satellite and
constellation owners, governmental agencies, regulators, and insurance companies. Then, Section 3 addresses existing
gaps and challenges in STM, focusing on globally coordinated approaches. Next, Section 4 reviews technologies for
distributed, secure, and persistent communications, and proposed solutions to address some of these challenges from
non-space sectors. Thereafter, Section 5 briefly covers the history of STM proposals and presents the state-of-the-art
solution being proposed for modern STM. Following this review, Section 6 devises a step-by-step plan for exploiting
and deploying some of the identified technologies within a five-to-ten-year timeline to close several existing gaps.
Finally, Section 7 concludes the paper
T3AB: Transparent and Trustworthy Third-party Authority using Blockchain
Increasingly, information systems rely on computational, storage, and network
resources deployed in third-party facilities or are supported by service
providers. Such an approach further exacerbates cybersecurity concerns
constantly raised by numerous incidents of security and privacy attacks
resulting in data leakage and identity theft, among others. These have in turn
forced the creation of stricter security and privacy related regulations and
have eroded the trust in cyberspace. In particular, security related services
and infrastructures such as Certificate Authorities (CAs) that provide digital
certificate service and Third-Party Authorities (TPAs) that provide
cryptographic key services, are critical components for establishing trust in
Internet enabled applications and services. To address such trust issues,
various transparency frameworks and approaches have been recently proposed in
the literature. In this paper, we propose a Transparent and Trustworthy TPA
using Blockchain (T3AB) to provide transparency and accountability to the
trusted third-party entities, such as honest-but-curious third-party IaaS
servers, and coordinators in various privacy-preserving machine learning (PPML)
approaches. T3AB employs the Ethereum blockchain as the underlying public
ledger and also includes a novel smart contract to automate accountability with
an incentive mechanism that motivates participants' to participate in auditing,
and punishes unintentional or malicious behaviors. We implement T3AB, and show
through experimental evaluation in the Ethereum official test network, Rinkeby,
that the framework is efficient. We also formally show the security guarantee
provided by T3AB, and analyze the privacy guarantee and trustworthiness it
provides
Foundations, Properties, and Security Applications of Puzzles: A Survey
Cryptographic algorithms have been used not only to create robust ciphertexts
but also to generate cryptograms that, contrary to the classic goal of
cryptography, are meant to be broken. These cryptograms, generally called
puzzles, require the use of a certain amount of resources to be solved, hence
introducing a cost that is often regarded as a time delay---though it could
involve other metrics as well, such as bandwidth. These powerful features have
made puzzles the core of many security protocols, acquiring increasing
importance in the IT security landscape. The concept of a puzzle has
subsequently been extended to other types of schemes that do not use
cryptographic functions, such as CAPTCHAs, which are used to discriminate
humans from machines. Overall, puzzles have experienced a renewed interest with
the advent of Bitcoin, which uses a CPU-intensive puzzle as proof of work. In
this paper, we provide a comprehensive study of the most important puzzle
construction schemes available in the literature, categorizing them according
to several attributes, such as resource type, verification type, and
applications. We have redefined the term puzzle by collecting and integrating
the scattered notions used in different works, to cover all the existing
applications. Moreover, we provide an overview of the possible applications,
identifying key requirements and different design approaches. Finally, we
highlight the features and limitations of each approach, providing a useful
guide for the future development of new puzzle schemes.Comment: This article has been accepted for publication in ACM Computing
Survey
Analysis of current middleware used in peer-to-peer and grid implementations for enhancement by catallactic mechanisms
This deliverable describes the work done in task 3.1, Middleware analysis: Analysis of current middleware used in peer-to-peer and grid implementations for enhancement by catallactic mechanisms from work package 3, Middleware Implementation. The document is divided in four parts: The introduction with application scenarios and middleware requirements, Catnets middleware architecture, evaluation of existing middleware toolkits, and conclusions. -- Die Arbeit definiert Anforderungen an Grid und Peer-to-Peer Middleware Architekturen und analysiert diese auf ihre Eignung fĂĽr die prototypische Umsetzung der Katallaxie. Eine Middleware-Architektur fĂĽr die Umsetzung der Katallaxie in Application Layer Netzwerken wird vorgestellt.Grid Computing
Recommended from our members
Blockchain in Journalism
Blockchain, like the internet, or democracy, or money, is many overlapping things. It is a decentralized record of cryptocurrency transactions. It is a peer-to-peer network of computers. It is an immutable, add-on-only database. What gets confusing is the way in which these overlapping functions override one definition or explanation of blockchain, only to replace it with an altogether different one. The conceptual overlaps are like glass lenses dropped on top of one another, scratching each other’s surface and confusing each other’s focal dimensions.
This guide takes apart the stack of these conceptual lenses and addresses them one by one through the reconstruction of the basic elements of blockchain technology. The first section of this report gives a short history of blockchain, then describes its main functionality, distinguishing between private and public blockchains. Next, the guide breaks down the components and inner workings of a block and the blockchain. The following section focuses on blockchain’s journalistic applications, specifically by differentiating between targeted solutions that use blockchain to store important metadata journalists and media companies use on a daily basis, and hybrid solutions that include targeted solutions but introduce cryptocurrency, therein changing the journalistic business model altogether. Finally, the report speculates on the proliferation of what are known as Proof-of-Stake blockchain models, the spread of “smart contracts,” and the potential of enterprise-level and government-deployed blockchains, all in relation to what these mean to newsrooms and the work of reporters
Proof-of-Concept Application - Annual Report Year 1
In this document the Cat-COVITE Application for use in the CATNETS Project is introduced and motivated. Furthermore an introduction to the catallactic middleware and Web Services Agreement (WS-Agreement) concepts is given as a basis for the future work. Requirements for the application of Cat-COVITE with in catallactic systems are analysed. Finally the integration of the Cat-COVITE application and the catallactic middleware is described. --Grid Computing
Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy
Peter G. Neumann, Matt Bishop, Sean Peisert, and Marv Schaefer, "Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy," Proceedings of the 31st IEEE Symposium on Security and Privacy, pp. 3–13, Oakland/Berkeley, CA, May 16–19, 2010
- …