3,829 research outputs found
Anonymity and Information Hiding in Multiagent Systems
We provide a framework for reasoning about information-hiding requirements in
multiagent systems and for reasoning about anonymity in particular. Our
framework employs the modal logic of knowledge within the context of the runs
and systems framework, much in the spirit of our earlier work on secrecy
[Halpern and O'Neill 2002]. We give several definitions of anonymity with
respect to agents, actions, and observers in multiagent systems, and we relate
our definitions of anonymity to other definitions of information hiding, such
as secrecy. We also give probabilistic definitions of anonymity that are able
to quantify an observer s uncertainty about the state of the system. Finally,
we relate our definitions of anonymity to other formalizations of anonymity and
information hiding, including definitions of anonymity in the process algebra
CSP and definitions of information hiding using function views.Comment: Replacement. 36 pages. Full version of CSFW '03 paper, submitted to
JCS. Made substantial changes to Section 6; added references throughou
Formal aspects of anonymity
technical reportWe present a formal definition of anonymity in the context of concurrent processes. The definition is given in category theoretic terms. Moreover, the concept of a split cofibration is shown to both simplify the analysis of anonymity as well as to increase the framework's expressiveness. Because of its categorical nature, our definition is largely independent of any specific model of concurrency. We instantiate the theory to two specific models, Hoare trace languages and probabilistic transition systems. By providing a semantics for CSP, the former model endows CSP with a definition of anonymity that applies to every CSP process simulation. The latter model, probabilistic transition systems, provides a definition of anonymity applicable to probabilistic processes. This seems to be the first general such definition
Location Privacy in Spatial Crowdsourcing
Spatial crowdsourcing (SC) is a new platform that engages individuals in
collecting and analyzing environmental, social and other spatiotemporal
information. With SC, requesters outsource their spatiotemporal tasks to a set
of workers, who will perform the tasks by physically traveling to the tasks'
locations. This chapter identifies privacy threats toward both workers and
requesters during the two main phases of spatial crowdsourcing, tasking and
reporting. Tasking is the process of identifying which tasks should be assigned
to which workers. This process is handled by a spatial crowdsourcing server
(SC-server). The latter phase is reporting, in which workers travel to the
tasks' locations, complete the tasks and upload their reports to the SC-server.
The challenge is to enable effective and efficient tasking as well as reporting
in SC without disclosing the actual locations of workers (at least until they
agree to perform a task) and the tasks themselves (at least to workers who are
not assigned to those tasks). This chapter aims to provide an overview of the
state-of-the-art in protecting users' location privacy in spatial
crowdsourcing. We provide a comparative study of a diverse set of solutions in
terms of task publishing modes (push vs. pull), problem focuses (tasking and
reporting), threats (server, requester and worker), and underlying technical
approaches (from pseudonymity, cloaking, and perturbation to exchange-based and
encryption-based techniques). The strengths and drawbacks of the techniques are
highlighted, leading to a discussion of open problems and future work
Limit Conditions in an Encounter of Theology with Neuroscience
Insofar as theology is responsible to its religious sources, it seeks to answer religious questions, such as, for Christians, \"What must I do to be saved?\" However, theology also involves asking whether such a question is the right one at all. This essay attempts an innovative approach to this question by investigating the intelligibility of \"the soul.\" Much recent neurobiology suggests that, even if a defensible notion of soul can be presented, it is unclear that it would allow meaningful talk about salvation
Context-based Pseudonym Changing Scheme for Vehicular Adhoc Networks
Vehicular adhoc networks allow vehicles to share their information for safety
and traffic efficiency. However, sharing information may threaten the driver
privacy because it includes spatiotemporal information and is broadcast
publicly and periodically. In this paper, we propose a context-adaptive
pseudonym changing scheme which lets a vehicle decide autonomously when to
change its pseudonym and how long it should remain silent to ensure
unlinkability. This scheme adapts dynamically based on the density of the
surrounding traffic and the user privacy preferences. We employ a multi-target
tracking algorithm to measure privacy in terms of traceability in realistic
vehicle traces. We use Monte Carlo analysis to estimate the quality of service
(QoS) of a forward collision warning application when vehicles apply this
scheme. According to the experimental results, the proposed scheme provides a
better compromise between traceability and QoS than a random silent period
scheme.Comment: Extended version of a previous paper "K. Emara, W. Woerndl, and J.
Schlichter, "Poster: Context-Adaptive User-Centric Privacy Scheme for VANET,"
in Proceedings of the 11th EAI International Conference on Security and
Privacy in Communication Networks, SecureComm'15. Dallas, TX, USA: Springer,
June 2015.
- …