vr2^2FHE- Securing FHE from Reaction-based Key Recovery Attacks

Fully Homomorphic Encryption (FHE) promises to secure our data on the untrusted cloud, by allowing arbitrary computations on encrypted data. However, the malleability and flexibility provided by FHE schemes also open up arena for integrity issues where a cloud server can intentionally or accidentally perturb client’s data. Contemporary FHE schemes do not provide integrity guarantees and, thus, assume a honest-but-curious server who, although curious to glean sensitive information, performs all operations judiciously. However, in practice, a server can also be malicious as well as compromised, where it can perform crafted perturbations in the cloud-stored data and computational results to entice the client into providing feedback. While some effort has been made to protect FHE schemes against such adversaries, they do not completely stop such attacks, given the wide scope of deployment of contemporary FHE schemes in modern-day applications. In this work, we demonstrate reaction-based full-key recovery attack on two of the well-known FHE schemes, TFHE and FHEW. We first define practical scenarios where a client pursuing FHE services from a malicious server can inadvertently act as a Ciphertext Verification Oracle (CVO) by reacting to craftily perturbed computations. In particular, we propose two novel and distinct reaction attacks on both TFHE and FHEW. In the first attack, the adversary (malicious server) extracts the underlying error values to form an exact system of Learning with Errors (LWE) equations. As the security of LWE collapses with the leakage of the errors, the adversary is capable of extracting the secret key. In the second attack, we show that the attacker can directly recover the secret key in a bit-by-bit fashion by taking advantage of the key distribution of these FHE schemes. The results serve as a stark reminder that FHE schemes need to be secured at the application level apart from being secure at the primitive level so that the security of participants against realistic attacks can be ensured. As the currently available verifiable FHE schemes in literature cannot stop such attacks, we propose vr$^2$FHE (Verify - then - Repair or React) that is built on top of present implementations of TFHE and FHEW, using the concept of the Merkle tree. vr$^2$FHE first verifies the computational results at the client end and then, depending on the perturbation pattern, either repairs the message or chooses to request for recomputation. We show that such requests are benign as they do not leak exploitable information to the server, thereby thwarting both the attacks on TFHE and FHEW

Knowledge Capturing in Design Briefing Process for Requirement Elicitation and Validation

Knowledge capturing and reusing are major processes of knowledge management that deal with the elicitation of valuable knowledge via some techniques and methods for use in actual and further studies, projects, services, or products. The construction industry, as well, adopts and uses some of these concepts to improve various construction processes and stages. From pre-design to building delivery knowledge management principles and briefing frameworks have been implemented across project stakeholders: client, design teams, construction teams, consultants, and facility management teams. At pre-design and design stages, understanding the client’s needs and users’ knowledge are crucial for identifying and articulating the expected requirements and objectives. Due to underperforming results and missed goals and objectives, many projects finish with highly dissatisfied clients and loss of contracts for some organizations. Knowledge capturing has beneficial effects via its principles and methods on requirement elicitation and validation at the briefing stage between user, client and designer. This paper presents the importance and usage of knowledge capturing and reusing in briefing process at pre-design and design stages especially the involvement of client and user, and explores the techniques and technologies that are usable in briefing process for requirement elicitation

An Investigation on Benefit-Cost Analysis of Greenhouse Structures in Antalya

Significant population increase across the world, loss of cultivable land and increasing demand for food put pressure on agriculture. To meet the demand, greenhouses are built, which are, light structures with transparent cladding material in order to provide controlled microclimatic environment proper for plant production. Conceptually, greenhouses are similar with manufacturing buildings where a controlled environment for manufacturing and production have been provided and proper spaces for standardized production processes have been enabled. Parallel with the trends in the world, particularly in southern regions, greenhouse structures have been increasingly constructed and operated in Turkey. A significant number of greenhouses are located at Antalya. The satellite images demonstrated that for over last three decades, there has been a continuous invasion of greenhouses on all cultivable land. There are various researches and attempts for the improvement of greenhouse design and for increasing food production by decreasing required energy consumption. However, the majority of greenhouses in Turkey are very rudimentary structures where capital required for investment is low, but maintenance requirements are high when compared with new generation greenhouse structures. In this research paper, life-long capital requirements for construction and operation of greenhouse buildings in Antalya has been investigated by using benefit-cost analysis study

Systematic Approaches for Telemedicine and Data Coordination for COVID-19 in Baja California, Mexico

Conference proceedings info: ICICT 2023: 2023 The 6th International Conference on Information and Computer Technologies Raleigh, HI, United States, March 24-26, 2023 Pages 529-542We provide a model for systematic implementation of telemedicine within a large evaluation center for COVID-19 in the area of Baja California, Mexico. Our model is based on human-centric design factors and cross disciplinary collaborations for scalable data-driven enablement of smartphone, cellular, and video Teleconsul-tation technologies to link hospitals, clinics, and emergency medical services for point-of-care assessments of COVID testing, and for subsequent treatment and quar-antine decisions. A multidisciplinary team was rapidly created, in cooperation with different institutions, including: the Autonomous University of Baja California, the Ministry of Health, the Command, Communication and Computer Control Center of the Ministry of the State of Baja California (C4), Colleges of Medicine, and the College of Psychologists. Our objective is to provide information to the public and to evaluate COVID-19 in real time and to track, regional, municipal, and state-wide data in real time that informs supply chains and resource allocation with the anticipation of a surge in COVID-19 cases. RESUMEN Proporcionamos un modelo para la implementación sistemática de la telemedicina dentro de un gran centro de evaluación de COVID-19 en el área de Baja California, México. Nuestro modelo se basa en factores de diseño centrados en el ser humano y colaboraciones interdisciplinarias para la habilitación escalable basada en datos de tecnologías de teleconsulta de teléfonos inteligentes, celulares y video para vincular hospitales, clínicas y servicios médicos de emergencia para evaluaciones de COVID en el punto de atención. pruebas, y para el tratamiento posterior y decisiones de cuarentena. Rápidamente se creó un equipo multidisciplinario, en cooperación con diferentes instituciones, entre ellas: la Universidad Autónoma de Baja California, la Secretaría de Salud, el Centro de Comando, Comunicaciones y Control Informático. de la Secretaría del Estado de Baja California (C4), Facultades de Medicina y Colegio de Psicólogos. Nuestro objetivo es proporcionar información al público y evaluar COVID-19 en tiempo real y rastrear datos regionales, municipales y estatales en tiempo real que informan las cadenas de suministro y la asignación de recursos con la anticipación de un aumento de COVID-19. 19 casos.ICICT 2023: 2023 The 6th International Conference on Information and Computer Technologieshttps://doi.org/10.1007/978-981-99-3236-

The Hindu Kush Himalaya Assessment

This open access volume is the first comprehensive assessment of the Hindu Kush Himalaya (HKH) region. It comprises important scientific research on the social, economic, and environmental pillars of sustainable mountain development and will serve as a basis for evidence-based decision-making to safeguard the environment and advance people’s well-being. The compiled content is based on the collective knowledge of over 300 leading researchers, experts and policymakers, brought together by the Hindu Kush Himalayan Monitoring and Assessment Programme (HIMAP) under the coordination of the International Centre for Integrated Mountain Development (ICIMOD). This assessment was conducted between 2013 and 2017 as the first of a series of monitoring and assessment reports, under the guidance of the HIMAP Steering Committee: Eklabya Sharma (ICIMOD), Atiq Raman (Bangladesh), Yuba Raj Khatiwada (Nepal), Linxiu Zhang (China), Surendra Pratap Singh (India), Tandong Yao (China) and David Molden (ICIMOD and Chair of the HIMAP SC). This First HKH Assessment Report consists of 16 chapters, which comprehensively assess the current state of knowledge of the HKH region, increase the understanding of various drivers of change and their impacts, address critical data gaps and develop a set of evidence-based and actionable policy solutions and recommendations. These are linked to nine mountain priorities for the mountains and people of the HKH consistent with the Sustainable Development Goals. This book is a must-read for policy makers, academics and students interested in this important region and an essentially important resource for contributors to global assessments such as the IPCC reports. ; Constitutes the first comprehensive assessment of the Hindu Kush Himalaya region, providing an authoritative overview of the region Assembles the collective knowledge of over 300 leading researchers, practitioners, experts, and policymakers Combines the current state of knowledge of the Hindu Kush Himalaya region in one volume Offers Open Access to a set of practically oriented policy recommendation

Energy, a continuing bibliography with indexes. Issue 33

This bibliography lists 1211 reports, articles, and other documents introduced into the NASA scientific and technical information system from January 1, 1981 through March 31, 1981

Energy: A continuing bibliography with indexes, issue 17

This bibliography lists 1292 reports, articles, and other documents introduced into the NASA scientific and technical information system from January 1, 1978 through March 31, 1978

Safety and Reliability - Safe Societies in a Changing World

The contributions cover a wide range of methodologies and application areas for safety and reliability that contribute to safe societies in a changing world. These methodologies and applications include: - foundations of risk and reliability assessment and management - mathematical methods in reliability and safety - risk assessment - risk management - system reliability - uncertainty analysis - digitalization and big data - prognostics and system health management - occupational safety - accident and incident modeling - maintenance modeling and applications - simulation for safety and reliability analysis - dynamic risk and barrier management - organizational factors and safety culture - human factors and human reliability - resilience engineering - structural reliability - natural hazards - security - economic analysis in risk managemen

Group Recommendations with Responsibility Constraints

Sosiaalisen median laajeneminen on johtanut siihen, että yhä useammin ihmiset muodostavat ryhmiä erilaisia aktiviteetteja varten, ja peräkkäisiä ryhmäsuositteluja tuottavat järjestelmät ovat nousseet suosituksi tutkimusalueeksi. Ryhmälle tehtävät suositukset ovat huomattavasti monimutkaisempia kuin yksittäiset suositukset, koska suosittelujärjestelmät joutuvat vastaamaan kaikkien ryhmän jäsenten usein ristiriitaisten etujen tasapainottamisesta. Ottaen huomioon suositusten vaikutus käyttäjien kokemaan järjestelmän suorituskykyyn (esim. elokuvasuositukset) ja suositustehtävien usein varsin arkaluontoinen luonne (esim. sähköisen terveydenhuollon suositukset), suositusten luomisprosessia tulee harkita huolellisesti. Näistä seikoista johtuen on tullut entistä tarpeellisemmaksi kehittää erilaisia vastuullisuusrajoitteita noudattavia suosituksia. Tällaisia vastuullisuusrajoitteita ovat muun muassa reiluus eli puolueettomuus, ja läpinäkyvyys , joka helpottaa järjestelmän prosessien ymmärtämistä. Jos näitä rajoituksia noudatetaan, niin ryhmäsuosittelijoista tulee monimutkaisempia. On edelleen haastavampaa, jos suosittelijat käsittelevät suositusten jonoa sen sijaan, että jokainen suositus käsitellään erillään muista. Intuitiivisesti järjestelmän tulee ottaa huomioon itsensä ja ryhmän välisen vuorovaikutuksen historia ja mukauttaa suosituksiaan aikaisempien suositusten vaikutuksen mukaisesti. Tämä havainto johtaa uuden suositusjärjestelmätyypin, peräkkäisten ryhmäsuositusjärjestelmien , syntymiseen. Tavalliset ryhmäsuositusmenetelmät ovat tehottomia, kun niitä käytetään peräkkäisessä skenaariossa. Ne tuottavat usein suosituksia, joita ei ole edes tarkoitettu reiluksi kaikkia ryhmän jäseniä kohtaan, eli kaikki ryhmän jäsenet eivät ole yhtä tyytyväisiä suosituksiin. Käytännössä, kun jokaista suositusprosessia tarkastellaan erikseen, aina löytyy vähiten tyytyväinen jäsen. Vähiten tyytyväisimmän jäsenen ei kuitenkaan pitäisi aina olla sama, kun järjestelmän käyttö kattaa useamman kuin yhden suosituskierroksen. Tämä johtaisi oikeudenmukaisuuden rajoitteen rikkomiseen, koska järjestelmä olisi puolueellinen yhtä ryhmän jäsentä vastaan. Suositusjärjestelmien monimutkaisuuden vuoksi käyttäjät eivät ehkä pysty ymmärtämään ehdotuksen perusteluja. Tämän torjumiseksi monet järjestelmät tarjoavat selityksiä ja suosituksia avoimuusrajoituksen mukaisesti. Keskustelu siitä, miksi kohdetta ei ehdoteta, on arvokasta erityisesti järjestelmänvalvojille. Selitykset tällaisiin kyselyihin ovat heille korvaamatonta palautetta, kun he ovat kalibroimassa tai korjaamassa järjestelmäänsä. Kaiken kaikkiaan tämän opinnäytetyön tavoitteena on vastata seuraaviin tutkimuskysymyksiin (RQ). RQ1. Kuinka määritellä peräkkäiset ryhmäsuositukset ja miksi niitä tarvitaan? Kuinka suunnitella ryhmäsuositusmenetelmiä niiden pohjalta? Tässä opinnäytetyössä määritellään formaalisti peräkkäinen ryhmäsuositusjärjestelmä ja mitä tavoitteita sen tulee noudattaa. Lisäksi ehdotetaan kolmea uutta ryhmäsuositusmenetelmää oikeudenmukaisten peräkkäisten ryhmäsuositusten tuottamiseksi. RQ2. Kuinka hyödyntää vahvistusoppimista ryhmäsuositusmenetelmän valinnassa, kun järjestelmän ympäristö muuttuu jokaisen suosituskierroksen jälkeen? RQ1:n laajennuksessa tässä opinnäytetyössä ehdotetaan vahvistukseen perustuvaa mallia, joka valitsee sopivimman ryhmäsuositusmenetelmän käytettäväksi koko sarjassa, samalla pyrkien reiluuteen. RQ3. Kuinka suunnitella kysymyksiä ja tuottaa selityksiä sille, miksi jokin joukko ei näkynyt suosituslistalla tai tietyssä paikassa? Tässä väitöskirjassa määritellään miksi-ei- kysymys ja esitetään näiden kysymysten rakenne. Lisäksi työssä ehdotetaan mallia, jolla luodaan selityksiä näihin miksi-ei-kysymyksiin. RQ4. Kuinka sisällyttää erilaisia terveyteen liittyviä näkökohtia ryhmäsuosituksiin? Näissä on tärkeää antaa oikeudenmukaisia suosituksia, koska terveyssuositukset ovat erittäin arkaluontoisia. Mahdollisimman oikeudenmukaisen suosituksen tuottamiseksi tässä opinnäytetyössä ehdotetaan mallia, joka sisältää erilaisia terveysnäkökohtia.The expansion of social media has led more people to form groups for specific activities, and, consecutively, group recommender systems have emerged as popular research. In contrast to single recommendations, group recommendations involve a much greater degree of complexity since the systems are responsible for balancing the often conflicting interests of all group members. Due to the impact of recommendations on users’ perceived performance (e.g., movie recommendations) and the often inherently sensitive nature of recommendation tasks (e.g., e-health recommendations), the process by which recommendations are generated should be carefully considered. As a result, it has become increasingly necessary to develop recommendations that adhere to various responsibility constraints. Such responsibility constraints include fairness , which corresponds to a lack of bias, and transparency , which facilitates an understanding of the processes of the system. Nevertheless, if these constraints are followed, group recommender systems be- come more complex. It is even more challenging if they are to consider a sequence of recommendations rather than each recommendation as a separate process. Intuitively, the system should take into account the historical interactions between itself and the group and adjust its recommendations in accordance with the impact of its previous suggestions. This observation leads to the emergence of a new type of recommender system, called sequential group recommendation systems. However, standard group recommendation approaches are ineffective when applied in a sequential scenario. They often produce recommendations that are not even intended to be fair to all group members, i.e., not all group members are equally satisfied with the recommendations. In practice, when each recommendation process is considered in isolation, there is always going to be a least satisfied member. However, the least satisfied member should not always be the same when the scope of the system encompasses more than one recommendation round. This will result in the fairness constraint being broken since the system is biased against one group member. As a result of the complex nature of recommender systems, users may be unable to understand the reasoning behind a suggestion. To counter this, many systems provide explanations along with their recommendations in adherence to the transparency constraint. Discussing why not suggesting an item is valuable, especially for system administrators. Explanations to such queries are invaluable feedback for them when they are in the process of calibrating or debugging their system. Overall, this thesis aims to answer the following Research Questions (RQ). RQ1. How to define sequential group recommendations, and why are they needed? How to de- sign group recommendation methods based on them? This thesis formally defines a sequential group recommender system and what objectives it should observe. Additionally, it proposes three novel group recommendation methods to produce fair sequential group recommendations. RQ2. How to exploit reinforcement learning to select a group recommendation method when the system’s environment changes after each recommendation round? In an extension of the RQ1, this thesis proposes a reinforcement-based model that selects the most appropriate group recommendation method to apply throughout a series of recommendations while aiming for fair recommendations. RQ3. How to design questions and produce explanations for why a set of items did not appear in a recommendation list or at a particular position? This dissertation defines what a Why-not question is, as well as presents a structure for them. Additionally, it proposes a model to generate explanations for these Why-not questions. RQ4. How to incorporate various health-related aspects in group recommendations? It is important to make fair recommendations when dealing with extremely sensitive health-related information. In order to produce as fair a recommendation as possible, this thesis proposes a model that incorporates various health aspects