Actas da 10ª Conferência sobre Redes de Computadores

Universidade do MinhoCCTCCentro AlgoritmiCisco SystemsIEEE Portugal Sectio

Secure Protocols for Privacy-preserving Data Outsourcing, Integration, and Auditing

As the amount of data available from a wide range of domains has increased tremendously in recent years, the demand for data sharing and integration has also risen. The cloud computing paradigm provides great flexibility to data owners with respect to computation and storage capabilities, which makes it a suitable platform for them to share their data. Outsourcing person-specific data to the cloud, however, imposes serious concerns about the confidentiality of the outsourced data, the privacy of the individuals referenced in the data, as well as the confidentiality of the queries processed over the data. Data integration is another form of data sharing, where data owners jointly perform the integration process, and the resulting dataset is shared between them. Integrating related data from different sources enables individuals, businesses, organizations and government agencies to perform better data analysis, make better informed decisions, and provide better services. Designing distributed, secure, and privacy-preserving protocols for integrating person-specific data, however, poses several challenges, including how to prevent each party from inferring sensitive information about individuals during the execution of the protocol, how to guarantee an effective level of privacy on the released data while maintaining utility for data mining, and how to support public auditing such that anyone at any time can verify that the integration was executed correctly and no participants deviated from the protocol. In this thesis, we address the aforementioned concerns by presenting secure protocols for privacy-preserving data outsourcing, integration and auditing. First, we propose a secure cloud-based data outsourcing and query processing framework that simultaneously preserves the confidentiality of the data and the query requests, while providing differential privacy guarantees on the query results. Second, we propose a publicly verifiable protocol for integrating person-specific data from multiple data owners, while providing differential privacy guarantees and maintaining an effective level of utility on the released data for the purpose of data mining. Next, we propose a privacy-preserving multi-party protocol for high-dimensional data mashup with guaranteed LKC-privacy on the output data. Finally, we apply the theory to the real world problem of solvency in Bitcoin. More specifically, we propose a privacy-preserving and publicly verifiable cryptographic proof of solvency scheme for Bitcoin exchanges such that no information is revealed about the exchange's customer holdings, the value of the exchange's total holdings is kept secret, and multiple exchanges performing the same proof of solvency can contemporaneously prove they are not colluding

Secure authentication and key agreement via abstract multi-agent interaction

Authentication and key agreement are the foundation for secure communication over the Internet. Authenticated Key Exchange (AKE) protocols provide methods for communicating parties to authenticate each other, and establish a shared session key by which they can encrypt messages in the session. Within the category of AKE protocols, symmetric AKE protocols rely on pre-shared master keys for both services. These master keys can be transformed after each session in a key-evolving scheme to provide the property of forward secrecy, whereby the compromise of master keys does not allow for the compromise of past session keys. This thesis contributes a symmetric AKE protocol named AMI (Authentication via Multi-Agent Interaction). The AMI protocol is a novel formulation of authentication and key agreement as a multi-agent system, where communicating parties are treated as autonomous agents whose behavior within the protocol is governed by private agent models used as the master keys. Parties interact repeatedly using their behavioral models for authentication and for agreeing upon a unique session key per communication session. These models are evolved after each session to provide forward secrecy. The security of the multi-agent interaction process rests upon the difficulty of modeling an agent's decisions from limited observations about its behavior, a long-standing problem in AI research known as opponent modeling. We conjecture that it is difficult to efficiently solve even by a quantum computer, since the problem is fundamentally one of missing information rather than computational hardness. We show empirically that the AMI protocol achieves high accuracy in correctly identifying legitimate agents while rejecting different adversarial strategies from the security literature. We demonstrate the protocol's resistance to adversarial agents which utilize random, replay, and maximum-likelihood estimation (MLE) strategies to bypass the authentication test. The random strategy chooses actions randomly without attempting to mimic a legitimate agent. The replay strategy replays actions previously observed by a legitimate client. The MLE strategy estimates a legitimate agent model using previously observed interactions, as an attempt to solve the opponent modeling problem. This thesis also introduces a reinforcement learning approach for efficient multi-agent interaction and authentication. This method trains an authenticating server agent's decision model to take effective probing actions which decrease the number of interactions in a single session required to successfully reject adversarial agents. We empirically evaluate the number of interactions required for a trained server agent to reject an adversarial agent, and show that using the optimized server leads to a much more sample-efficient interaction process than a server agent selecting actions by a uniform-random behavioral policy. Towards further research on and adoption of the AMI protocol for authenticated key-exchange, this thesis also contributes an open-source application written in Python, PyAMI. PyAMI consists of a multi-agent system where agents run on separate virtual machines, and communicate over low-level network sockets using TCP. The application supports extending the basic client-server setting to a larger multi-agent system for group authentication and key agreement, providing two such architectures for different deployment scenarios

Validation of design artefacts for blockchain-enabled precision healthcare as a service.

Healthcare systems around the globe are currently experiencing a rapid wave of digital disruption. Current research in applying emerging technologies such as Big Data (BD), Artificial Intelligence (AI), Machine Learning (ML), Deep Learning (DL), Augmented Reality (AR), Virtual Reality (VR), Digital Twin (DT), Wearable Sensor (WS), Blockchain (BC) and Smart Contracts (SC) in contact tracing, tracking, drug discovery, care support and delivery, vaccine distribution, management, and delivery. These disruptive innovations have made it feasible for the healthcare industry to provide personalised digital health solutions and services to the people and ensure sustainability in healthcare. Precision Healthcare (PHC) is a new inclusion in digital healthcare that can support personalised needs. It focuses on supporting and providing precise healthcare delivery. Despite such potential, recent studies show that PHC is ineffectual due to the lower patient adoption in the system. Anecdotal evidence shows that people are refraining from adopting PHC due to distrust. This thesis presents a BC-enabled PHC ecosystem that addresses ongoing issues and challenges regarding low opt-in. The designed ecosystem also incorporates emerging information technologies that are potential to address the need for user-centricity, data privacy and security, accountability, transparency, interoperability, and scalability for a sustainable PHC ecosystem. The research adopts Soft System Methodology (SSM) to construct and validate the design artefact and sub-artefacts of the proposed PHC ecosystem that addresses the low opt-in problem. Following a comprehensive view of the scholarly literature, which resulted in a draft set of design principles and rules, eighteen design refinement interviews were conducted to develop the artefact and sub-artefacts for design specifications. The artefact and sub-artefacts were validated through a design validation workshop, where the designed ecosystem was presented to a Delphi panel of twenty-two health industry actors. The key research finding was that there is a need for data-driven, secure, transparent, scalable, individualised healthcare services to achieve sustainability in healthcare. It includes explainable AI, data standards for biosensor devices, affordable BC solutions for storage, privacy and security policy, interoperability, and usercentricity, which prompts further research and industry application. The proposed ecosystem is potentially effective in growing trust, influencing patients in active engagement with real-world implementation, and contributing to sustainability in healthcare

A Multi-Stakeholder Information Model to Drive Process Connectivity In Smart Buildings

Smart buildings utilise IoT technology to provide stakeholders with efficient, comfortable, and secure experiences. However, previous studies have primarily focused on the technical aspects of it and how it can address specific stakeholder requirements. This study adopts socio-technical theory principles to propose a model that addresses stakeholders' needs by considering the interrelationship between social and technical subsystems. A systematic literature review and thematic analysis of 43 IoT conceptual frameworks for smart building studies informed the design of a comprehensive conceptual model and IoT framework for smart buildings. The study's findings suggest that addressing stakeholder requirements is essential for developing an information model in smart buildings. A multi-stakeholder information model integrating multiple stakeholders' perspectives enhances information sharing and improves process connectivity between various systems and subsystems. The socio-technical systems framework emphasises the importance of considering technical and social aspects while integrating smart building systems for seamless operation and effectiveness. The study's findings have significant implications for enhancing stakeholders' experience and improving operational efficiency in commercial buildings. The insights from the study can inform smart building systems design to consider all stakeholder requirements holistically, promoting process connectivity in smart buildings. The literature analysis contributed to developing a comprehensive IoT framework, addressing the need for holistic thinking when proposing IoT frameworks for smart buildings by considering different stakeholders in the building

Semantic discovery and reuse of business process patterns

Patterns currently play an important role in modern information systems (IS) development and their use has mainly been restricted to the design and implementation phases of the development lifecycle. Given the increasing significance of business modelling in IS development, patterns have the potential of providing a viable solution for promoting reusability of recurrent generalized models in the very early stages of development. As a statement of research-in-progress this paper focuses on business process patterns and proposes an initial methodological framework for the discovery and reuse of business process patterns within the IS development lifecycle. The framework borrows ideas from the domain engineering literature and proposes the use of semantics to drive both the discovery of patterns as well as their reuse

Federal Register

Daily publication of the U.S. Office of the Federal Register contains rules and regulations, proposed legislation and rule changes, and other notices, including "Presidential proclamations and Executive Orders, Federal agency documents having general applicability and legal effect, documents required to be published by act of Congress, and other Federal agency documents of public interest" (p. ii). Table of Contents starts on page iii