3,468 research outputs found

    Hidden in the Cloud : Advanced Cryptographic Techniques for Untrusted Cloud Environments

    Get PDF
    In the contemporary digital age, the ability to search and perform operations on encrypted data has become increasingly important. This significance is primarily due to the exponential growth of data, often referred to as the "new oil," and the corresponding rise in data privacy concerns. As more and more data is stored in the cloud, the need for robust security measures to protect this data from unauthorized access and misuse has become paramount. One of the key challenges in this context is the ability to perform meaningful operations on the data while it remains encrypted. Traditional encryption techniques, while providing a high level of security, render the data unusable for any practical purpose other than storage. This is where advanced cryptographic protocols like Symmetric Searchable Encryption (SSE), Functional Encryption (FE), Homomorphic Encryption (HE), and Hybrid Homomorphic Encryption (HHE) come into play. These protocols not only ensure the confidentiality of data but also allow computations on encrypted data, thereby offering a higher level of security and privacy. The ability to search and perform operations on encrypted data has several practical implications. For instance, it enables efficient Boolean queries on encrypted databases, which is crucial for many "big data" applications. It also allows for the execution of phrase searches, which are important for many machine learning applications, such as intelligent medical data analytics. Moreover, these capabilities are particularly relevant in the context of sensitive data, such as health records or financial information, where the privacy and security of user data are of utmost importance. Furthermore, these capabilities can help build trust in digital systems. Trust is a critical factor in the adoption and use of digital services. By ensuring the confidentiality, integrity, and availability of data, these protocols can help build user trust in cloud services. This trust, in turn, can drive the wider adoption of digital services, leading to a more inclusive digital society. However, it is important to note that while these capabilities offer significant advantages, they also present certain challenges. For instance, the computational overhead of these protocols can be substantial, making them less suitable for scenarios where efficiency is a critical requirement. Moreover, these protocols often require sophisticated key management mechanisms, which can be challenging to implement in practice. Therefore, there is a need for ongoing research to address these challenges and make these protocols more efficient and practical for real-world applications. The research publications included in this thesis offer a deep dive into the intricacies and advancements in the realm of cryptographic protocols, particularly in the context of the challenges and needs highlighted above. Publication I presents a novel approach to hybrid encryption, combining the strengths of ABE and SSE. This fusion aims to overcome the inherent limitations of both techniques, offering a more secure and efficient solution for key sharing and access control in cloud-based systems. Publication II further expands on SSE, showcasing a dynamic scheme that emphasizes forward and backward privacy, crucial for ensuring data integrity and confidentiality. Publication III and Publication IV delve into the potential of MIFE, demonstrating its applicability in real-world scenarios, such as designing encrypted private databases and additive reputation systems. These publications highlight the transformative potential of MIFE in bridging the gap between theoretical cryptographic concepts and practical applications. Lastly, Publication V underscores the significance of HE and HHE as a foundational element for secure protocols, emphasizing its potential in devices with limited computational capabilities. In essence, these publications not only validate the importance of searching and performing operations on encrypted data but also provide innovative solutions to the challenges mentioned. They collectively underscore the transformative potential of advanced cryptographic protocols in enhancing data security and privacy, paving the way for a more secure digital future

    Distributed Ledger Technology (DLT) Applications in Payment, Clearing, and Settlement Systems:A Study of Blockchain-Based Payment Barriers and Potential Solutions, and DLT Application in Central Bank Payment System Functions

    Get PDF
    Payment, clearing, and settlement systems are essential components of the financial markets and exert considerable influence on the overall economy. While there have been considerable technological advancements in payment systems, the conventional systems still depend on centralized architecture, with inherent limitations and risks. The emergence of Distributed ledger technology (DLT) is being regarded as a potential solution to transform payment and settlement processes and address certain challenges posed by the centralized architecture of traditional payment systems (Bank for International Settlements, 2017). While proof-of-concept projects have demonstrated the technical feasibility of DLT, significant barriers still hinder its adoption and implementation. The overarching objective of this thesis is to contribute to the developing area of DLT application in payment, clearing and settlement systems, which is still in its initial stages of applications development and lacks a substantial body of scholarly literature and empirical research. This is achieved by identifying the socio-technical barriers to adoption and diffusion of blockchain-based payment systems and the solutions proposed to address them. Furthermore, the thesis examines and classifies various applications of DLT in central bank payment system functions, offering valuable insights into the motivations, DLT platforms used, and consensus algorithms for applicable use cases. To achieve these objectives, the methodology employed involved a systematic literature review (SLR) of academic literature on blockchain-based payment systems. Furthermore, we utilized a thematic analysis approach to examine data collected from various sources regarding the use of DLT applications in central bank payment system functions, such as central bank white papers, industry reports, and policy documents. The study's findings on blockchain-based payment systems barriers and proposed solutions; challenge the prevailing emphasis on technological and regulatory barriers in the literature and industry discourse regarding the adoption and implementation of blockchain-based payment systems. It highlights the importance of considering the broader socio-technical context and identifying barriers across all five dimensions of the social technical framework, including technological, infrastructural, user practices/market, regulatory, and cultural dimensions. Furthermore, the research identified seven DLT applications in central bank payment system functions. These are grouped into three overarching themes: central banks' operational responsibilities in payment and settlement systems, issuance of central bank digital money, and regulatory oversight/supervisory functions, along with other ancillary functions. Each of these applications has unique motivations or value proposition, which is the underlying reason for utilizing in that particular use case

    A Trust Management Framework for Vehicular Ad Hoc Networks

    Get PDF
    The inception of Vehicular Ad Hoc Networks (VANETs) provides an opportunity for road users and public infrastructure to share information that improves the operation of roads and the driver experience. However, such systems can be vulnerable to malicious external entities and legitimate users. Trust management is used to address attacks from legitimate users in accordance with a user’s trust score. Trust models evaluate messages to assign rewards or punishments. This can be used to influence a driver’s future behaviour or, in extremis, block the driver. With receiver-side schemes, various methods are used to evaluate trust including, reputation computation, neighbour recommendations, and storing historical information. However, they incur overhead and add a delay when deciding whether to accept or reject messages. In this thesis, we propose a novel Tamper-Proof Device (TPD) based trust framework for managing trust of multiple drivers at the sender side vehicle that updates trust, stores, and protects information from malicious tampering. The TPD also regulates, rewards, and punishes each specific driver, as required. Furthermore, the trust score determines the classes of message that a driver can access. Dissemination of feedback is only required when there is an attack (conflicting information). A Road-Side Unit (RSU) rules on a dispute, using either the sum of products of trust and feedback or official vehicle data if available. These “untrue attacks” are resolved by an RSU using collaboration, and then providing a fixed amount of reward and punishment, as appropriate. Repeated attacks are addressed by incremental punishments and potentially driver access-blocking when conditions are met. The lack of sophistication in this fixed RSU assessment scheme is then addressed by a novel fuzzy logic-based RSU approach. This determines a fairer level of reward and punishment based on the severity of incident, driver past behaviour, and RSU confidence. The fuzzy RSU controller assesses judgements in such a way as to encourage drivers to improve their behaviour. Although any driver can lie in any situation, we believe that trustworthy drivers are more likely to remain so, and vice versa. We capture this behaviour in a Markov chain model for the sender and reporter driver behaviours where a driver’s truthfulness is influenced by their trust score and trust state. For each trust state, the driver’s likelihood of lying or honesty is set by a probability distribution which is different for each state. This framework is analysed in Veins using various classes of vehicles under different traffic conditions. Results confirm that the framework operates effectively in the presence of untrue and inconsistent attacks. The correct functioning is confirmed with the system appropriately classifying incidents when clarifier vehicles send truthful feedback. The framework is also evaluated against a centralized reputation scheme and the results demonstrate that it outperforms the reputation approach in terms of reduced communication overhead and shorter response time. Next, we perform a set of experiments to evaluate the performance of the fuzzy assessment in Veins. The fuzzy and fixed RSU assessment schemes are compared, and the results show that the fuzzy scheme provides better overall driver behaviour. The Markov chain driver behaviour model is also examined when changing the initial trust score of all drivers

    Quantifiable integrity for Linked Data on the web

    Get PDF
    We present an approach to publish Linked Data on the Web with quantifiable integrity using Web technologies, and in which rational agents are incentivised to contribute to the integrity of the link network. To this end, we introduce self-verifying resource representations, that include Linked Data Signatures whose signature value is used as a suffix in the resource’s URI. Links among such representations, typically managed as web documents, contribute therefore to preserving the integrity of the resulting document graphs. To quantify how well a document’s integrity can be relied on, we introduce the notion of trust scores and present an interpretation based on hubs and authorities. In addition, we present how specific agent behaviour may be induced by the choice of trust score regarding their optimisation, e.g., in general but also using a heuristic strategy called Additional Reach Strategy (ARS). We discuss our approach in a three-fold evaluation: First, we evaluate the effect of different graph metrics as trust scores on induced agent behaviour and resulting evolution of the document graph. We show that trust scores based on hubs and authorities induce agent behaviour that contributes to integrity preservation in the document graph. Next, we evaluate different heuristics for agents to optimise trust scores when general optimisation strategies are not applicable. We show that ARS outperforms other potential optimisation strategies. Last, we evaluate the whole approach by examining the resilience of integrity preservation in a document graph when resources are deleted. To this end, we propose a simulation system based on the Watts–Strogatz model for simulating a social network. We show that our approach produces a document graph that can recover from such attacks or failures in the document graph

    Analyzing the improvement of estate governance and management in Jordan using blockchain

    Get PDF
    The potential for transforming the estate management industry through the resolution of common inefficiencies, lack of transparency, and security concerns is presented by the use of blockchain technology into estate governance. The purpose of this article is to clarify how incorporating blockchain technology would affect estate operations and governance. This study is based on quantitative information that was collected from 317 estate management professionals using a 5-point Likert scale questionnaire. SmartPLS4 analysis demonstrates that blockchain governance has a statistically significant and robust influence on estate governance in Jordan. The impact of Blockchain Governance on Jordanian Estate Management appears to be negligible and unimportant. Furthermore, there appears to be a negligible and insignificant correlation between Jordanian estate management and estate planning methods. In-depth analysis of these theories is done in this article, which also offers insights into how blockchain technology affects estate governance dynamics and how it can affect Jordan's estate management procedures. The consequences go beyond theoretical understandings; they promote the use of blockchain technology in estate governance frameworks as a game-changing means of ensuring the safe, transparent, and effective administration of frozen estates in Jordan and elsewhere

    Multidisciplinary perspectives on Artificial Intelligence and the law

    Get PDF
    This open access book presents an interdisciplinary, multi-authored, edited collection of chapters on Artificial Intelligence (‘AI’) and the Law. AI technology has come to play a central role in the modern data economy. Through a combination of increased computing power, the growing availability of data and the advancement of algorithms, AI has now become an umbrella term for some of the most transformational technological breakthroughs of this age. The importance of AI stems from both the opportunities that it offers and the challenges that it entails. While AI applications hold the promise of economic growth and efficiency gains, they also create significant risks and uncertainty. The potential and perils of AI have thus come to dominate modern discussions of technology and ethics – and although AI was initially allowed to largely develop without guidelines or rules, few would deny that the law is set to play a fundamental role in shaping the future of AI. As the debate over AI is far from over, the need for rigorous analysis has never been greater. This book thus brings together contributors from different fields and backgrounds to explore how the law might provide answers to some of the most pressing questions raised by AI. An outcome of the Católica Research Centre for the Future of Law and its interdisciplinary working group on Law and Artificial Intelligence, it includes contributions by leading scholars in the fields of technology, ethics and the law.info:eu-repo/semantics/publishedVersio

    LIPIcs, Volume 251, ITCS 2023, Complete Volume

    Get PDF
    LIPIcs, Volume 251, ITCS 2023, Complete Volum

    Blockchain Agency Theory

    Get PDF
    Longstanding assumptions underlying strategic alliances, such as agency theory, are actively being revoked by dynamics in the new economy. The mechanism of inter-firm cooperation is increasingly being altered by radical developments in blockchains and artificial intelligence among other technologies. To capture and address this shift, this review takes a problematisation approach and focuses wholly on the pertinence of agency theory. First, it begins by acknowledging the established corpus in the area before, second, appraising the seven long-held assumptions in the principal-agent relationship encompassing (1) self-interest, (2) conflicting goals, (3) bounded rationality, (4) information asymmetry, (5) pre-eminence of efficiency, (6) risk aversion and (7) information as a commodity. Third, to add a fresh perspective, the review proceeds to proffer seven assumptions to advance a novel ‘Blockchain Agency Theory’ that would better describe new attributes and relaxed agency behaviour in blockchain alliances. These counter assumptions are (1) common interests, (2) congruent goals, (3) unbounded rationality, (4) information symmetry, (5) smart contracts, (6) mean risk and (7) information availability. In the fourth part, the prior audience of principals and agents is appraised and this culminates into, fifth, a consideration of a new audience of blockchain agency in algocratic environments. Altogether, the seven new assumptions extend and provoke new agency thinking among scholars and blockchain practitioners alike
    corecore