Towards Secure Blockchain-enabled Internet of Vehicles: Optimizing Consensus Management Using Reputation and Contract Theory

In Internet of Vehicles (IoV), data sharing among vehicles is essential to improve driving safety and enhance vehicular services. To ensure data sharing security and traceability, highefficiency Delegated Proof-of-Stake consensus scheme as a hard security solution is utilized to establish blockchain-enabled IoV (BIoV). However, as miners are selected from miner candidates by stake-based voting, it is difficult to defend against voting collusion between the candidates and compromised high-stake vehicles, which introduces serious security challenges to the BIoV. To address such challenges, we propose a soft security enhancement solution including two stages: (i) miner selection and (ii) block verification. In the first stage, a reputation-based voting scheme for the blockchain is proposed to ensure secure miner selection. This scheme evaluates candidates' reputation by using both historical interactions and recommended opinions from other vehicles. The candidates with high reputation are selected to be active miners and standby miners. In the second stage, to prevent internal collusion among the active miners, a newly generated block is further verified and audited by the standby miners. To incentivize the standby miners to participate in block verification, we formulate interactions between the active miners and the standby miners by using contract theory, which takes block verification security and delay into consideration. Numerical results based on a real-world dataset indicate that our schemes are secure and efficient for data sharing in BIoV.Comment: 12 pages, submitted for possible journal publicatio

Notary-based self-healing mechanism for centralized peer-to-peer infrastructures

Centralized architecture, due to its simplicity, fast and reliable user management mechanism (authorization, authentication and lookup) and O(1) searching capability, is still a preferable choice for many P2P-based services. However, it suffers from a “single point of failure” vulnerability, so networks based on this topology are highly vulnerable to DoS attacks or other blocking attempts. This paper describes a new mechanism that can be used for centralized P2P networks to prevent a P2P service unavailability after central server failure. High security level is obtained by using notary servers which track server public key changes and collect social feedback from users. This allows not only to detect popular attacks (like man-in-the middle) but also to assess whether the Central Server (CS) behaves properly. In the case of central server failure or when server becomes compromised, decentralized Condorcet voting is preformed and new CS is selected. Additionally, by incorporating a reputation mechanism which uses two kinds of scores respectively for providing good service and fair evaluation of other peers, the best candidates for a new Central Server can be chosen. Valuable data which is used to rebuild user database in new CS is stored in the encrypted form in peers and updated during the user-peer authorization process. The decryption key is divided between peers using the threshold secret sharing method

Reputation Systems for Supply Chains: The Challenge of Achieving Privacy Preservation

Consumers frequently interact with reputation systems to rate products, services, and deliveries. While past research extensively studied different conceptual approaches to realize such systems securely and privacy-preservingly, these concepts are not yet in use in business-to-business environments. In this paper, (1) we thus outline which specific challenges privacy-cautious stakeholders in volatile supply chain networks introduce, (2) give an overview of the diverse landscape of privacy-preserving reputation systems and their properties, and (3) based on well-established concepts from supply chain information systems and cryptography, we further propose an initial concept that accounts for the aforementioned challenges by utilizing fully homomorphic encryption. For future work, we identify the need of evaluating whether novel systems address the supply chain-specific privacy and confidentiality needs

SoK: Play-to-Earn Projects

Play-to-earn is one of the prospective categories of decentralized applications. The play-to-earn projects combine blockchain technology with entertaining games and finance, attracting various participants. While huge amounts of capital have been poured into these projects, the new crypto niche is considered controversial, and the traditional gaming industry is hesitant to embrace blockchain technology. In addition, there is little systematic research on these projects. In this paper, we delineate play-to-earn projects in terms of economic & governance models and implementation and analyze how blockchain technology can benefit these projects by providing system robustness, transparency, composability, and decentralized governance. We begin by identifying the participants and characterizing the tokens, which are products of composability. We then summarize the roadmap and governance model to exposit there is a transition from centralized governance to decentralized governance. We also classify the implementation of the play-to-earn projects with different extents of robustness and transparency. Finally, we discuss the security & societal challenges for future research in terms of possible attacks, the economics of tokens, and governance

Quantinar: a blockchain p2p ecosystem for honest scientific research

Living in the Information Age, the power of data and correct statistical analysis has never been more prevalent. Academics, practitioners and many other professionals nowadays require an accurate application of quantitative methods. Though many branches are subject to a crisis of integrity, which is shown in improper use of statistical models, $p$-hacking, HARKing or failure to replicate results. We propose the use of a peer-to-peer education network, Quantinar, to spread quantitative analysis knowledge embedded with code in the form of Quantlets. The integration of blockchain technology makes Quantinar a decentralised autonomous organisation (DAO) that ensures fully transparent and reproducible scientific research

DEPAS: A Decentralized Probabilistic Algorithm for Auto-Scaling

The dynamic provisioning of virtualized resources offered by cloud computing infrastructures allows applications deployed in a cloud environment to automatically increase and decrease the amount of used resources. This capability is called auto-scaling and its main purpose is to automatically adjust the scale of the system that is running the application to satisfy the varying workload with minimum resource utilization. The need for auto-scaling is particularly important during workload peaks, in which applications may need to scale up to extremely large-scale systems. Both the research community and the main cloud providers have already developed auto-scaling solutions. However, most research solutions are centralized and not suitable for managing large-scale systems, moreover cloud providers' solutions are bound to the limitations of a specific provider in terms of resource prices, availability, reliability, and connectivity. In this paper we propose DEPAS, a decentralized probabilistic auto-scaling algorithm integrated into a P2P architecture that is cloud provider independent, thus allowing the auto-scaling of services over multiple cloud infrastructures at the same time. Our simulations, which are based on real service traces, show that our approach is capable of: (i) keeping the overall utilization of all the instantiated cloud resources in a target range, (ii) maintaining service response times close to the ones obtained using optimal centralized auto-scaling approaches.Comment: Submitted to Springer Computin