978 research outputs found
Towards Secure Blockchain-enabled Internet of Vehicles: Optimizing Consensus Management Using Reputation and Contract Theory
In Internet of Vehicles (IoV), data sharing among vehicles is essential to
improve driving safety and enhance vehicular services. To ensure data sharing
security and traceability, highefficiency Delegated Proof-of-Stake consensus
scheme as a hard security solution is utilized to establish blockchain-enabled
IoV (BIoV). However, as miners are selected from miner candidates by
stake-based voting, it is difficult to defend against voting collusion between
the candidates and compromised high-stake vehicles, which introduces serious
security challenges to the BIoV. To address such challenges, we propose a soft
security enhancement solution including two stages: (i) miner selection and
(ii) block verification. In the first stage, a reputation-based voting scheme
for the blockchain is proposed to ensure secure miner selection. This scheme
evaluates candidates' reputation by using both historical interactions and
recommended opinions from other vehicles. The candidates with high reputation
are selected to be active miners and standby miners. In the second stage, to
prevent internal collusion among the active miners, a newly generated block is
further verified and audited by the standby miners. To incentivize the standby
miners to participate in block verification, we formulate interactions between
the active miners and the standby miners by using contract theory, which takes
block verification security and delay into consideration. Numerical results
based on a real-world dataset indicate that our schemes are secure and
efficient for data sharing in BIoV.Comment: 12 pages, submitted for possible journal publicatio
Notary-based self-healing mechanism for centralized peer-to-peer infrastructures
Centralized architecture, due to its simplicity, fast and reliable user management mechanism (authorization, authentication and lookup) and O(1) searching capability, is still a preferable choice for many P2P-based services. However, it suffers from a “single point of failure” vulnerability, so networks based on this topology are highly vulnerable to DoS attacks or other blocking attempts. This paper describes a new mechanism that can be used for centralized P2P networks to prevent a P2P service unavailability after central server failure. High security level is obtained by using notary servers which track server public key changes and collect social feedback from users. This allows not only to detect popular attacks (like man-in-the middle) but also to assess whether the Central Server (CS) behaves properly. In the case of central server failure or when server becomes compromised, decentralized Condorcet voting is preformed and new CS is selected. Additionally, by incorporating a reputation mechanism which uses two kinds of scores respectively for providing good service and fair evaluation of other peers, the best candidates for a new Central Server can be chosen. Valuable data which is used to rebuild user database in new CS is stored in the encrypted form in peers and updated during the user-peer authorization process. The decryption key is divided between peers using the threshold secret sharing method
Reputation Systems for Supply Chains: The Challenge of Achieving Privacy Preservation
Consumers frequently interact with reputation systems to rate products,
services, and deliveries. While past research extensively studied different
conceptual approaches to realize such systems securely and
privacy-preservingly, these concepts are not yet in use in business-to-business
environments. In this paper, (1) we thus outline which specific challenges
privacy-cautious stakeholders in volatile supply chain networks introduce, (2)
give an overview of the diverse landscape of privacy-preserving reputation
systems and their properties, and (3) based on well-established concepts from
supply chain information systems and cryptography, we further propose an
initial concept that accounts for the aforementioned challenges by utilizing
fully homomorphic encryption. For future work, we identify the need of
evaluating whether novel systems address the supply chain-specific privacy and
confidentiality needs
SoK: Play-to-Earn Projects
Play-to-earn is one of the prospective categories of decentralized
applications. The play-to-earn projects combine blockchain technology with
entertaining games and finance, attracting various participants. While huge
amounts of capital have been poured into these projects, the new crypto niche
is considered controversial, and the traditional gaming industry is hesitant to
embrace blockchain technology. In addition, there is little systematic research
on these projects. In this paper, we delineate play-to-earn projects in terms
of economic & governance models and implementation and analyze how blockchain
technology can benefit these projects by providing system robustness,
transparency, composability, and decentralized governance. We begin by
identifying the participants and characterizing the tokens, which are products
of composability. We then summarize the roadmap and governance model to exposit
there is a transition from centralized governance to decentralized governance.
We also classify the implementation of the play-to-earn projects with different
extents of robustness and transparency. Finally, we discuss the security &
societal challenges for future research in terms of possible attacks, the
economics of tokens, and governance
Quantinar: a blockchain p2p ecosystem for honest scientific research
Living in the Information Age, the power of data and correct statistical
analysis has never been more prevalent. Academics, practitioners and many other
professionals nowadays require an accurate application of quantitative methods.
Though many branches are subject to a crisis of integrity, which is shown in
improper use of statistical models, -hacking, HARKing or failure to
replicate results. We propose the use of a peer-to-peer education network,
Quantinar, to spread quantitative analysis knowledge embedded with code in the
form of Quantlets. The integration of blockchain technology makes Quantinar a
decentralised autonomous organisation (DAO) that ensures fully transparent and
reproducible scientific research
DEPAS: A Decentralized Probabilistic Algorithm for Auto-Scaling
The dynamic provisioning of virtualized resources offered by cloud computing
infrastructures allows applications deployed in a cloud environment to
automatically increase and decrease the amount of used resources. This
capability is called auto-scaling and its main purpose is to automatically
adjust the scale of the system that is running the application to satisfy the
varying workload with minimum resource utilization. The need for auto-scaling
is particularly important during workload peaks, in which applications may need
to scale up to extremely large-scale systems.
Both the research community and the main cloud providers have already
developed auto-scaling solutions. However, most research solutions are
centralized and not suitable for managing large-scale systems, moreover cloud
providers' solutions are bound to the limitations of a specific provider in
terms of resource prices, availability, reliability, and connectivity.
In this paper we propose DEPAS, a decentralized probabilistic auto-scaling
algorithm integrated into a P2P architecture that is cloud provider
independent, thus allowing the auto-scaling of services over multiple cloud
infrastructures at the same time. Our simulations, which are based on real
service traces, show that our approach is capable of: (i) keeping the overall
utilization of all the instantiated cloud resources in a target range, (ii)
maintaining service response times close to the ones obtained using optimal
centralized auto-scaling approaches.Comment: Submitted to Springer Computin
- …