13,710 research outputs found
A Formal Framework for Modeling Trust and Reputation in Collective Adaptive Systems
Trust and reputation models for distributed, collaborative systems have been
studied and applied in several domains, in order to stimulate cooperation while
preventing selfish and malicious behaviors. Nonetheless, such models have
received less attention in the process of specifying and analyzing formally the
functionalities of the systems mentioned above. The objective of this paper is
to define a process algebraic framework for the modeling of systems that use
(i) trust and reputation to govern the interactions among nodes, and (ii)
communication models characterized by a high level of adaptiveness and
flexibility. Hence, we propose a formalism for verifying, through model
checking techniques, the robustness of these systems with respect to the
typical attacks conducted against webs of trust.Comment: In Proceedings FORECAST 2016, arXiv:1607.0200
Recommended from our members
Computer trading and systemic risk: a nuclear perspective
Financial markets have evolved to become complex adaptive systems highly reliant on the communication speeds and processing power afforded by digital systems. Their failure could cause severe disruption to the provision of financial services and possibly the wider economy. In this study we consider whether a perspective from the nuclear industry can provide additional insights
Signcryption schemes with threshold unsigncryption, and applications
The final publication is available at link.springer.comThe goal of a signcryption scheme is to achieve the same functionalities as encryption and signature together, but in a more efficient way than encrypting and signing separately. To increase security and reliability in some applications, the unsigncryption phase can be distributed among a group of users, through a (t, n)-threshold process. In this work we consider this task of threshold unsigncryption, which has received very few attention from the cryptographic literature up to now (maybe surprisingly, due to its potential applications). First we describe in detail the security requirements that a scheme for such a task should satisfy: existential unforgeability and indistinguishability, under insider chosen message/ciphertext attacks, in a multi-user setting. Then we show that generic constructions of signcryption schemes (by combining encryption and signature schemes) do not offer this level of security in the scenario of threshold unsigncryption. For this reason, we propose two new protocols for threshold unsigncryption, which we prove to be secure, one in the random oracle model and one in the standard model. The two proposed schemes enjoy an additional property that can be very useful. Namely, the unsigncryption protocol can be divided in two phases: a first one where the authenticity of the ciphertext is verified, maybe by a single party; and a second one where the ciphertext is decrypted by a subset of t receivers, without using the identity of the sender. As a consequence, the schemes can be used in applications requiring some level of anonymity, such as electronic auctions.Peer ReviewedPostprint (author's final draft
Keeping Authorities "Honest or Bust" with Decentralized Witness Cosigning
The secret keys of critical network authorities - such as time, name,
certificate, and software update services - represent high-value targets for
hackers, criminals, and spy agencies wishing to use these keys secretly to
compromise other hosts. To protect authorities and their clients proactively
from undetected exploits and misuse, we introduce CoSi, a scalable witness
cosigning protocol ensuring that every authoritative statement is validated and
publicly logged by a diverse group of witnesses before any client will accept
it. A statement S collectively signed by W witnesses assures clients that S has
been seen, and not immediately found erroneous, by those W observers. Even if S
is compromised in a fashion not readily detectable by the witnesses, CoSi still
guarantees S's exposure to public scrutiny, forcing secrecy-minded attackers to
risk that the compromise will soon be detected by one of the W witnesses.
Because clients can verify collective signatures efficiently without
communication, CoSi protects clients' privacy, and offers the first
transparency mechanism effective against persistent man-in-the-middle attackers
who control a victim's Internet access, the authority's secret key, and several
witnesses' secret keys. CoSi builds on existing cryptographic multisignature
methods, scaling them to support thousands of witnesses via signature
aggregation over efficient communication trees. A working prototype
demonstrates CoSi in the context of timestamping and logging authorities,
enabling groups of over 8,000 distributed witnesses to cosign authoritative
statements in under two seconds.Comment: 20 pages, 7 figure
Safety Control Synthesis with Input Limits: a Hybrid Approach
We introduce a hybrid (discrete--continuous) safety controller which enforces
strict state and input constraints on a system---but only acts when necessary,
preserving transparent operation of the original system within some safe region
of the state space. We define this space using a Min-Quadratic Barrier
function, which we construct along the equilibrium manifold using the Lyapunov
functions which result from linear matrix inequality controller synthesis for
locally valid uncertain linearizations. We also introduce the concept of a
barrier pair, which makes it easy to extend the approach to include
trajectory-based augmentations to the safe region, in the style of LQR-Trees.
We demonstrate our controller and barrier pair synthesis method in
simulation-based examples.Comment: 6 pages, 7 figures. Accepted for publication at the 2018 American
Controls Conference. Copyright IEEE 201
Measurement and reporting of climate-smart agriculture: technical guidance for a countrycentric process
Given the extent of climate-smart agriculture (CSA) initiatives at project, national, regional and global levels, there is increasing interest in tracking progress in implementing CSA at national level. CSA is also expected to contribute to higher-level goals (e.g., the Paris Agreement, Africa Union’s Vision 25x25, and the Sustainable Development Goals [SDGs], etc.). Measurement and reporting of climate-smart agriculture (MR of CSA) provides intelligence on necessary the status, effectiveness, efficiency and impacts of interventions, which is critical for meeting stakeholders’ diverse management and reporting needs. In this paper, we build the case for a stakeholder-driven, country-centric framework for MR of CSA, which aims to increase coordination and coherence across stakeholders’ MR activities, while also aligning national reporting with reporting on international commitments. We present practical guidance on how to develop an integrated MR framework, drawing on findings from a multi-country assessment of needs, opportunities and capacities for national MR of CSA. The content of a unified MR framework is determined by stakeholders’ activities (how they promote CSA), needs (why MR is useful to them) and current capacities to conduct periodic monitoring, evaluation and reporting (how ready are institutions, staff and finances). Our analysis found that explicit demand for integration of data systems and active engagement of stakeholders throughout the entire process are key ingredients for building a MR system that is relevant, useful and acted upon. Based on these lessons, we identify a seven-step framework for stakeholders to develop a comprehensive information system for MR of progress in implementing CSA
- …