Decision Framework for Improved Distributed Ledger Technology Utilization

Distributed ledger technology (DLT) has been salient in research and practice for over a decade, with substantial investments in numerous areas. Still, the absence of a rapid, industry-wide success fuels skepticism and numerous decision frameworks emerged focusing on how to scaffold DLT utilization. However, a consideration of needs, added value, and integrative design of DLT-based systems remains overlooked. By analyzing existing frameworks and DLT Proof-of-Concepts, we provide a research-in-progress decision framework for making evidence-based decisions on whether to use DLT and how to design a technology bundle for specific cases. Our main contribution centers on the focus on rapid collaborative prototyping. For applicability and validation, we implement the framework in an online questionnaire-like tool that generates a detailed report as a basis for an informed decision. While beneficial for academia and practice, our framework draws clear directions for future research on complementary tools, enhanced recommendations and the design of feasible DLT solutions for real world challenges

ABCDE -- Agile Block Chain Dapp Engineering

Cryptocurrencies and their foundation technology, the Blockchain, are reshaping finance and economics, allowing a decentralized approach enabling trusted applications with no trusted counterpart. More recently, the Blockchain and the programs running on it, called Smart Contracts, are also finding more and more applications in all fields requiring trust and sound certifications. Some people have come to the point of saying that the "Blockchain revolution" can be compared to that of the Internet and the Web in their early days. As a result, all software development revolving around the Blockchain technology is growing at a staggering rate. The feeling of many software engineers about such huge interest in Blockchain technologies is that of unruled and hurried software development, a sort of competition on a first-come-first-served basis which does not assure neither software quality, nor that the basic concepts of software engineering are taken into account. This paper tries to cope with this issue, proposing a software development process to gather the requirement, analyze, design, develop, test and deploy Blockchain applications. The process is based on several Agile practices, such as User Stories and iterative and incremental development based on them. However, it makes also use of more formal notations, such as some UML diagrams describing the design of the system, with additions to represent specific concepts found in Blockchain development. The method is described in good detail, and an example is given to show how it works.Comment: 26 pages, 7 figures, 8 table

Tackling the Challenges of Information Security Incident Reporting: A Decentralized Approach

Information security incident under-reporting is unambiguously a business problem, as identified by a variety of sources, such as ENISA (2012), Symantec (2016), Newman (2018) and more. This research project identified the underlying issues that cause this problem and proposed a solution, in the form of an innovative artefact, which confronts a number of these issues. This research project was conducted according to the requirements of the Design Science Research Methodology (DSRM) by Peffers et al (2007). The research question set at the beginning of this research project, probed the feasible formation of an incident reporting solution, which would increase the motivational level of users towards the reporting of incidents, by utilizing the positive features offered by existing solutions, on one hand, but also by providing added value to the users, on the other. The comprehensive literature review chapter set the stage, and identified the reasons for incident underreporting, while also evaluating the existing solutions and determining their advantages and disadvantages. The objectives of the proposed artefact were then set, and the artefact was designed and developed. The output of this development endeavour is “IRDA”, the first decentralized incident reporting application (DApp), built on “Quorum”, a permissioned blockchain implementation of Ethereum. Its effectiveness was demonstrated, when six organizations accepted to use the developed artefact and performed a series of pre-defined actions, in order to confirm the platform’s intended functionality. The platform was also evaluated using Venable et al’s (2012) evaluation framework for DSR projects. This research project contributes to knowledge in various ways. It investigates blockchain and incident reporting, two domains which have not been extensively examined and the available literature is rather limited. Furthermore, it also identifies, compares, and evaluates the conventional, reporting platforms, available, up to date. In line with previous findings (e.g Humphrey, 2017), it also confirms the lack of standard taxonomies for information security incidents. This work also contributes by creating a functional, practical artefact in the blockchain domain, a domain where, according to Taylor et al (2019), most studies are either experimental proposals, or theoretical concepts, with limited practicality in solving real-world problems. Through the evaluation activity, and by conducting a series of non-parametric significance tests, it also suggests that IRDA can potentially increase the motivational level of users towards the reporting of incidents. This thesis describes an original attempt in utilizing the newly emergent blockchain technology, and its inherent characteristics, for addressing those concerns which actively contribute to the business problem. To the best of the researcher’s knowledge, there is currently no other solution offering similar benefits to users/organizations for incident reporting purposes. Through the accomplishment of this project’s pre-set objectives, the developed artefact provides a positive answer to the research question. The artefact, featuring increased anonymity, availability, immutability and transparency levels, as well as an overall lower cost, has the potential to increase the motivational level of organizations towards the reporting of incidents, thus improving the currently dismaying statistics of incident under-reporting. The structure of this document follows the flow of activities described in the DSRM by Peffers et al (2007), while also borrowing some elements out of the nominal structure of an empirical research process, including the literature review chapter, the description of the selected research methodology, as well as the “discussion and conclusion” chapter

Distributed Ledger Technologies for Network Slicing: A Survey

Network slicing is one of the fundamental tenets of Fifth Generation (5G)/Sixth Generation (6G) networks. Deploying slices requires end-to-end (E2E) control of services and the underlying resources in a network substrate featuring an increasing number of stakeholders. Beyond the technical difficulties this entails, there is a long list of administrative negotiations among parties that do not necessarily trust each other, which often requires costly manual processes, including the legal construction of neutral entities. In this context, Blockchain comes to the rescue by bringing its decentralized yet immutable and auditable lemdger, which has a high potential in the telco arena. In this sense, it may help to automate some of the above costly processes. There have been some proposals in this direction that are applied to various problems among different stakeholders. This paper aims at structuring this field of knowledge by, first, providing introductions to network slicing and blockchain technologies. Then, state-of-the-art is presented through a global architecture that aggregates the various proposals into a coherent whole while showing the motivation behind applying Blockchain and smart contracts to network slicing. And finally, some limitations of current work, future challenges and research directions are also presented.This work was supported in part by the Spanish Formación Personal Investigador (FPI) under Grant PRE2018-086061, in part by the TRUE5G under Grant PID2019-108713RB-C52/AEI/10.13039/501100011033, and in part by the European Union (EU) H2020 The 5G Infrastructure Public Private Partnership (5GPPP) 5Growth Project 856709.Publicad