Introducing Accountability to Anonymity Networks

Many anonymous communication (AC) networks rely on routing traffic through proxy nodes to obfuscate the originator of the traffic. Without an accountability mechanism, exit proxy nodes risk sanctions by law enforcement if users commit illegal actions through the AC network. We present BackRef, a generic mechanism for AC networks that provides practical repudiation for the proxy nodes by tracing back the selected outbound traffic to the predecessor node (but not in the forward direction) through a cryptographically verifiable chain. It also provides an option for full (or partial) traceability back to the entry node or even to the corresponding user when all intermediate nodes are cooperating. Moreover, to maintain a good balance between anonymity and accountability, the protocol incorporates whitelist directories at exit proxy nodes. BackRef offers improved deployability over the related work, and introduces a novel concept of pseudonymous signatures that may be of independent interest. We exemplify the utility of BackRef by integrating it into the onion routing (OR) protocol, and examine its deployability by considering several system-level aspects. We also present the security definitions for the BackRef system (namely, anonymity, backward traceability, no forward traceability, and no false accusation) and conduct a formal security analysis of the OR protocol with BackRef using ProVerif, an automated cryptographic protocol verifier, establishing the aforementioned security properties against a strong adversarial model

Crisis Analytics: Big Data Driven Crisis Response

Disasters have long been a scourge for humanity. With the advances in technology (in terms of computing, communications, and the ability to process and analyze big data), our ability to respond to disasters is at an inflection point. There is great optimism that big data tools can be leveraged to process the large amounts of crisis-related data (in the form of user generated data in addition to the traditional humanitarian data) to provide an insight into the fast-changing situation and help drive an effective disaster response. This article introduces the history and the future of big crisis data analytics, along with a discussion on its promise, challenges, and pitfalls

Mapping species distributions: A comparison of skilled naturalist and lay citizen science recording

To assess the ability of traditional biological recording schemes and lay citizen science approaches to gather data on species distributions and changes therein, we examined bumblebee records from the UK’s national repository (National Biodiversity Network) and from BeeWatch. The two recording approaches revealed similar relative abundances of bumblebee species but different geographical distributions. For the widespread common carder (Bombus pascuorum), traditional recording scheme data were patchy, both spatially and temporally, reflecting active record centre rather than species distribution. Lay citizen science records displayed more extensive geographic coverage, reflecting human population density, thus offering better opportunities to account for recording effort. For the rapidly spreading tree bumblebee (Bombus hypnorum), both recording approaches revealed similar distributions due to a dedicated mapping project which overcame the patchy nature of naturalist records. We recommend, where possible, complementing skilled naturalist recording with lay citizen science programmes to obtain a nation-wide capability, and stress the need for timely uploading of data to the national repository

Understanding citizen science and environmental monitoring: final report on behalf of UK Environmental Observation Framework

Citizen science can broadly be defined as the involvement of volunteers in science. Over the past decade there has been a rapid increase in the number of citizen science initiatives. The breadth of environmental-based citizen science is immense. Citizen scientists have surveyed for and monitored a broad range of taxa, and also contributed data on weather and habitats reflecting an increase in engagement with a diverse range of observational science. Citizen science has taken many varied approaches from citizen-led (co-created) projects with local community groups to, more commonly, scientist-led mass participation initiatives that are open to all sectors of society. Citizen science provides an indispensable means of combining environmental research with environmental education and wildlife recording. Here we provide a synthesis of extant citizen science projects using a novel cross-cutting approach to objectively assess understanding of citizen science and environmental monitoring including: 1. Brief overview of knowledge on the motivations of volunteers. 2. Semi-systematic review of environmental citizen science projects in order to understand the variety of extant citizen science projects. 3. Collation of detailed case studies on a selection of projects to complement the semi-systematic review. 4. Structured interviews with users of citizen science and environmental monitoring data focussing on policy, in order to more fully understand how citizen science can fit into policy needs. 5. Review of technology in citizen science and an exploration of future opportunities

Managing the boundary of an 'open' project

In the past ten years, the boundaries between public and open science and commercial research efforts have become more porous. Scholars have thus more critically examined ways in which these two institutional regimes intersect. Large open source software projects have also attracted commercial collaborators and now struggle to develop code in an open public environment that still protects their communal boundaries. This research applies a dynamic social network approach to understand how one community-managed software project, Debian, developed a membership process. We examine the project's face-to-face social network over a five-year period (1997-2001) to see how changes in the social structure affected the evolution of membership mechanisms and the determination of gatekeepers. While the amount and importance of a contributor's work increased the probability that a contributor would become a gatekeeper, those more central in the social network were more likely to become gatekeepers and influence the membership process. A greater understanding of the mechanisms open projects use to manage their boundaries has critical implications for research and knowledge-producing communities operating in pluralistic, open and distributed environments.open source software; social networks; organizational design; institutional design;

Innovations in energy and climate policy: lessons from Vermont

We ask in this article: how can planners and policymakers replicate Vermont’s energy and climate policies? We begin by explaining the research methods utilized for this article—mainly research interviews with a pool of experts, coupled with a targeted literature review. We then analyze the success of Vermont energy policy across four areas: energy efficiency, renewable energy, the smart grid, and energy governance. The following sections first explain how Vermont accomplished these successes, next identify a number of remaining barriers and elements of Vermont’s approach that may not be replicable, and finally present the article’s conclusions

A Blockchain-based Decentralized Electronic Marketplace for Computing Resources

AbstractWe propose a framework for building a decentralized electronic marketplace for computing resources. The idea is that anyone with spare capacities can offer them on this marketplace, opening up the cloud computing market to smaller players, thus creating a more competitive environment compared to today's market consisting of a few large providers. Trust is a crucial component in making an anonymized decentralized marketplace a reality. We develop protocols that enable participants to interact with each other in a fair way and show how these protocols can be implemented using smart contracts and blockchains. We discuss and evaluate our framework not only from a technical point of view, but also look at the wider context in terms of fair interactions and legal implications

IoTSan: Fortifying the Safety of IoT Systems

Today's IoT systems include event-driven smart applications (apps) that interact with sensors and actuators. A problem specific to IoT systems is that buggy apps, unforeseen bad app interactions, or device/communication failures, can cause unsafe and dangerous physical states. Detecting flaws that lead to such states, requires a holistic view of installed apps, component devices, their configurations, and more importantly, how they interact. In this paper, we design IoTSan, a novel practical system that uses model checking as a building block to reveal "interaction-level" flaws by identifying events that can lead the system to unsafe states. In building IoTSan, we design novel techniques tailored to IoT systems, to alleviate the state explosion associated with model checking. IoTSan also automatically translates IoT apps into a format amenable to model checking. Finally, to understand the root cause of a detected vulnerability, we design an attribution mechanism to identify problematic and potentially malicious apps. We evaluate IoTSan on the Samsung SmartThings platform. From 76 manually configured systems, IoTSan detects 147 vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a previous effort. IoTSan detects the potential safety violations and also effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201