Observation-based Cooperation Enforcement in Ad Hoc Networks

Ad hoc networks rely on the cooperation of the nodes participating in the network to forward packets for each other. A node may decide not to cooperate to save its resources while still using the network to relay its traffic. If too many nodes exhibit this behavior, network performance degrades and cooperating nodes may find themselves unfairly loaded. Most previous efforts to counter this behavior have relied on further cooperation between nodes to exchange reputation information about other nodes. If a node observes another node not participating correctly, it reports this observation to other nodes who then take action to avoid being affected and potentially punish the bad node by refusing to forward its traffic. Unfortunately, such second-hand reputation information is subject to false accusations and requires maintaining trust relationships with other nodes. The objective of OCEAN is to avoid this trust-management machinery and see how far we can get simply by using direct first-hand observations of other nodes' behavior. We find that, in many scenarios, OCEAN can do as well as, or even better than, schemes requiring second-hand reputation exchanges. This encouraging result could possibly help obviate solutions requiring trust-management for some contexts.Comment: 10 pages, 7 figure

Fair and Decentralized Exchange of Digital Goods

We construct a privacy-preserving, distributed and decentralized marketplace where parties can exchange data for tokens. In this market, buyers and sellers make transactions in a blockchain and interact with a third party, called notary, who has the ability to vouch for the authenticity and integrity of the data. We introduce a protocol for the data-token exchange where neither party gains more information than what it is paying for, and the exchange is fair: either both parties gets the other's item or neither does. No third party involvement is required after setup, and no dispute resolution is needed.Comment: 10 page

Towards practicalization of blockchain-based decentralized applications

Blockchain can be defined as an immutable ledger for recording transactions, maintained in a distributed network of mutually untrusting peers. Blockchain technology has been widely applied to various fields beyond its initial usage of cryptocurrency. However, blockchain itself is insufficient to meet all the desired security or efficiency requirements for diversified application scenarios. This dissertation focuses on two core functionalities that blockchain provides, i.e., robust storage and reliable computation. Three concrete application scenarios including Internet of Things (IoT), cybersecurity management (CSM), and peer-to-peer (P2P) content delivery network (CDN) are utilized to elaborate the general design principles for these two main functionalities. Among them, the IoT and CSM applications involve the design of blockchain-based robust storage and management while the P2P CDN requires reliable computation. Such general design principles derived from disparate application scenarios have the potential to realize practicalization of many other blockchain-enabled decentralized applications. In the IoT application, blockchain-based decentralized data management is capable of handling faulty nodes, as designed in the cybersecurity application. But an important issue lies in the interaction between external network and blockchain network, i.e., external clients must rely on a relay node to communicate with the full nodes in the blockchain. Compromization of such relay nodes may result in a security breach and even a blockage of IoT sensors from the network. Therefore, a censorship-resistant blockchain-based decentralized IoT management system is proposed. Experimental results from proof-of-concept implementation and deployment in a real distributed environment show the feasibility and effectiveness in achieving censorship resistance. The CSM application incorporates blockchain to provide robust storage of historical cybersecurity data so that with a certain level of cyber intelligence, a defender can determine if a network has been compromised and to what extent. The CSM functions can be categorized into three classes: Network-centric (N-CSM), Tools-centric (T-CSM) and Application-centric (A-CSM). The cyber intelligence identifies new attackers, victims, or defense capabilities. Moreover, a decentralized storage network (DSN) is integrated to reduce on-chain storage costs without undermining its robustness. Experiments with the prototype implementation and real-world cyber datasets show that the blockchain-based CSM solution is effective and efficient. The P2P CDN application explores and utilizes the functionality of reliable computation that blockchain empowers. Particularly, P2P CDN is promising to provide benefits including cost-saving and scalable peak-demand handling compared with centralized CDNs. However, reliable P2P delivery requires proper enforcement of delivery fairness. Unfortunately, most existing studies on delivery fairness are based on non-cooperative game-theoretic assumptions that are arguably unrealistic in the ad-hoc P2P setting. To address this issue, an expressive security requirement for desired fair P2P content delivery is defined and two efficient approaches based on blockchain for P2P downloading and P2P streaming are proposed. The proposed system guarantees the fairness for each party even when all others collude to arbitrarily misbehave and achieves asymptotically optimal on-chain costs and optimal delivery communication

The Quest for a Killer App for Opportunistic and Delay Tolerant Networks (Invited Paper)

Delay Tolerant Networking (DTN) has attracted a lot of attention from the research community in recent years. Much work have been done regarding network architectures and algorithms for routing and forwarding in such networks. At the same time as many show enthusiasm for this exciting new research area there are also many sceptics, who question the usefulness of research in this area. In the past, we have seen other research areas become over-hyped and later die out as there was no killer app for them that made them useful in real scenarios. Real deployments of DTN systems have so far mostly been limited to a few niche scenarios, where they have been done as proof-of-concept field tests in research projects. In this paper, we embark upon a quest to find out what characterizes a potential killer applications for DTNs. Are there applications and situations where DTNs provide services that could not be achieved otherwise, or have potential to do it in a better way than other techniques? Further, we highlight some of the main challenges that needs to be solved to realize these applications and make DTNs a part of the mainstream network landscape

Fair signature exchange via delegation on ubiquitous networks

This paper addresses the issue of autonomous fair signature exchange in emerging ubiquitous (u-) commerce systems, which require that the exchange task be delegated to authorised devices for its autonomous and secure execution. Relevant existing work is either inefficient or ineffective in dealing with such delegated exchange. To rectify this situation, this paper aims to propose an effective, efficient and secure solution to the delegated exchange to support the important autonomy feature offered by u-commerce systems. The proposed work includes a novel approach to symmetric-key based verifiable proxy encryption to make the exchange delegation flexible, efficient and simple to implement on resource-limited devices commonly used in u-commerce systems. This approach is then applied to design a new exchange protocol. An analysis of the protocol is also provided to confirm its security and fairness. Moreover, a comparison with related work is presented to demonstrate its much better efficiency and simplicity

Law and Policy in the Age of the Internet

Technological knowledge is of many different kinds, from experience-based know-how in the crafts to science-based knowledge in modern engineering. It is inherently oriented towards being useful in technological activities, such as manufacturing and engineering design. The purpose of this thesis is to highlight special characteristics of technological knowledge and how these affect how technology should be taught in school. It consists of an introduction, a summary in Swedish, and five papers: Paper I is about rules of thumb, which are simple instructions, used to guide actions toward a specific result, without need of advanced knowledge. One off the major advantages of rules of thumb is the ease with which they can be learnt. One of their major disadvantages is that they cannot easily be adjusted to new situations or conditions. Paper II describes how Gilbert Ryle's distinction between knowing how and knowing that is applicable in the technological domain. Knowing how and knowing that are commonly used together, but there are important differences between them which motivate why they should be regarded as different types: they are learnt in different ways, justified in different ways, and knowing that is susceptible to Gettier type problems which technological knowing how is not. Paper III is based on a survey about how Swedish technology teachers understand the concept of technological knowledge. Their opinions show an extensive variation, and they have no common terminology for describing the knowledge. Paper IV deals with non-scientific models that are commonly used by engineers, based on for example folk theories or obsolete science. These should be included in technology education if it is to resemble real technology. Different, and partly contradictory, epistemological frameworks must be used in different school subjects. This leads to major pedagogical challenges, but also to opportunities to clarify the differences between technology and the natural sciences and between models and reality. Paper V is about explanation, prediction, and the use of models in technology education. Explanations and models in technology differ from those in the natural sciences in that they have to include users' actions and intentions.QC 20140512</p