Breeding unicorns:Developing trustworthy and scalable randomness beacons

Randomness beacons are services that periodically emit a random number, allowing users to base decisions on the same random value without trusting anyone: ideally, the randomness beacon does not only produce unpredictable values, but is also of low computational complexity for the users, bias-resistant and publicly verifiable. Such randomness beacons can serve as an important primitive for smart contracts in a variety of contexts. This paper first presents a structured security analysis, based on which we then design, implement, and evaluate a trustworthy and efficient randomness beacon. Our approach does not require users to register or run any computationally intensive operations. We then compare different implementation and deployment options on distributed ledgers, and report on an Ethereum smart contract-based lottery using our beacon

Blockchain Technology for Intelligent Transportation Systems: A Systematic Literature Review

The use of Blockchain technology has recently become widespread. It has emerged as an essential tool in various academic and industrial fields, such as healthcare, transportation, finance, cybersecurity, and supply chain management. It is regarded as a decentralized, trustworthy, secure, transparent, and immutable solution that innovates data sharing and management. This survey aims to provide a systematic review of Blockchain application to intelligent transportation systems in general and the Internet of Vehicles (IoV) in particular. The survey is divided into four main parts. First, the Blockchain technology including its opportunities, relative taxonomies, and applications is introduced; basic cryptography is also discussed. Next, the evolution of Blockchain is presented, starting from the primary phase of pre-Bitcoin (fundamentally characterized by classic cryptography systems), followed by the Blockchain 1.0 phase, (characterized by Bitcoin implementation and common consensus protocols), and finally, the Blockchain 2.0 phase (characterized by the implementation of smart contracts, Ethereum, and Hyperledger). We compared and identified the strengths and limitations of each of these implementations. Then, the state of the art of Blockchain-based IoV solutions (BIoV) is explored by referring to a large and trusted source database from the Scopus data bank. For a well-structured and clear discussion, the reviewed literature is classified according to the research direction and implemented IoV layer. Useful tables, statistics, and analysis are also presented. Finally, the open problems and future directions in BIoV research are summarized

Identifying the limits of governmental interference with on-line privacy

This thesis addresses the issue of on-line privacy, in an effort to identify the limits of governmental interference with this kind of right. Traditional privacy has been a well accepted and legally recognized human right for many years now. However, the exposure of privacy to the Internet has created new threats that mould the nature of 'on-line privacy': a user is less aware of the dangers faced in cyberspace, due to the instinctive feeling of being alone when in front of a computer; the distinction between private and public places is blurred, cyberspace looks like a public space, but is actually an aggregation of privately owned digital spaces, open to public access. Taking this as a basis, the thesis explores the route to be followed in order for a well-balanced interference with on-line privacy to be designed. First, an analysis of computer-related crime, the major reason (or excuse) on which governments base the need to interfere and delimit privacy in the on-line environment. On¬ line delinquency may be a serious problem, but it has to be examined closer than it has been up to present if it is to choose effective measures to combat it. Second, the thesis analyses the legal reasons justifying governmental interference with on-line privacy. National security, public safety and the economic well being of a country are the most popular reasons appearing in laws regulating interference with an otherwise protected right, and they will play a prominent role in justifying interference with privacy in cyberspace; an approach on the meaning, use and difficulties met in their application can be a starting point in an effort to avoid the same problems in the on-line environment. The European Convention of Human Rights, being one of the most complete and effective legal forums for human rights protection, is then used to show how the legally acceptable justifications for interference with privacy are being implemented. The thesis goes on to examine cryptography: being one of the most valuable tools for the protection of on-line privacy, regulating its use and dissemination is a way of governmental interference. An approach of the efforts made to limit the use and dissemination of strong encryption shows how on-line privacy has been affected. It is further suggested that restrictions in the use of strong encryption have a much more detrimental effect for legitimate users than for those using it to conceal illegal activity. The effectiveness of these measures is, therefore, under question. Next, the UK Regulation of Investigatory Powers Act 2000 is analysed, mainly those parts that affect on-line privacy. RIPA regulates the use of investigatory powers in the on-line environment such as interception of communications, acquisition of communications data and governmental access to keys. Being one of the few examples of such legislation, a lot can be learnt from the mistakes made. Last, the thesis explores the threat posed to on-line privacy by systems of covert governmental surveillance. The Echelon and other major international surveillance systems is probably the most real threat for privacy in the on-line environment

Actas de las VI Jornadas Nacionales (JNIC2021 LIVE)

Estas jornadas se han convertido en un foro de encuentro de los actores más relevantes en el ámbito de la ciberseguridad en España. En ellas, no sólo se presentan algunos de los trabajos científicos punteros en las diversas áreas de ciberseguridad, sino que se presta especial atención a la formación e innovación educativa en materia de ciberseguridad, y también a la conexión con la industria, a través de propuestas de transferencia de tecnología. Tanto es así que, este año se presentan en el Programa de Transferencia algunas modificaciones sobre su funcionamiento y desarrollo que han sido diseñadas con la intención de mejorarlo y hacerlo más valioso para toda la comunidad investigadora en ciberseguridad

Building bridges for better machines : from machine ethics to machine explainability and back

Be it nursing robots in Japan, self-driving buses in Germany or automated hiring systems in the USA, complex artificial computing systems have become an indispensable part of our everyday lives. Two major challenges arise from this development: machine ethics and machine explainability. Machine ethics deals with behavioral constraints on systems to ensure restricted, morally acceptable behavior; machine explainability affords the means to satisfactorily explain the actions and decisions of systems so that human users can understand these systems and, thus, be assured of their socially beneficial effects. Machine ethics and explainability prove to be particularly efficient only in symbiosis. In this context, this thesis will demonstrate how machine ethics requires machine explainability and how machine explainability includes machine ethics. We develop these two facets using examples from the scenarios above. Based on these examples, we argue for a specific view of machine ethics and suggest how it can be formalized in a theoretical framework. In terms of machine explainability, we will outline how our proposed framework, by using an argumentation-based approach for decision making, can provide a foundation for machine explanations. Beyond the framework, we will also clarify the notion of machine explainability as a research area, charting its diverse and often confusing literature. To this end, we will outline what, exactly, machine explainability research aims to accomplish. Finally, we will use all these considerations as a starting point for developing evaluation criteria for good explanations, such as comprehensibility, assessability, and fidelity. Evaluating our framework using these criteria shows that it is a promising approach and augurs to outperform many other explainability approaches that have been developed so far.DFG: CRC 248: Center for Perspicuous Computing; VolkswagenStiftung: Explainable Intelligent System

Investigating Information Trust, Professional Ethics and Risk When Embracing E-government: An Empirical Study of Kingdom Of Saudi Arabia (KSA)

In an attempt to establish more efficient and transparent governmental services, manual systems of government across the globe are being transferred to e-government systems, including the Kingdom of Saudi Arabia (KSA). However, this transformation, and especially ensuring user acceptance of e-government, poses a number of challenges. Against this backdrop, the current work examines issues that are related to information trust, professional ethics, and the risks incurred in embracing an e-government. This was carried out based on three Saudi Arabian organisations namely the Ministry of Interior; the Ministry of Communication and Information Technology; and King Abdul-Aziz City for Science and Technology. Qualitative methods was adopted for both data collection and analysis based on semi-structured interviews and questionnaires. The data were analysed using thematic analysis to establish perceptions and behavioural patterns of e-government systems among both government officials and general users. A technological gap was identified as the core impediment to widespread implementation and user acceptance of e-government in KSA. It was established that governmental success in ensuring the system is resilient against data loss and hacking, and habitual adoption of checking mechanisms, can lead towards improved implementation of e-government, along with its utilisation throughout KSA. This research contributes a research model, informed by institutional theory, of factors affecting the adoption of e-government from both employees and citizens’ perspectives (as evident within KSA). It responds to calls from other Information Systems researchers to study e-government by conducting an in-depth field investigation using qualitative research. In doing so, it addresses issues related to information trust, professional ethics and risk in e-government implementation