10,037 research outputs found
Can Component/Service-Based Systems Be Proved Correct?
Component-oriented and service-oriented approaches have gained a strong
enthusiasm in industries and academia with a particular interest for
service-oriented approaches. A component is a software entity with given
functionalities, made available by a provider, and used to build other
application within which it is integrated. The service concept and its use in
web-based application development have a huge impact on reuse practices.
Accordingly a considerable part of software architectures is influenced; these
architectures are moving towards service-oriented architectures. Therefore
applications (re)use services that are available elsewhere and many
applications interact, without knowing each other, using services available via
service servers and their published interfaces and functionalities. Industries
propose, through various consortium, languages, technologies and standards.
More academic works are also undertaken concerning semantics and formalisation
of components and service-based systems. We consider here both streams of works
in order to raise research concerns that will help in building quality
software. Are there new challenging problems with respect to service-based
software construction? Besides, what are the links and the advances compared to
distributed systems?Comment: 16 page
FairLedger: A Fair Blockchain Protocol for Financial Institutions
Financial institutions are currently looking into technologies for
permissioned blockchains. A major effort in this direction is Hyperledger, an
open source project hosted by the Linux Foundation and backed by a consortium
of over a hundred companies. A key component in permissioned blockchain
protocols is a byzantine fault tolerant (BFT) consensus engine that orders
transactions. However, currently available BFT solutions in Hyperledger (as
well as in the literature at large) are inadequate for financial settings; they
are not designed to ensure fairness or to tolerate selfish behavior that arises
when financial institutions strive to maximize their own profit.
We present FairLedger, a permissioned blockchain BFT protocol, which is fair,
designed to deal with rational behavior, and, no less important, easy to
understand and implement. The secret sauce of our protocol is a new
communication abstraction, called detectable all-to-all (DA2A), which allows us
to detect participants (byzantine or rational) that deviate from the protocol,
and punish them. We implement FairLedger in the Hyperledger open source
project, using Iroha framework, one of the biggest projects therein. To
evaluate FairLegder's performance, we also implement it in the PBFT framework
and compare the two protocols. Our results show that in failure-free scenarios
FairLedger achieves better throughput than both Iroha's implementation and PBFT
in wide-area settings
Merging and Extending the PGP and PEM Trust Models - the ICE-TEL Trust Model
The ICE-TEL project is a pan-European project that is building an Internet X.509 based certification infrastructure throughout Europe, plus several secure applications that will use it. This paper describes the trust model that is being implemented by the project. A trust model specifies the means by which a user may build trust in the assertion that a remote user is really who he purports to be (authentication) and that he does in fact have a right to access the service or information that he is requesting (authorization). The ICE-TEL trust model is based on a merging of and extensions to the existing Pretty Good Privacy (PGP) web of trust and Privacy Enhanced Mail (PEM) hierarchy of trust models, and is called a web of hierarchies trust model. The web of hierarchies model has significant advantages over both of the previous models, and these are highlighted here. The paper further describes the way that the trust model is enforced through some of the new extensions in the X.509 V3 certificates, and gives examples of its use in different scenarios
How long delays impact TCP performance for a connectivity from Reunion Island ?
TCP is the protocol of transport the most used in the Internet and have a
heavy-dependence on delay. Reunion Island have a specific Internet connection,
based on main links to France, located 10.000 km away. As a result, the minimal
delay between Reunion Island and France is around 180 ms. In this paper, we
will study TCP traces collected in Reunion Island University. The goal is to
determine the metrics to study the impacts of long delays on TCP performance
SafeNet: The Unreasonable Effectiveness of Ensembles in Private Collaborative Learning
Secure multiparty computation (MPC) has been proposed to allow multiple
mutually distrustful data owners to jointly train machine learning (ML) models
on their combined data. However, by design, MPC protocols faithfully compute
the training functionality, which the adversarial ML community has shown to
leak private information and can be tampered with in poisoning attacks. In this
work, we argue that model ensembles, implemented in our framework called
SafeNet, are a highly MPC-amenable way to avoid many adversarial ML attacks.
The natural partitioning of data amongst owners in MPC training allows this
approach to be highly scalable at training time, provide provable protection
from poisoning attacks, and provably defense against a number of privacy
attacks. We demonstrate SafeNet's efficiency, accuracy, and resilience to
poisoning on several machine learning datasets and models trained in end-to-end
and transfer learning scenarios. For instance, SafeNet reduces backdoor attack
success significantly, while achieving faster training and less communication than the four-party MPC framework of Dalskov et al.
Our experiments show that ensembling retains these benefits even in many
non-iid settings. The simplicity, cheap setup, and robustness properties of
ensembling make it a strong first choice for training ML models privately in
MPC
- …