Compensation methods to support cooperative applications: A case study in automated verification of schema requirements for an advanced transaction model

Compensation plays an important role in advanced transaction models, cooperative work and workflow systems. A schema designer is typically required to supply for each transaction another transaction to semantically undo the effects of . Little attention has been paid to the verification of the desirable properties of such operations, however. This paper demonstrates the use of a higher-order logic theorem prover for verifying that compensating transactions return a database to its original state. It is shown how an OODB schema is translated to the language of the theorem prover so that proofs can be performed on the compensating transactions

Compensation methods to support generic graph editing: A case study in automated verification of schema requirements for an advanced transaction model

Compensation plays an important role in advanced transaction models, cooperative work, and workflow systems. However, compensation operations are often simply written as a^−1 in transaction model literature. This notation ignores any operation parameters, results, and side effects. A schema designer intending to use an advanced transaction model is expected (required) to write correct method code. However, in the days of cut-and-paste, this is much easier said than done. In this paper, we demonstrate the feasibility of using an off-the-shelf theorem prover (also called a proof assistant) to perform automated verification of compensation requirements for an OODB schema. We report on the results of a case study in verification for a particular advanced transaction model that supports cooperative applications. The case study is based on an OODB schema that provides generic graph editing functionality for the creation, insertion, and manipulation of nodes and links

Coded Cooperative Data Exchange for a Secret Key

We consider a coded cooperative data exchange problem with the goal of generating a secret key. Specifically, we investigate the number of public transmissions required for a set of clients to agree on a secret key with probability one, subject to the constraint that it remains private from an eavesdropper. Although the problems are closely related, we prove that secret key generation with fewest number of linear transmissions is NP-hard, while it is known that the analogous problem in traditional cooperative data exchange can be solved in polynomial time. In doing this, we completely characterize the best possible performance of linear coding schemes, and also prove that linear codes can be strictly suboptimal. Finally, we extend the single-key results to characterize the minimum number of public transmissions required to generate a desired integer number of statistically independent secret keys.Comment: Full version of a paper that appeared at ISIT 2014. 19 pages, 2 figure

Detecting Byzantine Attacks Without Clean Reference

We consider an amplify-and-forward relay network composed of a source, two relays, and a destination. In this network, the two relays are untrusted in the sense that they may perform Byzantine attacks by forwarding altered symbols to the destination. Note that every symbol received by the destination may be altered, and hence no clean reference observation is available to the destination. For this network, we identify a large family of Byzantine attacks that can be detected in the physical layer. We further investigate how the channel conditions impact the detection against this family of attacks. In particular, we prove that all Byzantine attacks in this family can be detected with asymptotically small miss detection and false alarm probabilities by using a sufficiently large number of channel observations \emph{if and only if} the network satisfies a non-manipulability condition. No pre-shared secret or secret transmission is needed for the detection of these attacks, demonstrating the value of this physical-layer security technique for counteracting Byzantine attacks.Comment: 16 pages, 7 figures, accepted to appear on IEEE Transactions on Information Forensics and Security, July 201

Facilitated spin models: recent and new results

Facilitated or kinetically constrained spin models (KCSM) are a class of interacting particle systems reversible w.r.t. to a simple product measure. Each dynamical variable (spin) is re-sampled from its equilibrium distribution only if the surrounding configuration fulfills a simple local constraint which \emph{does not involve} the chosen variable itself. Such simple models are quite popular in the glass community since they display some of the peculiar features of glassy dynamics, in particular they can undergo a dynamical arrest reminiscent of the liquid/glass transitiom. Due to the fact that the jumps rates of the Markov process can be zero, the whole analysis of the long time behavior becomes quite delicate and, until recently, KCSM have escaped a rigorous analysis with the notable exception of the East model. In these notes we will mainly review several recent mathematical results which, besides being applicable to a wide class of KCSM, have contributed to settle some debated questions arising in numerical simulations made by physicists. We will also provide some interesting new extensions. In particular we will show how to deal with interacting models reversible w.r.t. to a high temperature Gibbs measure and we will provide a detailed analysis of the so called one spin facilitated model on a general connected graph.Comment: 30 pages, 3 figure

Strategyproof Profit Sharing in Partnerships: Improving upon Autarky

Several producers decide to form a partnership, to which they contribute both capital and labor. We propose a group-strategyproof mechanism under which no single agent is tempted to secede from the partnership: the inverse marginal product proportions (or IMPP) mechanism. The IMPP mechanism combines aspects of common ownership with the requirement that private property rights be respected: when an agent decides to stop exploiting her own capital, the latter is shared between the remaining agents in proportion to the productivity of their own capital. The IMPP is in fact the only fixed-path method (as introduced in Friedman, 2002) to satisfy autarkic individual rationality; its path is uniquely determined by the capital contributions of the agents. Thus, our results provide one of the first economic motivation for the asymmetry of fixed-path methods.