Efficient pebbling for list traversal synopses

We show how to support efficient back traversal in a unidirectional list, using small memory and with essentially no slowdown in forward steps. Using $O(\log n)$ memory for a list of size $n$, the $i$'th back-step from the farthest point reached so far takes $O(\log i)$ time in the worst case, while the overhead per forward step is at most $\epsilon$ for arbitrary small constant $\epsilon>0$. An arbitrary sequence of forward and back steps is allowed. A full trade-off between memory usage and time per back-step is presented: $k$ vs. $kn^{1/k}$ and vice versa. Our algorithms are based on a novel pebbling technique which moves pebbles on a virtual binary, or $t$-ary, tree that can only be traversed in a pre-order fashion. The compact data structures used by the pebbling algorithms, called list traversal synopses, extend to general directed graphs, and have other interesting applications, including memory efficient hash-chain implementation. Perhaps the most surprising application is in showing that for any program, arbitrary rollback steps can be efficiently supported with small overhead in memory, and marginal overhead in its ordinary execution. More concretely: Let $P$ be a program that runs for at most $T$ steps, using memory of size $M$. Then, at the cost of recording the input used by the program, and increasing the memory by a factor of $O(\log T)$ to $O(M \log T)$, the program $P$ can be extended to support an arbitrary sequence of forward execution and rollback steps: the $i$'th rollback step takes $O(\log i)$ time in the worst case, while forward steps take O(1) time in the worst case, and $1+\epsilon$ amortized time per step.Comment: 27 page

Performance Evaluation of Distributed Security Protocols Using Discrete Event Simulation

The Border Gateway Protocol (BGP) that manages inter-domain routing on the Internet lacks security. Protective measures using public key cryptography introduce complexities and costs. To support authentication and other security functionality in large networks, we need public key infrastructures (PKIs). Protocols that distribute and validate certificates introduce additional complexities and costs. The certification path building algorithm that helps users establish trust on certificates in the distributed network environment is particularly complicated. Neither routing security nor PKI come for free. Prior to this work, the research study on performance issues of these large-scale distributed security systems was minimal. In this thesis, we evaluate the performance of BGP security protocols and PKI systems. We answer the questions about how the performance affects protocol behaviors and how we can improve the efficiency of these distributed protocols to bring them one step closer to reality. The complexity of the Internet makes an analytical approach difficult; and the scale of Internet makes empirical approaches also unworkable. Consequently, we take the approach of simulation. We have built the simulation frameworks to model a number of BGP security protocols and the PKI system. We have identified performance problems of Secure BGP (S-BGP), a primary BGP security protocol, and proposed and evaluated Signature Amortization (S-A) and Aggregated Path Authentication (APA) schemes that significantly improve efficiency of S-BGP without compromising security. We have also built a simulation framework for general PKI systems and evaluated certification path building algorithms, a critical part of establishing trust in Internet-scale PKI, and used this framework to improve algorithm performance

Financial Accounting Classification of Cryptocurrency

Currently, a large range of opinions exists regarding the appropriate classification and regulation of cryptocurrency. From the legal perspective, some suggest that cryptocurrency investments are too speculative. As a result of this, it is suggested that cryptocurrency should be more heavily regulated. This would be done to prevent speculators from losing vast wealth. Other legal analysts suggest that an increasing cryptocurrency regulation would have a detrimental effect on the state of cryptocurrency, and its use would cause long-term problems. From the accounting perspective, opinions vary. Some suggest an accounting classification that would make cryptocurrency cash equivalents; others suggest an accounting classification that would render cryptocurrency an intangible asset with an indefinite useful life. The “big 4” accounting firms that include Deloitte, PricewaterhouseCoopers, Ernst and Young, and KPMG recommend that cryptocurrency should be classified as an intangible asset with an indefinite useful life. However, other companies currently using cryptocurrency through the general operations of the business have decided to classify it differently. The legal perspectives and the accounting perspectives will be analyzed to determine appropriate regulations for cryptocurrency and an appropriate classification for cryptocurrency. The results will show that cryptocurrency should be classified as an intangible asset with an indefinite useful life for accounting purposes and as property for tax purposes

Dynamic Message Puzzle as Pre-Authentication Scheme in Wireless Sensor Networks

Denial of Service (DoS) is a type of attack that has a huge impact on a computer system. This can deplete and shorten the lifetime of wireless sensor networks (WSNs). Signature-based DoS is a kind of DoS attack that exploits the high computation of a public key cryptography based authentication. The adversaries have the opportunity to send a large number of a fake signature to the WSNs. Message Specific Puzzle (MSP) was developed to defend against this type of attack. This scheme utilizes a hash function as an irreversible method to create a puzzle and produce a session key. Furthermore, this has low complexity in the sender and receiver for construction and verification process. However, the sender-side delay occurred. The higher the security expected for the system leads to the more time is needed for the user to send messages. The number of hash iteration in the puzzle construction cannot be controlled. This paper proposes the Dynamic Message Puzzle scheme that uses the power of first quartile (Q1power1) and the exponential of second quartile (Q2exp) threshold functions. These limit the maximum number of hash iterations for each puzzle construction. Consequently, this mechanism can decrease sender-side delay by at least 60%. Besides avoiding zero solution and has a high value of mean absolute deviation, this scheme also increases the adversaries’ complexity in attacking the system. The proposed scheme transmits index implicitly. This obscures the portion of each parameter in the transmitted packet

Global Data Plane: A Widely Distributed Storage and Communication Infrastructure

With the advancement of technology, richer computation devices are making their way into everyday life. However, such smarter devices merely act as a source and sink of information; the storage of information is highly centralized in data-centers in today’s world. Even though such data-centers allow for amortization of cost per bit of information, the density and distribution of such data-centers is not necessarily representative of human population density. This disparity of where the information is produced and consumed vs where it is stored only slightly affects the applications of today, but it will be the limiting factor for applications of tomorrow.The computation resources at the edge are more powerful than ever, and present an opportunity to address this disparity. We envision that a seamless combination of these edge-resources with the data-center resources is the way forward. However, the resulting issues of trust and data-security are not easy to solve in a world full of complexity. Toward this vision of a federated infrastructure composed of resources at the edge as well as those in data-centers, we describe the architecture and design of a widely distributed system for data storage and communication that attempts to alleviate some of these data security challenges; we call this system the Global Data Plane (GDP).The key abstraction in the GDP is a secure cohesive container of information called a DataCapsule, which provides a layer of uniformity on top of a heterogeneous infrastructure. A DataCapsule represents a secure history of transactions in a persistent form that can be used for building other applications on top. Existing applications can be refactored to use DataCapsules as the ground truth of persistent state; such a refactoring enables cleaner application design that allows for better security analysis of information flows. Not only cleaner design, the GDP also enables locality of access for performance and data privacy—an ever growing concern in the information age.The DataCapsules are enabled by an underlying routing fabric, called the GDP network, which provides secure routing for datagrams in a flat namespace. The GDP network is a core component of the GDP that enables various GDP components to interact with each other. In addition to the DataCapsules, this underlying network is available to applications for native communication as well. Flat namespace networks are known to provide a number of desirable properties, such as location independence, built-in multicast, etc. However, existing architectures for such networks suffer from routing security issues, typically because malicious entities can claim to possess arbitrary names and thus, receive traffic intended for arbitrary destinations. GDP network takes a different approach by defining an ownership of the name and the associated mechanisms for participants to delegate routing for such names to others. By directly integrating with GDP network, applications can enjoy the benefits of flat namespace networks without compromising routing security.The Global Data Plane and DataCapsules together represent our vision for secure ubiquitous storage. As opposed to the current approach of perimeter security for infrastructure, i.e. drawing a perimeter around parts of infrastructure and trusting everything inside it, our vision is to use cryptographic tools to enable intrinsic security for the information itself regardless of the context in which such information lives. In this dissertation, we show how to make this vision a reality, and how to adapt real world applications to reap the benefits of secure ubiquitous storage

Hardware accelerated authentication system for dynamic time-critical networks

The secure and efficient operation of time-critical networks, such as vehicular networks, smart-grid and other smart-infrastructures, is of primary importance in today’s society. It is crucial to minimize the impact of security mechanisms over such networks so that the safe and reliable operations of time-critical systems are not being interfered. Even though there are several security mechanisms, their application to smart-infrastructure and Internet of Things (IoT) deployments may not meet the ubiquitous and time-sensitive needs of these systems. That is, existing security mechanisms either introduce a significant computation and communication overhead, or they are not scalable for a large number of IoT components. In particular, as a primary authentication mechanism, existing digital signatures cannot meet the real-time processing requirements of time-critical networks, and also do not fully benefit from advancements in the underlying hardware/software of IoTs. As a part of this thesis, we create a reliable and scalable authentication system to ensure secure and reliable operation of dynamic time-critical networks like vehicular networks through hardware acceleration. The system is implemented on System-On-Chips (SoC) leveraging the parallel processing capabilities of the embedded Graphical Processing Units (GPUs) along with the CPUs (Central Processing Units). We identify a set of cryptographic authentication mechanisms, which consist of operations that are highly parallelizable while still maintain high standards of security and are also secure against various malicious adversaries. We also focus on creating a fully functional prototype of the system which we call a “Dynamic Scheduler” which will take care of scheduling the messages for signing or verification on the basis of their priority level and the number of messages currently in the system, so as to derive maximum throughput or minimum latency from the system, whatever the requirement may be

Can China Promote Electronic Commerce Through Law Reform? Some Preliminary Case Study Evidence

The government of the People’s Republic of China (P.R.C.) has announced its intention to make China a global leader in innovation by 2020. Many Chinese business leaders share this goal. The primary focus of this national strategy is to transform China into an exporter of high-technology products based on Chinese designs rather than merely a low cost, high volume manufacturer of products based on technology developed in other countries. This paper will examine the implications for this strategy with regard to the use of computerized management information systems by Chinese businesses, and its relationship to recent law reform efforts intended to promote greater use of electronic commerce among Chinese businesses. This paper considers three case studies of recent reforms of P.R.C. commercial law in light of their contributions to this strategy, and finds that the results so far are quite mixed. The first case study looks at a domestic standard for accounting software issued in 1989 that successfully removed obstacles to the greater use of computerized accounting systems by local businesses and promoted the growth of the domestic accounting software industry. The second and third case studies involve P.R.C. legislation based on model laws developed by United Nations Commission on International Trade Law (UNCITRAL) developed to assist legislators in trading nations to harmonize their national commercial laws in order to eliminate barriers to international trade. The second case study looks at the inclusion of general electronic commerce enabling legislation in the 1999 Contract Law which in theory removed impediments to the use of electronic commerce by Chinese businesses but in reality appears to be too abstract and general to provide much certainty to parties wishing to form contracts using electronic media. The third case study looks at the 2004 Electronic Signature Law which promotes the use of a specific type of technology for authentication. While it is too soon to know whether this law will achieve its intended objectives in China, evidence from other countries with similar laws suggests that it may not

An Architecture for Biometric Electronic Identification Document System Based on Blockchain †

This paper proposes an architecture for biometric electronic identification document (e-ID) system based on Blockchain for citizens identity verification in transactions corresponding to the notary, registration, tax declaration and payment, basic health services and registration of economic activities, among others. To validate the user authentication, a biometric e-ID system is used to avoid spoofing and related attacks. Also, to validate the document a digital certificate is used with the corresponding public and private key for each citizen by using a user’s PIN. The proposed transaction validation process was implemented on a Blockchain system in order to record and verify the transactions made by all citizens registered in the electoral census, which guarantees security, integrity, scalability, traceability, and no-ambiguity. Additionally, a Blockchain network architecture is presented in a distributed and decentralized way including all the nodes of the network, database and government entities such as national register and notary offices. The results of the application of a new consensus algorithm to our Blockchain network are also presented showing mining time, memory and CPU usage when the number of transactions scales up

Valuation of XXL ASA

This master thesis presents a comprehensive valuation analysis of XXL ASA, a prominent Norwegian retail company operating in the Nordic sports industry. A fundamental valuation method, in combination with a supplementary comparative valuation has been utilized to estimate the equity value of the company as of December 31, 2021. The valuation has been performed from an investor perspective, using only publicly available information. The purpose of this study is to provide a trading strategy: buy, hold, or sell, based on the estimated equity value and the corresponding stock price. Therefore, the research question addressed in this study is as follows: “What is the fair value of XXL ASA’s equity as of December 31, 2021?” To address this research question, a strategic analysis of internal and external factors has been conducted to map XXL’s strengths and weaknesses, as well as to identify opportunities and threats. Furthermore, a financial statement and credit risk analysis of historical data has been performed, which together with the strategic analysis forms the basis for future expectations for the industry and the projected financials for XXL. The analysis indicated that XXL in the short term is expected to face challenges due to macroeconomics conditions, high inventory levels, and increased competition. However, in the long term, the company is expected to reverse this trend, regaining profitability and growth. Based on the assumptions about the future and the projected financials, the value per share using a fundamental approach for XXL is estimated to be NOK 5.98. To test the uncertainty in the valuation estimate, a sensitivity analysis has been conducted to assess the robustness and reasonableness. In addition, the comparative valuation yielded a value per share of NOK 51.61 based on the average of multiples. For comparison, the market price of XXL on the Oslo Stock Exchange at the valuation date was NOK 14.03. In determining the final value estimate of XXL’s equity and the corresponding stock price, the comparative valuation has been excluded due to an excessively high valuation and its weaknesses. Therefore, only the fundamental valuation is taken into consideration in estimating the value per share to be NOK 5.98. This leads to the following conclusion: The XXL stock is overpriced, and we recommend selling the stock as of December 31, 2021