371 research outputs found
MMM: May I Mine Your Mind?
Consider the following set-up for the plot of a possible future episode of
the TV series Black Mirror: human brains can be connected directly to the net
and MiningMind Inc. has developed a technology that merges a reward system with
a cryptojacking engine that uses the human brain to mine cryptocurrency (or to
carry out some other mining activity). Part of our brain will be committed to
cryptographic calculations (mining), leaving the remaining part untouched for
everyday operations, i.e., for our brain's normal daily activity. In this short
paper, we briefly argue why this set-up might not be so far fetched after all,
and explore the impact that such a technology could have on our lives and our
society.Comment: 4 pages, 0 figure, Accepted at the "Re-Coding Black Mirror" workshop
of the International World Wide Web Conferences (WWW
Smart Humans... WannaDie?
It won't be long until our prostheses, ECG personal monitors, subcutaneous
insulin infusors, glasses, etc. become devices of the Internet of Things (IoT),
always connected for monitoring, maintenance, charging and tracking. This will
be the dawn of the Smart Human, not just a user of the IoT but a Thing in the
Internet. How long would it then take for hackers to attack us like they have
been attacking IoT devices? What would happen if hackers were able to blackmail
us threatening our IoT body parts? Smart Humans may become victims of the
devastating attack of WannaDie, a new ransomware that could provide the
plot-line for a possible future episode of the Black Mirror TV series.Comment: 5 pages, 3 figures, Accepted at the "Re-Coding Black Mirror" workshop
of the International Conference Data Protection and Democracy (CPDP
A History of Until
Until is a notoriously difficult temporal operator as it is both existential
and universal at the same time: A until B holds at the current time instant w
iff either B holds at w or there exists a time instant w' in the future at
which B holds and such that A holds in all the time instants between the
current one and w'. This "ambivalent" nature poses a significant challenge when
attempting to give deduction rules for until. In this paper, in contrast, we
make explicit this duality of until to provide well-behaved natural deduction
rules for linear-time logics by introducing a new temporal operator that allows
us to formalize the "history" of until, i.e., the "internal" universal
quantification over the time instants between the current one and w'. This
approach provides the basis for formalizing deduction systems for temporal
logics endowed with the until operator. For concreteness, we give here a
labeled natural deduction system for a linear-time logic endowed with the new
operator and show that, via a proper translation, such a system is also sound
and complete with respect to the linear temporal logic LTL with until.Comment: 24 pages, full version of paper at Methods for Modalities 2009
(M4M-6
Verifying the Interplay of Authorization Policies and Workflow in Service-Oriented Architectures (Full version)
A widespread design approach in distributed applications based on the
service-oriented paradigm, such as web-services, consists of clearly separating
the enforcement of authorization policies and the workflow of the applications,
so that the interplay between the policy level and the workflow level is
abstracted away. While such an approach is attractive because it is quite
simple and permits one to reason about crucial properties of the policies under
consideration, it does not provide the right level of abstraction to specify
and reason about the way the workflow may interfere with the policies, and vice
versa. For example, the creation of a certificate as a side effect of a
workflow operation may enable a policy rule to fire and grant access to a
certain resource; without executing the operation, the policy rule should
remain inactive. Similarly, policy queries may be used as guards for workflow
transitions.
In this paper, we present a two-level formal verification framework to
overcome these problems and formally reason about the interplay of
authorization policies and workflow in service-oriented architectures. This
allows us to define and investigate some verification problems for SO
applications and give sufficient conditions for their decidability.Comment: 16 pages, 4 figures, full version of paper at Symposium on Secure
Computing (SecureCom09
- …