Lorenzo Ceragioli,Pierpaolo Degano,Letterio Galletta,Luca Viganò

2024-08-18

Abstract:In multiagent systems autonomous agents interact with each other to achieve individual and collective goals. Typical interactions concern negotiation and agreement on resource exchanges. Modeling and formalizing these agreements pose significant challenges, particularly in capturing the dynamic behaviour of agents, while ensuring that resources are correctly handled. Here, we propose exchange environments as a formal setting where agents specify and obey exchange policies, which are declarative statements about what resources they offer and what they require in return. Furthermore, we introduce a decidable extension of the computational fragment of linear logic as a fundamental tool for representing exchange environments and studying their dynamics in terms of provability.

Logic in Computer Science,Artificial Intelligence

Jian Liu,Wenting Li,Ghassan O. Karame,N. Asokan

DOI: https://doi.org/10.1109/msp.2018.2701163

IF: 3.105

2018-01-01

IEEE Security & Privacy

Abstract:Motivated by the great success and adoption of Bitcoin, a number of cryptocurrencies such as Litecoin, Dogecoin, and Ethereum are becoming increasingly popular. Although existing blockchain-based cryptocurrency schemes can ensure reasonable security for transactions, they do not consider any notion of fairness. Fair exchange allows two players to exchange digital "items", such as digital signatures, over insecure networks fairly, so that either each player gets the other's item, or neither player does. Given that blockchain participants typically do not trust each other, enabling fairness in existing cryptocurrencies is an essential but insufficiently explored problem. In this paper, we explore the solution space for enabling the fair exchange of a cryptocurrency payment for a receipt. We identify the timeliness of an exchange as an important property especially when one of the parties involved in the exchange is resource-constrained. We introduce the notion of strong timeliness for a fair exchange protocol and propose two fair payment-for-receipt protocol instantiations that leverage functionality of the blockchain to achieve strong timeliness. We implement both and compare their security and efficiency.

Peng Liu,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1109/WI.2005.2

2005-01-01

Abstract:Although several access control policies have been proposed for securing access to resources, they focused on security of distributed environments that were rather static. Nowadays distributed environment becomes open and dynamic. In this paper, we propose a formal language for access control policies in open and dynamic environment. The language is based on description logic program and generalized courteous logic program supporting classical negation, prioritized conflict handling and mutual exclusion constraints. The language allows the specification of positive and negative authorization, privilege delegation and revocation, prioritized conflict resolution and mutual authorization exclusions.

Ziyi Su,Frederique Biennier

DOI: https://doi.org/10.48550/arXiv.1305.1727

2013-05-08

Cryptography and Security

Abstract:In an open information systems paradigm, real-time context-awareness is vital for the success of cooperation, therefore dynamic security attributes of partners should considered in coalition for avoiding security conflicts. Furthermore, the cross-boundary asset sharing activities and risks associated to loss of governance call for a continuous regulation of partners' behavior, paying attention to the resource sharing and consuming activities. This paper describes an attribute-based usage control policy shceme compline to this needs. A concise syntax with EBNF is used to summarize the base policy model. The semantics of negotiation process is disambiguated with abductive constraint logic programming (ACLP) and Event Calculus (EC). Then we propose a policy ratification method based on a policy aggregation algebra that elaborate the request space and policy rule relation. This method ensures that, when policies are aggregated due to resource sharing and merging activities, the resulting policy correctly interprets the original security goals of the providers' policies.

袁平鹏,陈刚,董金祥

DOI: https://doi.org/10.3321/j.issn:1003-9775.2004.04.006

2004-01-01

Abstract:An access control paradigm composed of basic model and role model is proposed for collaborative applications. Basic model specifies the relationship among privileges and the way of ranking privileges. It relates privilege with operations on the objects, so the model appears more straightforward. Moreover, if Brokers' implementation permits, the model can support any grained access control. Role model re-defines the role concept of RBAC96, divides the permissions of role into public permissions, protect permissions and private permissions. It allows user to define roles more flexibly, prevents private permissions of roles from being inherited and reduces the definition of ancillary roles.

Lourens E. Veen,Sara Shakeri,Paola Grosso

DOI: https://doi.org/10.48550/arXiv.2210.17155

2022-10-31

Abstract:Secure, privacy-preserving sharing of scientific or business data is currently a popular topic for research and development, both in academia and outside of it. Systems have been proposed for sharing individual facts about individuals and sharing entire data sets, for sharing data through trusted third parties, for obfuscating sensitive data by anonymisation and homomorphic encryption, for distributed processing as in federated machine learning and secure multiparty computation, and for trading data access or ownership. However, these systems typically support only one of these solutions, while organisations often have a variety of data and use cases for which different solutions are appropriate. If a single system could be built that is flexible enough to support a variety of solutions, then administration would be greatly simplified and attack surfaces reduced. In this paper we present Mahiru, a design for a data exchange and processing system in which owners of data and software fully control their assets, users may submit a wide variety of processing requests including most of the above applications, and all parties collaborate to execute those requests in a distributed fashion, while ensuring that the policies are adhered to at all times. This is achieved through a federated, mostly decentralised architecture and a powerful policy mechanism designed to be easy to understand and simple to implement. We have created a proof-of-concept implementation of the system which is openly available and in continuous development, and which we aim to continue to extend with new functionality.

Distributed, Parallel, and Cluster Computing

Liang Zhang,Haibin Kan,Feiyang Qiu,Feng Hao

DOI: https://doi.org/10.1093/comjnl/bxad039

2023-01-01

Abstract:Fair exchange is a challenging problem for two mutually distrusting players. It is widely known that fair exchange is impossible without a trusted third party (TTP). However, relying on a single TTP can cause a single-point failure. An intuitive idea is to adopt multiple TTPs to distribute trust. This paper constructs a two-party optimistic fair exchange (OFE) protocol using decentralized ciphertext-policy attribute-based encryption (CP-ABE), achieving decentralized TTPs. This is achievable because decentralized CP-ABE ciphertext supports a nested access control policy. A nested access control policy fits perfectly in a fair exchange protocol which contains multiple roles (i.e. players and TTPs). Further, we apply non-interactive zero knowledge proofs to prove the well-formedness of ciphertexts, so as to enforce players to follow the protocol specification honestly. Consequently, we construct an OFE protocol in which each player's operations are publicly verifiable without revealing secret information. Also, we obtain decentralized TTPs with optimism (i.e. the TTPs are involved only when arbitration is required), autonomy (i.e. the TTPs do not need to interact with each other), statelessness (i.e. the TTPs do not need to store data for the exchange protocol) and verifiability (i.e. the TTPs are publicly verifiable). Compared with previous work, our protocol assumes only a public communication channel and each party's operations are publicly verifiable. Besides, it achieves a favorable $O(n)$ verification complexity in the normal case, where $n$ is the number of TTPs. Finally, we present a proof-of-concept implementation to demonstrate the feasibility.

Ghada Almashaqbeh,Sixia Chen,Alexander Russell

2024-08-03

Abstract:Layer-two blockchain protocols emerged to address scalability issues related to fees, storage cost, and confirmation delay of on-chain transactions. They aggregate off-chain transactions into a fewer on-chain ones, thus offering immediate settlement and reduced transaction fees. To preserve security of the underlying ledger, layer-two protocols often work in a collateralized model; resources are committed on-chain to backup off-chain activities. A fundamental challenge that arises in this setup is determining a policy for establishing, committing, and replenishing the collateral in a way that maximizes the value of settled transactions. In this paper, we study this problem under two settings that model collateralized layer-two protocols. The first is a general model in which a party has an on-chain collateral C with a policy to decide on whether to settle or discard each incoming transaction. The policy also specifies when to replenish C based on the remaining collateral value. The second model considers a discrete setup in which C is divided among k wallets, each of which is of size C/k, such that when a wallet is full, and so cannot settle any incoming transactions, it will be replenished. We devise several online policies for these models, and show how competitive they are compared to optimal (offline) policies that have full knowledge of the incoming transaction stream. To the best of our knowledge, we are the first to study and formulate online competitive policies for collateral and wallet management in the blockchain setting.

Data Structures and Algorithms

Davide Basile,Claudio Di Ciccio,Valerio Goretti,Sabrina Kirrane

DOI: https://doi.org/10.3389/fbloc.2023.1141909

2023-04-25

Abstract:Decentralization initiatives such as Solid and ActivityPub aim to give data owners more control over their data and to level the playing field by enabling small companies and individuals to gain access to data, thus stimulating innovation. However, these initiatives typically employ access control mechanisms that cannot verify compliance with usage conditions after access has been granted to others. In this paper, we extend the state of the art by proposing a resource governance conceptual framework, entitled ReGov, that facilitates usage control in decentralized web environments. We subsequently demonstrate how our framework can be instantiated by combining blockchain and trusted execution environments. Through blockchain technologies, we record policies expressing the usage conditions associated with resources and monitor their compliance. Our instantiation employs trusted execution environments to enforce said policies, inside data consumers' devices.} We evaluate the framework instantiation through a detailed analysis of requirements derived from a data market motivating scenario, as well as an assessment of the security, privacy, and affordability aspects of our proposal.

Networking and Internet Architecture

Andrea Aler Tubella,Dimitri Coelho Mollo,Adam Dahlgren Lindström,Hannah Devinney,Virginia Dignum,Petter Ericson,Anna Jonsson,Timotheus Kampik,Tom Lenaerts,Julian Alfredo Mendez,Juan Carlos Nieves

2023-04-20

Abstract:Fairness is central to the ethical and responsible development and use of AI systems, with a large number of frameworks and formal notions of algorithmic fairness being available. However, many of the fairness solutions proposed revolve around technical considerations and not the needs of and consequences for the most impacted communities. We therefore want to take the focus away from definitions and allow for the inclusion of societal and relational aspects to represent how the effects of AI systems impact and are experienced by individuals and social groups. In this paper, we do this by means of proposing the ACROCPoLis framework to represent allocation processes with a modeling emphasis on fairness aspects. The framework provides a shared vocabulary in which the factors relevant to fairness assessments for different situations and procedures are made explicit, as well as their interrelationships. This enables us to compare analogous situations, to highlight the differences in dissimilar situations, and to capture differing interpretations of the same situation by different stakeholders.

Computers and Society,Artificial Intelligence

Daniele Pusceddu,Massimo Bartoletti

DOI: https://doi.org/10.48550/arXiv.2402.06064

2024-02-09

Abstract:Automated Market Makers (AMMs) are an integral component of the decentralized finance (DeFi) ecosystem, as they allow users to exchange crypto-assets without the need for trusted authorities or external price oracles. Although these protocols are based on relatively simple mechanisms, e.g., to algorithmically determine the exchange rate between crypto-assets, they give rise to complex economic behaviours. This complexity is witnessed by the proliferation of models that study their structural and economic properties. Currently, most of theoretical results obtained on these models are supported by pen-and-paper proofs. This work proposes a formalization of constant-product AMMs in the Lean 4 Theorem Prover. To demonstrate the utility of our model, we provide mechanized proofs of key economic properties like arbitrage, that at the best of our knowledge have only been proved by pen-and-paper before.

Logic in Computer Science,Computational Engineering, Finance, and Science,Computer Science and Game Theory

Edoardo Marangone,Claudio Di Ciccio,Daniele Friolo,Eugenio Nerio Nemmi,Daniele Venturi,Ingo Weber

2023-09-21

Abstract:Blockchain technology is apt to facilitate the automation of multi-party cooperations among various players in a decentralized setting, especially in cases where trust among participants is limited. Transactions are stored in a ledger, a replica of which is retained by every node of the blockchain network. The operations saved thereby are thus publicly accessible. While this aspect enhances transparency, reliability, and persistence, it hinders the utilization of public blockchains for process automation as it violates typical confidentiality requirements in corporate settings. To overcome this issue, we propose our approach named Multi-Authority Approach to Transaction Systems for Interoperating Applications (MARTSIA). Based on Multi-Authority Attribute-Based Encryption (MA-ABE), MARTSIA enables read-access control over shared data at the level of message parts. User-defined policies determine whether an actor can interpret the publicly stored information or not, depending on the actor's attributes declared by a consortium of certifiers. Still, all nodes in the blockchain network can attest to the publication of the (encrypted) data. We provide a formal analysis of the security guarantees of MARTSIA, and illustrate the proof-of-concept implementation over multiple blockchain platforms. To demonstrate its interoperability, we showcase its usage in ensemble with a state-of-the-art blockchain-based engine for multi-party process execution, and three real-world decentralized applications in the context of NFT markets, supply chain, and retail.

Cryptography and Security,Software Engineering

Wenyi Fang,Pingzhong Tang,Song Zuo

DOI: https://doi.org/10.5555/2936924.2937118

2016-01-01

Abstract:Over the past decade, computer-automated barter exchange has become one of the most successful applications at the intersection of AI and economics. Standard exchange models, such as house allocation and kidney exchange cannot be applied to an emerging industrial application, coined digital good exchange , where an agent still possesses her initial endowment after exchanging with others. However, her valuation toward her endowment decreases as it is possessed by more agents. We put forward game theoretical models tailored for digital good exchange. In the first part of the paper, we first consider a natural class of games where agents can choose either a subset of other participants' items or no participation at all. It turns out that this class of games can be modeled as a variant of congestion games. We prove that it is in general NP-complete to determine whether there exists a non-trivial pure Nash equilibrium where at least some agent chooses a nonempty subset of items. However, we show that there exist non-trivial Pure Nash equilibria for subsets of games and put forward efficient algorithms to find such equilibria. In the second part of the paper, we investigate digital good exchange from a mechanism design perspective. We ask if there is a truthful mechanism in this setting that can achieve good social welfare guarantee. To this end, we design a randomized fixed-price-exchange mechanism that is individually rational and truthful, and for two-player case yields a tight log-approximation with respect to any individually rational allocation.

Vasilios Mavroudis,Hayden Melton

DOI: https://doi.org/10.48550/arXiv.1910.00321

2019-10-01

Cryptography and Security

Abstract:While historically, economists have been primarily occupied with analyzing the behaviour of the markets, electronic trading gave rise to a new class of unprecedented problems associated with market fairness, transparency and manipulation. These problems stem from technical shortcomings that are not accounted for in the simple conceptual models used for theoretical market analysis. They, thus, call for more pragmatic market design methodologies that consider the various infrastructure complexities and their potential impact on the market procedures. First, we formally define temporal fairness and then explain why it is very difficult for order-matching policies to ensure it in continuous markets. Subsequently, we introduce a list of system requirements and evaluate existing "fair" market designs in various practical and adversarial scenarios. We conclude that they fail to retain their properties in the presence of infrastructure inefficiencies and sophisticated technical manipulation attacks. Based on these findings, we then introduce Libra, a "fair" policy that is resilient to gaming and tolerant of technical complications. Our security analysis shows that it is significantly more robust than existing designs, while Libra's deployment (in a live foreign currency exchange) validated both its considerably low impact on the operation of the market and its ability to reduce speed-based predatory trading.

Mario Ghossoub,Giulio Principi,Ruodu Wang

2024-04-17

Abstract:The classical theory of efficient allocations of an aggregate endowment in a pure-exchange economy has hitherto primarily focused on the Pareto-efficiency of allocations, under the implicit assumption that transfers between agents are frictionless, and hence costless to the economy. In this paper, we argue that certain transfers cause frictions that result in costs to the economy. We show that these frictional costs are tantamount to a form of subadditivity of the cost of transferring endowments between agents. We suggest an axiomatic study of allocation mechanisms, that is, the mechanisms that transform feasible allocations into other feasible allocations, in the presence of such transfer costs. Among other results, we provide an axiomatic characterization of those allocation mechanisms that admit representations as robust (worst-case) linear allocation mechanisms, as well as those mechanisms that admit representations as worst-case conditional expectations. We call the latter Robust Conditional Mean Allocation mechanisms, and we relate our results to the literature on (decentralized) risk sharing within a pool of agents.

Computer Science and Game Theory,Theoretical Economics,Functional Analysis,Risk Management

Hannaneh Akrami,Bhaskar Ray Chaudhury,Jugal Garg,Aniket Murhekar

2024-12-03

Abstract:The immense success of ML systems relies heavily on large-scale, high-quality data. The high demand for data has led to many paradigms that involve selling, exchanging, and sharing data, motivating the study of economic processes with data as an asset. However, data differs from classical economic assets in terms of free duplication: there is no concept of limited supply since it can be replicated at zero marginal cost. This distinction introduces fundamental differences between economic processes involving data and those concerning other assets. We study a parallel to exchange (Arrow-Debreu) markets where data is the asset. Here, agents with datasets exchange data fairly and voluntarily, aiming for mutual benefit without monetary compensation. This framework is particularly relevant for non-profit organizations that seek to improve their ML models through data exchange, yet are restricted from selling their data for profit. We propose a general framework for data exchange, built on two core principles: (i) fairness, ensuring that each agent receives utility proportional to their contribution to others; contributions are quantifiable using standard credit-sharing functions like the Shapley value, and (ii) stability, ensuring that no coalition of agents can identify an exchange among themselves which they unanimously prefer to the current exchange. We show that fair and stable exchanges exist for all monotone continuous utility functions. Next, we investigate the computational complexity of finding approximate fair and stable exchanges. We present a local search algorithm for instances with monotone submodular utility functions, where each agent contributions are measured using the Shapley value. We prove that this problem lies in CLS under mild assumptions. Our framework opens up several intriguing theoretical directions for research in data economics.

Computer Science and Game Theory

Leonidas Georgiadis,George Iosifidis,Leandros Tassiulas

DOI: https://doi.org/10.48550/arXiv.1504.02052

2015-04-09

Abstract:Exchange of services and resources in, or over, networks is attracting nowadays renewed interest. However, despite the broad applicability and the extensive study of such models, e.g., in the context of P2P networks, many fundamental questions regarding their properties and efficiency remain unanswered. We consider such a service exchange model and analyze the users' interactions under three different approaches. First, we study a centrally designed service allocation policy that yields the fair total service each user should receive based on the service it others to the others. Accordingly, we consider a competitive market where each user determines selfishly its allocation policy so as to maximize the service it receives in return, and a coalitional game model where users are allowed to coordinate their policies. We prove that there is a unique equilibrium exchange allocation for both game theoretic formulations, which also coincides with the central fair service allocation. Furthermore, we characterize its properties in terms of the coalitions that emerge and the equilibrium allocations, and analyze its dependency on the underlying network graph. That servicing policy is the natural reference point to the various mechanisms that are currently proposed to incentivize user participation and improve the efficiency of such networked service (or, resource) exchange markets.

Computer Science and Game Theory

Deirdre K. Mulligan,Joshua A. Kroll,Nitin Kohli,Richmond Y. Wong

DOI: https://doi.org/10.1145/3359221

2019-09-26

Abstract:The explosion in the use of software in important sociotechnical systems has renewed focus on the study of the way technical constructs reflect policies, norms, and human values. This effort requires the engagement of scholars and practitioners from many disciplines. And yet, these disciplines often conceptualize the operative values very differently while referring to them using the same vocabulary. The resulting conflation of ideas confuses discussions about values in technology at disciplinary boundaries. In the service of improving this situation, this paper examines the value of shared vocabularies, analytics, and other tools that facilitate conversations about values in light of these disciplinary specific conceptualizations, the role such tools play in furthering research and practice, outlines different conceptions of "fairness" deployed in discussions about computer systems, and provides an analytic tool for interdisciplinary discussions and collaborations around the concept of fairness. We use a case study of risk assessments in criminal justice applications to both motivate our effort--describing how conflation of different concepts under the banner of "fairness" led to unproductive confusion--and illustrate the value of the fairness analytic by demonstrating how the rigorous analysis it enables can assist in identifying key areas of theoretical, political, and practical misunderstanding or disagreement, and where desired support alignment or collaboration in the absence of consensus.

Computers and Society,Human-Computer Interaction

Ashish Hooda,Rishabh Khandelwal,Prasad Chalasani,Kassem Fawaz,Somesh Jha

2024-08-27

Abstract:Privacy policies are crucial in the online ecosystem, defining how services handle user data and adhere to regulations such as GDPR and CCPA. However, their complexity and frequent updates often make them difficult for stakeholders to understand and analyze. Current automated analysis methods, which utilize natural language processing, have limitations. They typically focus on individual tasks and fail to capture the full context of the policies. We propose PolicyLR, a new paradigm that offers a comprehensive machine-readable representation of privacy policies, serving as an all-in-one solution for multiple downstream tasks. PolicyLR converts privacy policies into a machine-readable format using valuations of atomic formulae, allowing for formal definitions of tasks like compliance and consistency. We have developed a compiler that transforms unstructured policy text into this format using off-the-shelf Large Language Models (LLMs). This compiler breaks down the transformation task into a two-stage translation and entailment procedure. This procedure considers the full context of the privacy policy to infer a complex formula, where each formula consists of simpler atomic formulae. The advantage of this model is that PolicyLR is interpretable by design and grounded in segments of the privacy policy. We evaluated the compiler using ToS;DR, a community-annotated privacy policy entailment dataset. Utilizing open-source LLMs, our compiler achieves precision and recall values of 0.91 and 0.88, respectively. Finally, we demonstrate the utility of PolicyLR in three privacy tasks: Policy Compliance, Inconsistency Detection, and Privacy Comparison Shopping.

Cryptography and Security,Computation and Language

Robert Gorwa,Michael Veale

DOI: https://doi.org/10.1080/17579961.2024.2388914

2024-09-12

Abstract:The AI development community is increasingly making use of hosting intermediaries such as Hugging Face provide easy access to user-uploaded models and training data. These model marketplaces lower technical deployment barriers for hundreds of thousands of users, yet can be used in numerous potentially harmful and illegal ways. In this article, we explain ways in which AI systems, which can both `contain' content and be open-ended tools, present one of the trickiest platform governance challenges seen to date. We provide case studies of several incidents across three illustrative platforms -- Hugging Face, GitHub and Civitai -- to examine how model marketplaces moderate models. Building on this analysis, we outline important (and yet nevertheless limited) practices that industry has been developing to respond to moderation demands: licensing, access and use restrictions, automated content moderation, and open policy development. While the policy challenge at hand is a considerable one, we conclude with some ideas as to how platforms could better mobilize resources to act as a careful, fair, and proportionate regulatory access point.

Computers and Society,Artificial Intelligence,Machine Learning