An official website of the United States government
Privacy technologies support the provision of online services while protecting user privacy. Cryptography lies at the heart of many such technologies, creating remarkable possibilities in terms of functionality while offering robust guarantees of data confidential- ity. The cryptography literature and discourse often represent that these technologies eliminate the need to trust service providers, i.e., they enable users to protect their privacy even against untrusted service providers. Despite their apparent promise, privacy technolo- gies have seen limited adoption in practice, and the most successful ones have been implemented by the very service providers these technologies purportedly protect users from. The adoption of privacy technologies by supposedly adversarial service providers highlights a mismatch between traditional models of trust in cryptography and the trust relationships that underlie deployed technologies in practice. Yet this mismatch, while well known to the cryptography and privacy communities, remains rela- tively poorly documented and examined in the academic literature— let alone broader media. This paper aims to fill that gap. Firstly, we review how the deployment of cryptographic tech- nologies relies on a chain of trust relationships embedded in the modern computing ecosystem, from the development of software to the provision of online services, that is not fully captured by tra- ditional models of trust in cryptography. Secondly, we turn to two case studies—web search and encrypted messaging—to illustrate how, rather than removing trust in service providers, cryptographic privacy technologies shift trust to a broader community of secu- rity and privacy experts and others, which in turn enables service providers to implicitly build and reinforce their trust relationship with users. Finally, concluding that the trust models inherent in the traditional cryptographic paradigm elide certain key trust relation- ships underlying deployed cryptographic systems, we highlight the need for organizational, policy, and legal safeguards to address that mismatch, and suggest some directions for future work.
more »
« less
Automating the Search and Discovery of Manufacturing Service Providers to Enable a Digital Supply Chain Network
Uncertainty in manufacturing networks has created barriers to closing the gap between design enterprises and the American industrial base. Uncertainty arises from the lack of transparent access to manufacturer capabilities, the inability to auto-discover service providers who are best capable for a given job request, and the dependence on human word-of-mouth trust network relationships that exist in the manufacturing supply chain. This uncertainty slows down the pace of product development lifecycles from a viewpoint of inefficient forms of supplier assessment, vetting, selection, and compliance, leading to a trust tax tacked onto the final price of products. In times of global crisis such as the coronavirus disease pandemic, this uncertainty also leads to inefficient forms of gathering information on manufacturing capability, available capacity, and registered licenses and assessing compliance. This technical note outlines solution pathways that can help ease the search and discovery process of connecting clients and manufacturing service providers through digitally enabled technologies.
more »
« less
- Award ID(s):
- 1937043
- PAR ID:
- 10290814
- Date Published:
- Journal Name:
- Smart and sustainable manufacturing systems
- ISSN:
- 2520-6478
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Joe Calandrino and Carmela Troncoso (Ed.)As service providers are moving to the cloud, users are forced to provision sensitive data to the cloud. Confidential computing leverages hardware Trusted Execution Environment (TEE) to protect data in use, no longer requiring users’ trust to the cloud. The emerging service model, Confidential Computing as a Service (CCaaS), is adopted by service providers to offer service similar to the Function-as-a-Serivce manner. However, privacy concerns are raised in CCaaS, especially in multi-user scenarios. CCaaS need to assure the data providers that the service does not leak their privacy to any unauthorized parties and clear their data after the service. To address such privacy concerns with security guarantees, we first formally define the security objective, Proof of Being Forgotten (PoBF), and prove under which security constraints PoBF can be satisfied. Then, these constraints serve as guidelines in the implementation of the PoBF-compliant Framework (PoCF). PoCF consists of a generic library for different hardware TEEs, CCaaS prototype enclaves, and a verifier to prove PoBF-compliance. PoCF leverages Rust’s robust type system and security features, to construct a verified state machine with privacy-preserving contracts. Last, the experiment results show that the protections introduced by PoCF incur minor runtime performance overhead.more » « less
-
Security is a critical concern in shared spectrum environments. In additional to degrading service, attacks can influence the market interactions between competing service providers (SPs). This paper investigates these interactions by considering two SPs engaged in Cournot competition while utilizing both proprietary and shared spectrum, with shared spectrum available in either licensed or open-access forms. Additionally, we assume the presence of an attacker whose objective is to deny service to one or more of the shared bands for a fraction of the time, consequently reducing the overall total revenue. We analyze the optimal forms of attacks under different attacker objectives and their repercussions on the resulting market equilibrium. Utilizing these analyses, we compare the impacts of various spectrum sharing approaches (licensed and open access) and differing amounts of spectrum holdings of the two providers.more » « less
-
Existing End-to-End secure messaging applications trust a single service provider to deliver messages in a consistent order to a consistent group of conversation members. We propose a protocol that removes this single point of failure by using multiple service providers, enforcing conversation integrity as long as one service provider out of N behave honestly. However, this approach could potentially increase the number of entities that learn the metadata for a conversation. In this work we discuss the challenges and provide a protocol that limits the metadata leakage to that of existing messaging applications while still providing strong conversation integrity.more » « less
-
Collaborative robots that work alongside humans will experience service breakdowns and make mistakes. These robotic failures can cause a degradation of trust between the robot and the community being served. A loss of trust may impact whether a user continues to rely on the robot for assistance. In order to improve the teaming capabilities between humans and robots, forms of communication that aid in developing and maintaining trust need to be investigated. In our study, we identify four forms of communication which dictate the timing of information given and type of initiation used by a robot. We investigate the effect that these forms of communication have on trust with and without robot mistakes during a cooperative task. Participants played a memory task game with the help of a humanoid robot that was designed to make mistakes after a certain amount of time passed. The results showed that participants' trust in the robot was better preserved when that robot offered advice only upon request as opposed to when the robot took initiative to give advice.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Journal Article:
- https://doi.org/doi.org/10.1520/SSMS20200061
