An official website of the United States government
Trigger-Action platforms are web-based systems that enable users to create automation rules by stitching together online services representing digital and physical resources using OAuth tokens. Unfortunately, these platforms introduce a longrange large-scale security risk: If they are compromised, an attacker can misuse the OAuth tokens belonging to a large number of users to arbitrarily manipulate their devices and data. We introduce Decentralized Action Integrity, a security principle that prevents an untrusted trigger-action platform from misusing compromised OAuth tokens in ways that are inconsistent with any given user’s set of trigger-action rules. We present the design and evaluation of Decentralized Trigger-Action Platform (DTAP), a trigger-action platform that implements this principle by overcoming practical challenges. DTAP splits currently monolithic platform designs into an untrusted cloud service, and a set of user clients (each user only trusts their client). Our design introduces the concept of Transfer Tokens (XTokens) to practically use finegrained rule-specific tokens without increasing the number of OAuth permission prompts compared to current platforms. Our evaluation indicates that DTAP poses negligible overhead: it adds less than 15ms of latency to rule execution time, and reduces throughput by 2.5%.
more »
« less
Action priors for large action spaces in robotics
More Like this
-
-
This paper presents a novel semantics for the mA* epistemic action language that takes into consideration dynamic per-agent observability of events. Different from the original mA* semantics, the observability of events is defined locally at the level of possible worlds, giving a new method for compiling event models. Locally defined observability represents agents' uncertainty and false-beliefs about each others' ability to observe events. This allows for modeling second-order false-belief tasks where one agent does not know the truth about another agent's observations and resultant beliefs. The paper presents detailed constructions of event models for ontic, sensing, and truthful announcement action occurrences and proves various properties relating to agents' beliefs after the execution of an action. It also shows that the proposed approach can model second order false-belief tasks and satisfies the robustness and faithfulness criteria discussed by Bolander (2018, https://doi.org/10.1007/978-3-319-62864-6_8).more » « less
-
Computer scientists are well-versed in dealing with data structures. The same cannot be said about their dual: codata. Even though codata is pervasive in category theory, universal algebra, and logic, the use of codata for programming has been mainly relegated to representing infinite objects and processes. Our goal is to demonstrate the benefits of codata as a general-purpose programming abstraction independent of any specific language: eager or lazy, statically or dynamically typed, and functional or object-oriented. While codata is not featured in many programming languages today, we show how codata can be easily adopted and implemented by offering simple inter-compilation techniques between data and codata. We believe codata is a common ground between the functional and object-oriented paradigms; ultimately, we hope to utilize the Curry-Howard isomorphism to further bridge the gap.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- The DOI is not currently available.
