Jacek Jonczy's Publications

Generic Frameworks for the Analysis of Dependable Systems: Algebraic Path Problems, Reliability, and Diagnostics.

Mon, 26 October 2009 00:00:00 +0100

J. Jonczy [pdf] [bib]
PhD thesis, Institute of Computer Science and Applied Mathematics, University of Berne, Switzerland, October 2009.

Abstract. The emergence of complex or dependable systems has triggered much research activity in the past decades in the development of models and methods for their analysis. The dependability of a system refers to its trustworthiness or reliability with respect to an imposed operational requirement, or the system's ability of service provision. The complexity of a system is a structural property, which characterizes the difficulty of inferring the system operation from the operation of all interconnected components that make up the whole system. In this thesis, we approach the analysis of such systems from three different perspectives: (1) algebraic path problems, (2) reliability theory, and (3) diagnostics. We highlight the close relationships between these research fields and also establish new links.

Various authors have shown that many graph and network related problems, such as computation of optimal paths, maximum flow, or transitive closure, share the same fundamental operations, leading to an underlying algebraic structure. This has lead to a generalized formulation of path problems which is commonly referred to as algebraic path problem (APP). Inspired by the APP, we establish in this thesis a generic framework for path problems, based on an algebraic structure called path algebra. We provide a general catalogue of fundamental path problems encountered in the context of path finding problems in graphs as well as network reliability. An algebraic, thus generic definition of path problems allows at the same time for generic solution methods. We study existing algorithms and propose a new method, in which a given network is compiled into an intermediate representation, allowing more flexibility with respect to solving different path problems. Moreover, we derive so-called path algebra valuations, which implies the possibility to employ local computation for solving certain path problems. It turns out that computing network reliability is also a particular path problem instance, which establishes the connection to reliability theory.

The study of discrete and static models for reliability analysis and diagnostics of stochastic binary systems constitutes the second part of the thesis. In such models, the structure function plays a central role: it establishes the connection between the system operation and the operation of its constituent elements. An optimal representation of the structure function is crucial for efficient exact reliability computation. Therefore, we make use of recent developments in the area of knowledge representation for efficiently representing and manipulating structure functions. The employed method is superior to similar existing methods used for this purpose. Based on this computational framework, we study two common kinds of systems: (a) modular systems and (b) reliability networks. The tree structure of modular systems has beneficial properties: it allows for efficient reliability computation, which is only bound by the size of the largest module. For diagnostics, we follow a Bayesian approach and we propose an incremental top-down method, which is more efficient and more reliable than most traditional model-based approaches are, since it makes explicitly use of the modular structure. For computing network reliability, we use our generic path problem framework to generate structure functions with respect to various connectivity-based measures. Furthermore, we introduce a hybrid system model, which relaxes the atomicity requirement of components, and allows therewith for arbitrary complex subsystems, consisting of interleaved modules and networks.

Besides the aforementioned reliability models, the thesis also studies two extensions, namely multistate systems and multilayer networks. For multistate systems, we propose a compact structure function representation based on a generalization of the Boolean representation language used before. Furthermore, we introduce a model for multilayer reliability networks, from which four more specific models are derived.

In a third part, we introduce a new modeling language for the specification and evaluation (reliability and diagnostics) of modular systems, networks, and hybrid systems. The language is inspired by the formal reliability model used the thesis. Its main focus is on providing an intuitive interface for system description: the program structure should reflect the original system structure as much as possible. Moreover, a prototype interpreter for the language is provided, implementing the proposed reliability models.

Network Reliability Evaluation with Propositional Directed Acyclic Graphs.

October 2008 00:00:00 +0100

J. Jonczy and R. Haenni [pdf] [bib]
Advances in Mathematical Modeling for Reliability, pages 25-31, IOS Press, T. Bedford, J. Quigley, L. Walls, B. Alkali, A. Daneshkhah, and G. Hardman, Editors. 2008.

Abstract. This paper proposes a new and flexible approach for network reliability computation. The method is based on Propositional Directed Acyclic Graphs (PDAGs), a general graph-based language for the representation of Boolean functions. We introduce an algorithm which creates in polynomial time a generic structure function representation for reliability networks. In contrast to many existing methods, our method does not rely on the enumeration of all mincuts or minpaths, which may be infeasible in practice. From this representation, we can then derive the structure functions for different network reliability problems. Based on the compact PDAG representation, we can both compute the exact reliability or estimate the reliability by means of an approximation method.

A New Approach to Network Reliability.

Sun, 1 Jul 2007 00:00:00 +0100

J. Jonczy and R. Haenni [pdf] [bib]
MMR'07, 5th International Conference on Mathematical Methods In Reliability, Glasgow, U.K., July 1 - 4, 2007.

Abstract. This paper proposes a new and flexible approach for network reliability computation. The method is based on Propositional Directed Acyclic Graphs (PDAGs), a general and flexible graph-based language for the representation of Boolean functions. We introduce an algorithm which creates in polynomial time a generic structure function representation for reliability networks by PDAGs. In contrast to many existing methods, our method does not rely on the enumeration of all mincuts or minpaths, which may be infeasible in practice. From this representation, we can then derive the structure functions for different network reliability problems. Based on the compact PDAG representation, we can both compute the exact reliability and estimate the reliability by means of an approximation method.

A Probabilistic Trust Model for GnuPG.

Sun, 15 Oct 2006 00:00:00 +0100

J. Jonczy, M. Wüthrich, and R. Haenni [pdf] [bib]
23C3, 23rd Chaos Communication Congress, pages 61-66, Berlin, Germany, December 27 - 30 , 2006.

Abstract. Trust networks are possible solutions for the key authenticity problem in a decentralized public-key infrastructure. A particular trust model, the so-called Web of Trust, has been proposed for and is implemented in the popular e-mail encryption software PGP and its open source derivatives like GnuPG. In this paper, we investigate the drawbacks and weaknesses of the current PGP and GnuPG trust model, and we propose a new approach to handle trust and key validity in a more sophisticated way. A prototype of our solution has been implemented and tested with the current GnuPG release.

Towards Precise Semantics for Authenticity and Trust.

Tue, 27 Jun 2006 00:00:00 +0100

R. Kohlas, J. Jonczy, and R. Haenni [pdf] [bib]
PST'06, 4th Annual Conference on Privacy, Security and Trust, pages 124-134, Toronto, Canada, October 30 - November 1, 2006.

Abstract. In an a priori anonymous digitized world, notions such as authenticity and trust are of paramount importance. Unfortunately, the exact meaning of such key terms has never been consistently defined, and they are often used in an ambiguous way. In this paper, we introduce a new model for representing these fundamental notions in the context of rating systems in e-business applications as well as for public-key certification. When applied to existing systems, its goal is to shed light on the implicit assumptions actually made by the participants. As an example, we show that for the rating system used in eBay, there are a number of such implicit assumptions on which the drawn conclusions depend. A second example is PGP, where it turns out that the meaning of the (syntactically well-defined) certificates is not entirely clear.

Reliability and Diagnostics of Modular Systems: a New Probabilistic Approach.

Tue, 27 Jun 2006 00:00:00 +0100

M. Wachter, R. Haenni, and J. Jonczy [pdf] [bib]
DX'06, 17th International Workshop on Principles of Diagnosis, pages 273-280, Peñaranda de Duero, Spain, June 26 - 28, 2006.

Abstract. Reliability theory and model-based diagnostics are two different, although closely related fields. Both have their own well-developed techniques and computational models, but their connection is rarely being pointed out. This paper starts from a common modular system description, whose underlying Boolean function is transformed into a compact graphical representation. The goal is to show how to use this technique for a probabilistic analysis of both the system's reliability and the diagnostic problem.

Evaluating Trust and Authenticity with CAUTION.

Tue, 16 May 2006 00:00:00 +0100

J. Jonczy [pdf] [bib]
iTrust'06, 4th International Conference on Trust Management, pages 449-453, Pisa, Italy, 2006.

Abstract. The purpose of this paper is to show how to use CAUTION, a tool for the specification and evaluation of credential networks. The resulting degrees of support and possibility allow to make decisions concerning the authenticity and/or trustworthiness of an unknown entity in an open network. The specification of a credential network and the subsequent computations will be illustrated by examples.

Implementing Credential Networks.

Tue, 16 May 2006 00:00:00 +0100

J. Jonczy and R. Haenni [pdf] [bib]
iTrust'06, 4th International Conference on Trust Management, pages 164-178, Pisa, Italy, 2006.

Abstract. Credential networks have recently been introduced as a general model for distributed authenticity and trust management in open networks. This paper focuses on issues related to the implementation of credential networks. It presents a system called CAUTION, which consists of a simple language to define credential networks and an underlying machinery to perform the evaluation. The paper also describes the necessary algorithms in further details.

Two-Layer Models for Managing Authenticity and Trust.

Thu, 20 Apr 2006 00:00:00 +0100

R. Haenni, J. Jonczy, and R. Kohlas [pdf] [bib]
Trust in E-Services: Technologies, Practices and Challenges, Chapter VI, R. Song and L. Korba and G. Yee, Editors. 2006.

Abstract. Participants of large open networks are usually unknown to each other. Questioning somebody's authenticity and trustworthiness is thus a natural reflex and an important security prerequisite. The resulting problem of properly managing authenticity and trust is an emerging research topic. This chapter proposes a common conceptual framework and compares it to several existing authenticity and trust models. The goal is to increase the awareness that authenticity and trust are not separable and to promote the corresponding two-layer requirement.

Credential Networks: a General Model for Distributed Trust and Authenticity Management.

Wed, 12 Oct 2005 00:00:00 +0100

J. Jonczy and R. Haenni [pdf] [bib]
PST'05, 3rd Annual Conference on Privacy, Security and Trust, pages 101-112, St. Andrews, Canada, 2005.

Abstract. In large open networks, handling trust and authenticity adequately is an important prerequisite for security. In a distributed approach, all network users are allowed to issue various types of credentials, e.g. certificates, recommendations, revocations, ratings, etc. This paper proposes such a distributed approach, in which the evaluation of trust and authenticity is based on so-called credential networks. The corresponding formal model includes many existing trust models as special cases.

Kredentialnetze: ein allgemeines Modell für den Umgang mit Vertrauen und Authentizität in verteilten Netzwerken.

Tue, 20 Sep 2005 00:00:00 +0100

J. Jonczy [pdf] [bib]
Masterthesis, University of Fribourg, Switzerland, September 2005.

Abstract. Bei verteilten Systemen und Anwendungen in modernen Rechnernetzen ist Sicherheit von zentraler Bedeutung. In diesem Zusammenhang spielen zwei Aspekte eine besonders wichtige Rolle, nämlich Vertrauen und Authentizität. Ein sorgfältig durchdachtes Management dieser Schlüsselaspekte ist eine notwendige Voraussetzung um die Sicherheit in grossen, inhärent unsicheren Netzwerken wie z.B. dem Internet zu gewährleisten.

In einem dezentralen Netzwerkmodell können sich die Benutzer untereinander bewerten. Diese Bewertungen kommen in Form von sog. Kredentialen, welches ein Überbegriff ist für verschiedene Arten von digital signierten Aussagen wie Zertifikate, Empfehlungen, Revokationen, Diskredite und kombinierte Bewertungen. In diesem Sinne präsentiert diese Arbeit einen neuen Ansatz, wobei Vertrauen und Authentizität basierend auf sog. Kredentialnetzwerken evaluiert werden. Dabei werden Maurers und Haennis Authentifizierungs- und Vertrauenskonzepte in das Modell eingebunden. Viele existierende Vertrauensmodelle, wie z.B. PGP Vetrauensnetze, sind im vorliegenden formalen Modell als Spezialfälle enthalten.

Ein weiterer Beitrag dieser Arbeit ist die Anwendung probabilistischen Argumentierens als geeignetes Instrument für die Evaluation von Kredentialnetzwerken. Zu diesem Zweck wurde gleichwohl ein Algorithmus entwickelt, der ein solches Netzwerk in ein probabilistisches Argumentationssystem übersetzt und anschliessend Argumente berechnet, welche für oder gegen die Authentizität und/oder Vertrauenswürdigkeit eines Benutzers sprechen. Der Algorithmus ist in ein System eingebunden, welches der Spezifikation und Evaluation eines Kredentialnetzwerks dient.