[PCOG] YEARLY TEAM MEETING 2017pcog.uni.lu/Presentations/Team_Meeting_2017/Wassim.pdf · • Real time Quality of Service (QoS) based dataset for seven different Cloud storage i.e

Joint International Doctoral (Ph.D.) Degree in Law, Science and Technology

[PCOG] YEARLY TEAM MEETING 2017

Muhammad Umer Wasim

Main Supervisor: Pascal Bouvry, University of Luxembourg (Luxembourg)

Co- supervisor : Tadas Limba, Mykolas Romeris University (Lithuania)

Design and Implementation of Legal Protection for Trade Secrets

in Cloud Brokerage Architectures relying on Blockchains


Research Problem Can be any thing that company hides:

Formula, customer list, business model,

practice, process, contracts, design,

instrument, pattern, commercial method, or

compilation of information etc.

NOT TRUE when data is public PeopleBrowsr, Inc. v. Twitter, Inc

TRUE when data is not public Tiffany (NJ), Inc. v. eBay, Inc.

Problem: In Cloud context, proving misappropriation or allegation (refer to

burden of proof) could be very complex (JetBlue Airways Corp. Privacy Litigation)

Solution: To provide legal protection as preemptive measure rather waiting for

litigation to unfold (to reduce burden of proof)


Research Question

• e-Privacy Information Center (EPIC) v. Department of Homeland Security (DHS): DHS installed body scanners at airports in USA. EPIC: This body scan is a

violation of privacy, as it is like watching a person without cloths

• TSA (a component of DHS) proclaimed that its whole body imaging technology incorporates a privacy algorithm that eliminates much

of the detail shown in the images of the individual while still being effective

from security standpoint

• Privacy algorithm is an example of legal protection implemented as

preemptive measure and reduced burden of proof in court of law

How an online Broker can provide legal protection to a

trade secret in the Cloud and could effectively reduce

burden of proof in the court of law?

In the Cloud, preemptive measure are implemented by online Broker


Literature Review & Research Gap

Law (Legal Protection for Trade Secret in Cloud) and ICT (Online Broker)

Literature Review (Law): In the domain of “Case Law”, precedents set by previous

court rulings were identified

How online Broker can assess Structure Significance of Criteria?

For Cloud based misappropriation claim, plaintiff must establish three things in court of law

Presence: it’s a proof of

data in the Cloud to be a

trade secret

Confidentiality: it’s a proof for

reasonable efforts made by the

owner to protect trade secret in

the Cloud

Misappropriation: it’s a

proof for misappropriation of

a trade secret by using BDA

Confidentiality that in the court of law is partially related to selection of relevant criteria (e.g.

encryption or access management) for protection of trade secret in the Cloud (statistically,

relevance of criteria as per goal is its structural significance)


Literature Review & Research Gap

Literature Review (ICT): Systematic review

• Analytic Hierarchy Process (AHP) and Technique for Order of Preference

by Similarity to Ideal Solution (TOPSIS) are the most prevalent techniques

used by online Brokers in the Cloud

• Both of these techniques assume structural significance for criteria (owning

to subjective judgments of the decision maker)

On-line Broker

16 models 6 models

Data Mining

2010 2013 201720132017

[25]AHP[26]AHP

[27]DEMATEL, ANP, VIKOR

[28, 29]Fuzzy

PROMETHEE[30]

[31]AHP, TOPSIS

[32]TOPSIS, ANP

[33]TOPSIS VIKOR

[34. 35]AHP AHP[36]TOPSIS [37]

[38]TOPSIS

[39]Fuzzy

AHP, TOPSIS[31]

[20, 22]

[21]

[23]

[24]

Multi-criteria Decision Analysis

[17]


Proposed Method

• This research is first in line to propose model for online Brokers to assess

structural significance of criteria objectively and in doing so, it uses notion of

“factor loading” that belongs to broader concept of factor analysis from the

field of unsupervised machine learning

• Evaluation (two-stage procedure): stage one,

– Stage 1; a proof of concept example was presented to demonstrate how

to assess structural significance

– Stage 2: a comparative analysis is performed between proposed model

with the existing model

• Real time Quality of Service (QoS) based dataset for seven different Cloud

storage i.e. Carbonite, Dropbox, iBackup, JustCloud, SOS Online Backup,

SugarSync, and Zip Cloud, was used and results depict that the proposed

model yield more reliable results as compared to its counterparts in the field

Encryption

Audits

Firewall

Security


Proof of Cpt. & Comparative Asst.

Statistically, relevance of criteria as per

goal is its structural significance


Proof of Cpt. & Comparative Asst.


How an online Broker can provide legal protection to a trade secret in the

Cloud and could effectively reduce burden of proof in the court of law?

Law (Legal Protection for Trade Secret in Cloud) and ICT (Online Broker)

Assess Structure Significance of Criteria

For Cloud based misappropriation claim, plaintiff must establish three things in court of law

Presence: it’s a proof of

data in the Cloud to be a

trade secret

Confidentiality: it’s a proof for

reasonable efforts made by the

owner to protect trade secret in

the Cloud

Misappropriation: it’s a

proof for misappropriation of

a trade secret by using BDA

Confidentiality that in the court of law is partially related to selection of relevant criteria (e.g.

encryption or access management) for protection of trade secret in the Cloud (statistically,

relevance of criteria as per goal is its structural significance)

Encryption

Audits

Firewall

Security



RESEARCH QUESTION

Automate Role of the Court Over Blockchains Using Smart Contracts


RESEARCH OBJECTIVE Current research projects that are using smart contracts as underlying

technology ADEPT by IBM Slock.it Trans Active Grid and Filament;

have overlooked the need to instantiate role of judiciary over a

blockchain (→ initial level of multi-disciplinary research when it comes

to provisioning legal protection over a blockchain )

Aim of this part of research is to develop a model that can be implemented over the blockchain to automatically issue court injunction for the breach, which has a potential to create substantial damage and has high probability to occur in the future


Proposed Solution Unsupervised Machine Learning Algorithm

Probability based Factor Model (PFM)

Smart Contract for QoS

Condition

If latency of a cloud service goes beyond

a pre-defined threshold or throughput

falls below pre-defined threshold, the

client machine sends a maintenance

request.

Transaction

For sending the maintenance request, a

transaction is sent to the

request_service_function of the

Service_Smart_Contract between the

client machine and the service provider

machine.

PFM based Smart Contract for QoS

Condition (or Breach)

If latency of a cloud service goes beyond a pre-defined threshold or

throughput falls below pre-defined threshold, PFM at the client

machine applies following logical operations to send a injunction

request.

is a high significance of the breach

is a high probability of the breach

is a court injunction

Transaction

For sending the injunction request, a transaction is sent to the

request_service_function of the Breach_Service_Smart_Contract

between the client machine, the service provider, and the court of law.

INJ

INJINJ

→ To assess significance of breach, PFM uses notion of communality

(belongs to broader concept of factor analysis from the discipline of Data

Science)

→ To assess probability of breach, PFM uses notion of stochastic

modeling


EVALUATION AND RESULTS

• High performance computing (HPC) cluster at University of

Luxembourg (HPC @ Uni.lu) and docker were used to emulate

contractual environment of three service providers: Redis,

MongoDB, and Memcached Servers

– workload comprising of different number of operations ranging

from 0 to 10,000, number of records ranging from 0 to 10,000,

and number of threads ranging from 0 to 100

• Yahoo Cloud Service Benchmark (YCSB) was deployed at the

customer machine, to continuously monitor QoS of service providers

in terms of throughput (operations per second), read latency (time to

read data from database), and update latency (time to update data

in database)


YCSB (version 0.12.0) Monitoring

of Redis, MongoDB, and

Memcached


EVALUATION AND RESULTS

• The breach of contract was emulated by increasing the workload to

influence throughput, read latency, and update latency of service

providers

– Python (for scripting) and R/R Studio (for data visualization)

were used to identify the breach and consequently, PFM was

activated to issue a court injunction. The data analysis tools that

assisted PFM were: Arena Input analyzer, STATA, IBM

Statistical Analysis Software Package (SPSS), and Microsoft

Excel


QoS of service providers in terms of

throughput (operations per second),

read latency (time to read data from

database), and update latency (time to

update data in database)


CONCLUSION AND FUTURE

RESEARCH • Results showed that the court injunction(s) was issued only for

Redis and MongoDB Servers

– Technically, this difference could be attributed to the fact that

Memcached is simply used for caching and therefore, it is less

prone to breach of contract. Whereas, Redis and MongoDB as

databases and message brokers are performing more complex

operations and are more likely to cause a breach

• Results of MongoDB server show the limitation of PFM when

stochastic model fails the T-Test

• In the next stage of the research, the goal is to test PFM in real time

blockchain environment


Research Output & Mobility

• Mathematical Model and Software Prototype

• Why Innovative?

– Pioneer implemetation on providing legal protection to trade

secrets in centralized and decentralized cloud architecture +

confidentiality by design + Law as a Service (blockchain)

• Who Benefit?

– Enterprises that see trade secret misappropriation as limiting

factor for acquisition of Cloud services or IoT (or Cyber Physical

Systems)

• Third Year finished at University of Luxembourg (Luxembourg)


How an online Broker can embed legal protection as

preemptive measure to reduce burden of proof in a

court of law?

What happens when the outcome of a smart contract

deviates from the outcome that the law demands?

Chapter 2

Legal Protection by an

online Broker

Chapter 3

Legal Protection by a

Smart Contract

Paper 1 (as first author): Confidentiality by Design: A

Case of Implementing Legal Protection by Online

Broker for Trade Secrets in the Cloud

Paper 2 (as first author): Self-Regulated Multi-criteria

Decision Analysis: An Autonomous Brokerage-Based

Approach for Service Provider Ranking in the Cloud

Paper 3 (as first author): Law as a Service (LaaS):

Enabling Legal Protection over a Blockchain Network

Paper 4 (as second author): PRESENCE: Toward a

Novel Approach for Performance Evaluation of SaaS

Web Services

Primary Research Question

Secondary Research Question

Chapter 4

Limitation and Future

Directions

9th IEEE International Conference

on Cloud Computing Technology

and Science (CloudCom 2017)

14th International Conference on

Smart Cities: Improving Quality of

Life using ICT & IoT (HONET-ICT

17)

In process of submission (as 2nd

author)

IEEE Transactions on Service

Computing (Under Review)


Many thanks for the attention

http://www.last-jd.eu/

[email protected]





Documents

[PCOG] YEARLY TEAM MEETING 2017pcog.uni.lu/Presentations/Team_Meeting_2017/Wassim.pdf · • Real time Quality of Service (QoS) based dataset for seven different Cloud storage i.e