Tutorials
Tutorial #1
Secure Logging with Blockchains and its Utilization for Central Bank Digital Currency
February 19, Monday (16h00 - 17h30)
Dr. Ivan Homoliak
Assistant Professor at Brno University of Technology in Czech Republic
Abstract
We start by briefly introducing the security architecture for blockchains and the application layer categories. We will look in detail at the sub-category of data provenance (and secure logging), where we discuss relevant properties in terms of security and privacy. Next, we will focus on centralized ledger systems that are designed for secure logging as append-only databases providing immutability (i.e., tamper resistance) as a core property. In the next part of the tutorial, we present Aquareum, a framework for centralized ledgers mitigating their main limitations. Aquareum employs a trusted execution environment (TEE) and a public smart contract platform to provide verifiability, non-equivocation, and mitigation of censorship. In Aquareum, a ledger operator deploys a pre-defined TEE enclave code, which verifies the consistency and correctness of the ledger for every ledger update. Then, proof produced by the enclave is published at an existing public smart contract platform, guaranteeing that the given snapshot of the ledger is verified and no alternative snapshot of this ledger exists. Furthermore, whenever a client suspects that her query (or transaction) is censored, she can (confidentially) request a resolution of the query via the smart contract platform. The ledger operator noticing the query is obligated to handle it by passing the query to the enclave that creates a public proof of query resolution and publishes it using the smart contract platform. With such a censorship-evident design, an operator is publicly visible when misbehaving, thus the clients can take appropriate actions (e.g., sue the operator) or encode some automated service-level agreements into their smart contracts. Since Aquareum is integrated with a Turing-complete virtual machine, it allows arbitrary transaction processing logic, including tokens or client-specified smart contracts. In the last part of the tutorial, we present CBDC-AquaSphere, a protocol that uses a combination of a trusted execution environment (TEE) and a public blockchain to enable interoperability over independent centralized CBDC ledgers (based on Aquareum). Our interoperability protocol uses a custom adaptation of atomic swap protocol and is executed by any pair of CBDC instances to realize a one-way transfer. It ensures features such as atomicity, verifiability, correctness, censorship resistance, and privacy while offering high scalability in terms of the number of CBDC instances. Our approach enables two possible deployment scenarios that can be combined: (1) CBDC instances represent central banks of multiple countries, and (2) CBDC instances represent the set of retail banks and a paramount central bank of a single country.
Bio
Ivan is assistant professor (awaiting assoc. professorship) at Brno University of Technology in Czech Republic and currently focuses on the research in various blockchain-based areas, such as 2nd layer ledgers, e-voting, CBDC, applied trusted comping, security & performance of consensus protocols, and system security in general. Before that, Ivan worked at SUTD on various projects focusing on the security of blockchains and insider threat detection. Ivan has a Ph.D. in the area of adversarial intrusion detection in network traffic from Brno University of Technology, Faculty of Information Technology (BUT FIT).
Tutorial #2
Empowering Decentralized Metaverse Security
February 20, Tuesday (16h00 - 17h30)
Dr. Moayad Aloqaily
MBZUAI, UAE
Abstract
The metaverse is a virtual world that is being increasingly explored as a new frontier for communication, collaboration, and commerce. However, as the metaverse evolves, trust and interoperability issues have emerged as significant challenges that must be addressed.
Trust is a critical issue in the metaverse because it is a virtual world where users interact with one another and engage in various activities. Without trust, users may be hesitant to participate in the metaverse, which would limit its growth and development. Interoperability is also a significant challenge in the metaverse. The metaverse comprises many different virtual worlds, each with its unique set of rules and protocols. These virtual worlds may not be able to communicate or interact with one another, making it difficult for users to move between them and participate in the full range of activities that the metaverse has to offer.
It is important that these trust and interoperability issues are addressed in order for the metaverse to reach its full potential as it can be a powerful tool for communication, collaboration, and commerce soon. Therefore, the goal of this tutorial is to:
To provide an overview of the current trust and interoperability issues in the metaverse and their impact on the growth and development of the virtual world.
To explain the various strategies and technologies that can be used to address trust and interoperability issues in the metaverse.
To demonstrate how to implement these strategies and technologies in practical examples and case studies to simulate the Metaverse environment.
To provide an overview of the security risks and threats in the metaverse, including hacking, fraud, and cyber-attacks.
To explain the various security measures and technologies that can be used to protect users and assets in the metaverse.
Bio
Moayad Aloqaily (S-12, M-17, SM-21) received the M.Sc. degree in electrical and computer engineering from Concordia University, Montreal, QC, Canada, in 2012, and the Ph.D. degree in electrical and computer engineering from the University of Ottawa, Ottawa, ON, in 2016. He was an instructor in the Systems and Computer Engineering Department at Carleton University, Ottawa, Canada. From 2017-2018, he worked with the American University of the Middle East, Kuwait. From 2019-2021, he was the Cybersecurity Program Director and an assistant professor at the Faculty of Engineering, Al Ain University, UAE. He has rich industrial experience, he was a Senior Researcher and Data Scientist with Gnowit Inc., 2016-2019. He also worked with Cheetah Network Canada from 2019-to 2020. He is the Managing Director of xAnalytics Inc., Canada, since 2019. He is currently with the Machine Learning Department, at Mohamed Bin Zayed University of Artificial Intelligence (MBZUAI), UAE. His current research interests include the applications of AI and ML, connected and autonomous vehicles including UAVs and Autonomous Vehicles, Blockchain Applications, and sustainable energy and data management. He was the recipient of many honors and awards, such as best paper awards of 2020 Ad Hoc Networks Journal, 2021 Computer Networks, 2022 IEEE IWCMC, 2022 IEEE MeditCom, 2022 IEEE GlobeCom, and 2023 IEEE Metaverse. He is actively working on different IEEE events. He is the symposium co-chair of IEEE GC22-IoT and Sensor Networks. He has also been appointed as the Co-Editor-in-Chief of IEEE CommSoft TC eLetter in 2020. He started his own Special Interest Group on Blockchain and Applications as well as the Internet of Unmanned Aerial Networks. He is an Associate Editor of IEEE Network, IEEE WMC, IEEE NETLET, Ad Hoc Networks, Simulation Modelling Practice and Theory, Journal of Network and Systems Management, Cluster Computing, and Security and Privacy. He is a guest editor in many journals including IEEE Wireless Communications Magazine, IEEE Network Magazine, Computer Networks, Journal of Network and Systems Management, International Journal of Machine Learning and Cybernetics, Cluster Computer, Internet Technology Letters, Transaction on Telecommunications Technologies, Security and Privacy, and IEEE Access. He is a Senior IEEE Member, ACM Member, and a Professional Engineer Ontario (P.Eng.).