Providing assurance and scrutability on shared data and machine learning models with verifiable credentials

Barclay, Iain; Preece, Alun; Taylor, Ian; Radha, Swapna Krishnakumar; Nabrzyski, Jarek

doi:10.1002/cpe.6997

Cited by 9 publications

(4 citation statements)

References 34 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Although some interviewees thought an AIBOM "contains only additional AI package information" (I1-Dev. ), the AI artifacts (e.g., data, code, model, configuration) also need provenance and co-versioning [27], [28]. An AIBOM (see Fig.…”

Section: ) Aibommentioning

confidence: 99%

“…Back in 2019, Barclay et al [38] introduced their ideas on applying BOMs to data ecosystems for transparency and traceability, where they detailed a conceptual model to combine a BOM (static) and a bill of lots (dynamic) to jointly record the static data components and the dynamic data of a specific experiment. Based on their previous work, as a step towards operationalizing the conceptual model, Barclay et al [39] recently introduced their work using a BOM as a verifiable credential for transparency into the AI SSCs, which is a step towards AIBOM.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

An Empirical Study on Software Bill of Materials: Where We Stand and the Road Ahead

Xia¹,

Bi²,

Xing³

et al. 2023

Preprint

View full text Add to dashboard Cite

The rapid growth of software supply chain attacks has attracted considerable attention to software bill of materials (SBOM). SBOMs are a crucial building block to ensure the transparency of software supply chains that helps improve software supply chain security. Although there are significant efforts from academia and industry to facilitate SBOM development, it is still unclear how practitioners perceive SBOMs and what are the challenges of adopting SBOMs in practice. Furthermore, existing SBOM-related studies tend to be ad-hoc and lack software engineering focuses. To bridge this gap, we conducted the first empirical study to interview and survey SBOM practitioners. We applied a mixed qualitative and quantitative method for gathering data from 17 interviewees and 65 survey respondents from 15 countries across five continents to understand how practitioners perceive the SBOM field. We summarized 26 statements and grouped them into four topics on SBOM's states of practice. Based on the study results, we derived a goal model and highlighted future directions where practitioners can put in their effort.Index Terms-software bill of materials, SBOM, bill of materials, responsible AI, empirical study.

show abstract

Section: ) Aibommentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

An Empirical Study on Software Bill of Materials: Where We Stand and the Road Ahead

Xia¹,

Bi²,

Xing³

et al. 2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Distributed ledger technology (DLT) [81] supports the automatic creation of digital identities and their associated decentralised and immutable registry. Similar to the way in which physical credentials are tied to identities, verifiable credentials (VC) [82] are bound with digital identities in web environments [83], where it is more challenging to verify and validate the information since digital arrangements are more quickly falsified than their physical and biological correspondents. In this sense, to create trust in a trustless environment, VCs must be secured from a cryptographic point of view, consider privacy and be machine verifiable [82].…”

Section: Decentralised Solutions and Blockchain Systems In Urban Heal...mentioning

confidence: 99%

Data-Driven Intelligent Platforms—Design of Self-Sovereign Data Trust Systems

Balan¹,

Tan²,

Kourtit

et al. 2023

Land

View full text Add to dashboard Cite

Urban areas provide the seedbed conditions for a variety of agglomeration advantages, including incubator conditions for the ICT sector. This study aims to present the foundations for a data-driven digital architecture based on the notion of open access platform organisations (e.g., platform cities). The principles of coordinated multi-actor data handling and exchange mechanisms centre in particular on privacy and confidentiality regulations. These are highlighted and tested on the basis of the data exchange architecture in a particular Industry 4.0 sector, viz., the medical–pharmaceutical sector. To cope with these issues, self-sovereign data trust systems are designed and tested using an OpenDSU data environment. Several building blocks of this architecture are presented and assessed. The conclusion of this study is that OpenDSU technology offers promising departures for handling privacy-sensitive and confidential data exchange in open platform organisations, such as smart cities.

show abstract

“…Self-sovereign identity (SSI) [31] is terminology used to describe the ability of an individual to take ownership of their personal data and to control who has access to that data, without the need for a centralized infrastructure, or any control or authorization being required by any third party. To date, the focus of effort of SSI researchers has been on personal identity and data privacy for individuals [32], however the underlying computer science techniques can be applied to any type of entity, including digital assets such as datasets [33], and devices [34]. SSI is decentralized, and is built upon well-established cryptographic techniques whereby a user holds a private and shares a public key [35].…”

Section: Enabling Trustable Service Configurationsmentioning

confidence: 99%