搜索结果：Owner

Existing AI agent safety benchmarks focus on generic criminal harm (cybercrime, harassment, weapon synthesis), leaving a systematic blind spot for a distinct and commercially consequential threat category: agents harming their own deployers. Real-world incidents illustrate the gap: Slack AI credential exfiltration (Aug 2024), Microsoft 365 Copilot calendar-injection leaks (Jan 2024), and a Meta agent unauthorized forum post exposing operational data (Mar 2026). We propose Owner-Harm, a formal threat model with eight categories of agent behavior damaging the deployer. We quantify the defense gap on two benchmarks: a compositional safety system achieves 100% TPR / 0% FPR on AgentHarm (generic criminal harm) yet only 14.8% (4/27; 95% CI: 5.9%-32.5%) on AgentDojo injection tasks (prompt-injection-mediated owner harm). A controlled generic-LLM baseline shows the gap is not inherent to owner-harm (62.7% vs. 59.3%, delta 3.4 pp) but arises from environment-bound symbolic rules that fail to generalize across tool vocabularies. On a post-hoc 300-scenario owner-harm benchmark, the gate alone achieves 75.3% TPR / 3.3% FPR; adding a deterministic post-audit verifier raises overall TPR to 85.3%

Ensuring the legal usage of deep models is crucial to promoting trustable, accountable, and responsible artificial intelligence innovation. Current passport-based methods that obfuscate model functionality for license-to-use and ownership verifications suffer from capacity and quality constraints, as they require retraining the owner model for new users. They are also vulnerable to advanced Expanded Residual Block ambiguity attacks. We propose Steganographic Passport, which uses an invertible steganographic network to decouple license-to-use from ownership verification by hiding the user's identity images into the owner-side passport and recovering them from their respective user-side passports. An irreversible and collision-resistant hash function is used to avoid exposing the owner-side passport from the derived user-side passports and increase the uniqueness of the model signature. To safeguard both the passport and model's weights against advanced ambiguity attacks, an activation-level obfuscation is proposed for the verification branch of the owner's model. By jointly training the verification and deployment branches, their weights become tightly coupled. The proposed method s

The internet has become the main source of data to train modern text-to-image or vision-language models, yet it is increasingly unclear whether web-scale data collection practices for training AI systems adequately respect data owners' wishes. Ignoring the owner's indication of consent around data usage not only raises ethical concerns but also has recently been elevated into lawsuits around copyright infringement cases. In this work, we aim to reveal information about data owners' consent to AI scraping and training, and study how it's expressed in DataComp, a popular dataset of 12.8 billion text-image pairs. We examine both the sample-level information, including the copyright notice, watermarking, and metadata, and the web-domain-level information, such as a site's Terms of Service (ToS) and Robots Exclusion Protocol. We estimate at least 122M of samples exhibit some indication of copyright notice in CommonPool, and find that 60\% of the samples in the top 50 domains come from websites with ToS that prohibit scraping. Furthermore, we estimate 9-13\% with 95\% confidence interval of samples from CommonPool to contain watermarks, where existing watermark detection methods fail to

[Context] Accurate time estimation is a critical aspect of predictable software engineering. Previous work shows that low source code quality increases the uncertainty in issue resolution times. [Objective] Our goal is to evaluate how developers' project experience and file ownership are related to issue resolution times. [Method] We mine 40 proprietary software repositories and conduct an observational study. Using CodeScene, we measure source code quality and active development time connected to Jira issues. [Results] Most source code changes are made by either a marginal or dominant code owner. Also, most changes to low-quality source code are made by developers with low levels of ownership. In low-quality source code, marginal owners need 45\% more time for small changes, and 93\% more time for large changes. [Conclusions] Collective code ownership is a popular target, but industry practice results in many dominant and marginal owners. Marginal owners are particularly hampered when working with low-quality source code, which leads to productivity losses. In codebases plagued by technical debt, newly onboarded developers will require more time to complete tasks.

Generative AI can help small business owners automate tasks, increase efficiency, and improve their bottom line. However, despite the seemingly intuitive design of systems like ChatGPT, significant barriers remain for those less comfortable with technology. To address these disparities, prior work highlights accessory skills -- beyond prompt engineering -- users must master to successfully adopt generative AI including keyboard shortcuts, editing skills, file conversions, and browser literacy. Building on a design workshop series and 15 interviews with small businesses, we introduce BizChat, a large language model (LLM)-powered web application that helps business owners across digital skills levels write their business plan -- an essential but often neglected document. To do so, BizChat's interface embodies three design considerations inspired by learning sciences: ensuring accessibility to users with less digital skills while maintaining extensibility to power users ("low-floor-high-ceiling"), providing in situ micro-learning to support entrepreneurial education ("just-in-time learning"), and framing interaction around business activities ("contextualized technology introduction")

The transportation sector is the single largest contributor to US emissions and the second largest globally. Electric vehicles (EVs) are expected to represent half of global car sales by 2035, emerging as a pivotal solution to reduce emissions and enhance grid flexibility. The electrification of buildings, manufacturing, and transportation is expected to grow electricity demand substantially over the next decade. Without effectively managed EV charging, EVs could strain energy grid infrastructure and increase electricity costs. Drawing on de-identified 2023 EV telematics data from Rivian Automotive, this study found that 72% of home charging commenced after the customer plugged in their vehicle regardless of utility time of use (TOU) tariffs or managed charging programs. In fewer than 26% of charging sessions in the sample, EV owners actively scheduled charging times to align or participate in utility tariffs or programs. With a majority of drivers concurrently plugged in during optimal charging periods yet not actively charging, the study identified an opportunity to reduce individual EV owner costs and carbon emissions through smarter charging habits without significant behaviora

One of scenarios in data-sharing applications is that files are managed by multiple owners, and the list of file owners may change dynamically. However, most existing solutions to this problem rely on trusted third parties and have complicated signature permission processes, resulting in additional overhead. Therefore, we propose a verifiable data-sharing scheme (VDS-DM) that can support dynamic multi-owner scenarios. We introduce a management entity that combines linear secret-sharing technology, multi-owner signature generation, and an aggregation technique to allow multi-owner file sharing. Without the help of trusted third parties, VDS-DM can update file signatures for dynamically changing file owners, which helps save communication overhead. Moreover, users independently verify the integrity of files without resorting to a third party. We analyse the security of VDS-DM through a security game. Finally, we conduct enough simulation experiments and the outcomes of experimental demonstrate the feasibility of VDS-DM.

Small business owners (SBOs) often lack the resources and design experience needed to produce high-quality advertisements. To address this, we developed ACAI (AI Co-Creation for Advertising and Inspiration), an GenAI-powered multimodal advertisement creation tool, and conducted a user study with 16 SBOs in London to explore their perceptions of and interactions with ACAI in advertisement creation. Our findings reveal that structured inputs enhance user agency and control while improving AI outputs by facilitating better brand alignment, enhancing AI transparency, and offering scaffolding that assists novice designers, such as SBOs, in formulating prompts. We also found that ACAI's multimodal interface bridges the design skill gap for SBOs with a clear advertisement vision, but who lack the design jargon necessary for effective prompting. Building on our findings, we propose three capabilities: contextual intelligence, adaptive interactions, and data management, with corresponding design recommendations to advance the co-creative attributes of AI-mediated design tools.

Auction-based Federated Learning (AFL) has attracted extensive research interest due to its ability to motivate data owners (DOs) to join FL through economic means. While many existing AFL methods focus on providing decision support to model users (MUs) and the AFL auctioneer, decision support for data owners remains open. To bridge this gap, we propose a first-of-its-kind agent-oriented joint Pricing, Acceptance and Sub-delegation decision support approach for data owners in AFL (PAS-AFL). By considering a DO's current reputation, pending FL tasks, willingness to train FL models, and its trust relationships with other DOs, it provides a systematic approach for a DO to make joint decisions on AFL bid acceptance, task sub-delegation and pricing based on Lyapunov optimization to maximize its utility. It is the first to enable each DO to take on multiple FL tasks simultaneously to earn higher income for DOs and enhance the throughput of FL tasks in the AFL ecosystem. Extensive experiments based on six benchmarking datasets demonstrate significant advantages of PAS-AFL compared to six alternative strategies, beating the best baseline by 28.77% and 2.64% on average in terms of utility a

Currently, wind energy is one of the most important sources of renewable energy. Offshore locations for wind turbines are increasingly exploited because of their numerous advantages. However, offshore wind farms require high investment in maintenance service. Due to its complexity and special requirements, maintenance service is usually outsourced by wind farm owners. In this paper, we propose a novel approach to determine, quantify, and reduce the possible conflicts of interest between owners and maintenance suppliers. We created a complete techno-economic model to address this problem from an impartial point of view. An iterative process was developed to obtain statistical results that can help stakeholders negotiate the terms of the contract, in which the availability of the wind farm is the reference parameter by which to determine penalisations and incentives. Moreover, a multi-objective programming problem was addressed that maximises the profits of both parties without losing the alignment of their interests. The main scientific contribution of this paper is the maintenance analysis of offshore wind farms from two perspectives: that of the owner and the maintenance supplier.

Small and medium enterprises (SMEs) are increasingly vulnerable to cyber threats due to limited resources and cybersecurity expertise, in addition to an increasingly hostile cyber threat environment at national and international levels. This study aims to improve the cyber resilience amongst SMEs by developing a national risk assessment tool. This research is guided by three key questions: 1. What current international SME risk assessment tools are available and supported or endorsed by national cybersecurity centres? 2. How can a risk assessment tool be created that is accessible to SME owners with little to no cybersecurity knowledge? 3. What are the key areas of cybersecurity risks for SMEs? To answer these questions, a comprehensive review of existing risk assessment tools was carried out. Through iterative collaboration with SMEs, the development of a user-friendly tool that simplifies risk for non-expert users was made possible.

In this paper, we study the setting in which data owners train machine learning models collaboratively under a privacy notion called joint differential privacy [Kearns et al., 2018]. In this setting, the model trained for each data owner $j$ uses $j$'s data without privacy consideration and other owners' data with differential privacy guarantees. This setting was initiated in [Jain et al., 2021] with a focus on linear regressions. In this paper, we study this setting for stochastic convex optimization (SCO). We present an algorithm that is a variant of DP-SGD [Song et al., 2013; Abadi et al., 2016] and provides theoretical bounds on its population loss. We compare our algorithm to several baselines and discuss for what parameter setups our algorithm is more preferred. We also empirically study joint differential privacy in the multi-class classification problem over two public datasets. Our empirical findings are well-connected to the insights from our theoretical results.

Integrating Internet of Things (IoT) and edge computing for "Edge-IoT" systems, converged with machine intelligence, has the potentials of enabling a wide range of applications in smart homes, factories and cities. Edge-IoT can connect many diverse devices and the IoT asset owners can run heterogeneous IoT systems supported by various vendors or service providers (SPs), using either cloud or local edge computing (or both) for resource assistance. The existing methods typically manage the systems as separate vertical "silos", or in a vendor/SP-centric way, which suffers from significant challenges. In this paper, we present a novel owner-centric management paradigm named "ORCA" to address the gaps left by the owner-centric paradigm and empower the IoT assets owners to effectively identify and mitigate potential issues in their own network premises, regardless the vendors/SPs' situations. ORCA aims to be scalable and extensible in assisting IoT owners to perform intelligent management through a behavior-oriented and data-driven approach. ORCA is an ongoing project and the preliminary results indicate that it can significantly empower the IoT systems owners to better manage their IoT

In large-scale agile projects, product owners undertake a range of challenging and varied activities beyond those conventionally associated with that role. Using in-depth research interviews from 93 practitioners working in cross-border teams, from 21 organisations, our rich empirical data offers a unique international perspective into product owner activities. We found that the leaders of large-scale agile projects create product owner teams. Product owner team members undertake sponsor, intermediary and release plan master activities to manage scale. They undertake communicator and traveller activities to manage distance and technical architect, governor and risk assessor activities to manage governance. Based on our findings, we describe product owner behaviors that are valued by experienced product owners and their line managers.

Product owners in the Scrum framework - respectively the on-site customer when applying eXtreme Programming - have an important role in the development process. They are responsible for the requirements and backlog deciding about the next steps within the development process. However, many companies face the difficulty of defining the tasks and the responsibilities of a product owner on their way towards an agile work environment. While literature addresses the tailoring of the product owner's role in general, research does not particularly consider the specifics of this role in the context of a systems development as we find for example in the oil and gas industry. Consequently, the question arises whether there are any differences between these two areas. In order to answer this question, we investigated on the current state of characteristics and tasks of product owners at Baker Hughes, a GE company (BHGE). In this position paper, we present initial results based on an online survey with answers of ten active product owners within the technical software department of BHGE. The results indicate that current product owners at BHGE primarily act as a nexus between all ends. While t

I consider a setting where reviewers offer very noisy scores for several items for the selection of high-quality ones (e.g., peer review of large conference proceedings), whereas the owner of these items knows the true underlying scores but prefers not to provide this information. To address this withholding of information, in this paper, I introduce the Isotonic Mechanism, a simple and efficient approach to improving imprecise raw scores by leveraging certain information that the owner is incentivized to provide. This mechanism takes the ranking of the items from best to worst provided by the owner as input, in addition to the raw scores provided by the reviewers. It reports the adjusted scores for the items by solving a convex optimization problem. Under certain conditions, I show that the owner's optimal strategy is to honestly report the true ranking of the items to her best knowledge in order to maximize the expected utility. Moreover, I prove that the adjusted scores provided by this owner-assisted mechanism are significantly more accurate than the raw scores provided by the reviewers. This paper concludes with several extensions of the Isotonic Mechanism and some refinements

Vertical Federated Learning (VFL) refers to the collaborative training of a model on a dataset where the features of the dataset are split among multiple data owners, while label information is owned by a single data owner. In this paper, we propose a novel method, Multi Vertical Federated Learning (Multi-VFL), to train VFL models when there are multiple data and label owners. Our approach is the first to consider the setting where $D$-data owners (across which features are distributed) and $K$-label owners (across which labels are distributed) exist. This proposed configuration allows different entities to train and learn optimal models without having to share their data. Our framework makes use of split learning and adaptive federated optimizers to solve this problem. For empirical evaluation, we run experiments on the MNIST and FashionMNIST datasets. Our results show that using adaptive optimizers for model aggregation fastens convergence and improves accuracy.

In this paper, we propose a very secure and reliable owner-self-managed private key recovery method. In recent years, Public Key Authentication (PKA) method has been identified as the most feasible online security solution. However, losing the private key also implies the risk of losing the ownership of the assets associated with the private key. For key protection, the commonly adopted something-you-x solutions require a new secret to protect the target secret and fall into a circular protection issue as the new secret has to be protected too. To resolve the circular protection issue and provide a truly secure and reliable solution, we propose separating the permission and possession of the private key. Then we create secret shares of the permission using the open public keys of selected trustees while having the owner possess the permission-encrypted private key. Then by applying the social authentication method, one may easily retrieve the permission to recover the private key. Our analysis shows that our proposed indirect-permission method is six orders of magnitude more secure and reliable than

How hosts language influence their pets' vocalization is an interesting yet underexplored problem. This paper presents a preliminary investigation into the possible correlation between domestic dog vocal expressions and their human host's language environment. We first present a new dataset of Shiba Inu dog vocals from YouTube, which provides 7500 clean sound clips, including their contextual information of these vocals and their owner's speech clips with a carefully-designed data processing pipeline. The contextual information includes the scene category in which the vocal was recorded, the dog's location and activity. With a classification task and prominent factor analysis, we discover significant acoustic differences in the dog vocals from the two language environments. We further identify some acoustic features from dog vocalizations that are potentially correlated to their host language patterns.