A generalized Weiszfeld method for the multi-facility location problem

An iterative method is proposed for the K facilities location problem. The problem is relaxed using probabilistic assignments, depending on the distances to the facilities. The probabilities, that decompose the problem into K single-facility location problems, are updated at each iteration together with the facility locations. The proposed method is a natural generalization of the Weiszfeld method to several facilities.     

Leadership Hijacking in Docker Swarm and Its Consequences

With the advent of microservice-based software architectures, an increasing number of modern cloud environments and enterprises use operating system level virtualization, which is often referred to as container infrastructures. Docker Swarm is one of the most popular container orchestration infrastructures, providing high availability and fault tolerance. Occasionally, discovered container escape vulnerabilities allow adversaries to execute code on the host operating system and operate within the cloud infrastructure. We show that Docker Swarm is currently not secured against misbehaving manager nodes. This allows a high impact, high probability privilege escalation attack, which we refer to as leadership hijacking, the possibility of which is neglected by the current cloud security literature. Cloud lateral movement and defense evasion payloads allow an adversary to leverage the Docker Swarm functionality to control each and every host in the underlying cluster. We demonstrate an end-to-end attack, in which an adversary with access to an application running on the cluster achieves full control of the cluster. To reduce the probability of a successful high impact attack, container orchestration infrastructures must reduce the trust level of participating nodes and, in particular, incorporate adversary immune leader election algorithms.     

Duality and equilibrium prices in economics of uncertainty

A random variable (RV) X is given aminimum selling price (S) $$S_U \left( X \right): = \mathop {\sup }\limits_x \left\{ {x + EU\left( {X - x} \right)} \right\}$$ and amaximum buying price (B) $$B_p \left( X \right): = \mathop {\inf }\limits_x \left\{ {x + EP\left( {X - x} \right)} \right\}$$ whereU(·) andP(·) are appropriate functions. These prices are derived from considerations ofstochastic optimization with recourse, and are calledrecourse certainty equivalents (RCE's) of X. Both RCE's compute the “value” of a RV as an optimization problem, and both problems (S) and (B) have meaningful dual problems, stated in terms of theCsiszár φ-divergence $$I_\phi \left( {p,q} \right): = \sum\limits_{i = 1}^n {q_i \phi \left( {\frac{{p_i }}{{q_i }}} \right)} $$ a generalized entropy function, measuring the distance between RV's with probability vectors p and q. The RCES _U was studied elsewhere, and applied to production, investment and insurance problems. Here we study the RCEB _P, and apply it to problems ofinventory control (where the attitude towards risk determines the stock levels and order sizes) andoptimal insurance coverage, a problem stated as a game between the insurance company (setting the premiums) and the buyer of insurance, maximizing the RCE of his coverage.