{"bundle_type":"pith_open_graph_bundle","bundle_version":"1.0","pith_number":"pith:2019:WC5EG57UDDJGDJCD5SHS5PFD2B","short_pith_number":"pith:WC5EG57U","canonical_record":{"source":{"id":"1906.11094","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T13:43:57Z","cross_cats_sorted":[],"title_canon_sha256":"2031c9303fc476c9e89b7e025662c9dc12a2398313d4c2db3def41a3395c1278","abstract_canon_sha256":"519a34410768f4a58fbd601bf7833b8b1babcedc7c11aec44e58323d8fbbddb8"},"schema_version":"1.0"},"canonical_sha256":"b0ba4377f418d261a443ec8f2ebca3d046055cc21312ba3316376e8adb0e2cbe","source":{"kind":"arxiv","id":"1906.11094","version":1},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1906.11094","created_at":"2026-05-17T23:42:09Z"},{"alias_kind":"arxiv_version","alias_value":"1906.11094v1","created_at":"2026-05-17T23:42:09Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1906.11094","created_at":"2026-05-17T23:42:09Z"},{"alias_kind":"pith_short_12","alias_value":"WC5EG57UDDJG","created_at":"2026-05-18T12:33:30Z"},{"alias_kind":"pith_short_16","alias_value":"WC5EG57UDDJGDJCD","created_at":"2026-05-18T12:33:30Z"},{"alias_kind":"pith_short_8","alias_value":"WC5EG57U","created_at":"2026-05-18T12:33:30Z"}],"events":[{"event_type":"record_created","subject_pith_number":"pith:2019:WC5EG57UDDJGDJCD5SHS5PFD2B","target":"record","payload":{"canonical_record":{"source":{"id":"1906.11094","kind":"arxiv","version":1},"metadata":{"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T13:43:57Z","cross_cats_sorted":[],"title_canon_sha256":"2031c9303fc476c9e89b7e025662c9dc12a2398313d4c2db3def41a3395c1278","abstract_canon_sha256":"519a34410768f4a58fbd601bf7833b8b1babcedc7c11aec44e58323d8fbbddb8"},"schema_version":"1.0"},"canonical_sha256":"b0ba4377f418d261a443ec8f2ebca3d046055cc21312ba3316376e8adb0e2cbe","receipt":{"kind":"pith_receipt","key_id":"pith-v1-2026-05","algorithm":"ed25519","signed_at":"2026-05-17T23:42:09.860685Z","signature_b64":"u6h0al5ZjPSM1NHFx09Hw16oafDGaZt83IJ6zSyF9kiq5/0uzbZnrX17IdSddd34L2gWwgi/SdBfACKYSWgIDg==","signed_message":"canonical_sha256_bytes","builder_version":"pith-number-builder-2026-05-17-v1","receipt_version":"0.3","canonical_sha256":"b0ba4377f418d261a443ec8f2ebca3d046055cc21312ba3316376e8adb0e2cbe","last_reissued_at":"2026-05-17T23:42:09.859976Z","signature_status":"signed_v1","first_computed_at":"2026-05-17T23:42:09.859976Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"source_kind":"arxiv","source_id":"1906.11094","source_version":1,"attestation_state":"computed"},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:42:09Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"1VG7CeoC/FAOocHn2imaKvdh8rxv8qqjfS1/oE+C8E5F3zg2jpyLWi1uZqnyZ2WIouf50KVd6XceEtHyLT/7BA==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-28T13:17:57.856252Z"},"content_sha256":"d828601ae3d10dac50b1ecde12a970ab99bb61da74b28b7698543d1ec5f5c7a8","schema_version":"1.0","event_id":"sha256:d828601ae3d10dac50b1ecde12a970ab99bb61da74b28b7698543d1ec5f5c7a8"},{"event_type":"graph_snapshot","subject_pith_number":"pith:2019:WC5EG57UDDJGDJCD5SHS5PFD2B","target":"graph","payload":{"graph_snapshot":{"paper":{"title":"Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","headline":"","cross_cats":[],"primary_cat":"cs.CR","authors_text":"Christoph Mai, Felix Freiling, Nicole Koschate-Fischer, Philipp Morgner, Zinaida Benenson","submitted_at":"2019-06-26T13:43:57Z","abstract_excerpt":"With the expansion of the Internet of Things (IoT), the number of security incidents due to insecure and misconfigured IoT devices is increasing. Especially on the consumer market, manufacturers focus on new features and early releases at the expense of a comprehensive security strategy. Hence, experts have started calling for regulation of the IoT consumer market, while policymakers are seeking for suitable regulatory approaches. We investigate how manufacturers can be incentivized to increase sustainable security efforts for IoT products. We propose mandatory security update labels that info"},"claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1906.11094","kind":"arxiv","version":1},"verdict":{"id":null,"model_set":{},"created_at":null,"strongest_claim":"","one_line_summary":"","pipeline_version":null,"weakest_assumption":"","pith_extraction_headline":""},"references":{"count":0,"sample":[],"resolved_work":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","internal_anchors":0},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"author_claims":{"count":0,"strong_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"builder_version":"pith-number-builder-2026-05-17-v1"},"verdict_id":null},"signer":{"signer_id":"pith.science","signer_type":"pith_registry","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54"},"created_at":"2026-05-17T23:42:09Z","supersedes":[],"prev_event":null,"signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"YRMf/S9Svp3Tou+uWWapsG2T0Vv7lAjF21pUVPgnPQAQn4JAn4aIHdO+LZEB0fMv7syHF34xJfCY4BNzgXM6Aw==","signed_message":"open_graph_event_sha256_bytes","signed_at":"2026-06-28T13:17:57.856598Z"},"content_sha256":"8f3f27549b061071e47c0f0490529596e4d4f7ff7c023107c64b54b1db13e63c","schema_version":"1.0","event_id":"sha256:8f3f27549b061071e47c0f0490529596e4d4f7ff7c023107c64b54b1db13e63c"}],"timestamp_proofs":[],"mirror_hints":[{"mirror_type":"https","name":"Pith Resolver","base_url":"https://pith.science","bundle_url":"https://pith.science/pith/WC5EG57UDDJGDJCD5SHS5PFD2B/bundle.json","state_url":"https://pith.science/pith/WC5EG57UDDJGDJCD5SHS5PFD2B/state.json","well_known_bundle_url":"https://pith.science/.well-known/pith/WC5EG57UDDJGDJCD5SHS5PFD2B/bundle.json","status":"primary"}],"public_keys":[{"key_id":"pith-v1-2026-05","algorithm":"ed25519","format":"raw","public_key_b64":"stVStoiQhXFxp4s2pdzPNoqVNBMojDU/fJ2db5S3CbM=","public_key_hex":"b2d552b68890857171a78b36a5dccf368a953413288c353f7c9d9d6f94b709b3","fingerprint_sha256_b32_first128bits":"RVFV5Z2OI2J3ZUO7ERDEBCYNKS","fingerprint_sha256_hex":"8d4b5ee74e4693bcd1df2446408b0d54","rotates_at":null,"url":"https://pith.science/pith-signing-key.json","notes":"Pith uses this Ed25519 key to sign canonical record SHA-256 digests. Verify with: ed25519_verify(public_key, message=canonical_sha256_bytes, signature=base64decode(signature_b64))."}],"merge_version":"pith-open-graph-merge-v1","built_at":"2026-06-28T13:17:57Z","links":{"resolver":"https://pith.science/pith/WC5EG57UDDJGDJCD5SHS5PFD2B","bundle":"https://pith.science/pith/WC5EG57UDDJGDJCD5SHS5PFD2B/bundle.json","state":"https://pith.science/pith/WC5EG57UDDJGDJCD5SHS5PFD2B/state.json","well_known_bundle":"https://pith.science/.well-known/pith/WC5EG57UDDJGDJCD5SHS5PFD2B/bundle.json"},"state":{"state_type":"pith_open_graph_state","state_version":"1.0","pith_number":"pith:2019:WC5EG57UDDJGDJCD5SHS5PFD2B","merge_version":"pith-open-graph-merge-v1","event_count":2,"valid_event_count":2,"invalid_event_count":0,"equivocation_count":0,"current":{"canonical_record":{"metadata":{"abstract_canon_sha256":"519a34410768f4a58fbd601bf7833b8b1babcedc7c11aec44e58323d8fbbddb8","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T13:43:57Z","title_canon_sha256":"2031c9303fc476c9e89b7e025662c9dc12a2398313d4c2db3def41a3395c1278"},"schema_version":"1.0","source":{"id":"1906.11094","kind":"arxiv","version":1}},"source_aliases":[{"alias_kind":"arxiv","alias_value":"1906.11094","created_at":"2026-05-17T23:42:09Z"},{"alias_kind":"arxiv_version","alias_value":"1906.11094v1","created_at":"2026-05-17T23:42:09Z"},{"alias_kind":"doi","alias_value":"10.48550/arxiv.1906.11094","created_at":"2026-05-17T23:42:09Z"},{"alias_kind":"pith_short_12","alias_value":"WC5EG57UDDJG","created_at":"2026-05-18T12:33:30Z"},{"alias_kind":"pith_short_16","alias_value":"WC5EG57UDDJGDJCD","created_at":"2026-05-18T12:33:30Z"},{"alias_kind":"pith_short_8","alias_value":"WC5EG57U","created_at":"2026-05-18T12:33:30Z"}],"graph_snapshots":[{"event_id":"sha256:8f3f27549b061071e47c0f0490529596e4d4f7ff7c023107c64b54b1db13e63c","target":"graph","created_at":"2026-05-17T23:42:09Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"graph_snapshot":{"author_claims":{"count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57","strong_count":0},"builder_version":"pith-number-builder-2026-05-17-v1","claims":{"count":0,"items":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"formal_canon":{"evidence_count":0,"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"paper":{"abstract_excerpt":"With the expansion of the Internet of Things (IoT), the number of security incidents due to insecure and misconfigured IoT devices is increasing. Especially on the consumer market, manufacturers focus on new features and early releases at the expense of a comprehensive security strategy. Hence, experts have started calling for regulation of the IoT consumer market, while policymakers are seeking for suitable regulatory approaches. We investigate how manufacturers can be incentivized to increase sustainable security efforts for IoT products. We propose mandatory security update labels that info","authors_text":"Christoph Mai, Felix Freiling, Nicole Koschate-Fischer, Philipp Morgner, Zinaida Benenson","cross_cats":[],"headline":"","license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T13:43:57Z","title":"Security Update Labels: Establishing Economic Incentives for Security Patching of IoT Consumer Products"},"references":{"count":0,"internal_anchors":0,"resolved_work":0,"sample":[],"snapshot_sha256":"258153158e38e3291e3d48162225fcdb2d5a3ed65a07baac614ab91432fd4f57"},"source":{"id":"1906.11094","kind":"arxiv","version":1},"verdict":{"created_at":null,"id":null,"model_set":{},"one_line_summary":"","pipeline_version":null,"pith_extraction_headline":"","strongest_claim":"","weakest_assumption":""}},"verdict_id":null}}],"author_attestations":[],"timestamp_anchors":[],"storage_attestations":[],"citation_signatures":[],"replication_records":[],"corrections":[],"mirror_hints":[],"record_created":{"event_id":"sha256:d828601ae3d10dac50b1ecde12a970ab99bb61da74b28b7698543d1ec5f5c7a8","target":"record","created_at":"2026-05-17T23:42:09Z","signer":{"key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signer_id":"pith.science","signer_type":"pith_registry"},"payload":{"attestation_state":"computed","canonical_record":{"metadata":{"abstract_canon_sha256":"519a34410768f4a58fbd601bf7833b8b1babcedc7c11aec44e58323d8fbbddb8","cross_cats_sorted":[],"license":"http://arxiv.org/licenses/nonexclusive-distrib/1.0/","primary_cat":"cs.CR","submitted_at":"2019-06-26T13:43:57Z","title_canon_sha256":"2031c9303fc476c9e89b7e025662c9dc12a2398313d4c2db3def41a3395c1278"},"schema_version":"1.0","source":{"id":"1906.11094","kind":"arxiv","version":1}},"canonical_sha256":"b0ba4377f418d261a443ec8f2ebca3d046055cc21312ba3316376e8adb0e2cbe","receipt":{"algorithm":"ed25519","builder_version":"pith-number-builder-2026-05-17-v1","canonical_sha256":"b0ba4377f418d261a443ec8f2ebca3d046055cc21312ba3316376e8adb0e2cbe","first_computed_at":"2026-05-17T23:42:09.859976Z","key_id":"pith-v1-2026-05","kind":"pith_receipt","last_reissued_at":"2026-05-17T23:42:09.859976Z","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","receipt_version":"0.3","signature_b64":"u6h0al5ZjPSM1NHFx09Hw16oafDGaZt83IJ6zSyF9kiq5/0uzbZnrX17IdSddd34L2gWwgi/SdBfACKYSWgIDg==","signature_status":"signed_v1","signed_at":"2026-05-17T23:42:09.860685Z","signed_message":"canonical_sha256_bytes"},"source_id":"1906.11094","source_kind":"arxiv","source_version":1}}},"equivocations":[],"invalid_events":[],"applied_event_ids":["sha256:d828601ae3d10dac50b1ecde12a970ab99bb61da74b28b7698543d1ec5f5c7a8","sha256:8f3f27549b061071e47c0f0490529596e4d4f7ff7c023107c64b54b1db13e63c"],"state_sha256":"2abd6f7e0134157d6a526992123b9afdabdb2d5789d09b453acd4f94a34c1ca0"},"bundle_signature":{"signature_status":"signed_v1","algorithm":"ed25519","key_id":"pith-v1-2026-05","public_key_fingerprint":"8d4b5ee74e4693bcd1df2446408b0d54","signature_b64":"3yOmhS6lLgULBtt8FCDDpgFru9FKhSXMdijZjsV1f3YFPu/UfUTpHxExgluRC8qsnMaNqmqzH1L669GF4gN7AA==","signed_message":"bundle_sha256_bytes","signed_at":"2026-06-28T13:17:57.858436Z","bundle_sha256":"b6dca133ba85779bf1c5e5f17d3467ac75868a213b20b1f133cbaaa7bf5b99f5"}}