20 research outputs found
Decisioning 2022 : Collaboration in knowledge discovery and decision making: Applications to sustainable agriculture
Sustainable agriculture is one of the Sustainable Development Goals (SDG) proposed by UN (United Nations), but little systematic work on Knowledge Discovery and Decision Making has been applied to it.
Knowledge discovery and decision making are becoming active research areas in the last years. The era of FAIR (Findable, Accessible, Interoperable, Reusable) data science, in which linked data with a high degree of variety and different degrees of veracity can be easily correlated and put in perspective to have an empirical and scientific perception of best practices in sustainable agricultural domain. This requires combining multiple methods such as elicitation, specification, validation, technologies from semantic web, information retrieval, formal concept analysis, collaborative work, semantic interoperability, ontological matching, specification, smart contracts, and multiple decision making.
Decisioning 2022 is the first workshop on Collaboration in knowledge discovery and decision making: Applications to sustainable agriculture. It has been organized by six research teams from France, Argentina, Colombia and Chile, to explore the current frontier of knowledge and applications in different areas related to knowledge discovery and decision making. The format of this workshop aims at the discussion and knowledge exchange between the academy and industry members.Laboratorio de InvestigaciĆ³n y FormaciĆ³n en InformĆ”tica Avanzad
Towards Better Understanding of User Authorization Query Problem via Multi-variable Complexity Analysis
User authorization queries in the context of role-based access control have
attracted considerable interest in the last 15 years. Such queries are used to
determine whether it is possible to allocate a set of roles to a user that
enables the user to complete a task, in the sense that all the permissions
required to complete the task are assigned to the roles in that set. Answering
such a query, in general, must take into account a number of factors,
including, but not limited to, the roles to which the user is assigned and
constraints on the sets of roles that can be activated. Answering such a query
is known to be NP-hard. The presence of multiple parameters and the need to
find efficient and exact solutions to the problem suggest that a multi-variate
approach will enable us to better understand the complexity of the user
authorization query problem (UAQ). In this paper, we establish a number of
complexity results for UAQ. Specifically, we show the problem remains hard even
when quite restrictive conditions are imposed on the structure of the problem.
Our FPT results show that we have to use either a parameter with potentially
quite large values or quite a restricted version of UAQ. Moreover, our second
FPT algorithm is complex and requires sophisticated, state-of-the-art
techniques. In short, our results show that it is unlikely that all variants of
UAQ that arise in practice can be solved reasonably quickly in general.Comment: Accepted for publication in ACM Transactions on Privacy and Security
(TOPS
From Conventional to State-of-the-Art IoT Access Control Models
open access articleThe advent in Online Social Networks (OSN) and Internet of Things (IoT) has created a new world of collaboration and communication between people and devices. The domain of internet of things uses billions of devices (ranging from tiny sensors to macro scale devices) that continuously produce and exchange huge amounts of data with people and applications. Similarly, more than a billion people are connected through social networking sites to collaborate and share their knowledge. The applications of IoT such as smart health, smart city, social networking, video surveillance and vehicular communication are quickly evolving peopleās daily lives. These applications provide accurate, information-rich and personalized services to the users. However, providing personalized information comes at the cost of accessing private information of users such as their location, social relationship details, health information and daily activities. When the information is accessible online, there is always a chance that it can be used maliciously by unauthorized entities. Therefore, an effective access control mechanism must be employed to ensure the security and privacy of entities using OSN and IoT services. Access control refers to a process which can restrict userās access to data and resources. It enforces access rules to grant authorized users an access to resources and prevent others. This survey examines the increasing literature on access control for traditional models in general, and for OSN and IoT in specific. Challenges and problems related to access control mechanisms are explored to facilitate the adoption of access control solutions in OSN and IoT scenarios. The survey provides a review of the requirements for access control enforcement, discusses several security issues in access control, and elaborates underlying principles and limitations of famous access control models. We evaluate the feasibility of current access control models for OSN and IoT and provide the future development direction of access control for the sam
An Accurate and Scalable Role Mining Algorithm based on Graph Embedding and Unsupervised Feature Learning
Role-based access control (RBAC) is one of the most widely authorization models used by organizations. In RBAC, accesses are controlled based on the roles of users within the organization. The flexibility and usability of RBAC have encouraged organizations to migrate from traditional discretionary access control (DAC) models to RBAC. The most challenging step in this migration is role mining, which is the process of extracting meaningful roles from existing access control lists. Although various approaches have been proposed to address this NP-complete role mining problem in the literature, they either suffer from low scalability or present heuristics that suffer from low accuracy. In this paper, we propose an accurate and scalable approach to the role mining problem. To this aim, we represent user-permission assignments as a bipartite graph where nodes are users and permissions, and edges are user-permission assignments. Next, we introduce an efficient deep learning algorithm based on random walk sampling to learn low-dimensional representations of the graph, such that permissions that are assigned to similar users are closer in this new space. Then, we use k-means and GMM clustering techniques to cluster permission nodes into roles. We show the effectiveness of our proposed approach by testing it on different datasets. Experimental results show that our approach performs accurate role mining, even for large datasets
A Study of Boolean Matrix Factorization Under Supervised Settings
International audienceBoolean matrix factorization is a generally accepted approach used in data analysis to explain data. It is commonly used under unsu-pervised setting or for data preprocessing under supervised settings. In this paper we study factors under supervised settings. We provide an experimental proof that factors are able to explain not only data as a whole but also classes in the data
From-Below Boolean Matrix Factorization Algorithm Based on MDL
During the past few years Boolean matrix factorization (BMF) has become an
important direction in data analysis. The minimum description length principle
(MDL) was successfully adapted in BMF for the model order selection.
Nevertheless, a BMF algorithm performing good results from the standpoint of
standard measures in BMF is missing. In this paper, we propose a novel
from-below Boolean matrix factorization algorithm based on formal concept
analysis. The algorithm utilizes the MDL principle as a criterion for the
factor selection. On various experiments we show that the proposed algorithm
outperforms---from different standpoints---existing state-of-the-art BMF
algorithms
VĆ©rification et validation de politiques de contrĆ“le d'accĆØs dans le domaine mĆ©dical
Dans le domaine meĢdical, la numeĢrisation des documents et lāutilisation des dossiers patient eĢlectroniques (DPE, ou en anglais EHR pour Electronic Health Record) offrent de nombreux avantages, tels que la faciliteĢ de recherche et de transmission de ces donneĢes. Les systeĢmes informatiques doivent reprendre ainsi progressivement le roĢle traditionnellement tenu par les archivistes, roĢle qui comprenait notamment la gestion des acceĢs aĢ ces donneĢes sensibles. Ces derniers doivent en effet eĢtre rigoureusement controĢleĢs pour tenir compte des souhaits de confidentialiteĢ des patients, des reĢgles des eĢtablissements et de la leĢgislation en vigueur. SGAC, ou Solution de Gestion AutomatiseĢe du Consentement, a pour but de fournir une solution dans laquelle lāacceĢs aux donneĢes du patient serait non seulement baseĢe sur les reĢgles mises en place par le patient lui-meĢme mais aussi sur le reĢglement de lāeĢtablissement et sur la leĢgislation. Cependant, cette liberteĢ octroyeĢe au patient est source de divers probleĢmes : conflits, masquage des donneĢes neĢcessaires aux soins ou encore tout simplement erreurs de saisie. Pour effectuer ces veĢrifications, les meĢthodes formelles fournissent des moyens fiables de veĢrification de proprieĢteĢs tels que les preuves ou la veĢrification de modeĢles. Cette theĢse propose des meĢthodes de veĢrification adapteĢes aĢ SGAC pour le patient : elle introduit le modeĢle formel de SGAC, des meĢthodes de veĢrifications de proprieĢteĢs. Afin de mener ces veĢrifications de manieĢre automatiseĢe, SGAC est modeĢliseĢ en B et Alloy ; ces diffeĢrentes modeĢlisations donnent acceĢs aux outils Alloy et ProB, et ainsi aĢ la veĢrification automatiseĢe de proprieĢteĢs via la veĢrification de modeĢles ou model checking.Abstract : In healthcare, data digitization and the use of the Electronic Health Records (EHR) offer several benefits, such as the reduction of the space occupied by data, or the ease of data search or data exchanges. IT systems must gradually take up the archivistās role by managing the accesses over sensitive data, which have to be compliant with patient wishes, hospital rules, as well as laws and regulations. SGAC, or Solution de Gestion AutomatiseĢe du Consentement (Automated Consent Management Solution), aims to provide a solution in which access to patient data would be based on patient rules, hospital rules and laws. However, the freedom granted to the patient can cause several problems : conflicts, concealment of crucial data needed to treat the patient adequately, and data-capture errors. Therefore, verification and validation of policies are essential : formal methods provide reliable ways, such as proofs or model checking, to conduct verifications of properties. This thesis provides verification methods applied on SGAC for the patient : it introduces the formal model of SGAC, methods to verify properties such as data access resolution, hidden data detection or redundant rule identification. Modeling of SGAC in B and Alloy provides access to the tools Alloy and ProB, and thus, automated property verification through model checking