21,899 research outputs found
A model checking-based approach for security policy verification of mobile systems
International audienceThis article describes an approach for the automated verification of mobile systems. Mobile systems are characterized by the explicit notion of (e.g., sites where they run) and the ability to execute at different locations, yielding a number of security issues. To this aim, we formalize mobile systems as Labeled Kripke Structures, encapsulating the notion of that describes the hierarchical nesting of the threads constituting the system. Then, we formalize a generic that includes rules for expressing and manipulating the code location. In contrast to many other approaches, our technique supports both access control and information flow specification. We developed a prototype framework for model checking of mobile systems. It works directly on the program code (in contrast to most traditional process-algebraic approaches that can model only limited details of mobile systems) and uses abstraction-refinement techniques, based also on location abstractions, to manage the program state space. We experimented with a number of mobile code benchmarks by verifying various security policies. The experimental results demonstrate the validity of the proposed mobile system modeling and policy specification formalisms and highlight the advantages of the model checking-based approach, which combines the validation of security properties with other checks, such as the validation of buffer overflows
A Formal Framework for Modeling Trust and Reputation in Collective Adaptive Systems
Trust and reputation models for distributed, collaborative systems have been
studied and applied in several domains, in order to stimulate cooperation while
preventing selfish and malicious behaviors. Nonetheless, such models have
received less attention in the process of specifying and analyzing formally the
functionalities of the systems mentioned above. The objective of this paper is
to define a process algebraic framework for the modeling of systems that use
(i) trust and reputation to govern the interactions among nodes, and (ii)
communication models characterized by a high level of adaptiveness and
flexibility. Hence, we propose a formalism for verifying, through model
checking techniques, the robustness of these systems with respect to the
typical attacks conducted against webs of trust.Comment: In Proceedings FORECAST 2016, arXiv:1607.0200
Robotic Wireless Sensor Networks
In this chapter, we present a literature survey of an emerging, cutting-edge,
and multi-disciplinary field of research at the intersection of Robotics and
Wireless Sensor Networks (WSN) which we refer to as Robotic Wireless Sensor
Networks (RWSN). We define a RWSN as an autonomous networked multi-robot system
that aims to achieve certain sensing goals while meeting and maintaining
certain communication performance requirements, through cooperative control,
learning and adaptation. While both of the component areas, i.e., Robotics and
WSN, are very well-known and well-explored, there exist a whole set of new
opportunities and research directions at the intersection of these two fields
which are relatively or even completely unexplored. One such example would be
the use of a set of robotic routers to set up a temporary communication path
between a sender and a receiver that uses the controlled mobility to the
advantage of packet routing. We find that there exist only a limited number of
articles to be directly categorized as RWSN related works whereas there exist a
range of articles in the robotics and the WSN literature that are also relevant
to this new field of research. To connect the dots, we first identify the core
problems and research trends related to RWSN such as connectivity,
localization, routing, and robust flow of information. Next, we classify the
existing research on RWSN as well as the relevant state-of-the-arts from
robotics and WSN community according to the problems and trends identified in
the first step. Lastly, we analyze what is missing in the existing literature,
and identify topics that require more research attention in the future
Actor Network Procedures as Psi-calculi for Security Ceremonies
The actor network procedures of Pavlovic and Meadows are a recent graphical
formalism developed for describing security ceremonies and for reasoning about
their security properties. The present work studies the relations of the actor
network procedures (ANP) to the recent psi-calculi framework. Psi-calculi is a
parametric formalism where calculi like spi- or applied-pi are found as
instances. Psi-calculi are operational and largely non-graphical, but have
strong foundation based on the theory of nominal sets and process algebras. One
purpose of the present work is to give a semantics to ANP through psi-calculi.
Another aim was to give a graphical language for a psi-calculus instance for
security ceremonies. At the same time, this work provides more insight into the
details of the ANPs formalization and the graphical representation.Comment: In Proceedings GraMSec 2014, arXiv:1404.163
Two Decades of Maude
This paper is a tribute to JosĂ© Meseguer, from the rest of us in the Maude team, reviewing the past, the present, and the future of the language and system with which we have been working for around two decades under his leadership. After reviewing the origins and the language's main features, we present the latest additions to the language and some features currently under development. This paper is not an introduction to Maude, and some familiarity with it and with rewriting logic are indeed assumed.Universidad de Málaga. Campus de Excelencia Internacional AndalucĂa Tech
Virtual Communication Stack: Towards Building Integrated Simulator of Mobile Ad Hoc Network-based Infrastructure for Disaster Response Scenarios
Responses to disastrous events are a challenging problem, because of possible
damages on communication infrastructures. For instance, after a natural
disaster, infrastructures might be entirely destroyed. Different network
paradigms were proposed in the literature in order to deploy adhoc network, and
allow dealing with the lack of communications. However, all these solutions
focus only on the performance of the network itself, without taking into
account the specificities and heterogeneity of the components which use it.
This comes from the difficulty to integrate models with different levels of
abstraction. Consequently, verification and validation of adhoc protocols
cannot guarantee that the different systems will work as expected in
operational conditions. However, the DEVS theory provides some mechanisms to
allow integration of models with different natures. This paper proposes an
integrated simulation architecture based on DEVS which improves the accuracy of
ad hoc infrastructure simulators in the case of disaster response scenarios.Comment: Preprint. Unpublishe
- …