Extracting Formal Models from Normative Texts

We are concerned with the analysis of normative texts - documents based on the deontic notions of obligation, permission, and prohibition. Our goal is to make queries about these notions and verify that a text satisfies certain properties concerning causality of actions and timing constraints. This requires taking the original text and building a representation (model) of it in a formal language, in our case the C-O Diagram formalism. We present an experimental, semi-automatic aid that helps to bridge the gap between a normative text in natural language and its C-O Diagram representation. Our approach consists of using dependency structures obtained from the state-of-the-art Stanford Parser, and applying our own rules and heuristics in order to extract the relevant components. The result is a tabular data structure where each sentence is split into suitable fields, which can then be converted into a C-O Diagram. The process is not fully automatic however, and some post-editing is generally required of the user. We apply our tool and perform experiments on documents from different domains, and report an initial evaluation of the accuracy and feasibility of our approach.Comment: Extended version of conference paper at the 21st International Conference on Applications of Natural Language to Information Systems (NLDB 2016). arXiv admin note: substantial text overlap with arXiv:1607.0148

A service-based testbed for Trust Negotiation

Trust Negotiation allows users to develop trust incrementally, by disclosing credentials step by step. This way, services and resources can be shared in an open environment, and access rights can be granted on the basis of peer-to-peer trust relationships. This article presents a service-based testbed for Trust Negotiation. At its core, it is created as a generic framework based on the WS-Trust standard. It integrates a modular trust engine and a rule engine, which is used as a policy checker. The system is mainly oriented at Web services composition and location-based social networking scenarios

A Study on Formal Verification for JavaScript Software

Information security is still a major problem for users of websites and hybrid mobile applications. While many apps and websites come with terms of service agreements between the developer and end user, there is no rigorous mechanism in place to ensure that these agreements are being followed. Formal methods can offer greater confidence that these policies are being followed, but there is currently no widely adopted tool that makes formal methods available for average consumers. After studying the current state-of-the-art in JavaScript policy enforcement and verification, this research proposes several new techniques for applying model checking to JavaScript that strikes a balance of low runtime overhead and fine-grained policy enforcement that other techniques do not achieve

Developing a distributed electronic health-record store for India

The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India

Big Data and Analytics in the Age of the GDPR

The new European General Data Protection Regulation places stringent restrictions on the processing of personally identifiable data. The GDPR does not only affect European companies, as the regulation applies to all the organizations that track or provide services to European citizens. Free exploratory data analysis is permitted only on anonymous data, at the cost of some legal risks.We argue that for the other kinds of personal data processing, the most flexible and safe legal basis is explicit consent. We illustrate the approach to consent management and compliance with the GDPR being developed by the European H2020 project SPECIAL, and highlight some related big data aspects

Towards the Verification of Pervasive Systems

Pervasive systems, that is roughly speaking systems that can interact with their environment, are increasingly common. In such systems, there are many dimensions to assess: security and reliability, safety and liveness, real-time response, etc. So far modelling and formalizing attempts have been very piecemeal approaches. This paper describes our analysis of a pervasive case study (MATCH, a homecare application) and our proposal for formal (particularly verification) approaches. Our goal is to see to what extent current state of the art formal methods are capable of coping with the verification demand introduced by pervasive systems, and to point out their limitations