19,386 research outputs found
Automated Certification of Authorisation Policy Resistance
Attribute-based Access Control (ABAC) extends traditional Access Control by
considering an access request as a set of pairs attribute name-value, making it
particularly useful in the context of open and distributed systems, where
security relevant information can be collected from different sources. However,
ABAC enables attribute hiding attacks, allowing an attacker to gain some access
by withholding information. In this paper, we first introduce the notion of
policy resistance to attribute hiding attacks. We then propose the tool ATRAP
(Automatic Term Rewriting for Authorisation Policies), based on the recent
formal ABAC language PTaCL, which first automatically searches for resistance
counter-examples using Maude, and then automatically searches for an Isabelle
proof of resistance. We illustrate our approach with two simple examples of
policies and propose an evaluation of ATRAP performances.Comment: 20 pages, 4 figures, version including proofs of the paper that will
be presented at ESORICS 201
The Python user interface of the elsA cfd software: a coupling framework for external steering layers
The Python--elsA user interface of the elsA cfd (Computational Fluid
Dynamics) software has been developed to allow users to specify simulations
with confidence, through a global context of description objects grouped inside
scripts. The software main features are generated documentation, context
checking and completion, and helpful error management. Further developments
have used this foundation as a coupling framework, allowing (thanks to the
descriptive approach) the coupling of external algorithms with the cfd solver
in a simple and abstract way, leading to more success in complex simulations.
Along with the description of the technical part of the interface, we try to
gather the salient points pertaining to the psychological viewpoint of user
experience (ux). We point out the differences between user interfaces and pure
data management systems such as cgns
A Systematic Approach to Constructing Families of Incremental Topology Control Algorithms Using Graph Transformation
In the communication systems domain, constructing and maintaining network
topologies via topology control (TC) algorithms is an important cross-cutting
research area. Network topologies are usually modeled using attributed graphs
whose nodes and edges represent the network nodes and their interconnecting
links. A key requirement of TC algorithms is to fulfill certain consistency and
optimization properties to ensure a high quality of service. Still, few
attempts have been made to constructively integrate these properties into the
development process of TC algorithms. Furthermore, even though many TC
algorithms share substantial parts (such as structural patterns or tie-breaking
strategies), few works constructively leverage these commonalities and
differences of TC algorithms systematically. In previous work, we addressed the
constructive integration of consistency properties into the development
process. We outlined a constructive, model-driven methodology for designing
individual TC algorithms. Valid and high-quality topologies are characterized
using declarative graph constraints; TC algorithms are specified using
programmed graph transformation. We applied a well-known static analysis
technique to refine a given TC algorithm in a way that the resulting algorithm
preserves the specified graph constraints.
In this paper, we extend our constructive methodology by generalizing it to
support the specification of families of TC algorithms. To show the feasibility
of our approach, we reneging six existing TC algorithms and develop e-kTC, a
novel energy-efficient variant of the TC algorithm kTC. Finally, we evaluate a
subset of the specified TC algorithms using a new tool integration of the graph
transformation tool eMoflon and the Simonstrator network simulation framework.Comment: Corresponds to the accepted manuscrip
KNOWLEDGE REPRESENTATION AND INFERENCE FOR ANALYSIS AND DESIGN OF DATABASES AND TABULAR RULE-BASED SYSTEMS
Rulc-based Systems constitute a powerful tool for speciftcation of knowledge in design and implementation of knowledge-based Systems. They provide also a universal programming paradigm for domains such as intelligent control, decision support, situation classification and opcrational knowledge encoding. In order to assure safe and reliable performance, such Systems should satisfy certain format reÄ…uirements, including completeness and consistency. This paper addresses the issue of analysis and verification of selected properties of a class of such Systems in a systematic way. A uniform, tabular scheme of single-levcl rule-bascd Systems is considered. Such systcms can be applied as a generalized form of databases for speciftcation of data pattems (unconditional knowledge), or can be used for deftning attributive decision tables (conditional knowledge in form of rules). They can also serve as lower-level componcnts of a hierarchical, multi-lcvcl control and decision support knowledge-based systcms. An algebraic knowledge rcprescntation paradigm using extcnded tabular rcprcsentation, similar to relational databasc tables is prcsentcd and algebraic bascs for system analysis, vcrification and design support arc outlined
- …