4,605 research outputs found
A Declarative Framework for Specifying and Enforcing Purpose-aware Policies
Purpose is crucial for privacy protection as it makes users confident that
their personal data are processed as intended. Available proposals for the
specification and enforcement of purpose-aware policies are unsatisfactory for
their ambiguous semantics of purposes and/or lack of support to the run-time
enforcement of policies.
In this paper, we propose a declarative framework based on a first-order
temporal logic that allows us to give a precise semantics to purpose-aware
policies and to reuse algorithms for the design of a run-time monitor enforcing
purpose-aware policies. We also show the complexity of the generation and use
of the monitor which, to the best of our knowledge, is the first such a result
in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International
Workshop on Security and Trust Management (STM 2015
Optimal Investment in the Development of Oil and Gas Field
Let an oil and gas field consists of clusters in each of which an investor
can launch at most one project. During the implementation of a particular
project, all characteristics are known, including annual production volumes,
necessary investment volumes, and profit. The total amount of investments that
the investor spends on developing the field during the entire planning period
we know. It is required to determine which projects to implement in each
cluster so that, within the total amount of investments, the profit for the
entire planning period is maximum.
The problem under consideration is NP-hard. However, it is solved by dynamic
programming with pseudopolynomial time complexity. Nevertheless, in practice,
there are additional constraints that do not allow solving the problem with
acceptable accuracy at a reasonable time. Such restrictions, in particular, are
annual production volumes. In this paper, we considered only the upper
constraints that are dictated by the pipeline capacity. For the investment
optimization problem with such additional restrictions, we obtain qualitative
results, propose an approximate algorithm, and investigate its properties.
Based on the results of a numerical experiment, we conclude that the developed
algorithm builds a solution close (in terms of the objective function) to the
optimal one
Recommended from our members
A UML-based static verification framework for security
Secure software engineering is a new research area that has been proposed to address security issues during the development of software systems. This new area of research advocates that security characteristics should be considered from the early stages of the software development life cycle and should not be added as another layer in the system on an ad-hoc basis after the system is built. In this paper, we describe a UML-based Static Verification Framework (USVF) to support the design and verification of secure software systems in early stages of the software development life-cycle taking into consideration security and general requirements of the software system. USVF performs static verification on UML models consisting of UML class and state machine diagrams extended by an action language. We present an operational semantics of UML models, define a property specification language designed to reason about temporal and general properties of UML state machines using the semantic domains of the former, and implement the model checking process by translating models and properties into Promela, the input language of the SPIN model checker. We show that the methodology can be applied to the verification of security properties by representing the main aspects of security, namely availability, integrity and confidentiality, in the USVF property specification language
"Antelope": a hybrid-logic model checker for branching-time Boolean GRN analysis
<p>Abstract</p> <p>Background</p> <p>In Thomas' formalism for modeling gene regulatory networks (GRNs), <it>branching time</it>, where a state can have <it>more than one possible future</it>, plays a prominent role. By representing a certain degree of unpredictability, branching time can model several important phenomena, such as (a) asynchrony, (b) incompletely specified behavior, and (c) interaction with the environment. Introducing more than one possible future for a state, however, creates a difficulty for ordinary simulators, because <it>infinitely many </it>paths may appear, limiting ordinary simulators to statistical conclusions. <it>Model checkers </it>for branching time, by contrast, are able to prove properties in the presence of infinitely many paths.</p> <p>Results</p> <p>We have developed <it>Antelope </it>("Analysis of Networks through TEmporal-LOgic sPEcifications", <url>http://turing.iimas.unam.mx:8080/AntelopeWEB/</url>), a model checker for analyzing and constructing Boolean GRNs. Currently, software systems for Boolean GRNs use branching time almost exclusively for asynchrony. <it>Antelope</it>, by contrast, also uses branching time for incompletely specified behavior and environment interaction. We show the usefulness of modeling these two phenomena in the development of a Boolean GRN of the <it>Arabidopsis thaliana </it>root stem cell niche.</p> <p>There are two obstacles to a direct approach when applying model checking to Boolean GRN analysis. First, ordinary model checkers normally only verify whether or not a <it>given </it>set of model states has a given property. In comparison, a model checker for Boolean GRNs is preferable if it <it>reports </it>the set of states having a desired property. Second, for efficiency, the expressiveness of many model checkers is limited, resulting in the inability to express some interesting properties of Boolean GRNs.</p> <p><it>Antelope </it>tries to overcome these two drawbacks: Apart from reporting the set of all states having a given property, our model checker can express, at the expense of efficiency, some properties that ordinary model checkers (e.g., NuSMV) cannot. This additional expressiveness is achieved by employing a logic extending the standard Computation-Tree Logic (CTL) with hybrid-logic operators.</p> <p>Conclusions</p> <p>We illustrate the advantages of <it>Antelope </it>when (a) modeling incomplete networks and environment interaction, (b) exhibiting the set of all states having a given property, and (c) representing Boolean GRN properties with hybrid CTL.</p
Higher-Order Process Modeling: Product-Lining, Variability Modeling and Beyond
We present a graphical and dynamic framework for binding and execution of
business) process models. It is tailored to integrate 1) ad hoc processes
modeled graphically, 2) third party services discovered in the (Inter)net, and
3) (dynamically) synthesized process chains that solve situation-specific
tasks, with the synthesis taking place not only at design time, but also at
runtime. Key to our approach is the introduction of type-safe stacked
second-order execution contexts that allow for higher-order process modeling.
Tamed by our underlying strict service-oriented notion of abstraction, this
approach is tailored also to be used by application experts with little
technical knowledge: users can select, modify, construct and then pass
(component) processes during process execution as if they were data. We
illustrate the impact and essence of our framework along a concrete, realistic
(business) process modeling scenario: the development of Springer's
browser-based Online Conference Service (OCS). The most advanced feature of our
new framework allows one to combine online synthesis with the integration of
the synthesized process into the running application. This ability leads to a
particularly flexible way of implementing self-adaption, and to a particularly
concise and powerful way of achieving variability not only at design time, but
also at runtime.Comment: In Proceedings Festschrift for Dave Schmidt, arXiv:1309.455
BFT Selection
International audienceOne-size-fits-all protocols are hard to achieve in Byzantine fault tolerance (BFT). As an alternative, BFT users, e.g., enterprises, need an easy and efficient method to choose the most convenient protocol that matches their preferences best. The various BFT protocols that have been proposed so far differ significantly in their characteristics and performance which makes choosing the `preferred' protocol hard. In addition, if the state of the deployed system is too fluctuating, then perhaps using multiple protocols at once is needed; this requires a dynamic selection mechanism to move from one protocol to another. In this paper, we present the first BFT selection model and algorithm that can be used to choose the most convenient protocol according to user preferences. The selection algorithm applies some mathematical formulas to make the selection process easy and automatic. The algorithm operates in three modes: Static, Dynamic, and Heuristic. The Static mode addresses the cases where a single protocol is needed; the Dynamic mode assumes that the system conditions are quite fluctuating and thus requires runtime decisions, and the Heuristic mode is similar to the Dynamic mode but it uses additional heuristics to improve user choices. We give some examples to describe how selection occurs. We show that our approach is automated, easy, and yields reasonable results that match reality. To the best of our knowledge, this is the first work that addresses selection in BFT
A Generic Model of Contracts for Embedded Systems
We present the mathematical foundations of the contract-based model developed
in the framework of the SPEEDS project. SPEEDS aims at developing methods and
tools to support "speculative design", a design methodology in which
distributed designers develop different aspects of the overall system, in a
concurrent but controlled way. Our generic mathematical model of contract
supports this style of development. This is achieved by focusing on behaviors,
by supporting the notion of "rich component" where diverse (functional and
non-functional) aspects of the system can be considered and combined, by
representing rich components via their set of associated contracts, and by
formalizing the whole process of component composition
Collaborative Verification-Driven Engineering of Hybrid Systems
Hybrid systems with both discrete and continuous dynamics are an important
model for real-world cyber-physical systems. The key challenge is to ensure
their correct functioning w.r.t. safety requirements. Promising techniques to
ensure safety seem to be model-driven engineering to develop hybrid systems in
a well-defined and traceable manner, and formal verification to prove their
correctness. Their combination forms the vision of verification-driven
engineering. Often, hybrid systems are rather complex in that they require
expertise from many domains (e.g., robotics, control systems, computer science,
software engineering, and mechanical engineering). Moreover, despite the
remarkable progress in automating formal verification of hybrid systems, the
construction of proofs of complex systems often requires nontrivial human
guidance, since hybrid systems verification tools solve undecidable problems.
It is, thus, not uncommon for development and verification teams to consist of
many players with diverse expertise. This paper introduces a
verification-driven engineering toolset that extends our previous work on
hybrid and arithmetic verification with tools for (i) graphical (UML) and
textual modeling of hybrid systems, (ii) exchanging and comparing models and
proofs, and (iii) managing verification tasks. This toolset makes it easier to
tackle large-scale verification tasks
- âŠ