Model-driven Information Flow Security for Component-Based Systems

International audienceThis paper proposes a formal framework for studying information flow security in component-based systems. The security policy is defined and verified from the early steps of the system design. Two kinds of non-interference properties are formally introduced and for both of them, sufficient conditions that ensures and simplifies the automated verification are proposed. The verification is compositional, first locally, by checking the behavior of every atomic component and then globally, by checking the inter-components communication and coordination. The potential benefits are illustrated on a concrete case study about constructing secure heterogeneous distributed systems

An authorization policy management framework for dynamic medical data sharing

In this paper, we propose a novel feature reduction approach to group words hierarchically into clusters which can then be used as new features for document classification. Initially, each word constitutes a cluster. We calculate the mutual confidence between any two different words. The pair of clusters containing the two words with the highest mutual confidence are combined into a new cluster. This process of merging is iterated until all the mutual confidences between the un-processed pair of words are smaller than a predefined threshold or only one cluster exists. In this way, a hierarchy of word clusters is obtained. The user can decide the clusters, from a certain level, to be used as new features for document classification. Experimental results have shown that our method can perform better than other methods.<br /

Energy efficiency in heterogeneous wireless access networks

In this article, we bring forward the important aspect of energy savings in wireless access networks. We specifically focus on the energy saving opportunities in the recently evolving heterogeneous networks (HetNets), both Single- RAT and Multi-RAT. Issues such as sleep/wakeup cycles and interference management are discussed for co-channel Single-RAT HetNets. In addition to that, a simulation based study for LTE macro-femto HetNets is presented, indicating the need for dynamic energy efficient resource management schemes. Multi-RAT HetNets also come with challenges such as network integration, combined resource management and network selection. Along with a discussion on these challenges, we also investigate the performance of the conventional WLAN-first network selection mechanism in terms of energy efficiency (EE) and suggest that EE can be improved by the application of intelligent call admission control policies

Architecture for Mobile Heterogeneous Multi Domain Networks

Multi domain networks can be used in several scenarios including military, enterprize networks, emergency networks and many other cases. In such networks, each domain might be under its own administration. Therefore, the cooperation among domains is conditioned by individual domain policies regarding sharing information, such as network topology, connectivity, mobility, security, various service availability and so on. We propose a new architecture for Heterogeneous Multi Domain (HMD) networks, in which one the operations are subject to specific domain policies. We propose a hierarchical architecture, with an infrastructure of gateways at highest-control level that enables policy based interconnection, mobility and other services among domains. Gateways are responsible for translation among different communication protocols, including routing, signalling, and security. Besides the architecture, we discuss in more details the mobility and adaptive capacity of services in HMD. We discuss the HMD scalability and other advantages compared to existing architectural and mobility solutions. Furthermore, we analyze the dynamic availability at the control level of the hierarchy

Negotiating the 'trading zone'. Creating a shared information infrastructure in the Dutch public safety sector

Our main concern in this article is whether nation-wide information technology (IT) infrastructures or systems in emergency response and disaster management are the solution to the communication problems the safety sector suffers from. It has been argued that implementing nation-wide IT systems will help to create shared cognition and situational awareness among relief workers. We put this claim to the test by presenting a case study on the introduction of ‘netcentric work’, an IT system-based platform aiming at the creation of situational awareness for professionals in the safety sector in the Netherlands. The outcome of our research is that the negotiation with relevant stakeholders by the Dutch government has lead to the emergence of several fragmented IT systems. It becomes clear that a top-down implementation strategy for a single nation-wide information system will fail because of the fragmentation of the Dutch safety sector it is supposed to be a solution to. As the US safety sector is at least as fragmented as its Dutch counterpart, this may serve as a caveat for the introduction of similar IT systems in the US

Approaches for Future Internet architecture design and Quality of Experience (QoE) Control

Researching a Future Internet capable of overcoming the current Internet limitations is a strategic investment. In this respect, this paper presents some concepts that can contribute to provide some guidelines to overcome the above-mentioned limitations. In the authors' vision, a key Future Internet target is to allow applications to transparently, efficiently and flexibly exploit the available network resources with the aim to match the users' expectations. Such expectations could be expressed in terms of a properly defined Quality of Experience (QoE). In this respect, this paper provides some approaches for coping with the QoE provision problem

The simplicity project: easing the burden of using complex and heterogeneous ICT devices and services

As of today, to exploit the variety of different "services", users need to configure each of their devices by using different procedures and need to explicitly select among heterogeneous access technologies and protocols. In addition to that, users are authenticated and charged by different means. The lack of implicit human computer interaction, context-awareness and standardisation places an enormous burden of complexity on the shoulders of the final users. The IST-Simplicity project aims at leveraging such problems by: i) automatically creating and customizing a user communication space; ii) adapting services to user terminal characteristics and to users preferences; iii) orchestrating network capabilities. The aim of this paper is to present the technical framework of the IST-Simplicity project. This paper is a thorough analysis and qualitative evaluation of the different technologies, standards and works presented in the literature related to the Simplicity system to be developed