2,268 research outputs found
A Survey of Languages for Specifying Dynamics: A Knowledge Engineering Perspective
A number of formal specification languages for knowledge-based systems has been developed. Characteristics for knowledge-based systems are a complex knowledge base and an inference engine which uses this knowledge to solve a given problem. Specification languages for knowledge-based systems have to cover both aspects. They have to provide the means to specify a complex and large amount of knowledge and they have to provide the means to specify the dynamic reasoning behavior of a knowledge-based system. We focus on the second aspect. For this purpose, we survey existing approaches for specifying dynamic behavior in related areas of research. In fact, we have taken approaches for the specification of information systems (Language for Conceptual Modeling and TROLL), approaches for the specification of database updates and logic programming (Transaction Logic and Dynamic Database Logic) and the generic specification framework of abstract state machine
Dynamic analysis overview and a proposed verification tool for temporal properties in security-critical software
The need for correct software is increasing as computers are proliferating in every aspect of our lives. Dynamic analysis is a possible way of
increasing the reliability of software by introducing a monitoring and verification mechanism over and above a computer system, so that if under
some unprecedented circumstance, any of its specifications are violated,
an alarm will be raised. This paper gives an overview of the literature
in the subject and also puts forward a proposal of further research and
investigation which seems to be very promising.peer-reviewe
Recommended from our members
Towards an aspect weaving BPEL engine
This position paper proposes the use of dynamic aspects and
the visitor design pattern to obtain a highly configurable and
extensible BPEL engine. Using these two techniques, the
core of this infrastructural software can be customised to
meet new requirements and add features such as debugging,
execution monitoring, or changing to another Web Service
selection policy. Additionally, it can easily be extended to
cope with customer-specific BPEL extensions. We propose
the use of dynamic aspects not only on the engine itself
but also on the workflow in order to tackle the problems of
Web Service hot deployment and hot fixes to long running
processes. In this way, composing aWeb Service "on-the-fly"
means weaving its choreography interface into the workflow
FINE-GRAINED ACCESS CONTROL ON ANDROID COMPONENT
The pervasiveness of Android devices in today’s interconnected world emphasizes the importance of mobile security in protecting user privacy and digital assets. Android’s current security model primarily enforces application-level mechanisms, which fail to address component-level (e.g., Activity, Service, and Content Provider) security concerns. Consequently, third-party code may exploit an application’s permissions, and security features like MDM or BYOD face limitations in their implementation. To address these concerns, we propose a novel Android component context-aware access control mechanism that enforces layered security at multiple Exception Levels (ELs), including EL0, EL1, and EL3. This approach effectively restricts component privileges and controls resource access as needed. Our solution comprises Flasa at EL0, extending SELinux policies for inter-component interactions and SQLite content control; Compac, spanning EL0 and EL1, which enforces component-level permission controls through Android runtime and kernel modifications; and TzNfc, leveraging TrustZone technologies to secure third-party services and limit system privileges via Trusted Execution Environment (TEE). Our evaluations demonstrate the effectiveness of our proposed solution in containing component privileges, controlling inter-component interactions and protecting component level resource access. This enhanced solution, complementing Android’s existing security architecture, provides a more comprehensive approach to Android security, benefiting users, developers, and the broader mobile ecosystem
Extensão de propriedades SQL a SGBD NoSQL através de call level interfaces
Mestrado em Engenharia de Computadores e TelemáticaOs arquitetos de software usam ferramentas, tais como Call Level Interfaces
(CLI), para guardar, atualizar e retirar dados de Sistemas de Gestão
de Bases de Dados (SGBD). Estas ferramentas estão desenhadas para efetuarem
a junção entre os paradigmas de Base de Dados Relacional e da
Programação Orientada a Objetos e fornecem funcionalidades padrão para
interagir com SGBD. No entanto, a emergência do paradigma NoSQL, e particularmente
de novos fornecedores de SGBD NoSQL, leva a situações onde
algumas das funcionalidades padrão fornecidas por CLI não são suportadas.
Isto deve-se normalmente à distância entre o modelo SQL e NoSQL, ou devido
a restrições de design. Assim, quando um arquiteto de sistema precisa de
evoluir, nomeadamente de um SGBD relacional para um SGBD NoSQL, tem
de ultrapassar as dificuldades que emergem por existirem funcionalidades não
suportadas pelo SGBD NoSQL. Não só isso, mas as CLI costumam ignorar
políticas de controlo de acesso estabelecidas e, portanto, programadores de
aplicações têm de dominar as ditas políticas de maneira a desenvolverem
software em concordância com elas. Escolher o SGBD NoSQL errado pode
levar a problemas de grandes dimensões quando as aplicações pedem funcionalidades
não suportadas ou a que não têm acesso.
Esta tese foca-se em implementar funcionalidades que não são comummente
suportadas por SGBD NoSQL, tais como Stored Procedures, Transações,
Save Points e interações com estruturas de memória local, através de uma
framework baseada numa CLI padrão. O modelo de implementação de funcionalidades
é definido por módulos da nossa framework, e permite a criação
de sistemas distribuídos e tolerantes a falhas, que simulam as funcionalidades
anteriormente referidas e abstraem as funcionalidades da base de dados
subjacente de clientes. Também temos como objetivo integrar a nossa
framework com trabalho anterior, a S-DRACA, uma arquitetura dinâmica e
segura de controlo de acesso para aplicações relacionais, onde as permissões
são definidas como sequências de expressões create, read, update e delete.
Com esta integração, conseguimos fornecer Role-Based Access Control e
outras funcionalidades de segurança a qualquer tipo de SGBD. Desenvolvemos
várias formas de utilizar cada componente (localmente ou distribuído)
e a framework está construída de forma modular, o que permite aos vários
componentes serem utilizados individualmente ou em grupo, assim como
permite o acrescento de funcionalidades ou SGBD adicionais por administradores
de sistema que queiram adaptar a framework às suas necessidades
particulares.To store, update and retrieve data from database management systems
(DBMS), software architects use tools, like call level interfaces (CLI), which
provide standard functionality to interact with DBMS. These tools are designed
to bring together the relational database and object-oriented programming
paradigms, but the emergence of the NoSQL paradigm, and particularly
new NoSQL DBMS providers, leads to situations where some of the standard
functionality provided by CLI are not supported, very often due to their
distance from the relational model or due to design constraints. As such,
when a system architect needs to evolve, namely from a relational DBMS to
a NoSQL DBMS, he must overcome the difficulties conveyed by the features
not provided by the NoSQL DBMS. Not only that, but CLI usually forsake
applied access control policies. As such, application developers must master
the established policies as a means to develop software that is conformant
with them. Choosing the wrong NoSQL DBMS risks major issues with applications
requesting non-supported features and with unauthorized accesses.
This thesis focuses on deploying features that are not so commonly supported
by NoSQL DBMS, such as Stored Procedures, Transactions, Save
Points and interactions with local memory structures, through a framework
based in a standard CLI. The feature implementation model is defined by
modules of our framework, and allows for distributed and fault-tolerant systems
to be deployed, which simulate the previously mentioned features and
abstract the underlying database features from clients. It is also our goal to
integrate our framework with previous work, S-DRACA, a dynamic secure
access control architecture for relational applications, where permissions are
defined as a sequence of create, read, update and delete expressions. With
the integration, we can provide dynamic Role-Based Access Control and
other security features to any kind of DBMS. We developed several ways
of using each component (locally or distributed) and the framework is built
in a modular fashion, which allows several components to be used individually
or together, as well as extra features or DBMS to be added by system
administrators that wish to adapt the framework to their particular needs
Integration of analysis techniques in security and fault-tolerance
This thesis focuses on the study of integration of formal methodologies in security protocol analysis and fault-tolerance analysis. The research is developed in two different directions: interdisciplinary and intra-disciplinary. In the former, we look for a beneficial interaction between strategies of analysis in security protocols and fault-tolerance; in the latter, we search for connections among different approaches of analysis within the security area. In the following we summarize the main results of the research
- …