47 research outputs found
What if we could travel without passport? First sight to blockchain-based identity management in tourism
Blockchain technology, as a distributed digital ledger, enables users to control their credentials without being breached by third parties. From a tourism perspective, it allows tourists to pass through checkpoints and/or bookings without waiting and having to go through third-party transactions. Hence, this paper aims to discuss traditional identity management (IdM) system challenges and what blockchain might offer as a counterpoint to conventional travel experiences within th
Combining Solution Reuse and Bound Tightening for Efficient Analysis of Evolving Systems
Software engineers have long employed formal verification to ensure the safety and validity of their system designs. As the system changes—often via predictable, domain-specific operations—their models must also change, requiring system designers to repeatedly execute the same formal verification on similar system models. State-of-the-art formal verification techniques can be expensive at scale, the cost of which is multiplied by repeated analysis. This paper presents a novel analysis technique—implemented in a tool called SoRBoT—which can automatically determine domain-specific optimizations that can dramatically reduce the cost of repeatedly analyzing evolving systems. Different from all prior approaches, which focus on either tightening the bounds for analysis or reusing all or part of prior solutions, SoRBoT’s automated derivation of domain-specific optimizations combines the benefits of both solution reuse and bound tightening while avoiding the main pitfalls of each. We experimentally evaluate SoRBoT against state-of-the-art techniques for verifying evolving specifications, demonstrating that SoRBoT substantially exceeds the run time performance of those state-of-the-art techniques while introducing only a negligible overhead, in contrast to the expensive additional computations required by the state-of-the-art verification techniques
Second CLIPS Conference Proceedings, volume 1
Topics covered at the 2nd CLIPS Conference held at the Johnson Space Center, September 23-25, 1991 are given. Topics include rule groupings, fault detection using expert systems, decision making using expert systems, knowledge representation, computer aided design and debugging expert systems
Information flow analysis for mobile code in dynamic security environments
With the growing amount of data handled by Internet-enabled
mobile devices, the task of preventing software from leaking
confidential information is becoming increasingly important. At
the same time, mobile applications are typically executed on
different devices whose users have varying requirements for the
privacy of their data. Users should be able to define their
personal information security settings, and they should get a
reliable assurance that the installed software respects these
settings. Language-based information flow security focuses on
the analysis of programs to determine information flows among
accessed data resources of different security levels, and to
verify and formally certify that these flows follow a given
policy. In the mobile code scenario, however, both the dynamic
aspect of the security environment and the fact that mobile
software is distributed as bytecode pose a challenge for existing
static analysis approaches. This thesis presents a
language-based mechanism to certify information flow security in
the presence of dynamic environments. An object-oriented
high-level language as well as a bytecode language are equipped
with facilities to inspect user-defined information flow security
settings at runtime. This way, the software developer can create
privacy-aware programs that can adapt their behaviour to
arbitrary security environments, a property that is formalized as
"universal noninterference". This property is statically
verified by an information flow type system that uses restrictive
forms of dependent types to judge abstractly on the concrete
security policy that is effective at runtime. To verify compiled
bytecode programs, a low-level version of the type system is
presented that works on an intermediate code representation in
which the original program structure is partially restored.
Rigorous soundness proofs and a type-preserving compilation
enable the generation of certified bytecode programs in the style
of proof-carrying code. To show the practical feasibility of the
approach, the system is implemented and demonstrated on a
concrete application scenario, where personal data are sent from
a mobile device to a server on the Internet
VAC - verifier of administrative role-based access control policies
In this paper we present Vac, an automatic tool for verifying security properties of administrative Role-based Access Control (RBAC). RBAC has become an increasingly popular access control model, particularly suitable for large organizations, and it is implemented in several software. Automatic security analysis of administrative RBAC systems is recognized as an important problem, as an analysis tool can help designers check whether their policies meet expected security properties. Vac converts administrative RBAC policies to imperative programs that simulate the policies both precisely and abstractly and supports several automatic verification back-ends to analyze the resulting programs. In this paper, we describe the architecture of Vac and overview the analysis techniques that have been implemented in the tool. We also report on experiments with several benchmarks from the literature
Integrating Blockchain and Fog Computing Technologies for Efficient Privacy-preserving Systems
This PhD dissertation concludes a three-year long research journey on the integration of Fog Computing and Blockchain technologies. The main aim of such integration is to address the challenges of each of these technologies, by integrating it with the other. Blockchain technology (BC) is a distributed ledger technology in the form of a distributed transactional database, secured by cryptography, and governed by a consensus mechanism. It was initially proposed for decentralized cryptocurrency applications with practically proven high robustness. Fog Computing (FC) is a geographically distributed computing architecture, in which various heterogeneous devices at the edge of network are ubiquitously connected to collaboratively provide elastic computation services. FC provides enhanced services closer to end-users in terms of time, energy, and network load. The integration of FC with BC can result in more efficient services, in terms of latency and privacy, mostly required by Internet of Things systems
Shuttle Ground Operations Efficiencies/Technologies (SGOE/T) study. Volume 2: Ground Operations evaluation
The Ground Operations Evaluation describes the breath and depth of the various study elements selected as a result of an operational analysis conducted during the early part of the study. Analysis techniques used for the evaluation are described in detail. Elements selected for further evaluation are identified; the results of the analysis documented; and a follow-on course of action recommended. The background and rationale for developing recommendations for the current Shuttle or for future programs is presented