Static Enforcement of Role-Based Access Control

We propose a new static approach to Role-Based Access Control (RBAC) policy enforcement. The static approach we advocate includes a new design methodology, for applications involving RBAC, which integrates the security requirements into the system's architecture. We apply this new approach to policies restricting calls to methods in Java applications. We present a language to express RBAC policies on calls to methods in Java, a set of design patterns which Java programs must adhere to for the policy to be enforced statically, and a description of the checks made by our static verifier for static enforcement.Comment: In Proceedings WWV 2014, arXiv:1409.229

HEDGEHOG: Automatic Verification of Design Patterns in Java

Centre for Intelligent Systems and their ApplicationsDesign patterns are widely used by designers and developers for building complex systems in object-oriented programming languages such as Java. However, systems evolve over time, increasing the chance that the pattern in its original form will be broken. To verify that a design pattern has not been broken involves specifying the original intent of the design pattern. Whilst informal descriptions of patterns exist, no formal specifications are available due to differences in implementations between programming languages. This thesis shows that many patterns (implemented in Java) can be verified automatically. Patterns are defined in terms of variants, mini-patterns, and artefacts in a pattern description language called SPINE. These specifications are then processed by HEDGEHOG, an automated proof tool that attempts to prove that Java source code meets these specifications

ONLINE INTERACTIVE TOOL FOR LEARNING LOGIC

This dissertation presents the design and implementation of an online platform for solving logic exercises, aimed at complementing theoretical classes for students of logicrelated courses at the University of Nova Lisbon. The platform is integrated with a Learning Management System (LMS) using the LTI protocol, allowing instructors to grade students’ work. We provide an overview of related literature and detailed explanations of each component of the platform, including the design of logic exercises and their integration with the LMS. Additionally, we discuss the challenges and difficulties faced during the development process. The main contributions of this work are the platform itself, a guide on integrating an external tool with LTI, and the implementation of the tool with the LTI learning platform. Our results and evaluations show that the platform is effective for enhancing online learning experiences and improving assessment methods. In conclusion, this dissertation provides a valuable resource for educational institutions seeking to improve their online learning offerings and assessment practices.Esta dissertação apresenta o design e a implementação de uma plataforma online para resolver exercícios de lógica, com o objetivo de complementar as aulas teóricas para estudantes de cursos relacionados à lógica na Universidade de Nova Lisboa. A plataforma está integrada a um Sistema de Gestão de Aprendizagem (SGA) usando o protocolo LTI, permitindo que os instrutores avaliem o trabalho de seus alunos. Oferecemos uma visão geral da literatura relacionada e explicações detalhadas de cada componente da plataforma, incluindo o design dos exercícios de lógica e sua integração com o SGA. Além disso, discutimos os desafios e dificuldades enfrentados durante o processo de desenvolvimento. As principais contribuições deste trabalho são a própria plataforma, um guia sobre a integração de uma ferramenta externa com o LTI e a implementação da ferramenta na plataforma de aprendizagem LTI. Em conclusão, esta dissertação fornece um recurso valioso para as instituições educacionais que buscam melhorar suas ofertas de aprendizagem online e práticas de avaliação

Proceedings of the 2nd International Workshop on Security in Mobile Multiagent Systems

This report contains the Proceedings of the Second Workshop on Security on Security of Mobile Multiagent Systems (SEMAS2002). The Workshop was held in Montreal, Canada as a satellite event to the 5th International Conference on Autonomous Agents in 2001. The far reaching influence of the Internet has resulted in an increased interest in agent technologies, which are poised to play a key role in the implementation of successful Internet and WWW-based applications in the future. While there is still considerable hype concerning agent technologies, there is also an increasing awareness of the problems involved. In particular, that these applications will not be successful unless security issues can be adequately handled. Although there is a large body of work on cryptographic techniques that provide basic building-blocks to solve specific security problems, relatively little work has been done in investigating security in the multiagent system context. Related problems are secure communication between agents, implementation of trust models/authentication procedures or even reflections of agents on security mechanisms. The introduction of mobile software agents significantly increases the risks involved in Internet and WWW-based applications. For example, if we allow agents to enter our hosts or private networks, we must offer the agents a platform so that they can execute correctly but at the same time ensure that they will not have deleterious effects on our hosts or any other agents / processes in our network. If we send out mobile agents, we should also be able to provide guarantees about specific aspects of their behaviour, i.e., we are not only interested in whether the agents carry out-out their intended task correctly. They must defend themselves against attacks initiated by other agents, and survive in potentially malicious environments. Agent technologies can also be used to support network security. For example in the context of intrusion detection, intelligent guardian agents may be used to analyse the behaviour of agents on a firewall or intelligent monitoring agents can be used to analyse the behaviour of agents migrating through a network. Part of the inspiration for such multi-agent systems comes from primitive animal behaviour, such as that of guardian ants protecting their hill or from biological immune systems

SAVCBS 2004 Specification and Verification of Component-Based Systems: Workshop Proceedings

This is the proceedings of the 2004 SAVCBS workshop. The workshop is concerned with how formal (i.e., mathematical) techniques can be or should be used to establish a suitable foundation for the specification and verification of component-based systems. Component-based systems are a growing concern for the software engineering community. Specification and reasoning techniques are urgently needed to permit composition of systems from components. Component-based specification and verification is also vital for scaling advanced verification techniques such as extended static analysis and model checking to the size of real systems. The workshop considers formalization of both functional and non-functional behavior, such as performance or reliability

Naming and sharing resources across administrative boundaries

I tackle the problem of naming and sharing resources across administrative boundaries. Conventional systems manifest the hierarchy of typical administrative structure in the structure of their own mechanism. While natural for communication that follows hierarchical patterns, such systems interfere with naming and sharing that cross administrative boundaries, and therefore cause headaches for both users and administrators. I propose to organize resource naming and security, not around administrative domains, but around the sharing patterns of users. The dissertation is organized into four main parts. First, I discuss the challenges and tradeoffs involved in naming resources and consider a variety of existing approaches to naming. Second, I consider the architectural requirements for user-centric sharing. I evaluate existing systems with respect to these requirements. Third, to support the sharing architecture, I develop a formal logic of sharing that captures the notion of restricted delegation. Restricted delegation ensures that users can use the same mechanisms to share resources consistently, regardless of the origin of the resource, or with whom the user wishes to share the resource next. A formal semantics gives unambiguous meaning to the logic. I apply the formalism to the Simple Public Key Infrastructure and discuss how the formalism either supports or discourages potential extensions to such a system. Finally, I use the formalism to drive a user-centric sharing implementation for distributed systems. I show how this implementation enables end-to-end authorization, a feature that makes heterogeneous distributed systems more secure and easier to audit. Conventionally, gateway services that bridge administrative domains, add abstraction, or translate protocols typically impede the flow of authorization information from client to server. In contrast, end-to-end authorization enables us to build gateway services that preserve authorization information, hence we reduce the size of the trusted computing base and enable more effective auditing. I demonstrate my implementation and show how it enables end-to-end authorization across various boundaries. I measure my implementation and argue that its performance tracks that of similar authorization mechanisms without end-to-end structure. I conclude that my user-centric philosophy of naming and sharing benefits both users and administrators

Enhanced Modelling and Efficient Realisation of Cyber- Physical Systems

This report describes the work carried out for the first half of the PhD project titled Enhanced Modelling and Efficient Realisation of Cyber-Physical Systems (CPSs). The work contributions cover methods and tools to address the challenges of CPS development using a model-based approach. First the report introduces a technique to assist stakeholders in organising design information produced during modelling. Then a modelling language extension that supports reasoning about the energy consumption of the CPUs of a CPS is presented. Afterwards a technique that enables one to include real system components into the system simulation is described and finally the report presents a technology that enables construction of code generators for multiple target languages. In addition to covering the work contributions, this report also describes future work plans that will lead to the completion of the PhD project by April 2016

Eclipse-based IDE for the Agda Programming Language

Antud töö eesmärk oli kavandada ja implementeerida Eclipse põhine integreeritud arenduskeskkond (IDE) sõltuvate tüüpidega funktsionaalsele programmeerimiskeelele Agda. Töös vaadati lähemalt Agdat, Eclipse Platformi ja Eclipse põhiste arenduskeskkondade loomise raamistikke ning selle põhjal implementeeriti viis DLTK (Dynamic Languages Toolkit) raamistikule tuginevat Eclipse pistikprogrammi ning Haskelli teek, mis vahendab suhtlust Eclipse pistikprogrammide ja Agda vahel. Implementeeritud IDE toetab Agda projektide ja failide loomist Eclipses, sisaldab Agda-spetsiifilist perspektiivi (perspective), süntaksi esiletõstmist, toetab erinevaid päringuid eesmärgi (goal) kontekstis, navigeerimist deklaratsioonide juurde, otsingut, sisu assisteerimist (content assist) ja probleemide markeerimist.The goal of this thesis was to design and implement an Eclipse-based IDE for the dependently typed programming language Agda. Agda, Eclipse Platform and tools supporting the creation of Eclipse-based IDE were studied as a part of the thesis and based on the results an IDE was developed, comprising of a set of Eclipse plug-in supported by the Dynamic Languages Toolkit framework and a Haskell-based library to mediate the communication between Eclipse plug-ins and the Agda proof engine. The resulting IDE supports creating of Agda project and files, has an Agda-specific perspective, syntax highlighting, support different queries in the context of the goal, simple navigation to declarations, searching, content assist features and problem marking