Privacy Architectures: Reasoning About Data Minimisation and Integrity

Privacy by design will become a legal obligation in the European Community if the Data Protection Regulation eventually gets adopted. However, taking into account privacy requirements in the design of a system is a challenging task. We propose an approach based on the specification of privacy architectures and focus on a key aspect of privacy, data minimisation, and its tension with integrity requirements. We illustrate our formal framework through a smart metering case study.Comment: appears in STM - 10th International Workshop on Security and Trust Management 8743 (2014

Coordination of Dynamic Software Components with JavaBIP

JavaBIP allows the coordination of software components by clearly separating the functional and coordination aspects of the system behavior. JavaBIP implements the principles of the BIP component framework rooted in rigorous operational semantics. Recent work both on BIP and JavaBIP allows the coordination of static components defined prior to system deployment, i.e., the architecture of the coordinated system is fixed in terms of its component instances. Nevertheless, modern systems, often make use of components that can register and deregister dynamically during system execution. In this paper, we present an extension of JavaBIP that can handle this type of dynamicity. We use first-order interaction logic to define synchronization constraints based on component types. Additionally, we use directed graphs with edge coloring to model dependencies among components that determine the validity of an online system. We present the software architecture of our implementation, provide and discuss performance evaluation results.Comment: Technical report that accompanies the paper accepted at the 14th International Conference on Formal Aspects of Component Softwar

Numerical simulation of strongly nonlinear and dispersive waves using a Green-Naghdi model

We investigate here the ability of a Green-Naghdi model to reproduce strongly nonlinear and dispersive wave propagation. We test in particular the behavior of the new hybrid finite-volume and finite-difference splitting approach recently developed by the authors and collaborators on the challenging benchmark of waves propagating over a submerged bar. Such a configuration requires a model with very good dispersive properties, because of the high-order harmonics generated by topography-induced nonlinear interactions. We thus depart from the aforementioned work and choose to use a new Green-Naghdi system with improved frequency dispersion characteristics. The absence of dry areas also allows us to improve the treatment of the hyperbolic part of the equations. This leads to very satisfying results for the demanding benchmarks under consideration

A splitting approach for the fully nonlinear and weakly dispersive Green-Naghdi model

The fully nonlinear and weakly dispersive Green-Naghdi model for shallow water waves of large amplitude is studied. The original model is first recast under a new formulation more suitable for numerical resolution. An hybrid finite volume and finite difference splitting approach is then proposed. The hyperbolic part of the equations is handled with a high-order finite volume scheme allowing for breaking waves and dry areas. The dispersive part is treated with a classical finite difference approach. Extensive numerical validations are then performed in one horizontal dimension, relying both on analytical solutions and experimental data. The results show that our approach gives a good account of all the processes of wave transformation in coastal areas: shoaling, wave breaking and run-up

Enhanced Graph Rewriting Systems for Complex Software Domain

International audienceMethodologies for correct by construction reconfigurations can efficiently solve consistency issues in dynamic software architecture. Graph-based models are appropriate for designing such architectures and methods. At the same time, they may be unfit to characterize a system from a non functional perspective. This stems from efficiency and applicability limitations in handling time-varying characteristics and their related dependencies. In order to lift these restrictions, an extension to graph rewriting systems is proposed herein. The suitability of this approach, as well as the restraints of currently available ones, are illustrated, analysed and experimentally evaluated with reference to a concrete example. This investigation demonstrates that the conceived solution can: (i) express any kind of algebraic dependencies between evolving requirements and properties; (ii) significantly ameliorate the efficiency and scalability of system modifications with respect to classic methodologies; (iii) provide an efficient access to attribute values; (iv) be fruitfully exploited in software management systems; (v) guarantee theoretical properties of a grammar, like its termination

Privacy by Design: From Technologies to Architectures (Position Paper)

Existing work on privacy by design mostly focus on technologies rather than methodologies and on components rather than architectures. In this paper, we advocate the idea that privacy by design should also be addressed at the architectural level and be associated with suitable methodologies. Among other benefits, architectural descriptions enable a more systematic exploration of the design space. In addition, because privacy is intrinsically a complex notion that can be in tension with other requirements, we believe that formal methods should play a key role in this area. After presenting our position, we provide some hints on how our approach can turn into practice based on ongoing work on a privacy by design environment

Tight polynomial bounds for Loop programs in polynomial space

We consider the following problem: given a program, find tight asymptotic bounds on the values of some variables at the end of the computation (or at any given program point) in terms of its input values. We focus on the case of polynomially-bounded variables, and on a weak programming language for which we have recently shown that tight bounds for polynomially-bounded variables are computable. These bounds are sets of multivariate polynomials. While their computability has been settled, the complexity of this program-analysis problem remained open. In this paper, we show the problem to be PSPACE-complete. The main contribution is a new, space-efficient analysis algorithm. This algorithm is obtained in a few steps. First, we develop an algorithm for univariate bounds, a sub-problem which is already PSPACE-hard. Then, a decision procedure for multivariate bounds is achieved by reducing this problem to the univariate case; this reduction is orthogonal to the solution of the univariate problem and uses observations on the geometry of a set of vectors that represent multivariate bounds. Finally, we transform the univariate-bound algorithm to produce multivariate bounds

Pollen, biomarker and stable isotope evidence of late Quaternary environmental change at Lake McKenzie, southeast Queensland

Unravelling links between climate change and vegetation response during the Quaternary is important if the climate–environment interactions of modern systems are to be fully understood. Using a sediment core from Lake McKenzie, Fraser Island, we reconstruct changes in the lake ecosystem and surrounding vegetation over the last ca. 36.9 cal kyr. Evidence is drawn from multiple sources, including pollen, micro-charcoal, biomarker and stable isotope (C and N) analyses, and is used to gain a better understanding of the nature and timing of past ecological changes that have occurred at the site. The glacial period of the record, from ca. 36.9 to 18.3 cal kyr BP, is characterised by an increased abundance of plants of the aquatic and littoral zone, indicating lower lake water levels. High abundance of biomarkers and microfossils of the colonial green alga Botryococcus occurred at this time and included large variation in individual botryococcene d13C values. A slowing or ceasing of sediment accumulation occurred during the time period from ca. 18.3 to 14.0 cal kyr BP. By around 14.0 cal kyr BP fire activity in the area was reduced, as was abundance of littoral plants and terrestrial herbs, suggesting wetter conditions from that time. The Lake McKenzie pollen record conforms to existing records from Fraser Island by containing evidence of a period of reduced effective precipitation that commenced in the mid-Holocene

Molecular Tools for Monitoring the Ecological Sustainability of a Stone Bio-Consolidation Treatment at the Royal Chapel, Granada

Background: Biomineralization processes have recently been applied in situ to protect and consolidate decayed ornamental stone of the Royal Chapel in Granada (Spain). While this promising method has demonstrated its efficacy regarding strengthening of the stone, little is known about its ecological sustainability.Methodology/Principal Findings: Here, we report molecular monitoring of the stone-autochthonous microbiota before and at 5, 12 and 30 months after the bio-consolidation treatment (medium/long-term monitoring), employing the well-known molecular strategy of DGGE analyses. Before the bio-consolidation treatment, the bacterial diversity showed the exclusive dominance of Actinobacteria (100%), which decreased in the community (44.2%) after 5 months, and Gamma-proteobacteria (30.24%) and Chloroflexi (25.56%) appeared. After 12 months, Gamma-proteobacteria vanished from the community and Cyanobacteria (22.1%) appeared and remained dominant after thirty months, when the microbiota consisted of Actinobacteria (42.2%) and Cyanobacteria (57.8%) only. Fungal diversity showed that the Ascomycota phylum was dominant before treatment (100%), while, after five months, Basidiomycota (6.38%) appeared on the stone, and vanished again after twelve months. Thirty months after the treatment, the fungal population started to stabilize and Ascomycota dominated on the stone (83.33%) once again. Members of green algae (Chlorophyta, Viridiplantae) appeared on the stone at 5, 12 and 30 months after the treatment and accounted for 4.25%, 84.77% and 16.77%, respectively.Conclusions: The results clearly show that, although a temporary shift in the bacterial and fungal diversity was observed during the first five months, most probably promoted by the application of the bio-consolidation treatment, the microbiota tends to regain its initial stability in a few months. Thus, the treatment does not seem to have any negative side effects on the stone-autochthonous microbiota over that time. The molecular strategy employed here is suggested as an efficient monitoring tool to assess the impact on the stone-autochthonous microbiota of the application of biomineralization processes as a restoration/conservation procedure.This work was supported by the European Regional Development Fund (ERDF), Junta de Andalucía (Spain) and the “Fortalecimiento de la I+D+i” program from the University of Granada, co-financed by grant RNM-3493 and Research Group BIO-103 from Junta de Andalucía, as well as by the Spanish Government through “José Castillejo” program from the “Ministerio de Educación, Cultura y Deporte” (I+D+i 2008-2011), and by the Austrian Science Fund (FWF) under Grant “Elise-Richter V194-B20”