Approche système pour la conception d'une méthodologie pour l'élicitation collaborative des exigences

This thesis treats the collaboration issues of design teams in the context of System Engineering (SE). Systems are more and more complex; their design requires the involvement of various skills, i.e., several stakeholders. This also involves team work between different stakeholders. Since this needs to be done correctly, it is necessary to define the methods required. In order to accomplish this, we were interested in collaboration that we considered more elaborated than simply group work. Indeed, collaboration is intended to be a group work that is better organized and structured, with clearly defined rules. To understand this problem more clearly, we were particularly interested in the process of identifying the needs of the system also called Requirements Engineering (RE), which is the first phase of the Engineering System. RE is a very complex process during which system requirements have to be defined based on needs from different stakeholders concerned in one way or another by the realization of the system. We make a distinction between the need that is the perception of a final user of the system, and the requirement that is the vision, in technical terms, that a designer or a developer has of the system. Indeed, requirement is the technical expression of a need and it will be recorded in the specifications book in order to be transferred to the system realization team. The process of needs collection and the transformation of these needs into technical requirements is critical and requires involvement of all stakeholders. As a result of this, we decided to adopt a collaborative approach to deal with the complexity of this process. Thus, in order to define the boundaries and scope of our research work, we made a literature review on RE. We have more focused on the phase of Requirements Elicitation, the first phase of RE, because it requires the committed participation of all stakeholders. Given the nature of the problem, we have distinguished two domains in which our research work is located: RE through Requirements Elicitation and Collaboration. We have thus adopted an approach in which we made the distinction between engineering and collaboration problems. In this context, we realized a state of the art on RE, in which we presented some existing works by comparing them to ours. We followed this by including other present day research on Collective Intelligence and Collaboration Engineering. We then proposed a methodology for Collaborative Requirements Elicitation. We separated the area of engineering from the area of collaboration by defining two types of processes: Requirements Engineering processes and Collaboration processes. Collaboration processes are defined using Collaboration Engineering based on engineering tasks. These are identified through the process provided by SE standards, namely the standard EIA-632. We also presented the tooling of the methodology and the results of the empirical studies we made.La présente thèse porte sur la collaboration dans la conception d'un système dans un cadre Ingénierie Système (IS) et plus spécifiquement, nous nous sommes intéressés à la phase de définition des besoins du système ou processus d'Ingénierie des exigences, qui est la toute première phase dans l'Ingénierie Système. L'Ingénierie des Exigences est un processus assez complexe au cours duquel les exigences qu'un système doit satisfaire sont définies à partir de besoins provenant des différentes parties prenantes concernées de près ou de loin par la réalisation du système. Nous faisons la distinction entre le besoin qui est la perception qu'un utilisateur final a du système et l'exigence qui est la vision en termes techniques qu'un concepteur ou un développeur a du système. Le processus d'élicitation des besoins et de leur transformation en exigences techniques est un travail assez critique et demande l'implication de toutes les parties prenantes. Sur la base de ce constat, nous avons adopte une approche collaborative pour traiter la complexité de ce processus. Etant donne la nature du problème, nous avons distingue deux domaines de définition de nos travaux : l'Ingénierie des Exigences à travers l'Elicitation des Exigences et la Collaboration. Nous avons ainsi adopte une démarche dans laquelle nous faisons la distinction entre les problèmes d'Ingénierie et ceux de la collaboration. Nous proposons une méthodologie pour l'Elicitation Collaborative des exigences qui distingue deux types de processus : les processus d'Ingénierie des exigences et les processus de collaboration. Les processus de collaboration sont définis à l'aide de l'Ingénierie de la Collaboration en s'appuyant sur les taches d'Ingénierie identifiées aux travers de processus d'Ingénierie fournis par des normes, en l'occurrence la norme EIA-632. Des expérimentations de notre méthodologie ont été réalises avec des étudiants en utilisant l'outil ThinkTank de GroupSystems et un prototype de spécification c ollaborative des exigences appelé SPECJ que nous avons développé

Federation of Services from Autonomous Domains with Heterogeneous Access Control Models

International audienc

Federation of Services from Autonomous Domains with Heterogeneous Access Control Models

International audienc

Service Promotion in a Federation of Security Domains

International audienceService Oriented Architecture (SOA) provides standardised solutions to share services between various security domains. But acces control to services is defined for each domain, and therefore the federation of security domains brings some flexibility to users of the services. To facilitatethe authentication of users, a solution is a federated access control that relies on the identity federation, which allows an user to authenticate once in one domain and to access the services of others according to her authorisation attributes. Since the access control requirements of services are specified using domain-specific authorisation attributes, the secure sharing of services in the federation becomes a real challenge. On the one hand, domains cannot abandon their access control models in favour of a global one; on the other hand, the redefinition of the access control requirements of services compromises the existing service consumers. This article extends our paper at CARI2020; we propose the promotion of services as a method that consists in publishing the services of domains at the federation level by redefining their access control requirements with the federation’s authorisation attributes. Our promotion method relies on mappings between federation’s authorisation attributes and those of domains to preserve existing service consumers and to support domain autonomy.We formally describe interaction and access to promoted services using operational semantics. The promotion method has been implemented with web services technologies.L’architecture orientée services (SOA) fournit des solutions standards pour partager des services entre divers domaines de sécurité. Cependant, le contrôle d’accès aux services est défini au niveau de chaque domaine de sécurité, et par conséquent la fédération des domaines apporte une certaine souplesse aux usagers des services des domaines. Pour faciliter l’authentification des utilisateurs, une solution est le contrôle d’accès fédéré, basé sur la fédération d’identités et qui permet à un utilisateur de s’authentifier une fois dans un domaine et d’accéder aux services des autres en fonction de ses droits et attributs. Malheureusement les exigences de contrôle d’accès des services sont spécifiées à l’aide d’attributs d’autorisation spécifiques au domaine, le partage sécurisé des services dans la fédération devient un véritable défi. Les domaines doivent à la fois être autonomes et interopérables vis-à-vis de la fédération. Cet article étend la version proposée pour CARI2020, nous proposons la promotion des services comme solution consistant à publier les services des domaines au niveau de la fédération en redéfinissant leurs exigences de contrôle d’accès avec les attributs d’autorisation de la fédération. Notre méthode de promotion repose sur des correspondances entre les attributs d’autorisation de la fédération et ceux des domaines pour préserver les clients hors fédération. Nous décrivons formellement l’interaction et l’accès aux services promus en utilisant des règles de sémantique opérationnelle. Une mise en oeuvre de la méthode est proposée par des services Web

Collaborative Decision-Making: A Proposal of an Semi-Automatic Facilitation Based on an Ontology

International audienceIn this paper, we focus on a recommendation approach for collaborative decision-making. This recommendation is possible by designing an ontology in a first step. The construction of this ontology is based on a state of the art on collaborative decision-making, on ontology engineering and on collaboration engineering. An eight-step ontology development methodology was adopted and implemented to design the ontology. A corpus made up of one hundred and seventy-seven (177) documents was the starting point for the extraction of terms from the ontology and the Unified Modeling Language (UML) language is used as a description language of the ontology. This ontology is the starting point for a facilitation support system in a collaborative decision-making process. In a second step, we defined rules, based on our expertise on collaborative decision-making, used to guide a group of decision maker or a facilitator

Contrôle d'accès fédéré dans l'architecture orientée services

Service-oriented architectures implemented by web services technologies provide standardized protocols for communicating and sharing information across organizational boundaries. The composition or federation of the services of independent organizations allows them to work together to quickly achieve their common goals. The access control of the shared services becomes an essential requirement for a secure federation of services. The identity federation provides part of the response by allowing users to authenticate once in an organization and to access the services of others with his authorization information or attributes. However, in a federation, the organizations may have different access control models that use authorization attributes with different, or even incompatible semantics. Interoperability between the access control models becomes crucial to the federation of services. Existing federated access control solutions are based on the single sign-on with common authorization attributes or the identity mapping that is not scalable in a service-oriented environment. In this paper, we propose a cross-organizational access control method for the federation of services protected by heterogeneous access control models. Our method is based on a new federation architecture that responds to the heterogeneity of authorization attributes via independent attributes introduced at the federation level.Les architectures orientées services mises en œuvre par les technologies de services Web fournissent des protocoles normalisés pour la communication et le partage d'informations au-delà des frontières organisationnelles. La composition ou la fédération des services d'organisations indépendantes leur permet de travailler ensemble pour atteindre rapidement leurs objectifs communs. Le contrôle de l'accès aux services partagés devient une exigence essentielle pour une fédération sécurisée de services. La fédération d'identité fournit une partie de la réponse en permettant aux utilisateurs de s'authentifier une fois dans une organisation et d'accéder aux services de tiers avec ses informations d'autorisation ou ses attributs. Toutefois, dans une fédération, les organisations peuvent avoir différents modèles de contrôle d'accès qui utilisent des attributs d'autorisation avec une sémantique différente, voire incompatible. L'interopérabilité entre les modèles de contrôle d'accès devient cruciale pour la fédération de services. Les solutions de contrôle d'accès fédérées existantes reposent sur la connexion unique avec des attributs d'autorisation communs ou sur le mappage d'identité non évolutif dans un environnement orienté service. Dans cet article, nous proposons une méthode de contrôle d'accès inter-organisationnel pour la fédération de services protégés par des modèles de contrôle d'accès hétérogènes. Notre méthode repose sur une nouvelle architecture de fédération qui répond à l'hétérogénéité des attributs d'autorisation via des attributs indépendants introduits au niveau de la fédération

Efficient Strategies Algorithms for Resource Allocation Problems

Strategic modelling with a panoramic view plays an important role in decision-making problems. It offers the possibility of generating different solutions before making a decision. This is particularly relevant in critical situations. This article addresses the problem of allocating resources, whether financial, material or human, so that it is optimal under a given set of constraints and inter-dependencies with other systems. To do this, existing strategies such as those of Colonel Blotto are studied in order to evaluate them according to some criteria, including the heterogeneity or homogeneity of resources and/or battlefields. Based on the results of these configurations, we propose distributed strategic learning methods to find better resource allocation strategies. The proposed algorithms are implemented under various scenarios, including incomplete information. Case studies are carried out to test the effectiveness of these new strategies compared to previous ones. A complexity analysis of the different algorithms is also presented

Collaborative Requirements Elicitation: A Process-Centred Approach

International audienceRequirements Engineering is one of the first and most critical processes in system engineering. In this paper we will focus on the collaborative aspects of requirement engineering, in the context of product development. To do so, we adopted the separation of concerns method. Using this method we separate engineering aspects from collaboration aspects in order to study both aspects and finally integrate them. For the collaborative aspect of requirements engineering we looked at Collaboration Engineering. Collaboration Engineering is an approach to design and deploy processes for recurring collaborative tasks that can be transferred to practitioners to execute for themselves without intervention of professional facilitators. From an engineering perspective we will use the requirements engineering processes described by system engineering standard EIA-632 as a starting point. To integrate these we will use methods and techniques from Collaboration Engineering to specify the collaborative processes involved in this requirements engineering approach. An object model was build using Unified Modelling Language (UML). This model shows different concepts underlying our approach. Finally two case studies are presented to evaluate this approach