136 research outputs found
Coherence in monoidal track categories
We introduce homotopical methods based on rewriting on higher-dimensional
categories to prove coherence results in categories with an algebraic
structure. We express the coherence problem for (symmetric) monoidal categories
as an asphericity problem for a track category and we use rewriting methods on
polygraphs to solve it. The setting is extended to more general coherence
problems, seen as 3-dimensional word problems in a track category, including
the case of braided monoidal categories.Comment: 32 page
Assessing the security of VoIP Services
ISBN : 1-4244-0799-0/http://www.comsoc.orgInternational audienceVoIP networks are in a major deployment phase and are becoming widely spread out due to their extended functionality and cost efficiency. Meanwhile, as VoIP traffic is transported over the Internet, it is the target of a range of attacks that can jeopardize its proper functionality. In this paper we describe our work in a VoIP specific security assessment framework. Such an assessment is automated with integrated discovery actions, data management and security attacks allowing to perform VoIP specific penetration tests. These tests are important because they permit to search and detect existing vulnerabilities or misconfigured devices and services. Our main contributions consist in an elaborated network information model capable to be used in VoIP assessment, an extensible assessment architecture and its implementation, as well as in a comprehensive framework for defining and composing VoIP specific attacks
Integrating Security Risk Management into Business Process Management for the Cloud
Abstract-Security issues are still preventing wider adoption of cloud computing, especially for businesses which are handling sensitive information. Indeed, by outsourcing its information system (IS), a company can lose control over its infrastructure, its software or even its data. Therefore, new methods and tools need to be defined to respond to this challenge. In this paper we propose to integrate Security Risk Management approaches into Business Process Management to effectively treat security issues at the early phases of the Information System construction. We focus on cloud brokers, emerging actors of the cloud delivery model, who enhance and aggregate existing cloud services to match them with their cloud consumers' requirements. Our main goal is to provide them with tools and techniques to increase the global security level of an IS through different risk treatment strategies
A TLA+ Proof System
We describe an extension to the TLA+ specification language with constructs
for writing proofs and a proof environment, called the Proof Manager (PM), to
checks those proofs. The language and the PM support the incremental
development and checking of hierarchically structured proofs. The PM translates
a proof into a set of independent proof obligations and calls upon a collection
of back-end provers to verify them. Different provers can be used to verify
different obligations. The currently supported back-ends are the tableau prover
Zenon and Isabelle/TLA+, an axiomatisation of TLA+ in Isabelle/Pure. The proof
obligations for a complete TLA+ proof can also be used to certify the theorem
in Isabelle/TLA+
Polygraphic programs and polynomial-time functions
Abstract – We study the computational model of polygraphs. For that, we consider polygraphic programs, a subclass of these objects, as a formal description of first-order functional programs. We explain their semantics and prove that they form a Turing-complete computational model. Their algebraic structure is used by analysis tools, called polygraphic interpretations, for complexity analysis. In particular, we delineate a subclass of polygraphic programs that compute exactly the functions that are Turingcomputable in polynomial time
Abstract Anchoring modularity in HTML
Modularity is a key feature at design, programming, proving, testing, and maintenance time, as well as a must for reusability. Most languages and systems provide built-in facilities for encapsulation, importation or parameterization. Nevertheless there exists also languages, like HTML, with poor support for modularization. A natural idea is therefore to provide generic modularization primitives. To extend an existing language with additional and possibly formal capabilities, the notion of anchorage and Formal Island has been introduced recently. TOM for example, provides generic matching, rewriting and strategy extensions to JAVA and C. In this paper, we show on the HTML example, how to add modular features by anchoring modularization primitives in HTML. This allows one to write modular HTML descriptions, therefore facilitating their design, reusability, and maintenance, as well as providing an important step towards HTML validity checking
Abstract
XSLT is a rule-based language defined by the W3C for the transformation of XML-documents into XML-documents. XML-documents are essentially labelled rooted ordered trees or equivalently terms without arity restrictions. This motivates us to use term rewriting, a well-studied paradigm for the transformation of terms, to define and implement XSLT transformation. On the one hand term rewriting is conceptually simple and may be used as a formal definition of XSLT, on the other hand it can be used as a programming language and executed efficiently. We define a core fragment of XSLT in the ELAN language, developed in the PROTHEO group over recent years. The code generated by the ELAN compiler is efficient enough to use this definition directly to transform nontrivial documents
- …