Efficient Large-scale Trace Checking Using MapReduce

The problem of checking a logged event trace against a temporal logic specification arises in many practical cases. Unfortunately, known algorithms for an expressive logic like MTL (Metric Temporal Logic) do not scale with respect to two crucial dimensions: the length of the trace and the size of the time interval for which logged events must be buffered to check satisfaction of the specification. The former issue can be addressed by distributed and parallel trace checking algorithms that can take advantage of modern cloud computing and programming frameworks like MapReduce. Still, the latter issue remains open with current state-of-the-art approaches. In this paper we address this memory scalability issue by proposing a new semantics for MTL, called lazy semantics. This semantics can evaluate temporal formulae and boolean combinations of temporal-only formulae at any arbitrary time instant. We prove that lazy semantics is more expressive than standard point-based semantics and that it can be used as a basis for a correct parametric decomposition of any MTL formula into an equivalent one with smaller, bounded time intervals. We use lazy semantics to extend our previous distributed trace checking algorithm for MTL. We evaluate the proposed algorithm in terms of memory scalability and time/memory tradeoffs.Comment: 13 pages, 8 figure

Lapex: A Phoswich balloon experiment for hard X-ray astronomy

Satellite and balloon observations have shown that several classes of celestial objects are hard ( 15 keV) energy band with a sensitivity of approx 10 mCrab has been performed with the UCSD/MIT instrument (A4) on board the HEAO 1 satellite. About 70 X-ray sources were detected, including galactic and extragalactic objects. Hard X-ray emission has been detected in the Galaxy from X-ray pulsars. Extragalactic sources of hard X-ray emission include clusters of galaxies, QSOs, BL Lac objects, Seyfert galaxies. The essential characteristics of the Large Area Phoswich Experiment (LAPEX) for crowded sky field observations are described. It has: (1) a broad energy band of operation (20-300 keV); (2) a 3 sigma sensitivity of about 1 mCrab in 10,000 s of live observing time; and (3) imaging capabilities with an angular resolution of about 20'

Non-collaborative Attackers and How and Where to Defend Flawed Security Protocols (Extended Version)

Security protocols are often found to be flawed after their deployment. We present an approach that aims at the neutralization or mitigation of the attacks to flawed protocols: it avoids the complete dismissal of the interested protocol and allows honest agents to continue to use it until a corrected version is released. Our approach is based on the knowledge of the network topology, which we model as a graph, and on the consequent possibility of creating an interference to an ongoing attack of a Dolev-Yao attacker, by means of non-collaboration actuated by ad-hoc benign attackers that play the role of network guardians. Such guardians, positioned in strategical points of the network, have the task of monitoring the messages in transit and discovering at runtime, through particular types of inference, whether an attack is ongoing, interrupting the run of the protocol in the positive case. We study not only how but also where we can attempt to defend flawed security protocols: we investigate the different network topologies that make security protocol defense feasible and illustrate our approach by means of concrete examples.Comment: 29 page

A Declarative Framework for Specifying and Enforcing Purpose-aware Policies

Purpose is crucial for privacy protection as it makes users confident that their personal data are processed as intended. Available proposals for the specification and enforcement of purpose-aware policies are unsatisfactory for their ambiguous semantics of purposes and/or lack of support to the run-time enforcement of policies. In this paper, we propose a declarative framework based on a first-order temporal logic that allows us to give a precise semantics to purpose-aware policies and to reuse algorithms for the design of a run-time monitor enforcing purpose-aware policies. We also show the complexity of the generation and use of the monitor which, to the best of our knowledge, is the first such a result in literature on purpose-aware policies.Comment: Extended version of the paper accepted at the 11th International Workshop on Security and Trust Management (STM 2015

Robust H-infinity filtering for 2-D systems with intermittent measurements

This paper is concerned with the problem of robust H∞ filtering for uncertain two-dimensional (2-D) systems with intermittent measurements. The parameter uncertainty is assumed to be of polytopic type, and the measurements transmission is assumed to be imperfect, which is modeled by a stochastic variable satisfying the Bernoulli random binary distribution. Our attention is focused on the design of an H∞ filter such that the filtering error system is stochastically stable and preserves a guaranteed H∞ performance. This problem is solved in the parameter-dependent framework, which is much less conservative than the quadratic approach. By introducing some slack matrix variables, the coupling between the positive definite matrices and the system matrices is eliminated, which greatly facilitates the filter design procedure. The corresponding results are established in terms of linear matrix inequalities, which can be easily tested by using standard numerical software. An example is provided to show the effectiveness of the proposed approac

Symbolic Analysis of Identity-Based Protocols

International audienceWe show how the Tamarin tool can be used to model and reason about security protocols using identity-based cryptography, including identity-based encryption and signatures. Although such protocols involve rather different primitives than conventional public-key cryptography , we illustrate how suitable abstractions and Tamarin's support for equational theories can be used to model and analyze realistic industry protocols, either finding flaws or gaining confidence in their security with respect to different classes of adversaries. Technically, we propose two models of identity-based cryptography. First, we formalize an abstract model, based on simple equations, in which verification of realistic protocols is feasible. Second, we formalize a more precise model, leveraging Tamarin's support for bilinear pairing and exclusive-or. This model is much closer to practical realizations of identity-based cryptography, but deduction is substantially more complex. Along the way, we point out the limits of precise modeling and highlight challenges in providing support for equational reasoning. We evaluate our models on an industrial protocol case study, where we find and fix flaws