Toward an Automatic Analysis of Web Service Security

Web services send and receive messages in XML syntax with some parts hashed, encrypted or signed, according to the WS-Security standard. In this paper we introduce a model to formally describe the protocols that underly these services, their security properties and the rewriting attacks they might be subject to. Unlike with usual security protocols, we have to address here the facts that: (1) The Web service receive/send actions are nondeterministic to accommodate the XML format and the lack of normalization in parsing XML messages. Our model is designed to permit non-deterministic operations. (2) The Web service message format is better modelled with multiset constructors than with fixed arity symbols. Hence we had to introduce an attacker model that handles associativecommutative operators. In particular we present a decision procedure for insecurity of Web services with messages built using encryption, signature, and other cryptographic primitives

Orchestration under Security Constraints

International audienceAutomatic composition of web services is a challenging task. Many works have considered simplified automata models that abstract away from the structure of messages exchanged by the services. For the domain of secured services (using e.g. digital signing or timestamping) we propose a novel approach to automated composition of services based on their security policies. Given a community of services and a goal service, we reduce the problem of composing the goal from services in the community to a security problem where an intruder should intercept and redirect messages from the service community and a client service till reaching a satisfying state. We have implemented the algorithm in AVANTSSAR Platform and applied the tool to several case studies

Disentangling the Origin and Heating Mechanism of Supernova Dust: Late-Time Spitzer Spectroscopy of the Type IIn SN 2005ip

This paper presents late-time near-infrared and {\it Spitzer} mid-infrared photometric and spectroscopic observations of warm dust in the Type IIn SN 2005ip in NGC 2906. The spectra show evidence for two dust components with different temperatures. Spanning the peak of the thermal emission, these observations provide strong constraints on the dust mass, temperature, and luminosity, which serve as critical diagnostics for disentangling the origin and heating mechanism of each component. The results suggest the warmer dust has a mass of $\sim 5 \times 10^{-4}~$\msolar, originates from newly formed dust in the ejecta, or possibly the cool, dense shell, and is continuously heated by the circumstellar interaction. By contrast, the cooler component likely originates from a circumstellar shock echo that forms from the heating of a large, pre-existing dust shell $\sim 0.01 - 0.05$~\msolar~by the late-time circumstellar interaction. The progenitor wind velocity derived from the blue edge of the He 1 1.083 \micron~P Cygni profile indicates a progenitor eruption likely formed this dust shell $\sim$100 years prior to the supernova explosion, which is consistent with a Luminous Blue Variable (LBV) progenitor star.Comment: 12 pages, 10 figures, Accepted to Ap

Chandra Observations of SNR 1987A

We report on the results of our monitoring program of the X-ray remnant of supernova 1987A with the {\it Chandra X-Ray Observatory}. We have performed two new observations during the {\it Chandra} Cycle 3 period, bringing the total to six monitoring observations over the past three years. These six observations provide a detailed time history of the birth of a new supernova remnant in X-rays. The high angular resolution images indicate that soft X-ray bright knots are associated with the optical spots, while hard X-ray features are better correlated with radio images. We interpret this in terms of a model in which fast shocks propagating through the circumstellar HII region produce the hard X-ray and radio emission, while the soft X-ray and optical emission arise in slower shocks entering into dense knots in the circumstellar inner ring. New observations begin to show changes in the morphology that may herald a new stage in the development of this incipient supernova remnant. The observed X-ray fluxes increase by nearly a factor of three over the last 30 months. The X-ray remnant is expanding at a velocity of $\sim$5000 km s$^{-1}$.Comment: 8 pages, 6 figures, 2 color figures, To appear in AdSpR (Proceedings 34th COSPAR Synposium E1.4 "High Energy Studies of Supernova Remnants and Neutron stars" For high resolution color figures contact [email protected]

X-ray emission from radiative shocks in Type II supernovae

The X-ray emission from the circumstellar interaction in Type II supernovae with a dense circumstellar medium is calculated. In Type IIL and Type IIn supernovae mass loss rates are generally high enough for the region behind the reverse shock to be radiative, producing strong radiation, particularly in X-rays. We present a model for the emission from the cooling region in the case of a radiative reverse shock. Under the assumption of a stationary flow, a hydrodynamic model is combined with time dependent ionization balance and multilevel calculations. The applicability of the steady state approximation is discussed for various values of the ejecta density gradient and different sets of chemical composition. We show how the emerging spectrum depends strongly on the reverse shock velocity and the composition of the shocked gas. We discuss differences between a spectrum produced by this model and a single-temperature spectrum. Large differences for especially the line emission are found, which seriously can affect abundance estimates. We also illustrate the effects of absorption in the cool shocked ejecta. The applicability of our model for various types of supernovae is discussed.Comment: 25 pages, 15 figures, 4 tables. Accepted for publication in A&

Les enjeux juridiques concernant les nouveaux modèles d’affaires basés sur la commercialisation des données

Cet essai est présenté en tant que mémoire de maîtrise dans le cadre du programme de droit des technologies de l’information. Ce mémoire traite de différents modèles d’affaires qui ont pour caractéristique commune de commercialiser les données dans le contexte des technologies de l’information. Les pratiques commerciales observées sont peu connues et l’un des objectifs est d’informer le lecteur quant au fonctionnement de ces pratiques. Dans le but de bien situer les enjeux, cet essai discutera d’abord des concepts théoriques de vie privée et de protection des renseignements personnels. Une fois ce survol tracé, les pratiques de « data brokerage », de « cloud computing » et des solutions « analytics » seront décortiquées. Au cours de cette description, les enjeux juridiques soulevés par chaque aspect de la pratique en question seront étudiés. Enfin, le dernier chapitre de cet essai sera réservé à deux enjeux, soit le rôle du consentement et la sécurité des données, qui ne relèvent pas d’une pratique commerciale spécifique, mais qui sont avant tout des conséquences directes de l’évolution des technologies de l’information.This essay is submitted as part of a master's thesis in Information Technology Law. This thesis discusses different business models that have the common feature of commercializing data in the context of Information Technologies. One of the goals of this thesis is to inform the reader about the workings of the studied business practices, as they are not widely known. First, in order to situate the issues, this essay will consider the theoretical concepts of Privacy and Personal Information Protection. Once the review of Data Protection and Privacy has been established, this thesis will further explore Data Brokerage, Cloud Computing and Analytic Solutions as practices. Over the course of this description, the legal issues raised by each aspect of the aforementioned practices will be studied. Finally, the last chapter of the thesis will be dedicated to two issues that are not limited to the scope of a specific business practice, but are direct consequences of the evolution of Information Technologies: the role of Consent and Data Security

Advection-Dominated Accretion and Black Hole Event Horizons

The defining characteristic of a black hole is that it possesses an event horizon through which matter and energy can fall in but from which nothing escapes. Soft X-ray transients (SXTs), a class of X-ray binaries, appear to confirm this fundamental property of black holes. SXTs that are thought to contain accreting black holes display a large variation of luminosity between their bright and faint states, while SXTs with accreting neutron stars have a smaller variation. This difference is predicted if the former stars have horizons and the latter have normal surfaces.Comment: 11 pages, including 2 tables and 2 figures. To appear in The Astrophysical Journal Letter