Correlation in an intrusion detection process

International audienceGenerally, the intruder must perform several actions, organized in an intrusion scenario, to achieve his or her malicious objective. We argue that intrusion scenarios can be modelled as a planning process and we suggest modelling a malicious objective as an attempt to violate a given security requirement. Our proposal is then to extend the definition of attack correlation presented in "alert correlation in a cooperative intrusion detection network" to correlate attacks with intrusion objectives and to introduce the notion of anti correlation. These notions are useful to decide if a sequence of correlated actions can lead to an intrusion objective. This approach provides the security administrator with a global view of what happens in the system. In particular, it controls unobserved actions through hypothesis generation, clusters repeated actions in a single scenario, recognizes intruders that are changing their intrusion objectives and is efficient to detect variations of an intrusion scenario. This approach can also be used to eliminate a category of false positives that correspond to false attacks, that is actions that are not further correlated to an intrusion objective

Organization based access control

International audienceNone of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically the case of security policies that apply to the health care domain. We suggest a new model that provides solutions to specify such contextual security policies. This model, called organization based access control, is presented using a formal language based on first-order logic

ORBAC : un modèle de contrôle d'accès basé sur les organisations

International audienceNone of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically the case of security policies that apply to the health care domain. In this paper, we suggest a new model that provides solutions to specify such contextual security policies. This model, called Organization based access control, is presented using a formal language based on first-order logic.Les modèles de contrôle d’accès comme DAC, MAC, RBAC, TBAC ou TMAC ne permettent demodéliser que des politiques de sécurité qui se restreignent à des permissions statiques. Ils n’offrent pas lapossibilité d’exprimer des règles contextuelles relatives aux permissions, aux interdictions, aux obligations etaux recommandations. Ce type de règle est particulièrement utile pour exprimer des politiques de sécurité dans ledomaine médical. Dans cet article, nous proposons un nouveau modèle qui permet de spécifier de tellespolitiques de sécurité contextuelles. Ce modèle appelé Organisation Based Access Control (ORBAC) s’appuiesur un langage formel basé sur la logique du premier ordre

Organization based access control

International audienceNone of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically the case of security policies that apply to the health care domain. We suggest a new model that provides solutions to specify such contextual security policies. This model, called organization based access control, is presented using a formal language based on first-order logic

ORBAC : un modèle de contrôle d'accès basé sur les organisations

International audienceNone of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include contextual rules related to permissions, prohibitions, obligations and recommendations. This is typically the case of security policies that apply to the health care domain. In this paper, we suggest a new model that provides solutions to specify such contextual security policies. This model, called Organization based access control, is presented using a formal language based on first-order logic.Les modèles de contrôle d’accès comme DAC, MAC, RBAC, TBAC ou TMAC ne permettent demodéliser que des politiques de sécurité qui se restreignent à des permissions statiques. Ils n’offrent pas lapossibilité d’exprimer des règles contextuelles relatives aux permissions, aux interdictions, aux obligations etaux recommandations. Ce type de règle est particulièrement utile pour exprimer des politiques de sécurité dans ledomaine médical. Dans cet article, nous proposons un nouveau modèle qui permet de spécifier de tellespolitiques de sécurité contextuelles. Ce modèle appelé Organisation Based Access Control (ORBAC) s’appuiesur un langage formel basé sur la logique du premier ordre

Structure-Activity Relationship in the Leucettine Family of Kinase Inhibitors

International audienceThe protein kinase DYRK1A is involved in Alzheimer's disease, Down syndrome, diabetes, viral infections, and leukemia. Leucettines, a family of 2-aminoimidazolin-4-ones derived from the marine sponge alkaloid Leucettamine B, have been developed as pharmacological inhibitors of DYRKs (dual specificity, tyrosine phosphorylation regulated kinases) and CLKs (cdc2-like kinases). We report here on the synthesis and structure-activity relationship (SAR) of 68 Leucettines. Leucettines were tested on 11 purified kinases and in cellular assays: (1) CLK1 pre-mRNA splicing, (2) Threonine-212-Tau phosphorylation, (3) glutamate-induced cell death, (4) autophagy and (5) antagonism of ligand-activated cannabinoid receptor CB1. The Leucettine SAR observed for DYRK1A is essentially identical for CLK1, CLK4, DYRK1B, and DYRK2. DYRK3 and CLK3 are less sensitive to Leucettines. In contrast, the cellular SAR highlights correlations between inhibition of specific kinase targets and some but not all cellular effects. Leucettines deserve further development as potential therapeutics against various diseases on the basis of their molecular targets and cellular effects