Safe Data Sharing and Data Dissemination on Smart Devices

The erosion of trust put in traditional database servers, the growing interest for different forms of data dissemination and the concern for protecting children from suspicious Internet content are different factors that lead to move the access control from servers to clients. Several encryption schemes can be used to serve this purpose but all suffer from a static way of sharing data. In a precedent paper, we devised smarter client-based access control managers exploiting hardware security elements on client devices. The goal pursued is being able to evaluate dynamic and personalized access control rules on a ciphered XML input document, with the benefit of dissociating access rights from encryption. In this demonstration, we validate our solution using a real smart card platform and explain how we deal with the constraints usually met on hardware security elements (small memory and low throughput). Finally, we illustrate the generality of the approach and the easiness of its deployment through two different applications: a collaborative application and a parental control application on video streams

A Smart XML Access Right Controller for Mobile Applications

International audienceChip-Secured XML Access (C-SXA) is a versatile XML-based Access Right Controller embedded in a smart card. C-SXA can be used either to protect the privacy of on-board personal data or to control the flow of data extracted from an external source. C-SXA addresses a broad range of applications, like secure portable folders, Digital Right Management, parental control or exchange of confidential information among a community of users. We illustrate the effectiveness of this technology through a collaborative agenda application embedded in a cellular phone SIM card

Finishing the euchromatic sequence of the human genome

The sequence of the human genome encodes the genetic instructions for human physiology, as well as rich information about human evolution. In 2001, the International Human Genome Sequencing Consortium reported a draft sequence of the euchromatic portion of the human genome. Since then, the international collaboration has worked to convert this draft into a genome sequence with high accuracy and nearly complete coverage. Here, we report the result of this finishing process. The current genome sequence (Build 35) contains 2.85 billion nucleotides interrupted by only 341 gaps. It covers ∼99% of the euchromatic genome and is accurate to an error rate of ∼1 event per 100,000 bases. Many of the remaining euchromatic gaps are associated with segmental duplications and will require focused work with new methods. The near-complete sequence, the first for a vertebrate, greatly improves the precision of biological analyses of the human genome including studies of gene number, birth and death. Notably, the human enome seems to encode only 20,000-25,000 protein-coding genes. The genome sequence reported here should serve as a firm foundation for biomedical research in the decades ahead

Socializing One Health: an innovative strategy to investigate social and behavioral risks of emerging viral threats

In an effort to strengthen global capacity to prevent, detect, and control infectious diseases in animals and people, the United States Agency for International Development’s (USAID) Emerging Pandemic Threats (EPT) PREDICT project funded development of regional, national, and local One Health capacities for early disease detection, rapid response, disease control, and risk reduction. From the outset, the EPT approach was inclusive of social science research methods designed to understand the contexts and behaviors of communities living and working at human-animal-environment interfaces considered high-risk for virus emergence. Using qualitative and quantitative approaches, PREDICT behavioral research aimed to identify and assess a range of socio-cultural behaviors that could be influential in zoonotic disease emergence, amplification, and transmission. This broad approach to behavioral risk characterization enabled us to identify and characterize human activities that could be linked to the transmission dynamics of new and emerging viruses. This paper provides a discussion of implementation of a social science approach within a zoonotic surveillance framework. We conducted in-depth ethnographic interviews and focus groups to better understand the individual- and community-level knowledge, attitudes, and practices that potentially put participants at risk for zoonotic disease transmission from the animals they live and work with, across 6 interface domains. When we asked highly-exposed individuals (ie. bushmeat hunters, wildlife or guano farmers) about the risk they perceived in their occupational activities, most did not perceive it to be risky, whether because it was normalized by years (or generations) of doing such an activity, or due to lack of information about potential risks. Integrating the social sciences allows investigations of the specific human activities that are hypothesized to drive disease emergence, amplification, and transmission, in order to better substantiate behavioral disease drivers, along with the social dimensions of infection and transmission dynamics. Understanding these dynamics is critical to achieving health security--the protection from threats to health-- which requires investments in both collective and individual health security. Involving behavioral sciences into zoonotic disease surveillance allowed us to push toward fuller community integration and engagement and toward dialogue and implementation of recommendations for disease prevention and improved health security

CSXA: Sécurisation du contrôle d'accès pour les documents XML

National audienc

Sécurisation du contrôle d'accès pour des documents XML

Numéro spécial des Prix de Thèse ASTI et SPECIFNational audienc

A Secure Access Controller for XML Documents

The erosion of trust put in traditional database servers and in Database Service Providers and the growing interest for different forms of selective data dissemination are different factors that lead to move the access control from servers to clients. Different data encryption and key dissemination schemes have been proposed to serve this purpose. By compiling the access control rules into the encryption process, all these methods suffer from a static way of sharing data. With the emergence of hardware security elements on client devices, more dynamic client-based access control schemes can be devised. This thesis proposes a tamper-resistant client-based XML access right controller supporting flexible and dynamic access control policies. The access control engine is embedded in a hardware secure device and therefore must cope with specific hardware resources. This engine takes benefit from a dedicated index to quickly converge towards the authorized parts of a – potentially streaming – XML document. Additional security mechanisms guarantee that the input document is protected from any form of tampering and replay attacks. Finally, we provide performance measurements and show the viability of our approach on smart cards in various application contexts.La baisse de confiance accordée aux serveurs traditionnels de bases de données et aux hébergeurs de bases de données (Database Service Providers) ainsi que l'intérêt croissant pour la distribution sélective de données sont différents facteurs qui amènent à migrer le contrôle d'accès du serveur vers les terminaux clients. Plusieurs schémas de chiffrement et de dissémination de clés ont été proposés dans ce but mais en compilant les règles de contrôle d'accès dans le processus de chiffrement, ils imposent tous un partage statique des données. L'apparition de composants matériels sécurisés sur divers terminaux clients permet de lever cette limitation en permettant de concevoir de nouveaux schémas dynamiques de contrôle d'accès sur le client. Cette thèse présente un évaluateur sécurisé de politiques de contrôle d'accès flexibles et dynamiques sur des documents XML. Cet évaluateur est embarqué dans un composant matériel sécurisé et doit par conséquent s'adapter à des contraintes matérielles spécifiques. Il tire pour cela parti d'un index dédié pour converger rapidement vers les parties autorisées d'un document arrivant éventuellement en flux sur le terminal client. Des mécanismes supplémentaires de sécurité garantissent que le document d'entrée est protégé contre toute forme de modification illicite et d'attaque de rejeu. La viabilité de notre approche est montrée dans divers contextes applicatifs sur des cartes à puces actuelles et est validée par des mesures de performance

Client-based access control for XML documents

Accessit of the Ph. D. Thesis Award 2007 delivered by ASTI (Fédération des Associations Françaises des Sciences et Techniques de l'Information