Context-aware Authorization in Highly Dynamic Environments

Highly dynamic computing environments, like ubiquitous and pervasive computing environments, require frequent adaptation of applications. Context is a key to adapt suiting user needs. On the other hand, standard access control trusts users once they have authenticated, despite the fact that they may reach unauthorized contexts. We analyse how taking into account dynamic information like context in the authorization subsystem can improve security, and how this new access control applies to interaction patterns, like messaging or eventing. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS), in smart home security

Context-sensitive authorization for asynchronous communications

Main requirement of recent computing environments, like mobile and then ubiquitous computing, is to adapt applications to context. On the other hand, access control generally trust users once they have authenticated, despite the fact that they may reach unauthorized situations. We analyse how dynamic information can be used to improve security in the authorization process, especially in the case of asynchronous communications, like messaging or eventing. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS)

WComp, a Middleware for Ubiquitous Computing

International audienc

Context-Sensitive Authorization in Interaction Patterns

Main requirement of recent computing environments, like mobile and then ubiquitous computing, is to adapt applications to context. On the other hand, access control generally trust users once they have authenticated, despite the fact that they may reach unauthorized situations. We analyse how dynamic information can be used to improve security in the authorization process, and what are the implications when applied to interaction patterns. We experiment and validate our approach using context as an authorization factor for eventing in Web service for device (like UPnP or DPWS)

Net-Exchange parameterization of infrared radiative transfers in Venus' atmosphere

International audienceThermal radiation within Venus atmosphere is analyzed in close details. Prominent features are identified, which are then used to design a parameterization (a highly simplified and yet accurate enough model) to be used in General Circulation Models. The analysis is based on a net exchange formulation, using a set of gaseous and cloud optical data chosen among available referenced data. The accuracy of the proposed parameterization methodology is controlled against Monte Carlo simulations, assuming that the optical data are exact. Then, the accuracy level corresponding to our present optical data choice is discussed by comparison with available observations, concentrating on the most unknown aspects of Venus thermal radiation, namely the deep atmosphere opacity and the cloud composition and structure

WComp, Middleware for Ubiquitous Computing and System Focused Adaptation

International audienceUbiquitous computing relies on computers present everywhere, at any times and in any things. Indeed with recent years advance in mobile communication technologies and the miniaturization of computer hardware, processing units are becoming invisible and a part of the environment. Middlewares for ubiquitous computing have to manage three main features specific to their environment: devices’ mobility, devices’ heterogeneity and environment’s dynamicity. The devices’ mobility, due to motion of users and their associated devices, forbids to assume that entities are known and will always be available. The second concept, entity’s heterogeneity, outlines the diversity between devices’ capabilities and functionalities provided by new smart objects. Finally, the environment high dynamicity illustrates the ubiquitous world entropy with the appearance and disappearance of devices. Devices used to create applications are thus unknown before discovering them. Then, ubiquitous computing must deal with such a dynamic software environment (called software infrastructure afterwards). As a result, future ubiquitous computing architectures must take into account those three constraints to solve ubiquitous computing challenges.Our model of middleware WComp is based on three parts: a software infrastructure, a service composition architecture, and a compositional adaptation mechanism

Snowball Earth climate dynamics and Cryogenian geology–geobiology

Geological evidence indicates that grounded ice sheets reached sea level at all latitudes during the long‐lived Sturtian (717–659 Ma) and Marinoan (ca 645–635 Ma) glaciations. Combined U-­‐Pb and Re-­‐Os geochronology suggests that the Sturtian glacial onset and both terminations were globally synchronous. Geochemical data imply that atmospheric pCO2 was 102x modern at the Marinoan termination, consistent with Snowball Earth hysteresis. Sturtian glaciation followed the breakup of a tropical supercontinent, and its onset coincided with the equatorial emplacement of a large igneous province. Modeling shows that the small thermal inertia of a globally frozen surface reverses the annual-mean Hadley circulation, resulting in equatorial net sublimation and net deposition elsewhere. Oceanic ice thickens, forming a sea glacier that flows gravitationally toward the equator, sustained by the hydrologic cycle and by basal freeze-on and melting. Tropical ice sheets flow faster as CO2 rises, but lose mass and become sensitive to orbital forcing. Dust accumulation in the equatorial zone engenders supraglacial oligotrophic meltwater ecosystems, favorable for cyanobacteria and many eukaryotes. Meltwater flushing through moulins enables organic burial and submarine deposition of subaerially-­‐erupted volcanic ash. The subglacial ocean is turbulent and well­‐mixed, in response to geothermal heating and conductive heat loss through the ice cover, increasing with latitude. Cap carbonates, unique to Snowball Earth terminations, are products of intense weathering and ocean stratification. Whole-­ocean warming and ice-sheet forebulge collapse allow marine coastal inundations to progress long after ice-sheet disappearance. The evolutionary legacy of Snowball Earth is perceptible in fossils and living organisms

Contexte et sécurité dans les intergiciels d'informatique ambiante

En informatique ambiante, le contexte joue un rôle capital. Les applications informatiques étendent leurs interactions avec 'environnement: de nouvelles entrées et sorties sont utilisées, telles que des capteurs et d'autres dispositifs mobiles d'interaction avec l'environnement réel et physique. Les intergiciels, créés pour masquer la complexité des couches inférieures en informatique distribuée, se voient alors chargés de nouvelles préoccupations, comme la prise en compte du contexte, l'adaptation des applications ou la sécurité. Une représentation en couches intergicielles de ces préoccupations ne permet pas d'exprimer toutes leurs interdépendances. En informatique ambiante, la distribution est nécessaire pour obtenir les informations contextuelles, mais il est aussi nécessaire de prendre en compte le contexte dans la distribution, par exemple pour limiter les interactions aux entités d'un contexte défini. De plus, les interactions asynchrones utilisées dans les nouveaux environnements informatiques nécessitent une attention particulière lors de la prise en compte du contexte. De même, la sécurité intervient à la fois dans les couches intergicielles de distribution et de prise en compte du contexte. Dans cette thèse nous présentons un modèle de prise en compte du contexte dans la sécurité et la distribution. Le contrôle d'accès doit évoluer pour intégrer une autorisation dynamique et réactive, basée sur des informations liées à l'environnement et plus simplement sur l'authentification des entités. Les informations contextuelles évoluent suivant une dynamique indépendante des applications. Il est aussi nécessaire de détecter les changements de contexte pour réévaluer l'autorisation. Nous expérimentons cette prise en compte du contexte dans le contrôle des interactions avec la plate-forme expérimentale WComp, issue du modèle SLCA/AA (Service Lightweight Component Architecture / Aspects of Assembly). SLCA permet de concevoir des intergiciels et des applications dynamiques dont le découpage fonctionnel n'est pas traduit en couches, mais par un entrelacement de fonctionnalités. Les aspects d'assemblage sont un mécanisme d'adaptation compositionnelle d'assemblages de composants. Nous les utilisons pour exprimer nos préoccupations non-fonctionnelles et pour les composer avec les applications existantes de façon déterministe et réactive. Nous introduisons pour cela des règles de contrôle d'interactions contextualisées. L'intergiciel permet ainsi d'adapter en fonction du contexte nos préoccupations non-fonctionnelles et le comportement de l'application.In ubiquitous computing, context is key. Computer applications are extending their interactions with the environment: new inputs and outputs are used, such as sensors and other mobile devices interacting with the physical environment. Middlewares, created in distributed computing to hide the complexity of lower layers, are then loaded with new concerns, such as taking into account the context, adaptation of applications or security. A middleware layer representation of these concerns cannot express all heir interdependencies. In pervasive computing, distribution is required to obtain contextual information, but it is also necessary to take into account the context in distribution, for example to restrict interactions between entities in a defined context. In addition,asynchronous interactions used in those new environments require special attention when taking into account the context. Similarly, security is involved both in the middleware layers of distribution and context-sensitivity. In this thesis we present a model taking into account the context both in security and distribution. Access control must evolve to incorporate a dynamic and reactive authorization, based on information related to environment or simply on the authentication information of entities. Contextual information evolve with their own dynamic, independent of applications. It is also necessary to detect context changes to reenforce the authorization. We are experimenting this context-awareness targetting interaction control with the experimental framework WComp, derived from the SLCA/AA (Service Lightweight Component Architecture / Aspects of Assembly) model. SLCA allows to create dynamic middlewares and applications for which functional cutting is not translated into layers but into an interleaving of functionalities. Aspects of assembly are a mechanism for compositional adaptation of assemblies of components. We use them to express our non-functional concerns and to compose them with existing applications in a deterministic and reactive manner. For this purpose, we introduce context-aware interaction control rules. The middleware thus allows to adapt, according to context, our non-functional concerns and the behavior of the application.NICE-BU Sciences (060882101) / SudocSudocFranceF