Analyse des langages et modèles de la mobilité

Ce document présente une analyse comparative de divers langages prototypes et modèles formels existants pour la mobilité de code. Trois aspects sont retenus pour cette étude: la distribution, la mobilité, et la sécurité. L'étude est également structurée autour de la notion de domaine qui nous semble centrale dans ces langages et modèles, et illustre différentes sémantiques de cette notion

Integrated Thermal Protection Systems and Heat Resistant Structures

In the early stages of NASA's Exploration Initiative, Snecma Propulsion Solide was funded under the Exploration Systems Research & Technology program to develop a CMC heatshield, a deployable decelerator, and an ablative heat shield for reentry vehicles. Due to changes within NASA's Exploration Initiative, this task was cancelled in early FY06. This paper will give an overview of the work that was accomplished prior to cancellation. The Snecma team consisted of MT Aerospace, Germany, and Materials Research & Design (MR&D), NASA Langley, NASA Dryden, and NASA Ames in the United States. An Apollo-type capsule was chosen as the reference vehicle for the work. NASA Langley generated the trajectory and aerothermal loads. Snecma and MT Aerospace began the design of a ceramic aft heatshield (CAS) utilizing C/SiC panels as the capsule heatshield. MR&D led the design of a C/SiC deployable decelerator, NASA Ames led the characterization of several ablators, NASA Dryden led the development of a heath management system and the high temperature structures testing, and NASA Langley led the insulation characterization. Though the task was pre-maturely cancelled, a significant quantity of work was accomplished

Side Channels in the Cloud: Isolation Challenges, Attacks, and Countermeasures

Cloud computing is based on the sharing of physical resources among several virtual machines through a virtualization layer providing software isolation. Despite advances in virtualization, data security and isolation guarantees remain important challenges for cloud providers. Some of the most prominent isolation violations come from side-channel attacks that aim at exploiting and using a leaky channel to obtain sensitive data such as encryption keys. Such channels may be created by vulnerable implementations of cryptographic algorithms, exploiting weaknesses of processor architectures or of resource sharing in the virtualization layer. In this paper, we provide a comprehensive survey of side-channel attacks (SCA) and mitigation techniques for virtualized environments, focusing on cache-based attacks. We review isolation challenges, attack classes and techniques. We also provide a layer-based taxonomy of applicable countermeasures , from the hardware to the application level, with an assessment of their effectiveness

Integrated Thermal Protection Systems and Heat Resistant Structures

In the early stages of NASA's Exploration Initiative, Snecma Propulsion Solide was funded under the Exploration Systems Research & Technology program to develop integrated thermal protection systems and heat resistant structures for reentry vehicles. Due to changes within NASA's Exploration Initiative, this task was cancelled early. This presentation provides an overview of the work that was accomplished prior to cancellation. The Snecma team chose an Apollo-type capsule as the reference vehicle for the work. They began with the design of a ceramic aft heatshield (CAS) utilizing C/SiC panels as the capsule heatshield, a C/SiC deployable decelerator and several ablators. They additionally developed a health monitoring system, high temperature structures testing, and the insulation characterization. Though the task was pre-maturely cancelled, a significant quantity of work was accomplished

Privacy-preserving Attestation for Virtualized Network Infrastructures

In multi-tenant cloud environments, physical resources are shared between various parties (called tenants) through the use of virtual machines (VMs). Tenants can verify the state of their VMs by means of deep-attestation: a process by which a (physical or virtual) Trusted Platform Module --TPM -- generates attestation quotes about the integrity state of the VMs. Unfortunately, most existing deep-attestation solutions are either: limited to single-tenant environments, in which tenant {privacy is irrelevant; are inefficient in terms of {linking VM attestations to hypervisor attestations; or provide privacy and/or linking, but at the cost of modifying the TPM hardware. In this paper, we propose a privacy preserving TPM-based deep-attestation solution in multi-tenant environments, which provably guarantees: (i) Inter-tenant privacy: a tenant is unaware of whether or not the physical machine hosting its VMs also contains other VMs (belonging to other tenants); (ii) Configuration privacy: the hypervisor\u27s configuration, used in the attestation process, remains private with respect to the tenants requiring a hypervisor attestation; and (iii) Layer linking: our protocol enables tenants to link hypervisors with the VMs, thus obtaining a guarantee that their VMs are running on specific physical machines. Our solution relies on vector commitments and ZK-SNARKs. We build on the security model of Arfaoui et al. and provide both formalizations of the properties we require and proofs that our scheme does, in fact attain them. Our protocol is scalable, and our implementation results prove that it is viable, even for a large number of VMs hosted on a single platform

D1.3 - SUPERCLOUD Architecture Implementation

In this document we describe the implementation of the SUPERCLOUD architecture. The architecture provides an abstraction layer on top of which SUPERCLOUD users can realize SUPERCLOUD services encompassing secure computation workloads, secure and privacy-preserving resilient data storage and secure networking resources spanning across different cloud service providers' computation, data storage and network resources. The components of the SUPERCLOUD architecture implementation are described. Integration between the different layers of the architecture (computing security, data protection, network security) and with the facilities for security self-management is also highlighted. Finally, we provide download and installation instructions for the released software components that can be downloaded from our common SUPERCLOUD code repository

Tracing the Filamentary Structure of the Galaxy Distribution at z~0.8

We study filamentary structure in the galaxy distribution at z ~ 0.8 using data from the Deep Extragalactic Evolutionary Probe 2 (DEEP2) Redshift Survey and its evolution to z ~ 0.1 using data from the Sloan Digital Sky Survey (SDSS). We trace individual filaments for both surveys using the Smoothed Hessian Major Axis Filament Finder, an algorithm which employs the Hessian matrix of the galaxy density field to trace the filamentary structures in the distribution of galaxies. We extract 33 subsamples from the SDSS data with a geometry similar to that of DEEP2. We find that the filament length distribution has not significantly changed since z ~ 0.8, as predicted in a previous study using a \LamdaCDM cosmological N-body simulation. However, the filament width distribution, which is sensitive to the non-linear growth of structure, broadens and shifts to smaller widths for smoothing length scales of 5-10 Mpc/h from z ~ 0.8 to z ~ 0.1, in accord with N-body simulations.Comment: 10 pages, 8 figures, accepted for the publication in MNRA

Low seroprevalence of COVID-19 in Lao PDR, late 2020

Background In 2020 Lao PDR had low reported COVID-19 cases but it was unclear whether this masked silent transmission. A seroprevalence study was done August - September 2020 to determine SARS-CoV-2 exposure. Methods Participants were from the general community (n=2433) or healthcare workers (n=666) in five provinces and bat/wildlife contacts (n=74) were from Vientiane province. ELISAs detected anti- SARS-CoV-2 Nucleoprotein (N; n=3173 tested) and Spike (S; n=1417 tested) antibodies. Double-positive samples were checked by IgM/IgG rapid tests. Controls were confirmed COVID-19 cases (n=15) and pre-COVID-19 samples (n=265). Seroprevalence for the general community was weighted to account for complex survey sample design, age and sex. Findings In pre-COVID-19 samples, 5·3%, [95% CI=3·1-8·7%] were anti-N antibody single-positive and 1·1% [0·3-3·5%] were anti-S antibody single positive. None were double positive. Anti-N and anti-S antibodies were detected in 5·2% [4·2-6·5%] and 2·1% [1·1-3·9%] of the general community, 2·0% [1·1-3·3%] and 1·4% [0·5-3·7%] of healthcare workers and 20·3% [12·6-31·0%] and 6·8% [2·8-15·3%] of bat/wildlife contacts. 0·1% [0·02-0·3%] were double positive for anti-N and anti-S antibodies (rapid test negative). Interpretation We find no evidence for significant SARS-CoV-2 circulation in Lao PDR before September 2020. This likely results from early decisive measures taken by the government, social behavior, and low population density. High anti-N /low anti-S seroprevalence in bat/wildlife contacts may indicate exposure to cross-reactive animal coronaviruses with threat of emerging novel viruses. Funding Agence Française de Développement. Additional; Institut Pasteur du Laos, Institute Pasteur, Paris and Luxembourg Ministry of Foreign and European Affairs (“PaReCIDS II”)

A micro-bead device to explore Plasmodium falciparum-infected, spherocytic or aged red blood cells prone to mechanical retention by spleen endothelial slits

Présentation oraleInternational audiencen.

The owner, the provider and the subcontractors : how to handle accountability and liability management for 5G end to end service

The adoption of 5G services depends on the capacity to provide high-value services. In addition to enhanced performance, the capacity to deliver Security Service Level Agreements (SSLAs) and demonstrate their fulfillment would be a great incentive for the adoption of 5G services for critical 5G Verticals (e.g., service suppliers like Energy or Intelligent Transportation Systems) subject to specific industrial safety, security or service level rules and regulations (e.g., NIS or SEVESO Directives). Yet, responsibilities may be difficult to track and demonstrate because 5G infrastructures are interconnected and complex, which is a challenge anticipated to be exacerbated in future 6G networks. This paper describes a demonstrator and a use case that shows how 5G Service Providers can deliver SSLAs to their customers (Service Owners) by leveraging a set of network enablers developed in the INSPIRE-5Gplus project to manage their accountability, liability and trust placed in subcomponents of a service (subcontractors). The elaborated enablers are in particular a novel sTakeholder Responsibility, AccountabIity and Liability deScriptor (TRAILS), a Liability-Aware Service Management Referencing Service (LASM-RS), an anomaly detection tool (IoT-MMT), a Root Cause Analysis tool (IoT-RCA), two Remote Attestation mechanisms (Systemic and Deep Attestation), and two Security-by-Orchestration enablers (one for the 5G Core and one for the MEC)