Uma plataforma de hospedagem baseada na Web para máquinas pedagógicas

Dificuldades na implantação multi-plataforma e utilização pedagógica das máquinas virtuais podem ter um impacto prejudicial no sucesso de um curso de cons- trução de compiladores. Este artigo apresenta um curso de construção de compiladores de suporte de plataforma, que aborda essa questão. A plataforma proposta é baseada na web, onde máquinas virtuais são acessadas remotamente através de um navegador e pela utilização adequada dos serviços na web. Além disso, ambas as versões de linha de comando e interface gráfica de usuário são suportadas. Além de portabilidade e problemas de manutenção, uma característica interessante do projeto de arquitetura é a sua capacidade de integrar facilmente novas máquinas virtuais. Como prova conceitual, vamos mostrar alguns resultados preliminares sobre a integração de duas máquinas virtuais muito diferentes, que são utilizadas em cursos de constru- ção de compiladores, em universidades portuguesas

Lissom, a source level proof carrying code platform

This paper introduces a proposal for a Proof Carrying Code (PCC) architecture called Lissom. Started as a challenge for final year Computing students, Lissom was thought as a mean to prove to a sceptic community, and in particular to students, that formal verification tools can be put to practice in a realistic environment, and be used to solve complex and concrete problems. The attractiveness of the problems that PCC addresses has already brought students to show interest in this pro ject

Model-checking temporal properties of real-time HTL programs

This paper describes a tool-supported method for the formal verification of timed properties of HTL programs, supported by the automated translation tool HTL2XTA, which extracts from a HTL program (i) an Uppaal model and (ii) a set of properties that state the compliance of the model with certain automatically inferred temporal constraints. These can be manually extended with other temporal properties provided by the user. The paper introduces the details of the proposed mechanisms as well as the results of our experimental validation.Fundação para a Ciência e a Tecnologia (FCT) - Projets Rescue (PTDC/EIA/65862/2006), FAVAS (PTDC/EIA-CCO/105034/2008), LIACC-UP Programa de Financiamento Plurianua

A tool for implementing privacy in Nano

© 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.We present a work in progress strategy for implementing privacy in Nano at the consensus level, that can be of independent interest. Nano is a cryptocurrency that uses an Open Representative Voting (ORV) as a consensus mechanism, a variant of Delegated Proof of Stake. Each transaction on the network is voted on by representatives, and each vote has a weight equal to the percentage of their total delegated balance. Every account can delegate their stake to any other account (including itself) and change it anytime it wants. The goal of this paper is to achieve a way for the consensus algorithm to function without knowing the individual balances of each account. The tool is composed of three different schemes. The first is a weighted threshold secret sharing scheme based on the Chinese Remainder Theorem for polynomial rings [1] and it's used to generate, in a distributed way, a secret that will be a private key of an additive ElGamal cryptosystem over elliptic curves (EC-EG) [2], which is additive homomorphic. The second scheme is the polynomials commitment scheme presented in [3] and is used to make the previous scheme verifiable, i.e., without the need of a trusted dealer. Finally, the third scheme is used to decrypt a ciphertext of the EC-EG cryptosystem without reconstructing the private key and, because of that, can be used multiple times.IEEEinfo:eu-repo/semantics/submittedVersio

A tool for automatic model extraction of Ada/SPARK programs

This paper presents a brief description of the current work on a tool that analyses temporal behaviour of Ada/RavenSPARK programs. The approach takes as a basis two previous publications that introduce innovative methods in the field of verification of real-time systems. The development of a tool that automatically generates models (timed automata) from Ada/RavenSPARK source code and uses the model checker to verify timing properties is discussed

E-Id Authentication and Uniform Access to Cloud Storage Service Providers

Abstract-This article describes an architecture for authentication and uniform access to protected data stored on popular Cloud Storage Service Providers. This architecture takes advantage of the OAuth authentication mechanism and the strong authentication mechanism of the National Electronic Identity (E-Id) Cards , in our case the Portuguese E-Id card or Cartão de Cidadão (CC). We shall present a comparison of authentication mechanisms and access to popular cloud storage providers, comparing the different authentication mechanisms OAuth 1.0, OAuth 1.0a and OAuth 2.0. Using the proposed architecture we have developed an implementation of this architecture that provides a uniform web based access to popular Cloud Storage Service Providers such as Dropbox, Skydrive, Cloudpt and Google Drive using the authentication mechanism of the E-Id card as a unique access token. In order to provide a uniform access to these services we shall describe the differences in the various REST APIs for the targeted providers. Finally the web application that allows users that hold E-Id cards a single point of access to their various cloud storage services will be presented

Acquisition and Analysis of Digital Evidencein Android Smartphones

From an expert's standpoint, an Android phone is a large data repositorythat can be stored either locally or remotely. Besides, its platform allows analysts toacquire device data and evidence, collecting information about its owner and facts underinvestigation. This way, by means of exploring and cross referencing that rich data source,one can get information related to unlawful acts and its perpetrator. There are widespreadand well documented approaches to forensic examining mobile devices and computers.Nevertheless, they are neither specific nor detailed enough to be conducted on Androidcell phones. These approaches are not totally adequate to examine modern smartphones,since these devices have internal memories whose removal or mirroring procedures areconsidered invasive and complex, due to difficulties in having direct hardware access. Theexam and analysis are not supported by forensic tools when having to deal with specific filesystems, such as YAFFS2 (Yet Another Flash File System). Furthermore, specific featuresof each smartphone platform have to be considered prior to acquiring and analyzing itsdata. In order to deal with those challenges, this paper proposes a method to perform dataacquisition and analysis of Android smartphones, regardless of version and manufacturer.The proposed approach takes into account existing techniques of computer and cellphone forensic examination, adapting them to specific Android characteristics, its datastorage structure, popular applications and the conditions under which the device wassent to the forensic examiner. The method was defined in a broad manner, not namingspecific tools or techniques. Then, it was deployed into the examination of six Androidsmartphones, which addressed different scenarios that an analyst might face, and wasvalidated to perform an entire evidence acquisition and analysis