251,515 research outputs found
Teams organization and performance analysis in autonomous human-robot teams
This paper proposes a theory of human control of robot teams based on considering how people coordinate across different task allocations. Our current work focuses on domains such as foraging in which robots perform largely independent tasks. The present study addresses the interaction between automation and organization of human teams in controlling large robot teams performing an Urban Search and Rescue (USAR) task. We identify three subtasks: perceptual search-visual search for victims, assistance-teleoperation to assist robot, and navigation-path planning and coordination. For the studies reported here, navigation was selected for automation because it involves weak dependencies among robots making it more complex and because it was shown in an earlier experiment to be the most difficult. This paper reports an extended analysis of the two conditions from a larger four condition study. In these two "shared pool" conditions Twenty four simulated robots were controlled by teams of 2 participants. Sixty paid participants (30 teams) were recruited to perform the shared pool tasks in which participants shared control of the 24 UGVs and viewed the same screens. Groups in the manual control condition issued waypoints to navigate their robots. In the autonomy condition robots generated their own waypoints using distributed path planning. We identify three self-organizing team strategies in the shared pool condition: joint control operators share full authority over robots, mixed control in which one operator takes primary control while the other acts as an assistant, and split control in which operators divide the robots with each controlling a sub-team. Automating path planning improved system performance. Effects of team organization favored operator teams who shared authority for the pool of robots. © 2010 ACM
The PERMIS X.509 Based Privilege Management Infrastructure
This document describes the PERMIS X.509 Based Privilege Management Infrastructure, which is a trust management system as described in RFC 2704 [2]. The PERMIS Infrastructure is compared with the AAA Authorisation Framework described in RFC 2904 [4], and is shown to be compatible with it
Entre permis forestier et permis minier, la diff icile Ă©mergence des forĂȘts communautaires au Gabon
A lâheure de lâattribution des premiĂšres forĂȘts communautaires au Gabon, de multiples questions surgissent et attendent de maniĂšre urgente une rĂ©ponse de la part de lâEtat. Le prĂ©sent article se penche sur lâune dâentre elles, Ă savoir la superposition des permis dâexploitation (minier, forestier) avec lâespace utilisĂ© traditionnellement par les communautĂ©s locales et candidates Ă lâobtention dâune forĂȘt communautaire.
Quelques situations rencontrĂ©es sur le terrain sont prĂ©sentĂ©es et discutĂ©es. Il est urgent quâun rĂ©el
amĂ©nagement du territoire voie le jour au Gabon, qui dĂ©termine la place de chaque activitĂ©, hiĂ©rarchise lâaffectation de lâespace et dĂ©termine le cas Ă©chĂ©ant les conditions de « cohabitation » de plusieurs permis.Projet DĂ©veloppement d'alternatives Communautaires Ă la Foresterie IllĂ©gale (DACEFI
Comparison of advanced authorisation infrastructures for grid computing
The widespread use of grid technology and distributed compute power, with all its inherent benefits, will only be established if the use of that technology can be guaranteed efficient and secure. The predominant method for currently enforcing security is through the use of public key infrastructures (PKI) to support authentication and the use of access control lists (ACL) to support authorisation. These systems alone do not provide enough fine-grained control over the restriction of user rights, necessary in a dynamic grid environment. This paper compares the implementation and experiences of using the current standard for grid authorisation with Globus - the grid security infrastructure (GSI) - with the role-based access control (RBAC) authorisation infrastructure PERMIS. The suitability of these security infrastructures for integration with regard to existing grid technology is presented based upon experiences within the JISC-funded DyVOSE project
Advanced security infrastructures for grid education
This paper describes the research conducted into advanced authorization infrastructures at the National e-Science Centre (NeSC) at the University of Glasgow and their application to support a teaching environment as part of the Dynamic Virtual Organisations in e-Science Education (DyVOSE) project. We outline the lessons learnt in teaching Grid computing and rolling out the associated security authorisation infrastructures, and describe our plans for a future, extended security infrastructure for dynamic establishment of inter-institutional virtual organisations (VO) in the education domain
Managing Dynamic User Communities in a Grid of Autonomous Resources
One of the fundamental concepts in Grid computing is the creation of Virtual
Organizations (VO's): a set of resource consumers and providers that join
forces to solve a common problem. Typical examples of Virtual Organizations
include collaborations formed around the Large Hadron Collider (LHC)
experiments. To date, Grid computing has been applied on a relatively small
scale, linking dozens of users to a dozen resources, and management of these
VO's was a largely manual operation. With the advance of large collaboration,
linking more than 10000 users with a 1000 sites in 150 counties, a
comprehensive, automated management system is required. It should be simple
enough not to deter users, while at the same time ensuring local site autonomy.
The VO Management Service (VOMS), developed by the EU DataGrid and DataTAG
projects[1, 2], is a secured system for managing authorization for users and
resources in virtual organizations. It extends the existing Grid Security
Infrastructure[3] architecture with embedded VO affiliation assertions that can
be independently verified by all VO members and resource providers. Within the
EU DataGrid project, Grid services for job submission, file- and database
access are being equipped with fine- grained authorization systems that take VO
membership into account. These also give resource owners the ability to ensure
site security and enforce local access policies. This paper will describe the
EU DataGrid security architecture, the VO membership service and the local site
enforcement mechanisms Local Centre Authorization Service (LCAS), Local
Credential Mapping Service(LCMAPS) and the Java Trust and Authorization
Manager.Comment: Talk from the 2003 Computing in High Energy and Nuclear Physics
(CHEP03), La Jolla, Ca, USA, March 2003, 7 pages, LaTeX, 5 eps figures. PSN
TUBT00
Federated authentication and authorisation for e-science
The Grid and Web service community are defining a range of standards for a complete solution for security. The National e-Science Centre (NeSC) at the University of Glasgow is investigating how the various pre-integration components work together in a variety of e-Science projects. The EPSRC-funded nanoCMOS project aims to allow electronics designers and manufacturers to use e-Science technologies and expertise to solve problems of device variability and its impact on system design. To support the security requirements of nanoCMOS, two NeSC projects (VPMan and OMII-SP) are providing tools to allow easy configuration of security infrastructures, exploiting previous successful projects using Shibboleth and PERMIS. This paper presents the model in which these tools interoperate to provide secure and simple access to Grid resources for non-technical users
Automatically Securing Permission-Based Software by Reducing the Attack Surface: An Application to Android
A common security architecture, called the permission-based security model
(used e.g. in Android and Blackberry), entails intrinsic risks. For instance,
applications can be granted more permissions than they actually need, what we
call a "permission gap". Malware can leverage the unused permissions for
achieving their malicious goals, for instance using code injection. In this
paper, we present an approach to detecting permission gaps using static
analysis. Our prototype implementation in the context of Android shows that the
static analysis must take into account a significant amount of
platform-specific knowledge. Using our tool on two datasets of Android
applications, we found out that a non negligible part of applications suffers
from permission gaps, i.e. does not use all the permissions they declare
- âŠ