33 Hits in 0.9 sec

A Dyadic Operator for the Gradation of Desirability [chapter]

Guillaume Piolle
2010 Lecture Notes in Computer Science  
We propose a normal modal deontic logic based on a dyadic operator, similar in structure to the temporal "until". By bringing significant expressiveness to the logic, it allows both the definition of a monadic desirability operator similar to the SDL obligation, and the expression of the relative level of desirability of target formulae. The interpretation of this logic on a linear structure of worlds ordered by desirability makes its semantics more intuitive and concrete than the SDL deontic
more » ... cessibility relation. We also show that the core modality of the logic permits to represent the Chisholm and Forrester paradoxes of deontic logic in a more precise way, which does not lead to inconsistencies.
doi:10.1007/978-3-642-14183-6_5 fatcat:7i7mt4iq5zgv7irgshdt4nh23e

Representing privacy regulations with deontico-temporal operators

Guillaume Piolle, Yves Demazeau
2011 Web Intelligence and Agent Systems  
The aim of this study is to provide artificial agents with logical tools to reason specifically on privacy-related regulations, in order to comply with them. In order to express these regulations, the Deontic Logic for Privacy (DLP) is proposed. DLP is a deontic and temporal logic based on predicates dealing with personal data management. Illustrated by an example, it becomes obvious that specific operators are needed to express mixed deontic and temporal notions such as obligations with
more » ... es and maintained interdictions. A set of eight specific requirements is defined for such operators. The existing proposals in the field are then evaluated with respect to these criteria, and found insufficient. Two new operators are tailored to fit both the DLP formalism and the eight requirements. It is then shown how such operators can be used to translate typical privacy regulations in logical formulae via the DLP language.
doi:10.3233/wia-2011-0215 fatcat:wbvmhpbyg5a73ive42udm2n5m4

Hidden Issuer Anonymous Credential

Daniel Bosk, Davide Frey, Mathieu Gestin, Guillaume Piolle
2022 Proceedings on Privacy Enhancing Technologies  
Identity Management Systems (IMS) allow users to prove characteristics about themselves to multiple service providers. IMS evolved from impractical, site-by-site authentication, to versatile, privacyenhancing Self Sovereign Identity (SSI) Frameworks. SSI frameworks often use Anonymous Credential schemes to provide user privacy, and more precisely unlinkability between uses of these credentials. However, these schemes imply the disclosure of the identity of the Issuer of a given credential to
more » ... service provider. This can lead to information leaks. We deal with this problem by introducing a new Anonymous Credential scheme that allows a user to hide the Issuer of a credential, while being able to convince the service providers that they can trust the credential, in the absence of a trusted setup. We prove this new scheme secure under the Computational Diffie Hellman assumption, and Decisional Diffie Hellman assumption, in the Random Oracle Model. We show that this scheme is efficient enough to be used with laptops, and to be integrated into SSI frameworks or any other IMS.
doi:10.56553/popets-2022-0123 fatcat:aioysmmdtvdavhwfuxl3unzn3y

Connectivity extraction in cloud infrastructures

Pernelle Mensah, Samuel Dubus, Wael Kanoun, Christine Morin, Guillaume Piolle, Eric Totel
2017 2017 13th International Conference on Network and Service Management (CNSM)  
To determine the threat exposure of a virtualized environment, attack graphs generation, coupled to a risk-based assessment can be used. The first roadblock to lift to that end is the extraction of the topology. We will present in this paper the stategy we intend to use to obtain a near real-time view of the connectivity existing in a virtual infrastructure.
doi:10.23919/cnsm.2017.8256010 dblp:conf/cnsm/MensahDKMPT17 fatcat:xuevc7p7jvbj3e7wq7kkqpfulu

Delegation of Obligations and Responsibility [chapter]

Meriam Ben Ghorbel-Talbi, Frédéric Cuppens, Nora Cuppens-Boulahia, Daniel Le Métayer, Guillaume Piolle
2011 IFIP Advances in Information and Communication Technology  
In this paper, we discuss the issue of responsibilities related to the fulfillment and the violation of obligations. We propose to formally define the different aspects of responsibility, namely causal responsibility, functional responsibility, liability as well as sanctions, and to examine how delegation influences these concepts. Our main aim is to identify the responsibility of each agent that is involved in the delegation of obligations. More precisely, we try to answer to the following
more » ... tions: who is responsible for the obligation fulfillment? When a violation occurs, which agents are causally responsible for this violation? Who is liable for this violation and to whom? And finally, who must be sanctioned?
doi:10.1007/978-3-642-21424-0_16 fatcat:7vixpzzakzezxb2bfv63bnee4i

From Theory to Practice: Forgiveness as a Mechanism to Repair Conflicts in CMC [chapter]

Asimina Vasalou, Jeremy Pitt, Guillaume Piolle
2006 Lecture Notes in Computer Science  
In computer-mediated communication (CMC) online members often behave in undesirable ways, therefore creating a need for an active regulating force. Trust and reputation mechanisms have been adopted to address this problem and in doing so have eliminated the high costs of employing a human moderator. However, these systems have emphasized the need to 'punish' a given offender, while neglecting to account for alternative ways to repair the offence e.g. by forgiveness. In this paper, we define a
more » ... eoretical model of forgiveness which is operationalized using a fuzzy logic inference system and then applied in a particular scenario. It is argued that forgiveness in CMC may work as a possible prosocial mechanism, which in the short-term can help resolve a given conflict and in the long-term can add to an increasingly prosocial and homeostatic environment.
doi:10.1007/11755593_29 fatcat:md2boc4g5bddbhn36gmhnlavba

Information Flow Tracking for Linux Handling Concurrent System Calls and Shared Memory [chapter]

Laurent Georget, Mathieu Jaume, Guillaume Piolle, Frédéric Tronel, Valérie Viet Triem Tong
2017 Lecture Notes in Computer Science  
Information flow control can be used at the Operating System level to enforce restrictions on the diffusion of security-sensitive data. In Linux, information flow trackers are often implemented as Linux Security Modules. They can fail to monitor some indirect flows when flows occur concurrently and affect the same containers of information. Furthermore, they are not able to monitor the flows due to file mappings in memory and shared memory between processes. We first present two attacks to
more » ... state-of-the-art LSM-based trackers. We then describe an approach, formally proved with Coq [12] to perform information flow tracking able to cope with concurrency and in-memory flows. We demonstrate its implementability and usefulness in Rfblare, a race conditionfree version of the flow tracking done by KBlare [4].
doi:10.1007/978-3-319-66197-1_1 fatcat:scm7pptpurdwnikhtgtceuqe44

An Analysis Grid for Privacy-Related Properties of Social Network Systems

Regina Marin, Guillaume Piolle, Christophe Bidan
2013 2013 International Conference on Social Computing  
Social Network Systems (SNSs) are the predominant kind of web service around the world. They attract many users seeking popularity, entertainment and network building, along with ease of use. Most current SNSs are based on centralized designs, which are less likely to improve privacy since there is a single and central authority with exclusive administration control over user information. Many proposals have been introduced that work towards decentralizing the infrastructure support in order to
more » ... enhance privacy in SNSs. However, designing decentralized social network systems (DSNS) driven by privacy is a hard task because privacy is impacted by most design choices. This paper proposes a multicriteria analysis grid designed to evaluate several properties of SNSs related to privacy trade-offs. Based on the analysis grid result, this paper also presents the application of latticebased tools to classify and visualize social network systems in privacy-related hierarchies.
doi:10.1109/socialcom.2013.79 dblp:conf/socialcom/MarinPB13 fatcat:rwmlr44p5zgcfc5lqty32durge

Une architecture pour la protection étendue des données personnelles

Guillaume Piolle, Yves Demazeau
2010 Revue d'intelligence artificielle : Revue des Sciences et Technologies de l'Information  
2010 Résumé Le problème le plus délicat en protection de la vie privée est la protectionétendue des données, qui consisteà s'assurer qu'une information n'est pas utilisée d'une façon non autorisée par un agent distant. Nous analysons les travaux existants tentant de résoudre ce problème en fonction du niveau de confiance qu'ils permettent d'apporter aux utilisateurs, le niveau le plusélevé correspondant aux garanties fortes fournies par les méthodes du Trusted Computing. Cette technologieétant
more » ... aradoxalement dangereuse pour les libertés des utilisateurs, nous suggérons trois critères pourévaluer dans quelle mesure une architecture de Trusted Computing est profitable ou dangereuse pour un utilisateur. Sur cette base, nous proposons une nouvelle architecture de ce type (utilisant la délégation des processus et des donnéesà des agents autonomes), assurant a la fois un haut niveau de confiance et une absence de risque pour l'utilisateur. The most difficult problem in the domain of privacy is the one of extended data protection, which consists in ensuring that a piece of information is not processed in an unauthorized fashion by a distant agent. We analyze the existing works trying to address this issue with respect to the level of trust they can bring to users, the ultimate level being represented by the strong guaranteees provided by Trusted Computing techniques. This technology being paradoxally dangerous for the users' liberties, we suggest three criteria for evaluating whether a TC-based architecture is fruitful or threatening to the user. On this basis, we propose a new TC-based architecture, ensuring both a high level of trust and an absence of risk for the user.
doi:10.3166/ria.24.695-715 fatcat:y6myv2k3hnaghef5elshgwod74

Déléguer la protection des données personnelles à des agents cognitifs

Guillaume Piolle, Yves Demazeau
2010 Revue d'intelligence artificielle : Revue des Sciences et Technologies de l'Information  
2010 Résumé L'intégration des réglementations en matière de protection des données personnelles peut s'avérer complexe pour l'utilisateur. Malheureusement, les propositions techniques en matière de vie privée manquentà la fois d'un lien efficace avec les réglementations et de réelles capacités a aider les utilisateurs au cours de leurs interactions. C'est pourquoi nous proposons le modèle d'agent PAw, un agent cognitif autonome chargé d'assister son propriétaire humain et de protéger ses
more » ... . Il est capable d'appréhender un contexte normatif composite et d'en déduire une politique de gestion des données respectant les réglementations. Il peut ainsi procéder aux choix les plus judicieux pour protéger le droità la vie privée de son propriétaire. Integrating regulations regarding personal data protection can be a complex task for users. Unfortunately, technical privacy-enhancing proposals lack both an efficient bond with regulations and the actual ability to help human users dealing with their interactions. This is why we propose the model of the PAw agent, a cognitive autonomous agent whose aim is to assist its human owner and to protect her data. It is capable of perceiving and reasoning on a composite normative context, and to build upon this basis a data usage policy focusing on regulation compliance. It is thus able to make the wisest choices in order to protect the right to privacy of its owner.
doi:10.3166/ria.24.357-390 fatcat:qn6y75ivcrb5jpvsmy3calewlu

Connectivity graph reconstruction for networking cloud infrastructures

Pernelle Mensah, Samuel Dubus, Wael Kanoun, Christine Morin, Guillaume Piolle, Eric Totel
2017 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA)  
Cloud providers have an incomplete view of their hosted virtual infrastructures managed by a Cloud Management System (CMS) and a Software Defined Network (SDN) controller. For various security reasons (e.g. isolation verification, modeling attack paths in the network), it is necessary to know which virtual machines can interact via network protocols. This requires building a connectivity graph between the virtual machines, that we can extract with the knowledge of the overall topology and the
more » ... ployed network security policy. Existing methodologies for building such models for physical networks produce incomplete results. Moreover, they are not suitable for cloud infrastructures due to either their intrusiveness or lack of connectivity discovery. We propose a method to compute the connectivity graph, relying on information provided by both the CMS and the SDN controller. Connectivity can first be extracted from knowledge databases, then dynamically updated on the occurrence of cloudrelated events. This approach shows an exact, complete and up-to-date connectivity graphs computation on a representative infrastructure, in reasonable time.
doi:10.1109/nca.2017.8171337 dblp:conf/nca/MensahDKMPT17 fatcat:ibjweocp6jcyllotu7h6nkz4ka

Obligations with Deadlines and Maintained Interdictions in Privacy Regulation Frameworks

Guillaume Piolle, Yves Demazeau
2008 2008 IEEE/WIC/ACM International Conference on Web Intelligence and Intelligent Agent Technology  
We aim at providing artificial agents with logical tools to reason specifically on privacy-related regulations, in order to comply with them. In order to express these regulations, we propose a deontic and temporal logic based on predicates dealing with personal data management. Using an example, we show the need for specific operators to express obligations with deadlines and maintained interdictions. We define a set of eight specific requirements for such operators, we evaluate the existing
more » ... oposals with respect to these requirements and we adapt our own ones, to better suit to our formalism.
doi:10.1109/wiiat.2008.168 dblp:conf/iat/PiolleD08 fatcat:chhz7vqr55hlvlhm463j2p3yqa

Verifying the Reliability of Operating System-Level Information Flow Control Systems in Linux

Laurent Georget, Mathieu Jaume, Frederic Tronel, Guillaume Piolle, Valerie Viet Triem Tong
2017 2017 IEEE/ACM 5th International FME Workshop on Formal Methods in Software Engineering (FormaliSE)  
Information Flow Control at Operating System (OS) level features interesting properties and have been an active topic of research for years. However, no implementation can work reliably if there does not exist a way to correctly and precisely track all information flows occurring in the system. The existing implementations for Linux are based on the Linux Security Modules (LSM) framework which implements hooks at specific points in code where any security mechanism may interpose a security
more » ... ion in the execution. However, previous works on the verification of LSM only addressed access control and no work has raised the question of the reliability of information flow control systems built on LSM. In this work, we present a compiler-assisted and reproducible static analysis on the Linux kernel to verify that the LSM hooks are correctly placed with respect to operations generating information flows so that LSM-based information flow monitors can properly track all information flows. Our results highlight flaws in LSM that we propose to solve, thus improving the suitability of this framework for the implementation of information flow monitors.
doi:10.1109/formalise.2017.1 dblp:conf/icse/GeorgetJTPT17 fatcat:on4xb736tbc37gikyyf3hldgna

Round Robin Assessment of Radar Altimeter Low Resolution Mode and Delay-Doppler Retracking Algorithms for Significant Wave Height

Florian Schlembach, Marcello Passaro, Graham D. Quartly, Andrey Kurekin, Francesco Nencioli, Guillaume Dodet, Jean-François Piollé, Fabrice Ardhuin, Jean Bidlot, Christian Schwatke, Florian Seitz, Paolo Cipollini (+1 others)
2020 Remote Sensing  
Radar altimeters have been measuring ocean significant wave height for more than three decades, with their data used to record the severity of storms, the mixing of surface waters and the potential threats to offshore structures and low-lying land, and to improve operational wave forecasting. Understanding climate change and long-term planning for enhanced storm and flooding hazards are imposing more stringent requirements on the robustness, precision, and accuracy of the estimates than have
more » ... herto been needed. Taking advantage of novel retracking algorithms, particularly developed for the coastal zone, the present work aims at establishing an objective baseline processing chain for wave height retrieval that can be adapted to all satellite missions. In order to determine the best performing retracking algorithm for both LRM and DDA, an objective assessment is conducted in the framework of the ESA SSCCI project. All algorithms process the same L1 input dataset covering a time-period of up to two years. As a reference for validation, an ERA5-h wave model as well as an in-situ buoy dataset from the CMEMS INSTAC database are used. Five different metrics are evaluated: percentage and types of outliers, level of measurement noise, wave spectral variability, comparison against wave models, and comparison against in-situ data. The metrics are evaluated as a function of the distance to the nearest coast and the sea state. The results of the assessment show that all novel retracking algorithms perform better in the majority of the metrics than the baseline algorithms currently used for operational generation of the products. Nevertheless, the performance of the retrackers strongly differ depending on the coastal proximity and the sea state. Some retrackers show high correlations with the wave models and in-situ data but significantly under- or overestimate large-scale spectral variability. We propose a weighting scheme to select the most suitable retrackers for the SSCCI programme.
doi:10.3390/rs12081254 fatcat:2l3ncwsfw5hodjihmvqaatgrhu

The Sea State CCI dataset v1: towards a sea state climate data record based on satellite observations

Guillaume Dodet, Jean-François Piolle, Yves Quilfen, Saleh Abdalla, Mickaël Accensi, Fabrice Ardhuin, Ellis Ash, Jean-Raymond Bidlot, Christine Gommenginger, Gwendal Marechal, Marcello Passaro, Graham Quartly (+5 others)
2020 Earth System Science Data  
(, Piollé et al., 2020b) and a multi-mission monthly gridded L4 product (, Piollé et  ...  Three products are available: a multi-mission along-track L2P product (, Piollé et al., 2020a), a daily merged multi mission along-track L3 product  ...  , Piollé et al., 2020c) .  ... 
doi:10.5194/essd-12-1929-2020 fatcat:2hkr6fv5nbhffd6macz3wq5yci
« Previous Showing results 1 — 15 out of 33 results