Network


Latest external collaboration on country level. Dive into details by clicking on the dots.

Hotspot


Dive into the research topics where Hervé Grall is active.

Publication


Featured researches published by Hervé Grall.


Information & Computation | 2009

Coinductive big-step operational semantics

Xavier Leroy; Hervé Grall

Using a call-by-value functional language as an example, this article illustrates the use of coinductive definitions and proofs in big-step operational semantics, enabling it to describe diverging evaluations in addition to terminating evaluations. We formalize the connections between the coinductive big-step semantics and the standard small-step semantics, proving that both semantics are equivalent. We then study the use of coinductive big-step semantics in proofs of type soundness and proofs of semantic preservation for compilers. A methodological originality of this paper is that all results have been proved using the Coq proof assistant. We explain the proof-theoretic presentation of coinductive definitions and proofs offered by Coq, and show that it facilitates the discovery and the presentation of the results.


distributed applications and interoperable systems | 2008

A multi-stage approach for reliable dynamic reconfigurations of component-based systems

Pierre-Charles David; Marc Léger; Hervé Grall; Thomas Ledoux; Thierry Coupaye

In this paper we present an end-to-end solution to define and execute reliable dynamic reconfigurations of open component-based systems while guaranteeing their continuity of service. It uses a multi-stage approach in order to deal with the different kinds of possible errors in the most appropriate way; in particular, the goal is to detect errors as early as possible to minimize their impact on the target system. Reconfigurations are expressed in a restricted, domain-specific language in order to allow different levels of static and dynamic validation, thus detecting errors before executing the reconfiguration where possible. For errors that can not be detected early (including software and hardware faults), a runtime environment provides transactional semantics to the reconfigurations.


international conference on cloud computing and services science | 2014

A Cloud Accountability Policy Representation Framework

Walid Benghabrit; Hervé Grall; Jean-Claude Royer; Mohamed Sellami; Monir Azraoui; Kaoutar Elkhiyaoui; Melek Önen; Anderson Santana de Oliveira; Karin Bernsmed

Nowadays we are witnessing the democratization of cloud services. As a result, more and more end-users (individuals and businesses) are using these services for achieving their electronic transactions (shopping, administrative procedures, B2B transactions, etc.). In such scenarios, personal data is generally flowed between several entities and end-users need (i) to be aware of the management, processing, storage and retention of personal data, and (ii) to have necessary means to hold service providers accountable for the usage of their data. In fact, dealing with personal data raises several privacy and accountability issues that must be considered before to promote the use of cloud services. In this paper, we propose a framework for the representation of cloud accountability policies. Such policies offer to end-users a clear view of the privacy and accountability obligations asserted by the entities they interact with, as well as means to represent their preferences. This framework comes with two novel accountability policy languages. An abstract one devoted for the representation of preferences/obligations in an human readable fashion. And a concrete one for the mapping to concrete enforceable policies. We motivate our solution with concrete use case scenarios.


DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security | 2011

Evolving security requirements in multi-layered service-oriented-architectures

Muhammad Sabir Idrees; Gabriel Serme; Yves Roudier; Anderson Santana de Oliveira; Hervé Grall; Mario Südholt

Due to todays rapidly changing corporate environments, business processes are increasingly subject to dynamic configuration and evolution. The evolution of new deployment architectures, as illustrated by the move towards mobile platforms and the Internet Of Services, and the introduction of new security regulations (imposed by national and international regulatory bodies, such as SOX or BASEL) are an important constraint in the design and development of business processes. In such a context, it is not sufficient to apply the corresponding adaptations only at the service orchestration or at the choreography level; there is also the need for controlling the impact of new security requirements to several architectural layers, specially in cloud computing, where the notion of Platforms as Services and Infrastructure as Services are fundamental. In this paper we survey several research questions related to security cross-domain and cross-layer security functionality in Service Oriented Architectures, from an original point of view. We provide the first insights on how a general service model empowered with aspect oriented programming capabilities can provide clean modularization to such cross-cutting security concerns.


software engineering and advanced applications | 2014

Accountability for Abstract Component Design

Walid Benghabrit; Hervé Grall; Jean-Claude Royer; Mohamed Sellami

The importance of the services-based market, 62.9% of the World gross domestic product (GDP) [1], triggered an increase in the use of software offered on-line as services (SaaS). The use of such software usually implies the flow of personal data on-line between several parties. This can make users reluctant to their use. In this work, we consider this issue at the design-time of the software and we propose some foundations for an accountable software design. Accountability for a software is a property describing, among other aspects, its liability to end-users for the usage of the data it has been entrusted. We propose to enrich softwares component design by accountability clauses using an abstract accountability language (AAL). We also define conditions for the well-formedness of an accountable component design and show how they can be checked using a model-checking tool.


international conference on trust management | 2014

Abstract Accountability Language

Walid Benghabrit; Hervé Grall; Jean-Claude Royer; Mohamed Sellami; Karin Bernsmed; Anderson Santana de Oliveira

Accountability becomes a necessary principle for future computer systems. This is specially critical for the cloud and Web applications that collect personal and sensitive data from end users. Accountability regards the responsibility and liability for the data handling performed by a computer system on behalf of an organization. In case of misconduct (e.g. security breaches, personal data leaks, etc.), accountability should imply remediation and redress actions. Contrary to data privacy and access control, which is already supported by several concrete languages, there is currently no language supporting accountability clauses representation. In this work, we provide an abstract language for accountability clauses representation with temporal logic semantics.


international conference on cloud computing and services science | 2015

From regulatory obligations to enforceable accountability policies in the Cloud

Walid Benghabrit; Hervé Grall; Jean-Claude Royer; Mohamed Sellami; Monir Azraoui; Kaoutar Elkhiyaoui; Melek Önen; Anderson Santana de Oliveira; Karin Bernsmed

The widespread adoption of the cloud model for service delivery triggered several data protection issues. As a matter of fact, the proper delivery of these services typically involves sharing of personal/business data between the different parties involved in the service provisioning. In order to increase cloud consumer’s trust, there must be guarantees on the fair use of their data. Accountability provides the necessary assurance about the data governance practices to the different stakeholders involved in a cloud service chain. In this context, we propose a framework for the representation of accountability policies. Such policies offer to end-users a clear view of the privacy and accountability clauses asserted by the entities they interact with, as well as means to represent their preferences. Our framework offers two accountability policy languages: (i) an abstract language called AAL devoted for the representation of preferences/clauses in an human readable fashion, and (ii) a concrete one for the implementation of enforceable policies.


computer software and applications conference | 2015

Checking Accountability with a Prover

Walid Benghabrit; Hervé Grall; Jean-Claude Royer; Mohamed Sellami

Today on-line services are the cornerstone of on-line applications such as e-commerce, e-government and e-health applications. However, they raise several challenges about data privacy. Accountability, which is the property of an entity of being responsible for its acts, meets some of these challenges and hence increases users trustworthiness in on-line applications. In this work, we propose an approach to assist the design of accountable applications. In particular, we consider an applications abstract component design and we introduce a logical approach allowing various static verifications. This approach offers effective means to early check the design and the behavior of an application and its offered/required services. We motivate our work with a realistic use case coming from the A4Cloud project and validate our proposal with experiments using a theorem prover.


asia-pacific software engineering conference | 2015

Abstract Accountability Language: Translation, Compliance and Application

Walid Benghabrit; Hervé Grall; Jean-Claude Royer; Mohamed Sellami

With the rise of the services-based economy and the democratization of on-line services, more and more users (individual and/or business) use on-line applications in their daily lives. Usually personal data transits between different actors involved in a services delivery chain (e.g. application/storage service providers) and thus might raise some privacy issues. Accountability, which is the property of an entity of being responsible for its acts, can help mitigate data privacy and data disclosures issues in such applications. In this paper, we propose a translational semantics for our accountability language and we present some expected properties. We introduce a natural criterion to achieve the accountability compliance of two clauses and few heuristics to speed up the resolution time. We demonstrate the feasibility of our verification process with a realistic health care use case and the TSPASS theorem prover.


FOCLASA | 2010

CREOLE: a Universal Language for Creating, Requesting, Updating and Deleting Resources

Mayleen Lacouture; Hervé Grall; Thomas Ledoux

In the context of Service-Oriented Computing, applications can be developed following the REST (Representation State Transfer) architectural style. This style corresponds to a resource oriented model, where resources are manipulated via CRUD (Create, Request, Update, Delete) interfaces. The diversity of CRUD languages due to the absence of a standard leads to composition problems related to adaptation, integration and coordination of services. To overcome these problems, we propose a pivot architecture built around a universal language to manipulate resources, called CREOLE, a CRUD Language for Resource Edition. In this architecture, scripts written in existing CRUD languages, like SQL, are compiled into CREOLE and then executed over different CRUD interfaces. After stating the requirements for a universal language for manipulating resources, we formally describe the language and informally motivate its definition with respect to the requirements. We then concretely show how the architecture solves adaptation, integration and coordination problems in the case of photo management in Flickr and Picasa, two well-known service-oriented applications. Finally, we propose a roadmap for future work.In the context of Service-Oriented Computing, applications can be developed following the REST (Representation State Transfer) architectural style. This style corresponds to a resource-oriented model, where resources are manipulated via CRUD (Create, Request, Update, Delete) interfaces. The diversity of CRUD languages due to the absence of a standard leads to composition problems related to adaptation, integration and coordination of services. To overcome these problems, we propose a pivot architecture built around a universal language to manipulate resources, called CREOLE, a CRUD Language for Resource Edition. In this architecture, scripts written in existing CRUD languages, like SQL, are compiled into Creole and then executed over different CRUD interfaces. After stating the requirements for a universal language for manipulating resources, we formally describe the language and informally motivate its definition with respect to the requirements. We then concretely show how the architecture solves adaptation, integration and coordination problems in the case of photo management in Flickr and Picasa, two well-known service-oriented applications. Finally, we propose a roadmap for future work.

Collaboration


Dive into the Hervé Grall's collaboration.

Top Co-Authors

Avatar

Jean-Claude Royer

École des mines de Nantes

View shared research outputs
Top Co-Authors

Avatar

Mario Südholt

École des mines de Nantes

View shared research outputs
Top Co-Authors

Avatar

Rémi Douence

École des mines de Nantes

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Mayleen Lacouture

École des mines de Nantes

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar

Thomas Ledoux

École des mines de Nantes

View shared research outputs
Top Co-Authors

Avatar
Top Co-Authors

Avatar
Researchain Logo
Decentralizing Knowledge