Isabelle Simplot-Ryl

On Practical Information Flow Policies for Java-Enabled Multiapplication Smart Cards

In the multiapplicative context of smart cards, a strict control of underlying information flow between applications is highly desired. In this paper we propose a model to improve information flow usability in such systems by limiting the overhead for adding information flow security to a Java Virtual Machine. We define a domain specific language for defining security policies describing the allowed information flow inside the card. The applications are certified at loading time with respect to information flow security policies. We illustrate our approach on the LoyaltyCard, a multiapplicative smart card involving four loyalty applications sharing fidelity points.

Algorithm for data similarity measurements to reduce data redundancy in wireless sensor networks

Extending the lifetime of wireless sensor networks remains the most challenging and demanding requirement that impedes large-scale deployments. The basic operation in WSNs is the systematic gathering and transmission of sensed data to a base station for further processing. During data gathering, the amount of data can be large sometimes, due to redundant data combined from different sensing nodes in the neighborhood. Thus the data gathered need to be processed before being transmitted, in order to detect and remove redundancy, which can impact the communication traffic and energy consumption of the network in a negative way. In this paper, we propose an algorithm to measure similarity between the data collected toward the base station(relative to a specific event monitoring), so that an aggregator sensor sends a minimum amount of information to the base station in a way that the latter can deduce the source information of sensing neighbors nodes. Further, our experimental results demonstrate that the communication traffic and the number of bits transmitted can be minimized while preserving accuracy on the base station estimations.

Mobile-Beacon Assisted Sensor Localization with Dynamic Beacon Mobility Scheduling

In mobile-beacon assisted sensor localization, beacon mobility scheduling aims to determine the best beacon trajectory so that each sensor receives sufficient beacon signals with minimum delay. We propose a novel DeteRministic bEAcon Mobility Scheduling (DREAMS) algorithm, without requiring any prior knowledge of the sensory field. In this algorithm, beacon trajectory is defined as the track of depth-first traversal (DFT) of the network graph, thus deterministic. The mobile beacon performs DFT under the instruction of nearby sensors on the fly. It moves from sensor to sensor in an intelligent heuristic manner according to RSS (Received Signal Strength)-based distance measurements. We prove that DREAMS guarantees full localization (every sensor is localized) when the measurements are noise-free. Then we suggest to apply node elimination and topology control (Local Minimum Spanning Tree) to shorten beacon tour and reduce delay. Through simulation we show that DREAMS guarantees full localization even with noisy distance measurements. We evaluate its performance on localization delay and communication overhead in comparison with a previously proposed static path based scheduling method.

Distributed architectures for electronic cash schemes: a survey

The volume of E-commerce transactions has considerably increased in the last several years. One of the most important aspects of such progress is the efforts made to develop and deploy dependable a...The volume of E-commerce transactions has considerably increased in the last several years. One of the most important aspects of such progress is the efforts made to develop and deploy dependable and secure payment infrastructures. Among these infrastructures is electronic cash, which is an attempt to reproduce the characteristics of paper cash in online transactions. Electronic cash schemes have so far been the purpose of a significant amount of research work. Although real-life deployments of such schemes are expected to take place in highly distributed environments, limited attention has been paid in the literature on underlying architectural issues. So far the focus has mostly been on addressing only security issues. However, for real-life deployment, distributed processing criteria such as performance, scalability and availability are of prime importance. In this paper, through a survey of the literature, we identify and analyse the different distributed architectural styles underlying existing e-cash schemes. We discuss the strengths and limitations of these architectures with respect to fundamental system distribution criteria. In light of such discussion, we make some recommendations for designing effective distributed e-cash systems from an architectural perspective.

Enhancing nodes cooperation in ad hoc networks

Ad hoc networks are distributed, self-organized wireless networks. By their nature, it is easy for a malicious user to enter this kind of networks with the intention of disturbing the way they are behaving by not participating to the network. This kind of behavior is a form of selfishness where nodes want to save their energy by not routing packets. Many solutions based on virtual currency mechanisms or on reputation mechanisms have been shown to increase the networks reliability for this kind of problems. We advocate in this paper that this issue can be treated with local algorithms that have minor drawbacks compared to sophisticated solutions developed in other works. We conduct an evaluation of our solution, which shows satisfying enough results to be used in civilian spontaneous networks

Cooperation in ad hoc networks: enhancing the virtual currency based models

Cooperation of nodes is a main issue of civilian applications of mobile ad hoc networks. More precisely, mobile nodes with few resources may try to maximize the benefits they get from the network without participating to its services (e.g. without forwarding packets of other nodes). A solution to this problem is to use virtual currency mechanisms: nodes have to pay to send packets and they are rewarded when they forward packets of other nodes. Several papers of the literature have shown that such models enforce individual node cooperation. We address in this paper two main issues of these models that have been left out: the computation by the sender of the price it will be charged and the possibility to reward nodes depending on their charge or resources. We show that it leads to a better load balancing of the network.

A dynamic class construct for asynchronous concurrent objects

Modern applications distributed across networks such as the Internet may need to evolve without compromising application availability. Object systems are well suited for runtime upgrade, as encapsulation clearly separates internal structure and external services. This paper considers a mechanism for dynamic class upgrade, allowing class hierarchies to be upgraded in such a way that the existing objects of the upgraded class and of its subclasses gradually evolve at runtime. The mechanism is integrated in Creol, a high-level language which targets distributed applications by means of concurrent objects communicating by asynchronous method calls. The dynamic class construct is given a formal semantics in rewriting logic, extending the semantics of the Creol language.

A novel family of geometric planar graphs for wireless ad hoc networks

We propose a radically new family of geometric graphs, i.e., Hypocomb, Reduced Hypocomb and Local Hypocomb. The first two are extracted from a complete graph; the last is extracted from a Unit Disk Graph (UDG). We analytically study their properties including connectivity, planarity and degree bound. All these graphs are connected (provided the original graph is connected) planar. Hypocomb has unbounded degree while Reduced Hypocomb and Local Hypocomb have maximum degree 6 and 8, respectively. To our knowledge, Local Hypocomb is the first strictly-localized, degree-bounded planar graph computed using merely 1-hop neighbor position information. We present a construction algorithm for these graphs and analyze its time complexity. Hypocomb family graphs are promising for wireless ad hoc networking. We report our numerical results on their average degree and their impact on FACE routing [2]. We discuss their potential applications and some open problems.

Double spending protection for e-cash based on risk management

Electronic cash is an attempt to replace and reproduce paper cash in electronic transactions that faces competing challenges when used either online or offline. In effect, while effective protection against double spending for e-cash can be achieved in online payment environments through real-time detection, this comes at the expense of efficiency, the bank representing in such case a performance bottleneck and single point of failure. In contrast, in offline payment environments, while efficiency is improved, double spending can be detected only after the fact, which can be very costly. We propose in this paper a risk management approach for double spending protection which allows suitable tradeoffs between efficiency and effectiveness. This involves using the service of a trader, who is a trusted third party that will cover the risk involved in offline payment transactions, against some remuneration. The main goal is to provide full coverage to users against losses related to invalid coins while avoiding or minimizing interactions with the bank. Since the trader will incur some risk by guaranteeing coins while she cannot communicate with the bank, a winning strategy is devised for the trader to mitigate such risk.

An information flow verifier for small embedded systems

Insecurity arising from illegal information flow represents a real threat in small computing environments allowing code sharing, dynamic class loading and overloading. We introduce a verifier able to certify at loading time Java applications already typed with signatures describing possible information flows. The verifier is implemented as a class loader and can be used on any Java Virtual Machine. The experimental results provided here support our approach and show that the verifier can be successfully embedded. As far as we know, this is the first information flow analysis adapted to open embedded systems.