Your search keyword '"Karima Boudaoud"' showing total 19 results

1. Secure Email -- A Usability Study

Author

Ahmed Abdelmaksoud, Adrian Reuter, Wadie Lemrazzeq, Karima Boudaoud, Marco Winckler, Technische Universität Munchen - Université Technique de Munich [Munich, Allemagne] (TUM), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (1965 - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA), Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (1965 - 2019) (UNS), Web-Instrumented Man-Machine Interactions, Communities and Semantics (WIMMICS), Inria Sophia Antipolis - Méditerranée (CRISAM), Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Interactive Critical Systems (IRIT-ICS), Institut de recherche en informatique de Toulouse (IRIT), Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT)-Université de Toulouse (UT)-Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université de Toulouse (UT)-Toulouse Mind & Brain Institut (TMBI), Université Toulouse - Jean Jaurès (UT2J), Université de Toulouse (UT)-Université de Toulouse (UT)-Université Toulouse III - Paul Sabatier (UT3), Université de Toulouse (UT)-Université Toulouse Capitole (UT Capitole), Université de Toulouse (UT), Matthew Bernhard, Andrea Bracciali, L. Jean Camp, Shin'ichiro Matsuo, Alana Maurushat, Peter B. Rønne, Massimiliano Sala, Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées-Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse - Jean Jaurès (UT2J)-Université Toulouse III - Paul Sabatier (UT3), Université Fédérale Toulouse Midi-Pyrénées-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique (Toulouse) (Toulouse INP), Université Fédérale Toulouse Midi-Pyrénées-Université Toulouse 1 Capitole (UT1), Université Fédérale Toulouse Midi-Pyrénées, and Technische Universität München [München] (TUM)

Subjects

FOS: Computer and information sciences, 050101 languages & linguistics, User study, Computer Science - Cryptography and Security, computer.internet_protocol, Computer science, Internet privacy, Usability, Computer Science - Human-Computer Interaction, Face (sociological concept), 02 engineering and technology, S/MIME, Encryption, Human-Computer Interaction (cs.HC), MIME, Public-key cryptography, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Software, Email encryption, Identity theft, Mail encryption, 0202 electrical engineering, electronic engineering, information engineering, 0501 psychology and cognitive sciences, [INFO.INFO-HC]Computer Science [cs]/Human-Computer Interaction [cs.HC], business.industry, 05 social sciences, PGP, pEp, 020201 artificial intelligence & image processing, business, computer, Cryptography and Security (cs.CR)

Abstract

International audience; Several end-to-end encryption technologies for emails such as PGP and S/MIME exist since decades. However, end-to-end encryption is barely applied. To understand why users hesitate to secure their email communication and which usability issues they face with PGP, S/MIME as well as with pEp (Pretty Easy Privacy), a fairly new technology, we conducted an online survey and user testing. We found that more than 60% of e-mail users are unaware of the existence of such encryption technologies and never tried to use one. We observed that above all, users are overwhelmed with the management of public keys and struggle with the setup of encryption technology in their mail software. Even though users struggle to put email encryption into practice, we experienced roughly the same number of users being aware of the importance of email encryption. Particularly, we found that users are very concerned about identity theft, as 78% want to make sure that no other person is able to write email in their name.

Published

2021

2. Privacy aware group based recommender system in multimedia services

Author

Seungmin Rho, Ahmed M. Elmisery, Mirela Sertovic, Karima Boudaoud, and Sanghyun Seo

Subjects

Group based, Computer Networks and Communications, Computer science, Internet privacy, 02 engineering and technology, Recommender system, computer.software_genre, World Wide Web, 020204 information systems, Similarity (psychology), 0202 electrical engineering, electronic engineering, information engineering, Media Technology, Multimedia services, Privacy aware services, Recommender services, Service (business), Multimedia, business.industry, Registered user, Volume (computing), 020207 software engineering, Service provider, Hardware and Architecture, Middleware, Middleware (distributed applications), business, computer, Software

Abstract

Recommending similar-interest users' groups in multimedia services is the problem of detecting for each registered user his/her membership to one interest-group of relevant consumers. The consumers in each interest-group share some relevant preferences which guarantee that the interest-group as a whole satisfies some desired properties of similarity. As a result, forming these interest-groups requires the availability of personal data of different consumers. This is a crucial requirement for different recommender systems. With the increasing trend of service providers to collect a large volume of personal data regarding their end-users, presumably to better serve them. However, a significant part of the data that is typically collected is not essential to the service being offered, or to the completion of the services it was presumably released for. Gathering such unnecessary data can be seen as a privacy threat, and storing it exposes the end-users to further unavoidable risks. In this paper, a privacy aware group based recommender system is proposed for the automated discovery of appropriate interest groups in multimedia services. A fog based middleware (FMCP) was introduced that runs at end-users' sides and allows exchanging of their information to facilities recommending and creating interest- groups without disclosing their real preferences to other consumers. The membership of consumers in various interest groups allows receiving highly appropriate and reliable multimedia content- related advices. The system utilizes two protocols to attain this goal. Experiments were performed on real dataset.

Published

2017

3. Reusing and Unifying Background Knowledge for Internet of Things with LOV4IoT

Author

Christian Bonnet, Amelie Gyrard, Karima Boudaoud, Martin Serrano, Ghislain Auguste Atemezing, National University of Ireland [Galway] (NUI Galway), Mondeca Recherche & Développement (MONDECA R&D), Mondeca, Eurecom [Sophia Antipolis], Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Computer science, business.industry, [INFO.INFO-WB]Computer Science [cs]/Web, 020206 networking & telecommunications, 02 engineering and technology, Linked data, Ontology (information science), computer.software_genre, Social Semantic Web, World Wide Web, Web of Things, 0202 electrical engineering, electronic engineering, information engineering, Semantic analytics, 020201 artificial intelligence & image processing, [INFO]Computer Science [cs], Semantic Web Stack, Web service, business, Semantic Web, computer, ComputingMilieux_MISCELLANEOUS

Abstract

Ontology-based applications are becoming more and more popular and are usually domain-specific (e.g., eHealth or domotic). Designing ontologies and semantic-based applications manually is tedious and cumbersome for non-technical expert or semantic web beginners. Internet of Things (IoT) is a new field aiming to connect the physical world surrounded by devices such as sensors to the web to automatically interact with them and build innovative applications. The main challenges are to automate as much as possible the tasks of: (1) reusing the background knowledge previously designed by domain experts, (2) facilitating the tasks of IoT developers willing to integrate semantic web technologies into their applications, and (3) designing interoperable semantic-based IoT applications. Stemming from Linked Open Data and Linked Open Vocabularies, we designed Linked Open Vocabularies for Internet of Things (LOV4IoT), a catalogue of ontologies/datasets/rules relevant for IoT available online. LOV4IoT has been extended with more domains and ontology-based projects, a semantic-based dataset and a bot to enhance automation, and web services. Moreover, we demonstrate several use cases of the LOV4IoT dataset: (1) building Semantic Web of Things applications, (2) extracting frequent terms used in existing ontologies, and (3) stakeholders who can exploit, reuse and combine domain ontologies. Finally, we evaluated this dataset with users who exploit this dataset for their own purposes.

Published

2016

4. Generation of Transmission Control Rules Compliant with Existing Access Control Policies

Author

Michel Riveill, Yoann Bertrand, Mireille Blay-Fornarino, Karima Boudaoud, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Computer science, Control (management), 0211 other engineering and technologies, Access control, 02 engineering and technology, Data loss, Transmission security, Computer security, computer.software_genre, Security policy, Data Leakage, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Resource (project management), Security Policies, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, 021110 strategic, defence & security studies, business.industry, Access Control, Data Loss Prevention, Computer security model, Information security standards, Security, Transmission Control, business, Data Leak Prevention, computer, Computer network

Abstract

International audience; Access Control (AC) is a well known mechanism that allows access restriction to resources. Nevertheless, it does not provide notification when a resource is retransmitted to an unauthorized third party. To overcome this issue, one can use mechanisms such as Data Loss/Leak Prevention (DLP) or Transmission Control (TC). These mechanisms are based on policies that are defined by security experts. Unfortunately, these policies can contradict existing AC rules, leading to security leakage (i.e. a legitimate user is allowed to send a resource to someone who has no access rights in the AC). In this article, we aim at creating TC policies that are compliant with existing AC policies. To do so, we use a mapping mechanism that generates TC rules directly from existing AC policies. Thanks to the generated rules, our solution can make inferences to improve existing AC and enhance security knowledge between infrastructures.

Published

2015

5. Applying Internet of Things for Personalized Healthcare in Smart Homes

Author

Christian Bonnet, Rui Pedro Ferreira Da Costa, Karima Boudaoud, Amelie Gyrard, Soumya Kanti Datta, Eurecom [Sophia Antipolis], EURECOM, Eurecom [Sophia Antipolis]-Centre National de la Recherche Scientifique (CNRS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA), IEEE, and ANR-13-INFR-0008,DataTweet,DataTweet - un service public de communications opportunistes(2013)

Subjects

Engineering, Multimedia, business.industry, 010401 analytical chemistry, Interoperability, Internet of Things, Wearable computer, 020206 networking & telecommunications, 02 engineering and technology, computer.software_genre, 01 natural sciences, 0104 chemical sciences, Metadata, M3 Framework, Smart home, Home automation, 0202 electrical engineering, electronic engineering, information engineering, [INFO]Computer Science [cs], Personalized healthcare, Web service, Architecture, business, Semantic Web, computer, Implementation

Abstract

International audience; The paper advocates for applying Internet of Things (IoT) for personalized healthcare in smart homes. An IoT architecture is presented which enables such healthcare services. Continuous monitoring of physical parameters and processing of the medical data form the basis of smarter, connected and personalized healthcare. The core functionalities of the IoT architecture are exposed using RESTful web services to the consumers. The main contributions of the paper are: (i) providing a unified approach for discovery, management and interaction with physical devices, (ii) utilizing Machine-to-Machine Measurement (M3) framework to generate high level abstraction from wearable sensors, (iii) combining cross-domain sensor data using M3 and (iv) controlling home automation devices based on health sensor information. Prototype implementations and performance evaluations of the architecture components are discussed.

Published

2015

6. An alternative version of HTTPS to provide non-repudiation security property

Author

Michel Riveill, Yoann Bertrand, Stassia Resondry, Michel Kamel, and Karima Boudaoud

Subjects

Computer science, Mobile computing, Covert channel, 0102 computer and information sciences, 02 engineering and technology, Computer security, computer.software_genre, Internet security, Asset (computer security), 01 natural sciences, Security testing, Security information and event management, Security association, 0202 electrical engineering, electronic engineering, information engineering, Cloud computing security, business.industry, 020206 networking & telecommunications, Information security, Computer security model, Security service, 010201 computation theory & mathematics, Network Access Control, Security through obscurity, The Internet, business, Communications protocol, computer, Mobile device, Computer network

Abstract

The number of mobile devices connected to the Internet is rapidly growing, inducing security issues that cannot be prevented by common mechanisms such as HTTPS. Indeed, mobile environments require light algorithms that can reduce the power-consumption and extend battery life. Moreover, HTTPS does not offer fine-grained control over the security properties such as integrity, confidentiality or authenticity. This lack of flexibility can be problematic for both power-consumption and security robustness. To overcome these issues, we have proposed in previous works a modular architecture, called LECCSAM, based on security components to secure any communication protocol by adding the required security properties. In the context of HTTP, it provides an alternative version of HTTPS by adding the integrity, confidentiality, and authenticity properties to HTTP separately or in block (i.e. only one property or any combinations of two or more properties), depending on the user needs and usage context. In this paper, we propose to extend this alternative version of HTTPS with the non-repudiation property. Preliminary results of the performance evaluation are encouraging.

Published

2014

7. Mobile cloud applications and traceability

Author

Marcel Cremene, Monica Borda, Karima Boudaoud, and Daniela Popa

Subjects

Information privacy, Cloud computing security, business.industry, Computer science, Mobile computing, Information technology, Data security, Provisioning, Cloud computing, Mobile Web, Trusted Computing, Energy consumption, Computer security, computer.software_genre, Shared resource, Cloud testing, Mobile payment, Mobile database, Mobile search, Mobile technology, business, computer

Abstract

The mobility has become a valuable necessity for information technology users. Along with this property, for a smart phone user, the following aspects are also important: the storage space, the energy consumption, the applications complexity and the efficiency. Comparing to standalone mobile applications, mobile cloud applications make use of resource sharing, have richer functionality and reduced costs. On the other hand, mobile cloud applications raise some problems related to data security, data privacy and trust. In this paper, we analyze the need for mobile cloud applications, we propose a scenario for an e-health application and we design a data traceability service.

Published

2013

8. Securing Mobile Mashups with SCCM

Author

Michel Riveill, F. Batard, Karima Boudaoud, Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Platform independent, business.industry, Computer science, [INFO.INFO-WB]Computer Science [cs]/Web, Mobile computing, XACML, 02 engineering and technology, computer.software_genre, World Wide Web, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], [INFO.INFO-MC]Computer Science [cs]/Mobile Computing, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Mashup, [INFO]Computer Science [cs], Mobile telephony, InformationSystems_MISCELLANEOUS, Architecture, Android (operating system), business, computer, ComputingMilieux_MISCELLANEOUS, computer.programming_language

Abstract

Today, creation of basic mobile widget mashups is a straightforward task. However, designing mobile mashups that are actually secure to use remains very challenging. In this paper, we discuss the security risks introduced by mobile mashups and then propose a platform independent architecture called SCCM for securing this type of mashups. SCCM has been implemented on an Android platform, and the results of our security evaluations are encouraging.

Published

2013

9. The STAC (security toolbox: attacks & countermeasures) ontology

Author

Christian Bonnet, Karima Boudaoud, Amelie Gyrard, Eurecom [Sophia Antipolis], Mobile Communication, Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

security protocols, Computer science, 02 engineering and technology, Ontology (information science), OSI model, Encryption, Computer security, computer.software_genre, Logical security, Security information and event management, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, taxonomy, attacks, semantic web, Security association, 0202 electrical engineering, electronic engineering, information engineering, Web application, ontology, Key management, Semantic Web, Cloud computing security, business.industry, 020206 networking & telecommunications, Information security, Computer security model, Cryptographic protocol, Web application security, countermeasures, Network management, Countermeasure, wireless communications, Security service, Software security assurance, Network Access Control, Security, Human-computer interaction in information security, 020201 artificial intelligence & image processing, business, computer

Abstract

International audience; We present a security ontology to help non-security expert software designers or developers to: (1) design secure software and, (2) to understand and be aware of main security concepts and issues. Our security ontology defines the main security concepts such as attacks, countermeasures, security properties and their relationships. Countermeasures can be cryptographic concepts (encryption algorithm, key management, digital signature, hash function), security tools or security protocols. The purpose of this ontology is to be reused in numerous domains such as security of web applications, network management or communication networks (sensor, cellular and wireless). The ontology and a user interface (to use the ontology) are available online.

Published

2013

10. Designing Security Properties-Centric Communication Protocols using a Component-Based Approach

Author

C. Delettre, Karima Boudaoud, Nicolas Nobelis, Michel Riveill, Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Cloud computing security, Computer Networks and Communications, Computer science, 020206 networking & telecommunications, 02 engineering and technology, Computer security model, Computer security, computer.software_genre, Security information and event management, Security testing, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Security association, Security service, Hardware and Architecture, Software security assurance, 0202 electrical engineering, electronic engineering, information engineering, Security through obscurity, 020201 artificial intelligence & image processing, computer

Abstract

International audience; Numerous communication protocols have been designed offering a set of security properties through the use of cryptographic tools to secure electronic document transfer. However, there is no clear match between the tools used and security properties they offer. To solve this problem, the authors propose to use a component-based approach; more specifically the authors introduce the notion of high-level security component where each component provides an atomic security property. This approach will facilitate the design of new protocols that fulfill any specific set of security properties by assembling the appropriate components. At the same time, users using a protocol designed with these security components will have the assurance that the protocol satisfies the security properties required for the electronic document transfer. The authors validate the approach by showing how the integrity property can be added to the HTTP protocol to design a security property-centric HTTPS and in this case an integrity-only HTTPS.

Published

2012

11. A security-property-based approach for lowering power consumption of secure mobile Web access

Author

Michel Riveill, Karima Boudaoud, C. Pita, Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Hypertext Transfer Protocol, Computer science, computer.internet_protocol, Mobile computing, Mobile Web, 02 engineering and technology, Computer security, computer.software_genre, Asset (computer security), [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, [INFO.INFO-MC]Computer Science [cs]/Mobile Computing, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Server, 0202 electrical engineering, electronic engineering, information engineering, Message authentication code, Authentication, Cloud computing security, business.industry, 020206 networking & telecommunications, Computer security model, Web application security, Security service, Software security assurance, Network Access Control, 020201 artificial intelligence & image processing, The Internet, business, Communications protocol, computer, Computer network

Abstract

International audience; Securing a mobile Web connection via HTTPS is a well-known drain on battery life. To solve this problem, we propose a novel, modular approach based on security properties. Our solution enables fine-grained control of the security properties used during mobile Web access, giving users the opportunity to avoid power-hungry security mechanisms when they are not needed. Starting from the well-known security properties integrity, confidentiality, and authentication, we develop modular software components that can be added to the HTTP protocol on an as-needed basis, thereby extending battery life, especially when compared to using monolithic HTTPS-based security. Preliminary measurements indicate that our approach results in a 78% to 99% reduction in resource use.

Published

2011

12. Cloud computing, security and data concealment

Author

Michel Riveill, Karima Boudaoud, Christian Delettre, Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Focus (computing), Cloud computing security, Computer science, business.industry, 020206 networking & telecommunications, Context (language use), Cloud computing, 02 engineering and technology, E-commerce, Computer security, computer.software_genre, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, [INFO.INFO-MC]Computer Science [cs]/Mobile Computing, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Software, 020204 information systems, Component (UML), 0202 electrical engineering, electronic engineering, information engineering, Confidentiality, business, computer

Abstract

International audience; Cloud computing is a new paradigm providing software and hardware resources according to the customers' needs. However, it introduces new security risks such as confidentiality of data stored in cloud databases. Actually, this last risk is a crucial issue that must be addressed as ciphering mechanisms are not sufficient to guarantee a strong confidentiality of data. In this paper, we discuss the main cloud computing security risks and focus on the data confidentiality problem in the context of e-commerce clouds. We describe the design of a data concealment component that we propose to resolve this problem. Evaluating this component, we find that it successfully conceal data of legitimate users and protect them against potential attacks.

Published

2011

13. A middleware for securing mobile mashups

Author

Florent Batard, Karima Boudaoud, Michel Riveill, Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Computer science, 02 engineering and technology, computer.software_genre, Computer security, World Wide Web, [INFO.INFO-MC]Computer Science [cs]/Mobile Computing, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 020204 information systems, Middleware, 0202 electrical engineering, electronic engineering, information engineering, 020201 artificial intelligence & image processing, Mashup, Android (operating system), computer

Abstract

International audience; Mashups on traditional desktop devices are a well-known source of security risks. In this paper, we examine how these risks translate to mobile mashups and identify new risks caused by mobile-specific characteristics such as access to device features or offline operation. We describe the design of SCCM, a platform independent approach to handle the various mobile mashup security risks in a consistent and systematic manner. Evaluating an SCCM implementation for Android, we find that SCCM successfully protects against common attacks such as inserting a malicious widget from the outside.

Published

2011

14. A Component-Based Approach to Security Protocol Design

Author

Karima Boudaoud, C. Delettre, Michel Riveill, Nicolas Nobelis, Laboratoire d'Informatique, Signaux, et Systèmes de Sophia-Antipolis (I3S) / Equipe RAINBOW, Scalable and Pervasive softwARe and Knowledge Systems (Laboratoire I3S - SPARKS), Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Université Nice Sophia Antipolis (... - 2019) (UNS), COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)-Laboratoire d'Informatique, Signaux, et Systèmes de Sophia Antipolis (I3S), and COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-COMUE Université Côte d'Azur (2015-2019) (COMUE UCA)-Centre National de la Recherche Scientifique (CNRS)-Université Côte d'Azur (UCA)

Subjects

Hypertext Transfer Protocol, computer.internet_protocol, Computer science, Covert channel, 02 engineering and technology, Certification, Asset (computer security), Computer security, computer.software_genre, Internet security, Security testing, Logical security, Security information and event management, [INFO.INFO-IU]Computer Science [cs]/Ubiquitous Computing, [INFO.INFO-MC]Computer Science [cs]/Mobile Computing, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Security engineering, Security association, Server, Universal composability, 0202 electrical engineering, electronic engineering, information engineering, 020203 distributed computing, Cloud computing security, business.industry, 020206 networking & telecommunications, Information security, Computer security model, Cryptographic protocol, Security service, Software security assurance, Security through obscurity, Communications protocol, business, computer

Abstract

International audience; Electronic document transfer is a key operation in many of today's most important applications (workflow, e-commerce, etc.). Each of these applications requires different security properties and constraints. Numerous communication protocols have been designed offering a set of security properties through the use of cryptographic tools. However, there is no clear match between the tools used and security properties they offer. In this paper, we propose to use a component-based approach to secure electronic document transfer. We introduce software components as "high-level security components", where each component provides an atomic security property such as integrity, confidentiality or authenticity. With this approach, a protocol developer is able to easily enhance an existing protocol by adding a specific security component providing a specific security property. Moreover, it will be easy to design new protocols to fulfil any specific set of security properties by assembling the appropriate components. At the same time, a user using a protocol designed with these security components will have the assurance and certification that the protocol satisfies the security properties required for the electronic document transfer at hand. Our approach is validated by showing how an integrity property can be added to the HTTP protocol to design a security property-centric HTTP and in this case an integrity-only HTTP.

Published

2011

15. Designing Security Protocols Adapted to the Constraints of Mobile Environments

Author

S. Lequeux, Karima Boudaoud, M. Kamel, and Michel Riveill

Subjects

Cloud computing security, business.industry, Computer science, Computer security model, Communications security, Computer security, computer.software_genre, Security testing, Security information and event management, Security service, Security association, Software security assurance, business, computer, Computer network

Abstract

Within a mobile environment, communications may necessitate different security properties depending on the sensitivity of the data exchanged. A protocol such as HTTPS that uses the Secure Socket Layer/Transport Layer Security (SSL/TLS) may offer these properties, but it is known that SSL/TLS is high-energy consuming and the properties are provided as a block, which may have an important impact on the battery life of the mobile devices. In this paper, we propose to build security protocols from software security components offering each one a security property. By externalizing the security functionalities and adapting the security level to the users’ needs, we are providing a security management architecture adapted to mobile environments. A proof of concept is provided based on the XMPP protocol.

Published

2010

16. Towards an efficient implementation of traceback mechanisms in autonomous systems

Author

F. LeBorgne and Karima Boudaoud

Subjects

IP traceback, business.industry, Computer science, Network packet, ComputerSystemsOrganization_COMPUTER-COMMUNICATIONNETWORKS, Context (language use), Denial-of-service attack, Fault (power engineering), Computer security, computer.software_genre, Set (abstract data type), Identification (information), The Internet, business, computer, Computer network

Abstract

One of the major problems due to denial of service attacks is the identification of fault packets. To resolve this problem, several IP traceback methods have been defined. In this paper, we propose a traceback solution that is efficient and applicable in the real context of Internet, i.e. taking into account the fact that Internet is constituted of a set of autonomous systems (ASs) operated by different administrative authorities.

Published

2008

17. Policy-driven Model for Security Management

Author

Karima Boudaoud and Charles McCathieNevile

Subjects

Engineering, Cloud computing security, business.industry, Computer security model, Computer security, computer.software_genre, Security testing, Security information and event management, Security service, Security through obscurity, Security convergence, Security management, business, computer

Abstract

In improving security for the networks of today and tomorrow there are two important features that must be considered. The first is the open and distributed nature of today’s enterprise networks. And the second is their dynamic nature, not just in terms of size, but in terms of changing services offered, and the mobility of users. Of particular importance, then is the ability to rapidly apply new security policies in a system. Equally, a system should incorporate as much “intelligence” and reactivity in the system as possible. Many existing security solutions are designed for a static, known network, and are therefore unsuited to the requirements of today’s enterprise networks. In order to provide a system that can readily handle these requirements, recent works have shown that multi-agents systems offer a promising platform. The focus of our work concerns one critical security management issue that is intrusion detection. In this paper, we propose a model of managing security policies in a multi-agents system for intrusion detection.

Published

2003

18. Network security management with intelligent agents

Author

Raouf Boutaba, Houda Labiod, Zahia Guessoum, and Karima Boudaoud

Subjects

Network security, business.industry, Computer science, Distributed computing, Multi-agent system, Intrusion detection system, Information security, Computer security, computer.software_genre, Intelligent agent, Intelligent computer network, Security management, business, Agent architecture, computer

Abstract

Multi-agent systems technology can be useful for efficiently designing and maintaining secure networks. Indeed, networks evolve at a rapid pace in terms of the number and type of components and user access queries as well as intrusion possibilities. Features such as autonomy, adaptability and flexibility of the "intelligent" agent paradigm allow the managing of network evolution in a controlled way. The focus of our work concerns one critical security management issue, that is, intrusion detection. We propose a novel approach called IA-NSM (intelligent agents for network security management) for intrusion detection using intelligent agent technology. IA-NSM provides a flexible integration of a multi-agent system in a classical networked environment to enhance its protection level against inherent attacks.

Published

2002

19. A Multi-agents System for Network Security Management

Author

Zahia Guessoum and Karima Boudaoud

Subjects

Computer science, business.industry, Network security, Internet security, Computer security, computer.software_genre, Security information and event management, Network management application, Security service, Network Access Control, Network security policy, business, computer, Network management station

Abstract

The openness of business toward telecommunication networks in general and Internet in particular is performed at the prize of high security risks. Every professional knows that the only way to secure completely a private network is to make it unreachable. However, even if this solution was undertaken for many years, nowadays it is not possible to close private network especially for business purpose. Thus, security management becomes an important issue that must be considered carefully. The focus of our work concerns one critical security management issue that is intrusion detection. Some drawbacks of existing systems reveal the necessity of designing a new generation of self-adaptive systems. In fact, self-control, flexibility, adaptability, autonomy and distribution are the main features to be addressed in a suitable architecture that fulfils these requirements. The introduction of multi-agents system (MAS) in a network seems so promising to enable network entities to perform adaptive and “intelligent” behavior. “Intelligence” means that network entities provide reasoning capabilities, exhibit behavior autonomy, adaptability, interaction, communication and co-operation in order to reach specified goals. In this context, we propose a new approach for security management using intelligent agent (IA) technology. This approach provides a flexible integration of multi-agent technique in a classical network to enhance its protection level against inherent attacks.

Published

2000