Laurent Michel - Academia.edu (original) (raw)
Papers by Laurent Michel
In this paper, we present several issues that need to be addressed to incorporate dynamic permiss... more In this paper, we present several issues that need to be addressed to incorporate dynamic permissions-permissions depending on runtime elements-into our current approach to model access control: the role slice. We summarize four tasks that conforms to our future research directions: extending the role-slice artifact to represent permissions based on runtime elements; refining the rules that relate role-slice hierarchies with class hierarchies; improving the generation of aspect-oriented enforcement code for dynamic permissions; and, negative permission checking at runtime. These extensions to our work are expected to produce a complete system to model and implement fine-grained access control policies in object-oriented systems.
Despite its widespread usage, the Unified Modeling Language (UML) specification still lacks forma... more Despite its widespread usage, the Unified Modeling Language (UML) specification still lacks formal, explicit, support for access control. This paper proposes an approach to model security as a separate concern by augmenting UML with separate and new diagrams for role-based, discretionary, and mandatory access controls; collectively, these diagrams provide visual access-control aspects. Individually, each of these diagrams contain a set of security features that augment UML with security capabilities. The intent is to provide designers with a broad set of security features, where they can select only the features needed by their application, merge them into UML, and utilize the custom result to model security aspects. This paper presents a set of features extracted from role-based, discretionary, and mandatory access control, demonstrates their composition into a customizable security model in UML (including a formal basis), and illustrates the approach via a university application.
Recently, two e-voting technologies have been introduced and used extensively in election procedu... more Recently, two e-voting technologies have been introduced and used extensively in election procedures: direct recording electronic (DRE) systems and optical scanners. The latter are typically deemed safer as many recent security reports have discovered substantial vulnerabilities in a variety of DRE systems. In this paper we present an attack against the Diebold Accuvote optical scan voting terminal (AV-OS). Previously known attacks direct to the AV-OS required physical access to the memory card and use of difficult to find hardware (card reader/writer). Our attack bypasses these issues by using the serial port of the AV-OS terminal and reverse engineering the communication protocol, in essence, using the terminal itself as a reader/writer. Our analysis is based solely on reverse-engineering. We demonstrate how an attacker can exploit the serious security vulnerability of weak (non-cryptographic) authentication properties of the terminal. The attack payload delivers a tampered ballot layout that, depending on the scenario, allows swapping of candidate votes, neutralizing votes, or even shifting votes from one candidate to another.
Computers & Mathematics with Applications, 1997
Integration of AI and OR Techniques in Constraint Programming for Combinatorial Optimization Problems, 2008
Recently, Gargani and Refalo (G&R) presented an elegant model for the Steel Mill Slab Design Prob... more Recently, Gargani and Refalo (G&R) presented an elegant model for the Steel Mill Slab Design Problem (Problem 38 in the CSP LIB). Contrary to earlier approaches, their model does not use 0/1 variables but exploits the traditional expressiveness of constraint programming. G&R indicated that static symmetry-breaking constraints proposed earlier are not effective on this model, as these interact with their heuristic. Instead they use large neighborhood search to obtain solutions quickly. This paper shows that a simple search procedure breaking symmetries dynamically leads to a constraint program solving the problem in a few seconds, while maintaining the completeness of the approach and removing the need for large neighborhood search.
Open constraints were introduced to model the many industrial applications in which a task can be... more Open constraints were introduced to model the many industrial applications in which a task can be handled by several resources. Open constraints are unique because the set of variables over which the the constraint is defined is a set-variable. Regin and van Hoeve recently showed how to filter an open GCC constraint when the set variable use a subset-bound domain. This paper considers open constraints in which the set-variables use the richer length-lex domain of Gervet and Van Hentenryck which includes cardinality and lexicographic information, while enforcing bound-consistency for a variety of important constraints. The paper makes two orthogonal contributions. First, it shows how to derive a filtering algorithm for the length-lex open constraint from the cost-based version of the closed version. The key insight is that well chosen weights allow to map the total order of length-lex sets with the total order of set weights. Second, it shows how to derive a filtering algorithm for a...
Lecture Notes in Computer Science, 2018
Tolerant Algebraic Side-Channel Attack (TASCA) is a combination of algebraic and side-channel ana... more Tolerant Algebraic Side-Channel Attack (TASCA) is a combination of algebraic and side-channel analysis with error tolerance. Oren et al., used mathematical programming to implement TASCA over a round-limited version of AES. In [7], Liu et al. revisited their results and introduced a TASCA-CP model that delivers solutions to this 1-round relaxation with orders of magnitude improvement in both solving time and memory consumption.
Lecture Notes in Computer Science, 2017
AES is a mainstream block cipher used in many protocols and whose resilience against attack is es... more AES is a mainstream block cipher used in many protocols and whose resilience against attack is essential for cybersecurity. In [14], Oren and Wool discuss a Tolerant Algebraic Side-Channel Analysis (TASCA) and show how to use optimization technology to exploit side-channel information and mount a computational attack against AES. This paper revisits the results and posits that Constraint Programming is a strong contender and a potent optimization solution. It extends bit-vector solving as introduced in [8], develops a CP and an IP model and compares them with the original Pseudo-Boolean formulation. The empirical results establish that CP can deliver solutions with orders of magnitude improvement in both run time and memory usage, traits that are essential to potential adoption by cryptographers.
Integration of Constraint Programming, Artificial Intelligence, and Operations Research, 2019
Deploying a cloud-based distributed application created from the composition of micro-services is... more Deploying a cloud-based distributed application created from the composition of micro-services is a challenging problem. It mandates the resolution of a resource allocation problem accounting for resource utilization and network load. But it also imposes security requirements such as the selection of suitable technology stacks to protect the communication channels. Both sets of decisions are intimately related as hosting decisions affect the cost or feasibility of security measures under consideration. This paper revisits the problem and focuses on a scalable approach suitable to deploy large distributed applications. Specifically, it introduces a counting-based model to deliver solutions for hundreds of services within short computation times. The essence is to side-step some of the difficulties by focusing first and foremost on deciding how many services of each type need to be deployed at each location and postponing the instance connectivity problem to a post-optimization phase. Empirical results demonstrate the scope of the improvements and illustrate the performance to expect as a function of instance sizes.
Proceedings of the First International ICST Conference on Simulation Tools and Techniques for Communications Networks and Systems, 2008
The public reporting burden for this collection of information is estimated to average 1 hour per... more The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing the burden, to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188),
Modern cloud-based services help deliver distributed software and aim to deliver a cost-effective... more Modern cloud-based services help deliver distributed software and aim to deliver a cost-effective solution while ensuring that application requirements are met. Deploying a Cloud-based implementation demands the resolution of a resource allocation problem to determine where and how software modules are deployed. For instance, one must decide, for each module, whether to deploy on a commercial elastic cloud provider or an in-house data-center as well as how to secure the communication channels that exist between services hosted with different providers. Each application is a collection of communicating micro-services that provides load-balancing and fault-tolerance to ensure quality of service requirements. There exists many choices as to what to deploy, where and which communication technologies to use. The purpose of this paper is to simultaneously solve the deployment of software services, the selection of suitable technologies for communication channels to meet the functional, pe...
Integration of AI and OR Techniques in Contraint Programming for Combinatorial Optimzation Problems, 2012
Robust search procedures are a central component in the design of black-box constraint-programmin... more Robust search procedures are a central component in the design of black-box constraint-programming solvers. This paper proposes activity-based search which uses the activity of variables during propagation to guide the search. Activity-based search was compared experimentally to impact-based search and the wdeg heuristics but not to solution counting heuristics. Experimental results on a variety of benchmarks show that activity-based search is more robust than other heuristics and may produce significant improvements in performance.
Journal of Artificial Intelligence Research, 2012
We study the behavior of the A* search algorithm when coupled with a heuristic h satisfying (1-ep... more We study the behavior of the A* search algorithm when coupled with a heuristic h satisfying (1-epsilon1)h*
International Series in Operations Research & Management Science, 2005
ABSTRACT
IEEE Transactions on Power Systems, 2016
Short-term load forecasting at the distribution level predicts the load of substations, feeders, ... more Short-term load forecasting at the distribution level predicts the load of substations, feeders, transformers, and possibly customers from half an hour to one week ahead. Effective forecasting is important for the planning and operation of distribution systems. The problem, however, is difficult in view of complicated load features, the large number of distribution-level nodes, and possible switching operations. In this paper, a new forecasting approach within the hierarchical structure is presented to solve these difficulties. Load of the root node at any user-defined subtree is first forecast by a wavelet neural network with appropriate inputs. Child nodes categorized as "regular" and "irregular" based on load pattern similarities are then forecast separately. Load of a regular child node is simply forecast as the proportion from the parent node load forecast while the load of an irregular child node is forecast by an individual neural network model. Switching operation detection and follow-up adjustments are also performed to capture abnormal changes and improve the forecasting accuracy. This new approach captures load characteristics of nodes at different levels, takes advantage of pattern similarities between a parent node and its child nodes, detects abnormalities, and provides high quality forecasts as demonstrated by two practical datasets.
This Small Business Technology Tnuisrer Phase I project advanced the stale uf the art in formal m... more This Small Business Technology Tnuisrer Phase I project advanced the stale uf the art in formal modeling and engineering of complex distributed systems. The pursued research and development approach included: (a) modeling languagc(H) that can be used to represent complex distributed systems and their components, theory and methodology providing sound inathemalical basis for modeling systems and reasoning about their properties, (6) extensible and scalable analysis tools that can be used to validate correctness and performauce properties, and automated synthesis.tools that can produce efficient deployment schemes of the software components in target networks subject to specified constraints. In prior research we developed an expressive modeting language, called Tempo, that can be used to represent complex distributed systems and their compoueuts. We also have developed the theory and methodology providing sonud mathematical basis for modeling systems and reasoning about their properties, along with tools that can be used to validate correctness and performance properties. In tins project we have extended the methodology to incorporate additional means for reasoning about probabilistic and hybrid systems. Based on these developments, we built an extended integrated development environment, called Tempo, for modeling, synthesis, and analysis of distributed systems We have also prototyped a methodology that can be used to generate working code from system models and yield dhcient deployment of the software components in target networks. The ultimate goal of this work is to develop a complete and comprehensive formal methodology based in sound theory, and an industrial-grade extensible integrated software engineering environment for the huplementors of modern distributed software systems. The preliminary release of the system for Linux, Windows, and OSX-PPC platforms is available at www.veromodo.com.
Constraints, 2016
This paper presents a microkernel architecture for constraint programming organized around a numb... more This paper presents a microkernel architecture for constraint programming organized around a number of small number of core functionalities and minimal interfaces. The architecture contrasts with the monolithic nature of many implementations. Experimental results indicate that the software engineering benefits are not incompatible with runtime efficiency.
I most especially thank my advisor, Ion Mȃndoiu, without whom this work would not have been done.... more I most especially thank my advisor, Ion Mȃndoiu, without whom this work would not have been done. For giving me the opportunity to study here, for all his tireless help, for invaluable advice and suggestions, I am most grateful to him. I also want to express my gratitude to my former advisor at the A.I.Cuza University of Iaşi, Ferucio Laurenţiu Ţ iplea, for believing in me. Additionally, I would like to thank my associate advisors, Laurent Michel and Alexander Russell, for serving on my examination committee and also my colleagues, Jin Jun and Bogdan Paşaniuc, for kindly reviewing part of this thesis. Finally, I acknowledge the constant support and encouragements I have received from my family and friends.
2011 Ieee Power and Energy Society General Meeting, Jul 1, 2011
In this paper, we present several issues that need to be addressed to incorporate dynamic permiss... more In this paper, we present several issues that need to be addressed to incorporate dynamic permissions-permissions depending on runtime elements-into our current approach to model access control: the role slice. We summarize four tasks that conforms to our future research directions: extending the role-slice artifact to represent permissions based on runtime elements; refining the rules that relate role-slice hierarchies with class hierarchies; improving the generation of aspect-oriented enforcement code for dynamic permissions; and, negative permission checking at runtime. These extensions to our work are expected to produce a complete system to model and implement fine-grained access control policies in object-oriented systems.
Despite its widespread usage, the Unified Modeling Language (UML) specification still lacks forma... more Despite its widespread usage, the Unified Modeling Language (UML) specification still lacks formal, explicit, support for access control. This paper proposes an approach to model security as a separate concern by augmenting UML with separate and new diagrams for role-based, discretionary, and mandatory access controls; collectively, these diagrams provide visual access-control aspects. Individually, each of these diagrams contain a set of security features that augment UML with security capabilities. The intent is to provide designers with a broad set of security features, where they can select only the features needed by their application, merge them into UML, and utilize the custom result to model security aspects. This paper presents a set of features extracted from role-based, discretionary, and mandatory access control, demonstrates their composition into a customizable security model in UML (including a formal basis), and illustrates the approach via a university application.
Recently, two e-voting technologies have been introduced and used extensively in election procedu... more Recently, two e-voting technologies have been introduced and used extensively in election procedures: direct recording electronic (DRE) systems and optical scanners. The latter are typically deemed safer as many recent security reports have discovered substantial vulnerabilities in a variety of DRE systems. In this paper we present an attack against the Diebold Accuvote optical scan voting terminal (AV-OS). Previously known attacks direct to the AV-OS required physical access to the memory card and use of difficult to find hardware (card reader/writer). Our attack bypasses these issues by using the serial port of the AV-OS terminal and reverse engineering the communication protocol, in essence, using the terminal itself as a reader/writer. Our analysis is based solely on reverse-engineering. We demonstrate how an attacker can exploit the serious security vulnerability of weak (non-cryptographic) authentication properties of the terminal. The attack payload delivers a tampered ballot layout that, depending on the scenario, allows swapping of candidate votes, neutralizing votes, or even shifting votes from one candidate to another.
Computers & Mathematics with Applications, 1997
Integration of AI and OR Techniques in Constraint Programming for Combinatorial Optimization Problems, 2008
Recently, Gargani and Refalo (G&R) presented an elegant model for the Steel Mill Slab Design Prob... more Recently, Gargani and Refalo (G&R) presented an elegant model for the Steel Mill Slab Design Problem (Problem 38 in the CSP LIB). Contrary to earlier approaches, their model does not use 0/1 variables but exploits the traditional expressiveness of constraint programming. G&R indicated that static symmetry-breaking constraints proposed earlier are not effective on this model, as these interact with their heuristic. Instead they use large neighborhood search to obtain solutions quickly. This paper shows that a simple search procedure breaking symmetries dynamically leads to a constraint program solving the problem in a few seconds, while maintaining the completeness of the approach and removing the need for large neighborhood search.
Open constraints were introduced to model the many industrial applications in which a task can be... more Open constraints were introduced to model the many industrial applications in which a task can be handled by several resources. Open constraints are unique because the set of variables over which the the constraint is defined is a set-variable. Regin and van Hoeve recently showed how to filter an open GCC constraint when the set variable use a subset-bound domain. This paper considers open constraints in which the set-variables use the richer length-lex domain of Gervet and Van Hentenryck which includes cardinality and lexicographic information, while enforcing bound-consistency for a variety of important constraints. The paper makes two orthogonal contributions. First, it shows how to derive a filtering algorithm for the length-lex open constraint from the cost-based version of the closed version. The key insight is that well chosen weights allow to map the total order of length-lex sets with the total order of set weights. Second, it shows how to derive a filtering algorithm for a...
Lecture Notes in Computer Science, 2018
Tolerant Algebraic Side-Channel Attack (TASCA) is a combination of algebraic and side-channel ana... more Tolerant Algebraic Side-Channel Attack (TASCA) is a combination of algebraic and side-channel analysis with error tolerance. Oren et al., used mathematical programming to implement TASCA over a round-limited version of AES. In [7], Liu et al. revisited their results and introduced a TASCA-CP model that delivers solutions to this 1-round relaxation with orders of magnitude improvement in both solving time and memory consumption.
Lecture Notes in Computer Science, 2017
AES is a mainstream block cipher used in many protocols and whose resilience against attack is es... more AES is a mainstream block cipher used in many protocols and whose resilience against attack is essential for cybersecurity. In [14], Oren and Wool discuss a Tolerant Algebraic Side-Channel Analysis (TASCA) and show how to use optimization technology to exploit side-channel information and mount a computational attack against AES. This paper revisits the results and posits that Constraint Programming is a strong contender and a potent optimization solution. It extends bit-vector solving as introduced in [8], develops a CP and an IP model and compares them with the original Pseudo-Boolean formulation. The empirical results establish that CP can deliver solutions with orders of magnitude improvement in both run time and memory usage, traits that are essential to potential adoption by cryptographers.
Integration of Constraint Programming, Artificial Intelligence, and Operations Research, 2019
Deploying a cloud-based distributed application created from the composition of micro-services is... more Deploying a cloud-based distributed application created from the composition of micro-services is a challenging problem. It mandates the resolution of a resource allocation problem accounting for resource utilization and network load. But it also imposes security requirements such as the selection of suitable technology stacks to protect the communication channels. Both sets of decisions are intimately related as hosting decisions affect the cost or feasibility of security measures under consideration. This paper revisits the problem and focuses on a scalable approach suitable to deploy large distributed applications. Specifically, it introduces a counting-based model to deliver solutions for hundreds of services within short computation times. The essence is to side-step some of the difficulties by focusing first and foremost on deciding how many services of each type need to be deployed at each location and postponing the instance connectivity problem to a post-optimization phase. Empirical results demonstrate the scope of the improvements and illustrate the performance to expect as a function of instance sizes.
Proceedings of the First International ICST Conference on Simulation Tools and Techniques for Communications Networks and Systems, 2008
The public reporting burden for this collection of information is estimated to average 1 hour per... more The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing the burden, to Department of Defense, Washington Headquarters Services, Directorate for Information Operations and Reports (0704-0188),
Modern cloud-based services help deliver distributed software and aim to deliver a cost-effective... more Modern cloud-based services help deliver distributed software and aim to deliver a cost-effective solution while ensuring that application requirements are met. Deploying a Cloud-based implementation demands the resolution of a resource allocation problem to determine where and how software modules are deployed. For instance, one must decide, for each module, whether to deploy on a commercial elastic cloud provider or an in-house data-center as well as how to secure the communication channels that exist between services hosted with different providers. Each application is a collection of communicating micro-services that provides load-balancing and fault-tolerance to ensure quality of service requirements. There exists many choices as to what to deploy, where and which communication technologies to use. The purpose of this paper is to simultaneously solve the deployment of software services, the selection of suitable technologies for communication channels to meet the functional, pe...
Integration of AI and OR Techniques in Contraint Programming for Combinatorial Optimzation Problems, 2012
Robust search procedures are a central component in the design of black-box constraint-programmin... more Robust search procedures are a central component in the design of black-box constraint-programming solvers. This paper proposes activity-based search which uses the activity of variables during propagation to guide the search. Activity-based search was compared experimentally to impact-based search and the wdeg heuristics but not to solution counting heuristics. Experimental results on a variety of benchmarks show that activity-based search is more robust than other heuristics and may produce significant improvements in performance.
Journal of Artificial Intelligence Research, 2012
We study the behavior of the A* search algorithm when coupled with a heuristic h satisfying (1-ep... more We study the behavior of the A* search algorithm when coupled with a heuristic h satisfying (1-epsilon1)h*
International Series in Operations Research & Management Science, 2005
ABSTRACT
IEEE Transactions on Power Systems, 2016
Short-term load forecasting at the distribution level predicts the load of substations, feeders, ... more Short-term load forecasting at the distribution level predicts the load of substations, feeders, transformers, and possibly customers from half an hour to one week ahead. Effective forecasting is important for the planning and operation of distribution systems. The problem, however, is difficult in view of complicated load features, the large number of distribution-level nodes, and possible switching operations. In this paper, a new forecasting approach within the hierarchical structure is presented to solve these difficulties. Load of the root node at any user-defined subtree is first forecast by a wavelet neural network with appropriate inputs. Child nodes categorized as "regular" and "irregular" based on load pattern similarities are then forecast separately. Load of a regular child node is simply forecast as the proportion from the parent node load forecast while the load of an irregular child node is forecast by an individual neural network model. Switching operation detection and follow-up adjustments are also performed to capture abnormal changes and improve the forecasting accuracy. This new approach captures load characteristics of nodes at different levels, takes advantage of pattern similarities between a parent node and its child nodes, detects abnormalities, and provides high quality forecasts as demonstrated by two practical datasets.
This Small Business Technology Tnuisrer Phase I project advanced the stale uf the art in formal m... more This Small Business Technology Tnuisrer Phase I project advanced the stale uf the art in formal modeling and engineering of complex distributed systems. The pursued research and development approach included: (a) modeling languagc(H) that can be used to represent complex distributed systems and their components, theory and methodology providing sound inathemalical basis for modeling systems and reasoning about their properties, (6) extensible and scalable analysis tools that can be used to validate correctness and performauce properties, and automated synthesis.tools that can produce efficient deployment schemes of the software components in target networks subject to specified constraints. In prior research we developed an expressive modeting language, called Tempo, that can be used to represent complex distributed systems and their compoueuts. We also have developed the theory and methodology providing sonud mathematical basis for modeling systems and reasoning about their properties, along with tools that can be used to validate correctness and performance properties. In tins project we have extended the methodology to incorporate additional means for reasoning about probabilistic and hybrid systems. Based on these developments, we built an extended integrated development environment, called Tempo, for modeling, synthesis, and analysis of distributed systems We have also prototyped a methodology that can be used to generate working code from system models and yield dhcient deployment of the software components in target networks. The ultimate goal of this work is to develop a complete and comprehensive formal methodology based in sound theory, and an industrial-grade extensible integrated software engineering environment for the huplementors of modern distributed software systems. The preliminary release of the system for Linux, Windows, and OSX-PPC platforms is available at www.veromodo.com.
Constraints, 2016
This paper presents a microkernel architecture for constraint programming organized around a numb... more This paper presents a microkernel architecture for constraint programming organized around a number of small number of core functionalities and minimal interfaces. The architecture contrasts with the monolithic nature of many implementations. Experimental results indicate that the software engineering benefits are not incompatible with runtime efficiency.
I most especially thank my advisor, Ion Mȃndoiu, without whom this work would not have been done.... more I most especially thank my advisor, Ion Mȃndoiu, without whom this work would not have been done. For giving me the opportunity to study here, for all his tireless help, for invaluable advice and suggestions, I am most grateful to him. I also want to express my gratitude to my former advisor at the A.I.Cuza University of Iaşi, Ferucio Laurenţiu Ţ iplea, for believing in me. Additionally, I would like to thank my associate advisors, Laurent Michel and Alexander Russell, for serving on my examination committee and also my colleagues, Jin Jun and Bogdan Paşaniuc, for kindly reviewing part of this thesis. Finally, I acknowledge the constant support and encouragements I have received from my family and friends.
2011 Ieee Power and Energy Society General Meeting, Jul 1, 2011