Search results

The early detection of potential threats during the modelling phase of a Secure Information System (IS) is required because it favours the design of a robust access control policy and the prevention of malicious behaviours during the system execution. This involves studying the validation of access control rules and performing vulnerabilities automated checks before the IS operationalization. We are particularly interested in detecting vulnerabilities that can be exploited by internal trusted users to commit attacks, called insider attacks, by taking advantage of their legitimate access to the system. To do so, we use formal B specifications which are generated by the B4MSecure platform from UML functional models and a SecureUML modelling of role-based access control rules. Since these vulnerabilities are due to the dynamic evolution of the functional state, we propose to study the reachability of someundesirable states starting from a normal state of the system. The proposed techniques are an alternative to model-checking techniques. Indeed, they implement symbolic backward search algorithm based on complementary approaches: proof and constraint solving. This rich technical background allowed the development of the GenISIS tool which automates our approach and which was successfully experimented on several case studies available in the literature. These experiments showed its capability to extract already published attacks but also new attacks. ; La sécurité des Systèmes d'Information (SI) constitue un défi majeur car elle conditionne amplement la future exploitation d'un SI. C'est pourquoi l'étude des vulnérabilités d'un SI dès les phases conceptuelles est cruciale. Il s'agit d'étudier la validation de politiques de sécurité, souvent exprimées par des règles de contrôle d'accès, et d'effectuer des vérifications automatisées sur des modèles afin de garantir une certaine confiance dans le SI avant son opérationnalisation. Notre intérêt porte plus particulièrement sur la détection des vulnérabilités pouvant être ...

Part 4: Infrastructures ; International audience ; Digital infrastructures (DI) that support information exchange related to international trade processes (here referred to as Digital Trade Infrastructures (DTI)) have been seen as an instrument to help address the trade facilitation and security challenges. Data pipelines can be seen as an example of a DTI. Data pipelines are IT innovations that enable the timely provision of data captured at the source from different information systems available in the supply chain. Using the pipeline companies can share information with authorities and enjoy trade facilitation in return. The benefits of such data pipelines have been showcased in demonstrator settings. However, outside the controlled environment of demonstrator installations, the adoption and growth of these DTIs has been limited. The benefits based on purely implementing the data pipeline are limited. Combining data pipeline capability with Coordinated Border Management (CBM) has potential to articulate more clear benefits for stakeholders and push further investments and wider adoption. In this paper based on the FloraHolland trade lane related to exporting flowers from Kenya to the Netherlands we discuss a data pipeline/CBM innovation. Through the conceptual lens of DI (examining architectural, process and governance dimensions) we demonstrate the potential benefits of data pipeline/CBM innovation and the complex alignment processes between business and government actors needed for the further adoption. From a theoretical point of view we enhance the understanding regarding the governance dimension of such data pipeline/CBM innovations by identifying four type of alignments processes involving businesses and government actors nationally and internationally. As such the paper contributes to the body of research on DI and more specifically DTI. Form a point of view of practice, the insights from our analysis can be used to better understand other data pipeline/CBM innovation alignment processes in other ...

Part 2: Service Delivery ; International audience ; For the last decade e-government research has underlined the importance of an external user perspective in public e-service development and there have been numerous attempts to provide guidance and directions for government agencies in this matter. Individual research studies show little progress in this matter, but a more generalisable picture of the current state of external user inclusion is missing. The aim of this paper is to provide a better and more generalisable understanding of Swedish government agencies' current practice of external user inclusion in public e-service development. In order to do so, we have interviewed Swedish government agencies regarding their perceptions on external user inclusion. Our findings show mixed results regarding attitudes towards and current practice of external user inclusion. It is clear that organisational size and previous experience of public e-service development matter. At the same time challenges such as a general lack of resurces and a lack of time are seen as general barriers, regardless of agency level and size.

International audience ; — As the global energy demand is increasing, the share of renewable energy and specifically wind energy in the supply is growing. While vast literature exists on the design and operation of wind turbines, there exists a gap in the literature with regards to the investigation and analysis of wind turbine accidents. This paper describes the application of text mining and machine learning techniques for discovering actionable insights and knowledge from news articles on wind turbine accidents. The applied analysis methods are text processing, clustering, and multidimensional scaling (MDS). These methods have been combined under a single analysis framework, and new insights have been discovered for the domain. The results of our research can be used by wind turbine manufacturers, engineering companies, insurance companies, and government institutions to address problem areas and enhance systems and processes throughout the wind energy value chain.

Hegemonic stability theory holds that a dominant power can produce international cooperation by providing public goods and resolving collective action dilemmas. Successful hegemons also resist the temptation to exploit their advantages in order to reduce other states' fear of domination. This article asks whether or not the internet needs the United States to play a similar role. If so, Washington should pursue policies designed to strengthen internet security while eschewing espionage and cyberattacks that rely on some degree of internet insecurity. If not, it can go on the offensive without fear of undermining the system as a whole. We examine the technical and political fallout from revealed offensive cyberoperations to assess the relative fragility of the internet. Our findings suggest that it is relatively resilient.

The early detection of potential threats during the modelling phase of a Secure Information System (IS) is required because it favours the design of a robust access control policy and the prevention of malicious behaviours during the system execution. This involves studying the validation of access control rules and performing vulnerabilities automated checks before the IS operationalization. We are particularly interested in detecting vulnerabilities that can be exploited by internal trusted users to commit attacks, called insider attacks, by taking advantage of their legitimate access to the system. To do so, we use formal B specifications which are generated by the B4MSecure platform from UML functional models and a SecureUML modelling of role-based access control rules. Since these vulnerabilities are due to the dynamic evolution of the functional state, we propose to study the reachability of someundesirable states starting from a normal state of the system. The proposed techniques are an alternative to model-checking techniques. Indeed, they implement symbolic backward search algorithm based on complementary approaches: proof and constraint solving. This rich technical background allowed the development of the GenISIS tool which automates our approach and which was successfully experimented on several case studies available in the literature. These experiments showed its capability to extract already published attacks but also new attacks. ; La sécurité des Systèmes d'Information (SI) constitue un défi majeur car elle conditionne amplement la future exploitation d'un SI. C'est pourquoi l'étude des vulnérabilités d'un SI dès les phases conceptuelles est cruciale. Il s'agit d'étudier la validation de politiques de sécurité, souvent exprimées par des règles de contrôle d'accès, et d'effectuer des vérifications automatisées sur des modèles afin de garantir une certaine confiance dans le SI avant son opérationnalisation. Notre intérêt porte plus particulièrement sur la détection des vulnérabilités pouvant être ...

The early detection of potential threats during the modelling phase of a Secure Information System (IS) is required because it favours the design of a robust access control policy and the prevention of malicious behaviours during the system execution. This involves studying the validation of access control rules and performing vulnerabilities automated checks before the IS operationalization. We are particularly interested in detecting vulnerabilities that can be exploited by internal trusted users to commit attacks, called insider attacks, by taking advantage of their legitimate access to the system. To do so, we use formal B specifications which are generated by the B4MSecure platform from UML functional models and a SecureUML modelling of role-based access control rules. Since these vulnerabilities are due to the dynamic evolution of the functional state, we propose to study the reachability of someundesirable states starting from a normal state of the system. The proposed techniques are an alternative to model-checking techniques. Indeed, they implement symbolic backward search algorithm based on complementary approaches: proof and constraint solving. This rich technical background allowed the development of the GenISIS tool which automates our approach and which was successfully experimented on several case studies available in the literature. These experiments showed its capability to extract already published attacks but also new attacks. ; La sécurité des Systèmes d'Information (SI) constitue un défi majeur car elle conditionne amplement la future exploitation d'un SI. C'est pourquoi l'étude des vulnérabilités d'un SI dès les phases conceptuelles est cruciale. Il s'agit d'étudier la validation de politiques de sécurité, souvent exprimées par des règles de contrôle d'accès, et d'effectuer des vérifications automatisées sur des modèles afin de garantir une certaine confiance dans le SI avant son opérationnalisation. Notre intérêt porte plus particulièrement sur la détection des vulnérabilités pouvant être ...

se analizan las políticas educativas aplicadas en la región de madrid en relación con la integración de las tiC en educación. es un estudio de tipo político - legislativo. se recogen declaraciones periodísticas y normativa emitida sobre procesos innovadores con tiC en educación. se realiza un análisis transversal y denso, que procura formular una teoría, y que sólo se ha podido contrastar con directivos y profesionales. entre los principales resultados se observa cómo la política adoptada repite algunos de los cánones del planteamiento de políticas educativas neoliberales en general, y las que aplica la Comunidad de madrid en particular, si bien tiene algunos rasgos que la mantienen en el espacio neutro tradicional en la gestión de las políticas sobre tiC en educación. ; it analyzes educational policies applied in the Region of madrid in relation to the integration of iCt in education. it is a political – legislative study. it was collected regulations and press statements on iCt innovative processes in education. there is a dense cross-sectional analysis, which seeks to formulate a theory, and that could only be contrasted with managers and professionals. the main results show how the policy repeats some of the canons of neo-liberal approach to education policy in general and those applied by the Region of madrid in particular, although it has some features that remain in the neutral space in the traditional management policies on iCt in education

International audience ; Le projet ANR Democrat vise à développer les recherches sur la langue et la structuration textuelle du français via l'analyse détaillée et contrastive des chaînes de références (instanciations successives d'une même entité) dans un corpus diachronique de textes écrits entre le 9ème et le 21ème siècle, avec des genres textuels variés. Il réunit des chercheurs issus des laboratoires Lattice, LiLPa et ICAR. Il a été lancé en mars 2016 et l'essentiel des efforts porte actuellement sur la constitution et l'annotation (manuelle) d'un corpus. Plusieurs expérimentations d'annotation ont eu lieu, de manière à tester différentes procédures, et notamment avec ou sans pré-annotation (automatique) des expressions référentielles. Ce poster décrit cette première phase de travaux.

La integración de mercados de electricidad trae consigo un conjunto de beneficios para la sociedad, confiabilidad y seguridad en el suministro eléctrico, uso óptimo de recursos, inversión, menores precios de la electricidad, entre otros, beneficios que dependen de la articulación de diferentes aspectos: técnico, económico, regulatorio y político, los cuales caracterizan el nivel de integración entre los mercados. En esta tesis se desarrolló un esquema para la evaluación de la dinámica de la integración de mercados eléctricos haciendo uso de un modelo de simulación en dinámica de sistemas que permite observar el comportamiento de los fundamentales del mercado como consecuencia de las políticas de integración. El esquema desarrollado se aplicó para evaluar la integración de los mercados de Panamá, Colombia y Ecuador, encontrando que existen grandes retos que afronta la integración como resultado de la autonomía energética que cada país busca tener, así como de la valoración de los beneficios y la percepción de una distribución equitativa de los mismos por parte de los tomadores de decisiones y aprobadores de política. ; Abstract: The electricity market integration bring a set of benefit of society, reliability and security supply, optimal use of resources, investment, lower electricity price, in others, benefits depends on the articulation of different kinds of aspect : technical, economic, regulatory and political, which characterized the integration level among markets. In this thesis, it is developed a scheme for the evaluation of electricity market integration dynamics using the system dynamic model that follows to see of fundamental behaviour as a result of the integration politics. The schemes developed is applied for evaluation of the integration dynamic among, Panama, Colombia and Ecuador, it is found, the integration faces major challenges due to energetic autonomy and national sovereignty that each government wants to have, as well as, assessment benefits and perception of the equitable distribution of them by decision makers and energy policy makers. ; Doctorado

Event attribution aims to estimate the role of an external driver after the occurrence of an extreme weather and climate event by comparing the probability that the event occurs in two counterfactual worlds. These probabilities are typically computed using ensembles of climate simulations whose simulated probabilities are known to be imperfect. The implications of using imperfect models in this context are largely unknown, limited by the number of observed extreme events in the past to conduct a robust evaluation. Using an idealized framework, this model limitation is studied by generating large number of simulations with variable reliability in simulated probability. The framework illustrates that unreliable climate simulations are prone to overestimate the attributable risk to climate change. Climate model ensembles tend to be overconfident in their representation of the climate variability which leads to systematic increase in the attributable risk to an extreme event. Our results suggest that event attribution approaches comprising of a single climate model would benefit from ensemble calibration in order to account for model inadequacies similarly as operational forecasting systems. ; We would like to acknowledge valuable discussions and feedback received from François Massonnet, Nathalie Schaller, Chloé Prodhomme, and Fraser Lott. This work was supported by the EUropean CLimate and weather Events: Interpretation and Attribution (EUCLEIA), funded by the European Union's Seventh Framework Programme [FP7/2007-2013] under grant agreement 607085 and the ESA Living Planet Fellowship Programme under the project VERITAS-CCI. We are further indebted to the s2dverification (http://cran.r-project.org/web/packages/ SpecsVerification/index.html) and specsverification (http://cran.r-project.org/ web/packages/s2dverification/index. html) with which the calculations have been carried out. The synthetic hindcast generator has been implemented into s2dverfiction. No further data were used in producing this manuscript. ; Peer Reviewed ; Postprint (published version)

Event attribution aims to estimate the role of an external driver after the occurrence of an extreme weather and climate event by comparing the probability that the event occurs in two counterfactual worlds. These probabilities are typically computed using ensembles of climate simulations whose simulated probabilities are known to be imperfect. The implications of using imperfect models in this context are largely unknown, limited by the number of observed extreme events in the past to conduct a robust evaluation. Using an idealized framework, this model limitation is studied by generating large number of simulations with variable reliability in simulated probability. The framework illustrates that unreliable climate simulations are prone to overestimate the attributable risk to climate change. Climate model ensembles tend to be overconfident in their representation of the climate variability which leads to systematic increase in the attributable risk to an extreme event. Our results suggest that event attribution approaches comprising of a single climate model would benefit from ensemble calibration in order to account for model inadequacies similarly as operational forecasting systems. ; We would like to acknowledge valuable discussions and feedback received from François Massonnet, Nathalie Schaller, Chloé Prodhomme, and Fraser Lott. This work was supported by the EUropean CLimate and weather Events: Interpretation and Attribution (EUCLEIA), funded by the European Union's Seventh Framework Programme [FP7/2007-2013] under grant agreement 607085 and the ESA Living Planet Fellowship Programme under the project VERITAS-CCI. We are further indebted to the s2dverification (http://cran.r-project.org/web/packages/ SpecsVerification/index.html) and specsverification (http://cran.r-project.org/ web/packages/s2dverification/index. html) with which the calculations have been carried out. The synthetic hindcast generator has been implemented into s2dverfiction. No further data were used in producing this manuscript. ; Peer Reviewed ; Postprint (published version)

Rectangular layouts, subdivisions of an outer rectangle into smaller rectangles, have many applications in visualizing spatial information, for instance in rectangular cartograms in which the rectangles represent geographic or political regions. A spatial treemap is a rectangular layout with a hierarchical structure: the outer rectangle is subdivided into rectangles that are in turn subdivided into smaller rectangles. We describe algorithms for transforming a rectangular layout that does not have this hierarchical structure, together with a clustering of the rectangles of the layout, into a spatial treemap that respects the clustering and also respects to the extent possible the adjacencies of the input layout. ; Peer Reviewed ; Postprint (published version)

International audience ; Le projet ANR Democrat vise à développer les recherches sur la langue et la structuration textuelle du français via l'analyse détaillée et contrastive des chaînes de références (instanciations successives d'une même entité) dans un corpus diachronique de textes écrits entre le 9ème et le 21ème siècle, avec des genres textuels variés. Il réunit des chercheurs issus des laboratoires Lattice, LiLPa et ICAR. Il a été lancé en mars 2016 et l'essentiel des efforts porte actuellement sur la constitution et l'annotation (manuelle) d'un corpus. Plusieurs expérimentations d'annotation ont eu lieu, de manière à tester différentes procédures, et notamment avec ou sans pré-annotation (automatique) des expressions référentielles. Ce poster décrit cette première phase de travaux.

Part 3: E-government Services and Governance ; International audience ; To develop robust and achievable e-government strategies that build the grounds for sustainable solutions, decision makers need to have a good understanding of their country's socio-economic, political and legal contexts. Particularly, they need to be well aware about challenges that might hinder successful implementation of their strategy. To make valuable contributions in e-government strategy development, analysis of e-government challenges needs to be comprehensive and informative by including insights of qualitative and quantitative analysis. Although numerous studies in e-government challenges exist, they fail to do a systematic and structured qualitative analysis of the challenges in regards to interdependencies among challenges or to measure the wider impact of challenges. Methods to support such a comprehensive analysis are scarce. In this contribution, we propose a novel mix of three methods for qualitative and quantitative analysis of e-government challenges, combining the PESTELMO analysis method, DEMATEL and ANP. The results show that this mixed approach is suitable and significant to provide the complementarity needed for a comprehensive understanding of e-government challenges.