The SecureSCM project (www.securescm.org) aims to develop cryptographic solutions to the problem of data sharing in Supply Chain Optimization (SCO). The SCO problem has a precise mathematical structure. It is an instance of the general... more
The SecureSCM project (www.securescm.org) aims to develop cryptographic solutions to the problem of data sharing in Supply Chain Optimization (SCO). The SCO problem has a precise mathematical structure. It is an instance of the general Linear Programming (LP) problem. However, standard techniques for LP problems are not suitable for this purpose because they require participants to reveal private data needed as input to the algorithm. The risk of revealing this information far exceeds the benefits gained. Therefore, the aim of the project is to develop efficient techniques for securely solving LP problems. In this paper we give a summary of work done in the cryptographic aspects of the project. We describe the state-of-the art building blocks for secure linear programming along with an analysis of their complexity. 1
Research Interests:
ABSTRACT During the decade that has elapsed since its standardisation by ISO, the Estelle formal description technique has been successfully applied to the development of various communications protocols. We present in this paper a... more
ABSTRACT During the decade that has elapsed since its standardisation by ISO, the Estelle formal description technique has been successfully applied to the development of various communications protocols. We present in this paper a protocol engineering methodology that has resulted from the use of Estelle in several projects, involving the specification, validation, performance analysis and implementation of real-life, complex protocols. The methodology is based on the support offered by the Estelle development toolset (edt). It gradually evolved, in parallel with the continuous enhancement of edt, aiming to provide a protocol engineering environment that consistently supports the entire development process. We outline in the paper the principles of the methods and illustrate them with examples of their application to the development of an innovative transport protocol with multicast and multimedia capabilities.
Research Interests:
Research Interests:
Research Interests:
During the decade that has elapsed since its standardisation by ISO, the Estelle formal description technique has been successfully applied to the development of various communications protocols. We present in this paper a protocol... more
During the decade that has elapsed since its standardisation by ISO, the Estelle formal description technique has been successfully applied to the development of various communications protocols. We present in this paper a protocol engineering methodology that has resulted from the use of Estelle in several projects, involving the specification, validation, performance analysis and implementation of real-life, complex protocols. The methodology is based on the support offered by the Estelle Development Toolset (EDT). It gradually evolved, in parallel with the continuous enhancement of EDT, aiming to provide a protocol engineering environment that consistently supports the entire development process. We outline in the paper the principles of the methods and illustrate them with examples of their application to the development of an innovative transport protocol with multicast and multimedia capabilities. .H\ZRUGV Computer aided software engineering tools based on formal description techniques (FDT) can provide essential support for developing communications protocols and distributed systems. Ideally, this support should extend to all the development phases, from requirements capture and design (formal description and validation), to performance evaluation, implementation (automatic code generation) and conformance testing (automatic test generation). The tools gradually mature and become able to cope with industrial applications, but the user still encounters frustrating limitations and contradictions. For example, the design phase produces a simplified or partial formal description, due to limitations of the validation method and/or the FDT, while the automatic implementation requires a complete (yet correct) specification. For complex systems, this gap results in coding the implementation or a large part of it by hand. Also, classical FDT based approach focused on functional properties, neglecting quantitative, real-time properties. A different model is needed for performance analysis (e.g., queuing networks), resulting in substantial additional effort for developing and maintaining it during the design process. However, a trend towards an integrated FDT based methodology can be observed, e.g., in the tools using the standard FDTs Estelle [1] and SDL [2]. An Estelle model of a system is a hierarchy of communicating extended finite state machines , with a rigorous operational semantics. The current standard syntax is similar to that of the Pascal programming language. A graphical syntax has also been proposed [3]. Recent enhancements of the Estelle Development Toolset (EDT) [4] allow a more consistent support of the protocol engineering process, from formal specification to prototype implementation , with performance evaluation in early design phases. Moreover, several case studies have confirmed the applicability of this methodology to real-life, complex protocols. The first case study was dedicated to the Xpress Transport Protocol (XTP) version 4.0 [5]. It consisted of an Estelle specification and validation [6], a performance evaluation by
Research Interests:
With the advent of effective techniques and tools, the industrial use of the formal methods for telecommuni-cation systems development is rapidly extending. At the same time, the diversity of the applications determines a continuous... more
With the advent of effective techniques and tools, the industrial use of the formal methods for telecommuni-cation systems development is rapidly extending. At the same time, the diversity of the applications determines a continuous search for new methods. This paper presents a new approach for expressing the correctness requirements and the validation of the communication protocols. It addresses mainly the complex protocols, e.g., for multicast communications, and the detailed formal descriptions, needed for automatic implementation. The correctness requirements are expressed with respect to a set of significant events, using dependence relations. The specification is intuitive and can be made at various abstraction levels. Observed simulation can be used for verifying the specified properties, so that systems of practically any complexity can be tackled.
Research Interests:
—A video streaming system with over-the-top delivery has to select the servers that handle the service requests such that the content is delivered with the desired quality and system resources are efficiently used. Server selection can be... more
—A video streaming system with over-the-top delivery has to select the servers that handle the service requests such that the content is delivered with the desired quality and system resources are efficiently used. Server selection can be formulated as a multi-criteria optimization problem, but solving this problem requires dynamic information about system resources. In this paper , we study the performance achieved by service providers that deploy a resource monitoring infrastructure and optimize server selection using a Multi-Criteria Decision Algorithm (MCDA), and the performance achieved by lightweight service providers, using only static information and simpler selection methods. We implemented these methods in a simulator and compared their performance. The results show that MCDA offers important performance gains, justifying the costs of resource monitoring. Moreover, they motivate the search for server selection methods that could achieve similar performance with lower costs, by involving the clients in the selection process, using MCDA.
Research Interests:
Collaborative business applications can use secure mul-tiparty computation to preserve input privacy. These applications need protocols that provide all the basic operations with integers and rational numbers and allow secure composition... more
Collaborative business applications can use secure mul-tiparty computation to preserve input privacy. These applications need protocols that provide all the basic operations with integers and rational numbers and allow secure composition and efficient application development. Secure computation with rational numbers is a long-standing open problem. We present in this paper several components of a protocol family for secure computation with fixed-point numbers based on secret sharing.
Research Interests:
Collaborative optimization problems can often be modeled as a linear program whose objective function and constraints combine data from several parties. However, important applications of this model (e.g., supply chain planning) involve... more
Collaborative optimization problems can often be modeled as a linear program whose objective function and constraints combine data from several parties. However, important applications of this model (e.g., supply chain planning) involve private data that the parties cannot reveal to each other. Traditional linear programming methods cannot be used in this case. The problem can be solved using cryptographic protocols that compute with private data and preserve data privacy. We present a practical solution using multiparty computation based on secret sharing. The linear programming protocols use a variant of the simplex algorithm and secure computation with fixed-point rational numbers, optimized for this type of application. We present the main protocols as well as performance measurements for an implementation of our solution.
Research Interests:
Secure computation is a promising approach to business problems in which several parties want to run a joint application and cannot reveal their inputs. Secure computation preserves the privacy of input data using cryptographic protocols,... more
Secure computation is a promising approach to business problems in which several parties want to run a joint application and cannot reveal their inputs. Secure computation preserves the privacy of input data using cryptographic protocols, allowing the parties to obtain the benefits of data sharing and at the same time avoid the associated risks. These business applications need protocols that support all the primitive data types and allow secure protocol composition and efficient application development. Secure computation with rational numbers has been a challenging problem. We present in this paper a family of protocols for multiparty computation with rational numbers using fixed-point representation. This approach offers more efficient solutions for secure computation than other usual representations.
Research Interests:
We consider a collection of related multiparty computation protocols that provide core operations for secure integer and fixed-point computation. The higher-level protocols offer integer truncation and comparison , which are typically the... more
We consider a collection of related multiparty computation protocols that provide core operations for secure integer and fixed-point computation. The higher-level protocols offer integer truncation and comparison , which are typically the main performance bottlenecks in complex applications. We present techniques and building blocks that allow to improve the efficiency of these protocols, in order to meet the performance requirements of a broader range of applications. The protocols can be constructed using different secure computation methods. We focus on solutions for multiparty computation using secret sharing.
Research Interests:
Secure Multiparty Computation (SMC) protocols enable a group of mutually distrustful parties to perform a joint computation with private inputs. Novel e-commerce applications have emerged that could benefit from strong privacy protection,... more
Secure Multiparty Computation (SMC) protocols enable a group of mutually distrustful parties to perform a joint computation with private inputs. Novel e-commerce applications have emerged that could benefit from strong privacy protection, e.g., benchmarking, auctions, and collaborative supply chain management and planning. However, the uptake of SMC in these applications is still rare. We argue that this is due to poor performance, func-tionality, and scalability, as well as architectures that do not meet the needs of e-commerce applications. This paper explores SMC approaches and research directions, aiming at providing better support for e-commerce applications.
More effective algorithms and improved computing support have extended the applications that can be effectively tackled by validation methods based on simulation (state space exploration). However, the huge state spaces and complex... more
More effective algorithms and improved computing support have extended the applications that can be effectively tackled by validation methods based on simulation (state space exploration). However, the huge state spaces and complex functionality of most applications remain major problems. We present a validation method that uses guided simulation for a functional decomposition of the system's behav- iour. Essential aspects of
Research Interests:
On the improvement of Estelle based automatic implementations O. Catrina", A. Nogaib " Institut National des Telecommunications, 9 Charles ... ro Key words: Automatic protocol implementation, Estelle, transport protocol... more
On the improvement of Estelle based automatic implementations O. Catrina", A. Nogaib " Institut National des Telecommunications, 9 Charles ... ro Key words: Automatic protocol implementation, Estelle, transport protocol Abstract: The main challenges for the tools which derive ...
Page 1. Ts st J. William Atwood Octavian Catrina John Fenton W. Timothy Strayer Montreal, Quebec Bucharest Los Angeles, CA Livermore, CA Canada Romania USA USA Concordia University Polytehnica University Mentat, Inc. Sandia National... more
Page 1. Ts st J. William Atwood Octavian Catrina John Fenton W. Timothy Strayer Montreal, Quebec Bucharest Los Angeles, CA Livermore, CA Canada Romania USA USA Concordia University Polytehnica University Mentat, Inc. Sandia National Laboratories ct ...
Research Interests:
Abstract The SecureSCM project demonstrates the practical applicability of secure multiparty computation to online business collaboration. A prototype supply-chain management system protects the confidentiality of private data while... more
Abstract The SecureSCM project demonstrates the practical applicability of secure multiparty computation to online business collaboration. A prototype supply-chain management system protects the confidentiality of private data while rapidly adapting to changing business needs.
Research Interests:
... EBS Business School, Wiesbaden, Germany, Email: Richard.Pibernik@ebs.edu Octavian Catrina Universität Mannheim, Mannheim, Germany, Email: octavian.catrina@uni-mannheim.de ... to him there are three or more prime partners each of them... more
... EBS Business School, Wiesbaden, Germany, Email: Richard.Pibernik@ebs.edu Octavian Catrina Universität Mannheim, Mannheim, Germany, Email: octavian.catrina@uni-mannheim.de ... to him there are three or more prime partners each of them in charge of a main section of ...