Criticality and Confidence Issues in Avionics (2009)
Laarouchi, Youssef, Deswarte, Yves, Powell, David, Arlat, Jean, De Nadai, Eric
Ensuring safety in avionics has mostly been achieved through a complete separation between avionics software and open-world software, in order to avoid any interaction that could corrupt critical...
Criticality and Confidence Issues in Avionics (2009)
Laarouchi, Youssef, Deswarte, Yves, Powell, David, Arlat, Jean, De Nadai, Eric
Ensuring safety in avionics has mostly been achieved through a complete separation between avionics software and open-world software, in order to avoid any interaction that could corrupt critical...
Towards a Privacy-preserving National Identity Card (2009)
Deswarte, Yves, Gambs, Sébastien
In this paper, we propose to replace the national identity card, currently used in many countries, by a personal device that allows its user to prove some binary statements about himself while...
Towards a Privacy-preserving National Identity Card (2009)
Deswarte, Yves, Gambs, Sébastien
In this paper, we propose to replace the national identity card, currently used in many countries, by a personal device that allows its user to prove some binary statements about himself while...
Abstract Organization based access control (2008)
Anas Abou, El Kalam, Rania El, Salem Benferhat, Yves Deswarte, Cril Ernst, ...
None of the classical access control models such as DAC, MAC, RBAC, TBAC or TMAC is fully satisfactory to model security policies that are not restricted to static permissions but also include...
LAAS-CNRS �PETs: Privacy Enhancing Technologies (2008)
o Accès anonyme à des services o Autorisation respectant la vie privée "Privacy " : définitions � Intimité, protection de la vie privée, du domaine privé � Critères...
o Personal Data Management (2008)
!New technologies are being developed: useful or practical devices/services!Market created/developed by technology providers: hardware, networks, services, …! … but most often without privacy...
vPETs: Privacy Enhancing Technologies (2008)
La sécurité des réseaux s’améliore vLégislation (mars 2000) sur les signatures électroniques-> IGC (PKI) vIP-Sec-> IPv6 vProgrès de la détection d’intrusions … mais croissance des...
Ecole Nationale Supérieure des Télécommunications Computer Science and Networks (2008)
Des Télécommunications, Suna Melek Önen, Pascal Urien Président, Ludovic Mé, Ernst Biersack Examinateurs, ...
présentée pour obtenir le grade de docteur
Internet security: an intrusion-tolerance approach (2008)
The Internet has become essential to most enterprises and many private individuals. However, both the network and computer systems connected to it are still too vulnerable and attacks are becoming...
Designing Secure and Reliable Applications using (2008)
Jean-charles Fabre, Yves Deswarte, Brian R
Security and reliability issues in distributed systems have been investigated for several years at LAAS using a technique called Fragmentation-Redundancy-Scattering (FRS). The aim of FRS is to...
University of Newcastle upon Tyne, (2007)
Jean-charles Fabre, Yves Deswarte, Brian R
Abstract. Security and reliability issues in distributed systems have been investigated for several years at LAAS using a technique called Fragmentation-Redundancy-Scattering (FRS). The aim of FRS is...
1 Quantitative Assessment of Operational Security: Models and Tools (2007)
Marc Dacier, Yves Deswarte, Mohamed Kaniche
This paper proposes a novel approach to help computing system administrators in monitoring the security of their systems. This approach is based on modeling the system as a privilege graph exhibiting...
Malicious- and Accidental-Fault Tolerance for Internet Applications Revision History (2007)
Noreddine Abghour, Yves Deswarte, Vincent Nicomette, David Powell, Rev Date Comments
ii
Intrusion-tolerant security server
Noreddine Abghour, Yves Deswarte, Vincent Nicomette, David Powell, Maftia Deliverable D
Malicious- and Accidental-Fault Tolerance for Internet Applications ii LAAS Report 01.001 Specification of Authorisation Services
Defining categories to select representative attack test-cases (2007)
Gad El Rab, Mohammed, Abou El Kalam, Anas, Deswarte, Yves
To ameliorate the quality of protection provided by intrusion detection systems (IDS) we strongly need more effective evaluation and testing procedures. Evaluating an IDS against all known and...
Defining categories to select representative attack test-cases (2007)
Gad El Rab, Mohammed, Abou El Kalam, Anas, Deswarte, Yves
To ameliorate the quality of protection provided by intrusion detection systems (IDS) we strongly need more effective evaluation and testing procedures. Evaluating an IDS against all known and...
Collection and analysis of attack data based on honeypots deployed on the Internet (2005)
Alata, Eric, Dacier, Marc, Deswarte, Yves, Kaaniche, Mohamed, Kortchinsky, Kostya, Nicomette, Vincent, ...
The CADHo project (Collection and Analysis of Data from Honeypots) is an ongoing research action funded by the French ACI "Securité & Informatique [1]. It aims at building an environment to better...
Collection and analysis of attack data based on honeypots deployed on the Internet (2005)
Alata, Eric, Dacier, Marc, Deswarte, Yves, Kaaniche, Mohamed, Kortchinsky, Kostya, Nicomette, Vincent, ...
The CADHo project (Collection and Analysis of Data from Honeypots) is an ongoing research action funded by the French ACI "Securité & Informatique [1]. It aims at building an environment to better...
Paulo E. Veríssimo, Nuno F. Neves, Christian Cachin, Jonathan Poritz, David Powell, Yves Deswarte, ...
Technical reports are available at
An architecture for an adaptive intrusion-tolerant server (2002)
Alfonso Valdes, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy, ...
Abstract. We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion-tolerant Web server as a specific instance. The architecture comprises...
M. Dacier (editor, Marc Dacier, Dominique Alessandri, Raffael Marty, Christian Cachin, David Powell, ...
1.1 18.10.2001 Revised Outline of document 1.2 10.02.2002 Modifications to put text in sync with D2 1.3 20.04.2002 Modification on Section related to THOR 2.0 10.05.2002 Major revision on the...
An adaptive intrusion-tolerant server architecture (2001)
Alfonso Valdes, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy, ...
We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion-tolerant Web server as a specific instance. The architecture comprises functionally...
Panel on Intrusion Tolerance RAID 2001 UC Davis October 11, 2001 Participants (2001)
Vcrispin Cowan Wirex, Crispin Cowan, Wirex Communications, Moderator Yves Deswarte, David Powell, Yves Deswarte
a unique fault generates different errors on different replicates internal hardware fault: identical copies external hardware fault: similar copies design fault / interaction fault: diversified...
An Adaptive Intrusion-Tolerant Server Architecture (2001)
Alfonso Valdes Magnus, Magnus Almgren, Steven Cheung, Yves Deswarte, Bruno Dutertre, Joshua Levy, ...
We describe a general architecture for intrusion-tolerant enterprise systems and the implementation of an intrusion-tolerant Web server as a specific instance. The architecture comprises functionally...
An Internet Authorization Scheme using Smart Card-Based Security Kernels (2001)
Noreddine Abghour, Yves Deswarte, Vincent Nicomette, David Powell
Today, most Internet applications are based on the client-server model. In this model, typically, the server distrusts clients, and grants each client access rights according to the client’s...
David Powell, Yves Deswarte, David Powell
a European project for dependable Internet applications despite intrusions and accidental faults
Diversity against accidental and deliberate faults (1998)
Yves Deswarte, Karama Kanoun, Jean-claude Laprie
The paper is aimed at examining the relationship between the three topics of the workshops that gave rise to this book: security, fault tolerance, and software assurance. Those three topics can be...
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security (1998)
Rodolphe Ortalo, Yves Deswarte
: This paper presents the results of an experiment of security evaluation. The evaluation method used is based on previous work involving modeling the system as a privilege graph exhibiting the...
Experimenting with Quantitative Evaluation Tools for Monitoring Operational Security (1998)
Rodolphe Ortalo, Yves Deswarte
This paper presents the results of an experiment of security evaluation. The evaluation method used is based on previous work involving modeling the system as a privilege graph exhibiting the...
Internet Security Despite Untrustworthy Agents and Components (1997)
Internet started some 25 years ago as a communication link between researchers. It was slow, unreliable and unsecure but nevertheless very efficient for its purpose. Nowadays, Internet plays an...
Information systems security: Specification and quantitative evaluation (1997)
Rodolphe Ortalo, Yves Deswarte
Abstract: This paper presents a method for the specification and evaluation of the security of information systems. This method is based on an extension of deontic logic, a formal language adapted...
A Smartcard Fault-tolerant Authentication Server (1994)
Authentication Server, Laurent Blain, Yves Deswarte
: In this paper we present a fault-tolerant and intrusion-tolerant authentication server. This server is composed of several sites, each one managed by a different security administrator. We describe...
Intrusion Tolerance in Distributed Computing Systems (1991)
Yves Deswarte, Laurent Blain, Jean-charles Fabre
An intrusion-tolerant distributed system is a system which is designed so that any intrusion into a part of the system will not endanger confidentiality, integrity and availability. This approach is...
An intrusion-tolerant security server for an open distributed system (1990)
This paper describes a new approach for security in open distributed systems. This approach is currently developed in the framework of the Delta 4 project. After a few reminders about two existing...