POLUX: Publications

Thèses soutenues

Samiha Ayed. Secure workflow deployment in multi-organizational environments. Th. doct. : Informatique: Institut Telecom-Telecom Bretagne : 2009, 2009telb0109. 183 p. Bourse de la region Bretagne co-encadree avec Nora Cuppens-Boulahia.
Stere Preda. Reliable context aware security policy deployment - applications to IPv6 environments. Th. doct. : Informatique: Universite de Rennes 1, Institut Telecom-Telecom Bretagne : 2010, 2010telb0145. 192 p. Bourse de la region Bretagne co-encadree avec Nora Cuppens-Boulahia et Laurent Toutain (Telecom Bretagne, departement RSM).
Nizar Kheir. Cross-layer and Service Dependence Aware Reaction Model. Thèse Institut Télécom - Télécom Bretagne de type Cifre avec Orange Labs. 2010. Thèse CIFRE co-encadrée avec Nora Cuppens-Boulahia en collaboration avec France Télécom R&D (Tuteur industriel : Hervé Debar).

Thèse à soutenir

Jonathan-Christopher Demay. Génération et évaluation de mécanismes de détection d'intrusion au niveau applicatif. Université de Rennes 1.

Organisation de conférences

Conférence « Spontaneous and Autonomous Security (SETOP) », Loctudy, 2008, Saint Malo 2009, Athènes, 2010.

Conférences invitées

F. . Cuppens and N. Cuppens-Boulahia. Auto-organisation de la sécurité : expression, analyse et déploiement. RESCOM, La Palmyre, France, 07-12 juin, 2009. Publications

Articles dans des revues internationales

[ACL-DTCCB07] H. Debar, Y. Thomas, N. Cuppens-Boulahia, F. Cuppens. Threat response through the use of a dynamic security policy. Journal of Computer Virology, Springer. 2007.
[ACL-ACBC08b] Samiha Ayed, Nora Cuppens-Boulahia, and Frédéric Cuppens. Deploying access and flow control in distributed workflows. Journal of research and practice in information technology, 40(4), novembre 2008.
[ACL-CCB08] F. Cuppens, N. Cuppens-Boulahia. Modeling contextual security policies. International Journal of Information Security (IJIS), 7(4), Springer. August, 2008.
[ACL-ACBC08a] J. Garcia-Alfaro, N. Cuppens-Boulahia, F. Cuppens. Complete analysis of configuration rules to guarantee reliable network security policies. International Journal of Information Security (IJIS), 7(2), Springer. April, 2008.
[ACL-DTT09] Jonathan Christopher Demay and Eric Totel and Frederic Tronel, SIDAN: a tool dedicated to Software Instrumentation for Detecting Attacks on Non-control-data, 4th International Conference on Risks and Security of Internet and Systems (CRISIS'2009), 2009, Toulouse, October.

Article dans Lecture Notes in Computer Science (Springer)

[ACTI-KCBCD10] Nizar Kheir, Nora Cuppens-Boulahia, Frédéric Cuppens, Hervé Debar, A Comprehensive Approach for Cost-Sensitive Intrusion Response, 11th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, Lecture Notes in Computer Science, 4189, 2010.
[ACTI-KCBCDb10] Nizar Kheir, Nora Cuppens-Boulahia, Frédéric Cuppens, Hervé Debar, Ex-SDF: An Extended Service Dependency Framework For Intrusion Impact Assessment, In IFIP/SEC 2010: 25nd IFIP TC-11 international information security conference, Brisbane, Australia, 2010.
[ACTI-GVVTM09] Laurent Georges and Valérie Viet Triem Tong and Ludovic Mé, Blare Tools: A Policy-Based Intrusion Detection System Automatically Set by the Security Policy, Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection (RAID 2009), 2009.
[ACTI-DTT09] Jonathan-Christofer Demay and Éric Totel and Frédéric Tronel, Automatic Software Instrumentation for the Detection of Non-control-data Attacks, Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection (RAID 2009), 2009.
[ACTI-ACBC07] Samiha Ayed, Nora Cuppens-Boulahia, and Frédéric Cuppens. An integrated model for access control and information flow requirements. In ASIAN'07 : 12th Annual Asian Computing Science Conference Focusing on Secure Software and Related Issues, Décembre, Doha, Qatar, 2007. LNCS 4846.
[ACTI-CBC08] Nora Cuppens-Boulahia and Frédéric Cuppens. Specifying intrusion detection and reaction policies: an application of deontic logic. In DEON 2008 : Ninth Workshop on Deontic Logic in Computer Science, pages 65 - 82, 2008. LNCS 5076.
[ACTI-KDCCBV09] Nizar Kheir, Hervé Debar, Frédéric Cuppens, Nora Cuppens-Boulahia, and Jouni Viinikka. A service dependency modeling framework for policy-based response enforcement. DIMVA 2009. Lecture notes in computer science, 5587:176 - 195, 2009.
[ACTI-PCBCT10] Stere Preda, Nora Cuppens-Boulahia, Frédéric Cuppens, Laurent Toutain, and Joaquin Garcia Alfaro. Model-driven security policy deployment : property oriented approach. In ESSoS'10 : International symposium on engineering secure software and systems, 2010. LNCS 5965.

Communications avec actes dans un congrès international

[ACTI-ACBC08a] Samiha Ayed, Nora Cuppens-Boulahia, and Frédéric Cuppens. Deploying access control in distributed workflow. In AISC 2008: Australian Information Security Conference, 2008.
[ACTI-ACBC08b] Samiha Ayed, Nora Cuppens-Boulahia, and Frédéric Cuppens. Managing access and flow control requirements in distributed workflows. In AICCSA-08: 6th ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-08), March 31 - April 4, Doha, Qatar, pages 702 - 710, 2008.
[ACTI-ACBC09] Samiha Ayed, Nora Cuppens-Boulahia, and Frédéric Cuppens. Deploying security policy in intra and inter Workflows Management Systems. In ARES 2009: Third International Conference on Availability, Reliability and Security, 2009.
[ACTI-ACCB07a] Joaquin Garcia Alfaro, Frédéric Cuppens, and Nora Cuppens-Boulahia. Aggregating and deploying network access control policies. In AReS 2007: second international conference on availability, reliability and security, April 10- 13, Vienna, Austria, 2007.
[ACTI-ACCB07b] Joaquin Garcia Alfaro, Frédéric Cuppens, and Nora Cuppens-Boulahia. Management of exceptions on access control policies. In IFIP/SEC 2007: 22nd IFIP TC-11 international information security conference, May 14-16, Sandton, South Africa, 2007.
[ACTI-KDCBCV09] Nizar Kheir, Hervé Debar, Nora Cuppens-Boulahia, Frédéric Cuppens, and Jouni Viinikka. Cost evaluation for intrusion response using dependency graphs. In IEEE, editor, N2S 09: IFIP/IEEE international conference on Network and Service Security, 2009.
[ACTI-PCBCTA07] Stere Preda, Nora Cuppens-Boulahia, Frédéric Cuppens, Laurent Toutain, and Joaquin Garcia Alfaro. Reliable process for security policy deployment. In SECRYPT 2007: international conference on security and cryptography, July 28-31, Barcelona, Spain, 2007.
[ACTI-PCBCT10] Stere Preda, Nora Cuppens-Boulahia, Frédéric Cuppens, and Laurent Toutain. Architecture-aware adaptive deployment of contextual security policies. In ARES 2010: Fifth International Conference on Availability, Reliability and Security, 2010.
[ACTI-PCCBTCAR09] Stere Preda, Frédéric Cuppens, Nora Cuppens-Boulahia, Laurent Toutain, Joaquin Garcia Alfaro, and Yehia El Rakaiby. Semantic context aware security policy deployment. In ASIACCS '09: 4th ACM International Symposium on Information, Computer, and Communications Security, pages 251 - 261, 2009.
[ACTI-DTT10] Jonathan-Christofer DEMAY, Éric TOTEL, Frédéric TRONEL, "Génération et évaluation de mécanismes de détection d’intrusion au niveau applicatif", 5ème Conf. sur la Sécurité des Architectures Réseaux et Systèmes d'Information (SAR-SSI 2010), Menton, 18-21 mai, 2010.
[ACTI-PTCBCA09] Stere Preda, Laurent Toutain, Nora Cuppens-Boulahia, Frédéric Cuppens, and Joaquin Garcia Alfaro. A secured delegation of remote services on IPv6 home networks. In The 4th IEEE International Conference on Risks and Security of Internet and Systems, 2009.

Directions d'ouvrages

[DO-CCCBRL08] Frédéric Cuppens, Ana Rosa Cavalli, Nora Cuppens-Boulahia, Yves Roudier, and Jean Leneutre. SETOP 2008 : First Work- shop on Security of Spontaneous Networks, Loctudy, France, 13-14 October 2008. Information et communication. Edition Publibook, 2008.
[DO-ANACBR10] Joaquín García-Alfaro, Guillermo Navarro-Arribas, Nora Cuppens-Boulahia, Yves Roudier: Data Privacy Management and Autonomous Spontaneous Security, 4th International Workshop, DPM 2009 and Second International Workshop, SETOP 2009, St. Malo, France, September 24-25, 2009, Revised Selected Papers. LNCS 5539, Springer 2010.

Ouvrages scientifiques (ou chapitres de ces ouvrages)

[OS-DRCCB08] Hervé Debar, Yohann Thomas, Frédéric Cuppens, and Nora Cuppens-Boulahia. Response: bridging the link between intrusion detection alerts and security policies, volume 38 of Advances in Information Security, chapitre Intrusion Detection Systems, pages 129-170. Springer US, 2008.

Communications avec actes dans un congrès national

[ACTN-ACBC09] Samiha Ayed, Nora Cuppens-Boulahia, and Frédéric Cuppens. Secure workflow deployment in multi-organizational environments. In Publibook, editor, 4ème Conférence sur la Sécurité des Architectures Réseaux et des Systèmes d'Information, 2009.

Brevets.

SEC6 : confinement de services, brevet soumis à l'INPI en septembre 2008 (n° d'enregistrement national attribué par l'INPI : 08/05661).

URL: http://www.rennes.supelec.fr/polux/POLUX_publications.html