Tony Bourdier

Aux Mathématiques sont associés les termes de « calcul, concept, langage, analyse, démonstration, formule, loi, méthode, théorème », quand le discours commun sur l’art use des notions de « beauté, sens, valeur, composition, création, don, intuition, sensibilité », deux disciplines qui seraient, présentées ainsi, condamnées à ne jamais se rejoindre. L’un serait le fruit de l’imagination, de l’inspiration, l’autre celui de la réflexion, du raisonnement, les arts et les mathématiques dans… Show more

Aux Mathématiques sont associés les termes de « calcul, concept, langage, analyse, démonstration, formule, loi, méthode, théorème », quand le discours commun sur l’art use des notions de « beauté, sens, valeur, composition, création, don, intuition, sensibilité », deux disciplines qui seraient, présentées ainsi, condamnées à ne jamais se rejoindre. L’un serait le fruit de l’imagination, de l’inspiration, l’autre celui de la réflexion, du raisonnement, les arts et les mathématiques dans l’imaginaire collectif composent un duo souvent jugé improbable. Etudier les liaisons entretenues par ces deux disciplines c’est revenir en premier lieu sur l’évolution de notre rapport au monde dans sa retranscription : la théorie de la perspective n’est-elle pas l’invention mathématique permettant ce premier pas vers une nouvelle perception picturale du monde ? Show less

L’objectif de nos travaux est de proposer une méthode d’analyse automatique du comportement des utilisateurs à des fins de prédiction de leur propension à réaliser une action suggérée. Nous proposons dans cet article une nouvelle méthode de Web Usage Mining basée sur une étude sémiotique des styles perceptifs, considérant l’expérience de l’utilisateur comme élément déterminant de sa réaction à une sollicitation. L’étude de ces styles nous a amené à définir de nouveaux indicateurs (des… Show more

L’objectif de nos travaux est de proposer une méthode d’analyse automatique du comportement des utilisateurs à des fins de prédiction de leur propension à réaliser une action suggérée. Nous proposons dans cet article une nouvelle méthode de Web Usage Mining basée sur une étude sémiotique des styles perceptifs, considérant l’expérience de l’utilisateur comme élément déterminant de sa réaction à une sollicitation. L’étude de ces styles nous a amené à définir de nouveaux indicateurs (des descripteurs sémiotiques) introduisant un niveau supplémentaire à l’approche sémantique d’annotation des sites. Nous proposons ensuite un modèle neuronal adapté au traitement de ces nouveaux indicateurs. Nous expliquerons en quoi le modèle proposé est le plus pertinent pour traiter ces informations. Show less

We propose a formal framework for the specification and validation of security policies. To model a secured system, the evolution of security information in the system is described by transitions triggered by authorization requests and the policy is given by a set of rules describing the way the corresponding decisions are taken. Policy rules are constrained rewrite rules whose constraints are first-order formulas on finite domains, which provides enhanced expressive power compared to classical… Show more

We propose a formal framework for the specification and validation of security policies. To model a secured system, the evolution of security information in the system is described by transitions triggered by authorization requests and the policy is given by a set of rules describing the way the corresponding decisions are taken. Policy rules are constrained rewrite rules whose constraints are first-order formulas on finite domains, which provides enhanced expressive power compared to classical security policy specification approaches like the ones using Datalog, for example. Our specifications have an operational semantics based on transition and rewriting systems and are thus executable. This framework also provides a common formalism to define, compare and compose security systems and policies. We define transformations over secured systems in order to perform validation of classical security properties. Show less

À l'interface des travaux théoriques et applicatifs, notre objectif est de contribuer aux méthodes permettant d'assurer la correction et la sûreté des systèmes (fonctionnalité, sécurité, fiabilité, ...) en développant ou en améliorant des langages de spécification, des techniques et des outils permettant leur analyse formelle.

Formal methods for the specification and analysis of security policies have drawn many attention recently. It is now well known that security policies can be represented using rewriting systems. These systems constitute an interesting formalism to prove properties while provides an operational way to evaluate authorization requests. In this paper, we propose to split the expression of security policies in two distinct elements: a security model and a configuration. The security model (expressed… Show more

Formal methods for the specification and analysis of security policies have drawn many attention recently. It is now well known that security policies can be represented using rewriting systems. These systems constitute an interesting formalism to prove properties while provides an operational way to evaluate authorization requests. In this paper, we propose to split the expression of security policies in two distinct elements: a security model and a configuration. The security model (expressed as an equational problem) describes how authorization requests must be evaluated depending on security information. The configuration (expressed as a rewriting system) assigns values to security information. This separation eases the formal analysis of security policies, and makes it possible to automatically convert a given policy to a new security model. Show less

First designed to enable private networks to be opened up to the outside world in a secure way, the growing complexity of organizations make firewalls indispensable to control information flow within a company. The central role they hold in the security of the organization information make their management a critical task and that is why for years many works have focused on checking and analyzing firewalls. The composition of firewalls, taking into account routing rules, has nevertheless often… Show more

First designed to enable private networks to be opened up to the outside world in a secure way, the growing complexity of organizations make firewalls indispensable to control information flow within a company. The central role they hold in the security of the organization information make their management a critical task and that is why for years many works have focused on checking and analyzing firewalls. The composition of firewalls, taking into account routing rules, has nevertheless often been neglected. In this paper, we propose to specify all components of a firewall, ie filtering and translation rules, as a rewrite system. We show that such specifications allow us to handle usual problems such as comparison, structural analysis and query analysis. We also propose a formal way to describe the composition of firewalls (including routing) in order to build a whole network security policy. The properties of the obtained rewrite system are strongly related to the properties of the specified networks and thus, classical theoretical and practical tools can be used to obtain relevant security properties of the security policies. Show less

Security constitutes a crucial concern in modern information systems. Several aspects are involved, such as user authentication (establishing and verifying users' identity), cryptology (changing secrets into unintelligible messages and back to the original secrets after transmission) and security policies (preventing illicit or forbidden accesses from users to information). Firewalls are a core element of network security policies, that is why their analysis has drawn many attention over the… Show more

Security constitutes a crucial concern in modern information systems. Several aspects are involved, such as user authentication (establishing and verifying users' identity), cryptology (changing secrets into unintelligible messages and back to the original secrets after transmission) and security policies (preventing illicit or forbidden accesses from users to information). Firewalls are a core element of network security policies, that is why their analysis has drawn many attention over the past decade. In this paper, we propose a new approach for analyzing firewalls, based on tree automata techniques: we show that the semantics of any process composing a firewall (including the network address translation functionality) can be expressed as a regular set or relation and thus can be denoted by a tree automaton. We also investigate abilities opened by tree automata based representations of the semantics of firewalls. Show less

This paper is a contribution to the theoretical foundations of strategies. We first present a general definition of abstract strategies which is extensional in the sense that a strategy is defined explicitly as a set of derivations of an abstract reduction system. We then move to a more intensional definition supporting the abstract view but more operational in the sense that it describes a means for determining such a set. We characterize the class of extensional strategies that can be defined… Show more

This paper is a contribution to the theoretical foundations of strategies. We first present a general definition of abstract strategies which is extensional in the sense that a strategy is defined explicitly as a set of derivations of an abstract reduction system. We then move to a more intensional definition supporting the abstract view but more operational in the sense that it describes a means for determining such a set. We characterize the class of extensional strategies that can be defined intensionally. We also give some hints towards a logical characterization of intensional strategies and propose a few challenging perspectives. Show less