Michel Deriaz's publications
Papers
- Trust without Truth
Michel Deriaz. In IFIP International Federation for Information Processing, Volume 238, Trust Management, eds. Etalle, s., Marsch, S., (Boston: Springer), pp. 31-45, Canada, 2007.
Abstract. Can we trust without any reliable truth information? Most trust architectures work in a similar way: a trustor makes some observations, rates the trustee, and makes recommendations to his friends. When he faces a new case, he checks his trust table and uses recommendations given by trustworthy friends to decide whether he will undertake a given action. But what if the observations that are used to update the trust tables are wrong? How to deal with what we call the "uncertainty of the truth"? This paper presents how people that publish and remove virtual tags are able to create trust relations between them. A simulator as well as a concrete and widely deployed application have been used to validate our model. We observed good and encouraging results in general, but also some weaknesses, brought out through specific scenarios.
- Trust and Security in Spatial Messaging: FoxyTag, the Speed Camera Case Study
Michel Deriaz and Jean-Marc Seigneur. In Proceedings of the 3rd International Conference on Privacy, Security and Trust, ACM, 2006.
Abstract. Current speed cameras alerting systems heavily rely on
humans to check the trustworthiness of information sent
by their users. Hence, these systems are often either
expensive or suffer from drawbacks, such as incomplete
information, for example, concerning mobile speed
cameras. We propose an application called FoxyTag to
address most of the previous issues by using a
computational trust engine instead of human checks.
FoxyTag lets any driver equipped with a Java/GPSenabled
mobile phone post a virtual tag about a speed
camera to notify other equipped drivers who can confirm
or deny the (short-lived) presence of the (mobile) camera.
The novel aspect of our trust engine is that it must be
location and time aware to automatically compute the
trustworthiness of the given tag. We have validated
FoxyTag both in real-life settings and with a simulator
for large-scale scenarios. The validation showed that our
novel time-patterned trust metrics are appropriate.
- Towards Trustworthy Spatial Messaging
Michel Deriaz and Jean-Marc Seigneur. In Proceedings of the Second International Workshop on Security and Trust Management, ERCIM, ENTCS, 2006.
Abstract. Spatial messaging is a term that defines the virtual publication of data in physical
places. Generally, anyone in the neighborhood of such a publication point gets the
message. Frameworks allowing the users to publish freely spatial messages already
exist. However, the experiences realized with volunteers showed that there is only
little interest in posting such notes. To our view, the main reason is that there are
currently no trust and security mechanisms that inform about the trustworthiness of
the messages, thus preventing any serious application. Filling this gap will promote
the success of spatial messaging and the growing success of localization and mobile
techniques will provide a good support for this concept. This paper describes the
spatial messaging services that we are in the process to deploy with our new spatial
messaging framework, which includes trust and security mechanisms.
- A Social Semantic Infrastructure for Decentralised Systems Based on Specification-Carrying Code and Trust
Giovanna Di Marzo Serugendo, Michel Deriaz. In Proceedings of the Socially-Inspired Computing Workshop. pp. 143-152. D. Hales and B. Edmonds (Eds). Invited paper. 2005.
Abstract. Decentralised systems made of autonomous devices and software are gaining more and more interest.
These autonomous elements usually do not know each other in advance and act without any central
control. They thus form a society of devices and software, and as such need: basic interaction mechanisms
for understanding each other, and a social infrastructure supporting interactions taking place
in an uncertain environment. In an effort to go beyond pre-established communication schema and to
cope with uncertainty, this paper proposes an interaction mechanism based exclusively: on semantic
information expressed using specifications, and on a social infrastructure relying on trust and reputation.
- Specification-Carrying Code for Self-Managed Systems
Giovanna Di Marzo Serugendo, Michel Deriaz. In IFIP/IEEE International Workshop on Self-Managed Systems and Services. 2005.
Abstract. This paper proposes the notion of Specification-Carrying
Code as an interaction mechanism for self-assembly of autonomous
decentralised software components. Each autonomous
software entity incorporates more information than
its operational behaviour, and publishes more data than its
signature. The idea is to provide separately, for each entity,
a functional part implementing its behaviour - the traditional
program code; and an abstract description of the
entity's functional behaviour and necessary parameters - a
semantic behavioural description under the form of a formal
specification. Interactions are exclusively based on the
specifications and occur among entities with corresponding
specifications. In the case of autonomic computing systems,
in addition to functional aspects, the specification may
carry a semantic description of non-functional information
related to self-management. This paper presents the principles
of the Specification-Carrying Code paradigm, the associated
Service-Oriented Architecture, and it explains how
self-managed systems can benefit from this paradigm.
Technical reports
- Trusting virtual tags
Michel Deriaz. ASG technical report 07. 2007.
Abstract. Spatial messaging, or the fact of publishing virtual tags, is clearly not a new concept. In the GPS world, these tags are materialized through POIs (Point Of Interest) and they consist more or less in geo-referenced information. They are often classified in different categories. A typical use is to show on a map all the neighboring POIs of a certain category. But the only solution to trust the information is to get them from a reliable source. This paper presents a first approach to a generic way of presenting these virtual tags, and how to add trust information to them. Every user is therefore able to create virtual tags and the trust engine is responsible to return to a specific user only the ones that he is interested in.
- Location Based Services for Traffic Management
Lemonia Ragia and Michel Deriaz. ASG technical report 07. 2007.
Abstract. Spatial data are used for location based services and to support traffic management systems. Data are gathered, saved and managed in a central database where, in principal, every user can access them putting data in a temporary database and then integrate them to a central. The proposed system uses a connection between database and trust engines in order to provide transparency. Security is an important aspect in our system to give confidence to the users to use their online services. We present an architecture for the implementation. The implemented system has been used in a small scenario for traffic information in a city center.
- FoxyTag
Michel Deriaz and Jean-Marc Seigneur. ASG technical report 06. 2006.
Abstract. This paper presents the first steps towards the design of an
application called FoxyTag, allowing a driver to post a virtual tag on a speed
camera in order to notify other drivers. A trust mechanism allows the automatic
computation of the trustworthiness of a given tag. This results in a trustworthy
architecture, freely accessible by anyone that owns a mobile phone and a GPS.
- GeoVTag: a User’s Guide
Michel Deriaz. ASG technical report 06. 2006.
Abstract. This paper presents GeoVTag, an application running on a mobile
phone that allows the user to publish anywhere on Earth virtual tags. Every user
in the neighborhood of such a publication point will get the message. It is a kind
of blog, in which editors and readers share the same physical place. GeoVTag
allows tag edition and reading, but has also some additional functionalities like
a digital compass, a radar to find and display graphically all neighboring tags, a
tracker to record GPS data, a marker function that sends automatically time-totime
a tag, and a "goto" function that directs a user to a specific tag by showing
graphically the direction to follow and the remaining distance.
- Trust and Security for Spatial Messaging
Michel Deriaz. ASG technical report 06. 2006.
Abstract. Spatial messaging is a term that defines the virtual publication of
data in physical places. Anyone in the neighborhood of such a publication point
gets the message. Architectures allowing users to publish freely spatial
messages already exist. However, experiences realized with volunteers showed
that there is only little interest in posting such notes. To our view, the main
reason is that there is currently no trust mechanism which informs about the
reliability of the messages, thus preventing any serious application. Filling this
gap will promote the success of spatial messaging, and the growing success of
localization and mobile techniques will provide a good support for this concept.
After a general presentation conducted by hypothetical scenarios to show the
potential impact of spatial messaging, we will discuss how to build a trust
model, and propose a first move to a concrete architecture.
- What is Trust? My Own Point of View
Michel Deriaz. ASG technical report 06. 2006.
Abstract. What is trust? From an intuitive global definition on how humans
perceive trust, to a real and practical implementation, the way is long. Most
people stop their quest of an answer at midway, in the field of formal,
mathematical and theoretical models. And the path is not unique, each
researcher taking a different way. This paper presents the author’s own way.
Trying to stay as close as possible to the human notion of trust, we discuss also
how to take into account the time component, since people give intuitively
more importance to recent or scattered events.
- Towards Trusted Semantic Service Computing
Michel Deriaz. 2005.
Abstract. This paper describes a new prototype of a semantic Service
Oriented Architecture (SOA) called Spec Services. Instead of publishing
their API through a protocol like SOAP, as Web Services do, services
can register to a service manager a powerful syntactic description or
even semantic description of their functional capabilities. The client entity
will then send a syntactic or semantic description of its requirements
to the service manager, which will try to find an appropriate formerly
registered service and to bind them together. Today our service manager
can deal with two languages: regular expressions, which is probably the
most powerful syntactic-only description language; and Prolog, which is
purely semantic. This implementation is made, since its beginning, with
evolution in mind, i.e. to easily support integration of new additional
formal languages and to provide support for non-functional properties of
services. This paper proposes also a trust-based extension of our architecture
in order to deploy effectively these self-describing services in an
uncertain environment.
- Semantic Service Oriented Architecture
Michel Deriaz, Giovanna Di Marzo Serugendo. 2004.
Abstract. This paper describes a new prototype of a semantic Service Oriented
Architecture (SOA) called Spec Services. Instead of publishing their API through a
protocol like SOAP, as Web Services do, services can register to a service manager
a powerful syntactic description or even semantic description of their capabilities.
The client entity will then send a syntactic or semantic description of its requirements
to the service manager, which will try to find an appropriate formerly registered
service and bind them together. Today our service manager can deal with two languages:
regular expressions, which is probably the most powerful syntactic-only description
language; Prolog, which is only semantic. Nevertheless, this implementation is made,
since its beginning, with evolution in mind, i.e. to easily support integration of
new additional formal languages.
Position papers
- A thesis proposition: Service Oriented Computing in a P2P architecture
Michel Deriaz. 2005.
Abstract. This position paper is an attempt to describe my future thesis work.
It shortly describes the work that has already been done, and then suggests
different research directions. Currently we have an architecture in which
services register with a service manager and entities queries the service
manager in order to find a service that is able to fulfill a specific need. Unlike
traditional Web services that use APIs to communicate, our architecture uses
specification files allowing powerful syntactic and even semantic descriptions
of services or requests. However, in client-server architectures, the clients act
independently from the others and this prevents collaboration between them.
This thesis proposition suggests a decentralized system, highly dynamic,
accessible by humans and machines, and proposes to study issues like semantic
interoperability, trust, and rewarding of good peers.
Delivrables, drafts, and other for the EDOS project
- Towards an Edos API: Modelling the F/OSS Process
Michel Pawlak, Ciarán Bryce, Michel Deriaz. Draft. 2005.
Abstract. The goal of Edos is to improve F/oss production and code distribution processes. A
prerequisite to this is to formally distinguish the different concepts in the processes, the roles
undertaken by users, the data types used, and their inter-relationships. This allows one to
determine the data that must always be distributed together from those that need not be;
from a security and management viewpoint, it formalises the privileges and information that a
particular user requires at any given time. This note proposes elements of a model for F/oss that
makes roles and data types explicit. We hope that it can serve as a basis for future discussion.
