@conference { ISI:000389502600042, title = {ABAC Model for Collaborative Cloud Services}, booktitle = {Networked Systems, NETYS 2016}, series = {Lecture Notes in Computer Science}, volume = {9944}, year = {2016}, note = {4th International Conference on Networked Systems (NETYS), Marrakech, MOROCCO, MAY 18-20, 2016}, pages = {385}, isbn = {978-3-319-46140-3; 978-3-319-46139-7}, issn = {0302-9743}, author = {Madani, Mohamed Amine and Erradi, Mohammed}, editor = {Abdulla, PA and DelporteGallet, C} } @article {11714990120160901, title = {ANALYSIS AND VERIFICATION OF XACML POLICIES IN A MEDICAL CLOUD ENVIRONMENT.}, journal = {Scalable Computing: Practice \& Experience}, volume = {17}, number = {3}, year = {2016}, pages = {189 - 205}, abstract = {The connectivity of devices, machines and people via Cloud infrastructure can support collaborations among doctors and specialists from different medical organisations. Such collaborations may lead to data sharing and joint tasks and activities. Hence, the collaborating organisations are responsible for managing and protecting data they share. Therefore, they should define a set of access control policies regulating the exchange of data they own. However, existing Cloud services do not offer tools to analyse these policies. In this paper, we propose a Cloud Policy Verification Service (CPVS) for the analysis and the verification of access control policies specified using XACML. The analysis process detects anomalies at two policy levels: a) intra-policy: detects discrepancies between rules within a single security policy (conflicting rules and redundancies), and b) interpolicies: detects anomalies between several security policies such as inconsistency and similarity. The verification}, keywords = {Automata, Cloud computing, Completeness, Data security, Formal Verification, Information storage \& retrieval systems {\textendash} Medical care, Security Anomaly Detection, XACML Policies}, issn = {18951767}, url = {http://search.ebscohost.com/login.aspx?direct=true\&db=iih\&AN=117149901\&site=ehost-live}, author = {Ayache, Meryeme and Erradi, Mohammed and Khoumsi, Ahmed and Freisleben, Bernd} } @article { ISI:000389146000004, title = {ANALYSIS AND VERIFICATION OF XACML POLICIES IN A MEDICAL CLOUD ENVIRONMENT}, journal = {Scalable Computing-Practice and Experience}, volume = {17}, number = {3, SI}, year = {2016}, month = {SEP}, pages = {189-205}, abstract = {The connectivity of devices, machines and people via Cloud infrastructure can support collaborations among doctors and specialists from different medical organisations. Such collaborations may lead to data sharing and joint tasks and activities. Hence, the collaborating organisations are responsible for managing and protecting data they share. Therefore, they should define a set of access control policies regulating the exchange of data they own. However, existing Cloud services do not offer tools to analyse these policies. In this paper, we propose a Cloud Policy Verification Service (CPVS) for the analysis and the verification of access control policies specified using XACML. The analysis process detects anomalies at two policy levels: a) intra-policy: detects discrepancies between rules within a single security policy (conflicting rules and redundancies), and b) inter policies: detects anomalies between several security policies such as inconsistency and similarity. The verification process consists in verifying the completeness property which guarantees that each access request is either accepted or denied by the access control policy. In order to demonstrate the efficiency of our method, we also provide the time and space complexities. Finally, we present the implementation of our method and demonstrate how efficiently our approach can detect policy anomalies.}, issn = {1895-1767}, doi = {10.12694/scpe.v17i3.1180}, author = {Ayache, Meryeme and Erradi, Mohammed and Khoumsi, Ahmed and Freisleben, Bernd} } @article { ISI:000391049000006, title = {A Collaborative Task Role Based Access Control Model}, journal = {JOURNAL OF INFORMATION ASSURANCE AND SECURITY}, volume = {11}, number = {6}, year = {2016}, pages = {348-358}, abstract = {Cloud computing allows to move computing and storage components from individual systems into the cloud, which provides software and hardware services over the Internet. A collaborative application is among software services that can be provided by the cloud computing to enable collaboration among users from the same or different tenants. During such collaborations, the participants need to access and use resources held by other collaborating users. These resources often contain sensitive data. They are meant to be shared only during specific collaborative sessions. This paper proposes a Collaborative Task Role-Based Access Control CTRBAC1 model to ensures access control to the shared resources in a collaborative session in multi-tenants environments. The suggested C-TRBAC model is an extended version of RBAC in which new entities were added in order to support together: Collaboration in multi-tenant environment, active and passive access control and collaborative sessions. The suggested model has been implemented using Swift component in the open source cloud-computing platform {\textquoteleft}{\textquoteleft}OpenStack{{\textquoteright}{\textquoteright}}.}, issn = {1554-1010}, author = {Amine Madani, Mohamed and Erradi, Mohammed and Benkaouz, Yahya} } @conference { ISI:000389502600039, title = {Deep Neural Networks for Medical Images}, booktitle = {Networked Systems, NETYS 2016}, series = {Lecture Notes in Computer Science}, volume = {9944}, year = {2016}, note = {4th International Conference on Networked Systems (NETYS), Marrakech, MOROCCO, MAY 18-20, 2016}, pages = {382}, isbn = {978-3-319-46140-3; 978-3-319-46139-7}, issn = {0302-9743}, author = {Elaalyani, Issam and Erradi, Mohammed}, editor = {Abdulla, PA and DelporteGallet, C} } @conference { ISI:000389502600004, title = {Nearest Neighbors Graph Construction: Peer Sampling to the Rescue}, booktitle = {Networked Systems, NETYS 2016}, series = {Lecture Notes in Computer Science}, volume = {9944}, year = {2016}, note = {4th International Conference on Networked Systems (NETYS), Marrakech, MOROCCO, MAY 18-20, 2016}, pages = {48-62}, abstract = {In this paper, we propose an efficient KNN service, called KPS (KNN-Peer-Sampling). The KPS service can be used in various contexts e.g. recommendation systems, information retrieval and data mining. KPS borrows concepts from P2P gossip-based clustering protocols to provide a localized and efficient KNN computation in large-scale systems. KPS is a sampling-based iterative approach, combining randomness, to provide serendipity and avoid local minimum, and clustering, to ensure fast convergence. We compare KPS against the state of the art KNN centralized computation algorithm NNDescent, on multiple datasets. The experiments confirm the efficiency of KPS over NNDescent: KPS improves significantly on the computational cost while converging quickly to a close to optimal KNN graph. For instance, the cost, expressed in number of pairwise similarity computations, is reduced by approximate to 23\% and approximate to 49\% to construct high quality KNN graphs for Jester and MovieLens datasets, respectively. In addition, the randomized nature of KPS ensures eventual convergence, not always achieved with NNDescent.}, isbn = {978-3-319-46140-3; 978-3-319-46139-7}, issn = {0302-9743}, doi = {10.1007/978-3-319-46140-3\_4}, author = {Benkaouz, Yahya and Erradi, Mohammed and Kermarrec, Anne-Marie}, editor = {Abdulla, PA and DelporteGallet, C} } @conference { ISI:000389502600045, title = {SNA: Detecting Influencers over Social Networks}, booktitle = {Networked Systems, NETYS 2016}, series = {Lecture Notes in Computer Science}, volume = {9944}, year = {2016}, note = {4th International Conference on Networked Systems (NETYS), Marrakech, MOROCCO, MAY 18-20, 2016}, pages = {388}, isbn = {978-3-319-46140-3; 978-3-319-46139-7}, issn = {0302-9743}, author = {Aghmadi, Ali and Erradi, Mohammed and Kobbane, Abdellatif}, editor = {Abdulla, PA and DelporteGallet, C} } @conference { ISI:000390888900008, title = {Towards an Efficient Policy Evaluation Process in Multi-Tenancy Cloud Environments}, booktitle = {CCSW{\textquoteright}16: PROCEEDINGS OF THE 2016 ACM CLOUD COMPUTING SECURITY WORKSHOP}, year = {2016}, note = {8th ACM Cloud Computing Security Workshop (CCSW), Vienna, AUSTRIA, OCT 28, 2016}, pages = {55-59}, publisher = {ACM SIGSAC; ACM}, organization = {ACM SIGSAC; ACM}, abstract = {Cloud computing offers most of its services under multi-tenancy environments. To satisfy security requirements among collaborating tenants, each tenant may define a set of access control policies to secure access to shared data. Several cloud solutions make use of XACML to specify such policies. However, existing implementations of XACML perform a brute force search to compare a request to all existing rules in a given XACML policy. This decreases the decision process (i.e., policy evaluation) performance especially for policies with a large number of rules. In this paper, we propose an automata-based approach for an efficient XACML policy evaluation. We implemented our approach in a cloud policy engine called X2Automata. The engine first converts both XACML policies and access requests to automata. Second, it combines the two automata by a synchronous product. Third, it applies an evaluation procedure to the resulting automaton to decide whether an access request is granted or not. To highlight the efficiency of X2Automata, we compare its performance, based on the OpenStack cloud environment, with the XACML implementation named Balana.}, isbn = {978-1-4503-4572-9}, doi = {10.1145/2996429.2996431}, author = {Ayache, Meryeme and Erradi, Mohammed and Freisleben, Bernd and Khoumsi, Ahmed} } @conference { ISI:000387917500008, title = {Work in Progress: K-Nearest Neighbors Techniques for ABAC Policies Clustering}, booktitle = {ABAC{\textquoteright}16: PROCEEDINGS OF THE 2016 ACM INTERNATIONAL WORKSHOP ON ATTRIBUTE BASED ACCESS CONTROL}, year = {2016}, note = {ACM International Workshop on Attribute Based Access Control (ABAC), New Orleans, LA, MAR 11, 2016}, pages = {72-75}, publisher = {Assoc Comp Machinery; ACM SIGSAC}, organization = {Assoc Comp Machinery; ACM SIGSAC}, abstract = {In this paper, we present an approach based on the K-Nearest Neighbors algorithms for policies clustering that aims to reduce the ABAC policies dimensionality for high scale systems. Since ABAC considers a very large set of attributes for access decisions, it turns out that using such model for large scale systems might be very complicated. To date, researchers have proposed to use data mining techniques to discover roles for RBAC system construction. In this work in progress, we consider the usage of KNN-based techniques for the classification of ABAC policies based on similarity computations of rules in order to enhance the ABAC flexibility and to reduce the number of policy rules.}, isbn = {978-1-4503-4079-3}, doi = {10.1145/2875491.2875497}, author = {Benkaouz, Yahya and Erradi, Mohammed and Freisleben, Bernd} } @conference { ISI:000380401800126, title = {curlX: a MiddleWare to Enforce Access Control Policies within a Cloud Environment}, booktitle = {2015 IEEE CONFERENCE ON COMMUNICATIONS AND NETWORK SECURITY (CNS)}, year = {2015}, note = {IEEE Conference Communications and Network Security CNS, Florence, ITALY, SEP 28-30, 2015}, pages = {771-772}, abstract = {Today cloud security and privacy concerns pose significant challenges. One particular challenge consists in how to take into consideration the user{\textquoteright}s security policies while accessing the outsourced data. In fact, for a given application, we may have a set of rules, as high level security policy, which needs to hold prior to any query execution. Therefore, the main problem that we tackle in this ongoing project is how to enforce this high level security policy in the cloud storage layer without conflicts. To address this challenges, we propose a middleware denoted curlX which consists of two main processes: the security policy enforcement process and the verification process.}, isbn = {978-1-4673-7876-5}, author = {Ayache, Meryeme and Erradi, Mohammed and Freisleben, Bernd} } @article { ISI:000359820400003, title = {A distributed protocol for privacy preserving aggregation with non-permanent participants}, journal = {COMPUTING}, volume = {97}, number = {9, SI}, year = {2015}, note = {International Conference on Network Systems (NETYS 2013), mARRAKECH, MOROCCO, MAY 02-04, 2013}, month = {SEP}, pages = {893-912}, abstract = {Recent advances in techniques that combine and analyze data collected from multiple partners led to many new promising distributed collaborative applications. Such collaborative computations could occur between trusted partners, between partially trusted partners, or between competitors. Therefore preserving privacy is an important issue in this context. This paper presents a distributed protocol for privacy-preserving aggregation to enable computing a class of aggregation functions that can be expressed as Abelian group. The proposed protocol is based on an overlay structure that enables secret sharing without the need of any central authority or heavyweight cryptography. It preserves data privacy such that participant data is only known to their owner with a given probability. The aggregation result is computed by participants themselves without interacting with a specific aggregator. The aggregation result is accurate when there is no data loss. A strategy to handle the problem of nodes failures is given, along with a study of the privacy ensured by the suggested protocol.}, issn = {0010-485X}, doi = {10.1007/s00607-013-0373-6}, author = {Benkaouz, Yahya and Erradi, Mohammed} } @article {10895165620150901, title = {A distributed protocol for privacy preserving aggregation with non-permanent participants.}, journal = {Computing}, volume = {97}, number = {9}, year = {2015}, pages = {893 - 912}, abstract = {Recent advances in techniques that combine and analyze data collected from multiple partners led to many new promising distributed collaborative applications. Such collaborative computations could occur between trusted partners, between partially trusted partners, or between competitors. Therefore preserving privacy is an important issue in this context. This paper presents a distributed protocol for privacy-preserving aggregation to enable computing a class of aggregation functions that can be expressed as Abelian group. The proposed protocol is based on an overlay structure that enables secret sharing without the need of any central authority or heavyweight cryptography. It preserves data privacy such that participant data is only known to their owner with a given probability. The aggregation result is computed by participants themselves without interacting with a specific aggregator. The aggregation result is accurate when there is no data loss. A strategy to handle the problem of}, keywords = {68M14 Distributed systems, 68W15 Distributed algorithms, Acquisition of data, Aggregation protocol, Computer simulation, Distributed polling application, Privacy, Probability theory, Security, Subroutines (Computer programs)}, issn = {0010485X}, url = {http://search.ebscohost.com/login.aspx?direct=true\&db=bth\&AN=108951656\&site=ehost-live}, author = {Benkaouz, Yahya and Erradi, Mohammed} } @article { ISI:000360910900010, title = {A ferry-assisted solution for forwarding function in Wireless Sensor Networks}, journal = {PERVASIVE AND MOBILE COMPUTING}, volume = {22}, number = {SI}, year = {2015}, month = {SEP}, pages = {126-135}, abstract = {For sure, Wireless Sensor Networks (WSNs) are becoming an ultimate part of next generation mobile networks. They are a master piece for Ubiquitous computing. Indeed, they sustain development of numerous paradigms/ technologies such as distributed ambient intelligence, context-awareness and future mobile networking (e.g., B4G and 5G). Battery life remains one of the crucial problems to handle. In this article we propose an infrastructure-based topology using mobile ferries (mobile micro-base stations). In real life, a ferry could be robot, bus, tram, train or any other engine scrutinizing periodically a given area. Yet, message ferries are moving along concentric annulus and may collect data generated by the static sensors (could be classic sensors, smart meters, wearable devices, etc.) randomly distributed on given area. Next, transmissions are performed in a ferry-to-ferry forwarding scheme till arriving at the sink. Considered ferries could sense themselves data and therefore behave as mobile sensors allowing better awareness on the area state {[}1-3]. Our scheme could also assist Machine-to-Machine communications to increase the network lifetime, with potentially some cognitive-radio capabilities and opportunistic detection and access. Our proposal can easily be integrated in a smart-city for better interaction and green communications. Next, we present a queueing model (queues with finite capacity) to handle the generated traffic and to analyze the behavior of mobile ferries. We provided a close-form expression for both end-to-end throughput and end-to-end delay. The main objective of this work is to improve the energy efficiency of the cognitive sensors by asking cognitive sensors to not care about forwarding data of each other except for urgent data, this latter point is out of the scope of the paper. These static sensors will only care about data sensing, which will reduce their individual energy consumption. (C) 2015 Elsevier B.V. All rights reserved.}, issn = {1574-1192}, doi = {10.1016/j.pmcj.2015.05.003}, author = {Oualhaj, Omar Ait and Kobbane, Abdellatif and Sabir, Essaid and Ben-Othman, Jalel and Erradi, Mohammed} } @conference { ISI:000361756400014, title = {A Formal Approach to Verify Completeness and Detect Anomalies in Firewall Security Policies}, booktitle = {FOUNDATIONS AND PRACTICE OF SECURITY (FPS 2014)}, series = {Lecture Notes in Computer Science}, volume = {8930}, year = {2015}, note = {7th International Symposium on Foundations and Practice of Security (FPS), Concordia Univ, Montreal, CANADA, NOV 03-05, 2014}, pages = {221-236}, abstract = {Security policies are a relevant solution to protect information systems from undue accesses. In this paper, we develop a formal and rigorous automata-based approach to design and analyze security policies. The interest of our approach is that it can be used as a common basis for analyzing several aspects of security policies, instead of using a distinct approach and formalism for studying each aspect. We first develop a procedure that synthesizes automatically an automaton which implements a given security policy. Then, we apply this synthesis procedure to verify completeness of security policies and detect several types of anomalies in security policies. We also study space and time complexities of the developed procedures.}, isbn = {978-3-319-17040-4; 978-3-319-17039-8}, issn = {0302-9743}, doi = {10.1007/978-3-319-17040-4\_14}, author = {Khoumsi, Ahmed and Krombi, Wadie and Erradi, Mohammed}, editor = {Cuppens, F and GarciaAlfaro, J and Heywood, NZ and Fong, PWL} } @conference { ISI:000381477900097, title = {A Game Theory-Based Approach for Robots Deploying Wireless Sensor Nodes}, booktitle = {2015 INTERNATIONAL WIRELESS COMMUNICATIONS \& MOBILE COMPUTING CONFERENCE (IWCMC)}, series = {International Wireless Communications and Mobile Computing Conference}, year = {2015}, note = {11th IEEE International Wireless Communications and Mobile Computing Conference (IEEE IWCMC), Dubrovnik, CROATIA, AUG 24-25, 2015}, pages = {557-562}, publisher = {IEEE; IEEE Croatia Sect; Univ Dubrovnik}, organization = {IEEE; IEEE Croatia Sect; Univ Dubrovnik}, abstract = {Wireless Sensor Networks (WSNs) are deployed in many fields of application. Depending on the application requirements, sensor nodes can either be mobile and autonomous or static. In both cases, they are able to cooperate together in order to monitor a given area or some given Points of Interest (PoIs). Static sensor nodes need one or several agent(s) (humans or robots) to deploy them. In this paper, we focus on the deployment of static sensor nodes in an area containing obstacles, using two mobile robots. We want to minimize the time needed by the two robots to deploy all the sensor nodes and to return to their starting position. We require that each sensor node is placed at a PoI position, no PoI position is empty and no PoI position is occupied by more than one sensor node. The problem consists in determining the best strategy for each robot in order to meet these constraints. We adopt a game theory approach to solve this problem.}, isbn = {978-1-4799-5344-8}, issn = {2376-6492}, author = {Khoufi, Ines and Minet, Pascale and Koulali, Mohamed-Amine and Erradi, Mohammed} } @conference { ISI:000380452500039, title = {How to Secure a Collaborative Session in a Single Tenant Environment}, booktitle = {2015 INTERNATIONAL CONFERENCE ON PROTOCOL ENGINEERING (ICPE) AND INTERNATIONAL CONFERENCE ON NEW TECHNOLOGIES OF DISTRIBUTED SYSTEMS (NTDS)}, year = {2015}, note = {International Conference on Protocol Engineering (ICPE) and International Conference on New Technologies of Distributed Systems (NTDS) (ICPE-NTDS), Paris, FRANCE, JUL 22-24, 2015}, publisher = {Institut Mines-Telecom; Universite Paris Descartes; cnrs; Telecom SudParis; Universite Paris 13; UQAM; IEEE; UPMC; Telecom ParisTech; Telecom Bretagne; utt; le cnam}, organization = {Institut Mines-Telecom; Universite Paris Descartes; cnrs; Telecom SudParis; Universite Paris 13; UQAM; IEEE; UPMC; Telecom ParisTech; Telecom Bretagne; utt; le cnam}, abstract = {Cloud computing allows to move computing and storage components from individual systems into the cloud, which provides software and hardware services over the Internet. A collaborative application is among software services that can be provided by the cloud computing to enable collaboration among users from the same or different tenants. In this context, security of the shared resources in a collaborative session becomes an important issue that must be addressed. This paper proposes an approach that ensures access control to the shared resources in a collaborative session in single tenant environments. The suggested approach introduces new entities and relationships to support collaborative sessions in single-tenant environments. Finally, we validate this approach by an implementation in the SwiftStack environment.}, isbn = {978-1-4673-9265-5}, author = {Amine Madani, Mohamed and Erradi, Mohammed} } @conference { ISI:000373842900038, title = {Towards a decentralized OSN for a privacy-preserving e-health system}, booktitle = {6TH INTERNATIONAL CONFERENCE ON EMERGING UBIQUITOUS SYSTEMS AND PERVASIVE NETWORKS (EUSPN 2015)/THE 5TH INTERNATIONAL CONFERENCE ON CURRENT AND FUTURE TRENDS OF INFORMATION AND COMMUNICATION TECHNOLOGIES IN HEALTHCARE (ICTH-2015)}, series = {Procedia Computer Science}, volume = {63}, year = {2015}, note = {6th International Conference on Emerging Ubiquitous Systems and Pervasive Networks (EUSPN) / 5th International Conference on Current and Future Trends of Information and Communication Technologies in Healthcare (ICTH), Berlin, GERMANY, SEP 27-30, 2015}, pages = {284-291}, abstract = {e-health could be defined as the cost-effective and secure use of information and communication technologies in support of health systems, including healthcare related services and monitoring at both the local site and at a distance. Challenges still need to be resolved to build reliable, secure, and efficient e-health platforms with great flexibility. Recently, social networks have seen a growing importance in different applications and could play a prominent role in healthcare. Online Social Networks (OSN) offer new possibilities such as easy access to medical data anytime from anywhere. Due to the sensitivity of health data exchanged over such networks, a special attention need to be paid to security and privacy aspects of these data. The use of existing centralized OSNs raises the big brother problem. Moreover, the centralized architectures of OSNs are not scalable and have a single point of failure. In this work, we suggest a layered architecture while promoting the usage of decentralized design to ensure the scalability and the privacy of an OSN-based e-health system. (C) 2015 The Authors. Published by Elsevier B.V.}, issn = {1877-0509}, doi = {10.1016/j.procs.2015.08.345}, author = {Benkaouz, Yahya and Erradi, Mohammed}, editor = {Shakshuki, E} } @conference { ISI:000360829800037, title = {Automata-Based Approach to Design and Analyze Security Policies}, booktitle = {2014 TWELFTH ANNUAL INTERNATIONAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST)}, year = {2014}, note = {12th Annual International Conference on Privacy, Security and Trust (PST), Ryerson Univ, Toronto, CANADA, JUL 23-24, 2014}, pages = {306-313}, abstract = {Information systems must be controlled by security policies to protect them from undue accesses. Security policies are often designed by rules expressed using informal text, which implies ambiguities and inconsistencies in security rules. Our objective in this paper is to develop a formal approach to design and analyze security policies. We propose a procedure that synthesizes an automaton which implements a given security policy. Our automata-based approach can be a common basis to analyze several aspects of security policies. We use our automata-based approach to develop three analysis procedures to: verify completeness of a security policy, detect anomalies in a security policy, and detect functional discrepancies between several implementations of a security policy. We illustrate our approach using examples of security policies for a firewall.}, isbn = {978-1-4799-3503-1}, author = {Krombi, Wadie and Erradi, Mohammed and Khoumsi, Ahmed}, editor = {Miri, A and Hengartner, U and Huang, NF and Josang, A and GarciaAlfaro, J} } @conference { ISI:000360095400010, title = {A Formal Modeling Approach for Emergency Crisis Response in Health during Catastrophic Situation}, booktitle = {INFORMATION SYSTEMS FOR CRISIS RESPONSE AND MANAGEMENT IN MEDITERRANEAN COUNTRIES}, series = {Lecture Notes in Business Information Processing}, volume = {196}, year = {2014}, note = {1st International Conference on Information Systems for Crisis Response and Management in Mediterranean Countries (ISCRAM-Med), Toulouse, FRANCE, OCT 15-17, 2014}, pages = {112-119}, publisher = {ISCRAM Assoc; IRIT Lab Toulouse; Univ Toulouse; Univ Lorraine; Ecole Mines Albi Carmaux}, organization = {ISCRAM Assoc; IRIT Lab Toulouse; Univ Toulouse; Univ Lorraine; Ecole Mines Albi Carmaux}, abstract = {The EMS (Emergency Medical Services: {\textquoteleft}{\textquoteleft}SAMU{{\textquoteright}{\textquoteright}}), which is affiliated to the Moroccan Ministry of Health, is normally dedicated to coordinate, regulate and carry the sick and road casualty to the most suitable hospital facilities. In times of crisis, the EMS (SAMU) collaborates and coordinates with other stakeholders namely Civil Protection and Military health services by setting up advanced Medical positions (PMA). In this work we will focus mainly on the collaborative work between doctors and the EMS (SAMU) in order to provide a remote diagnosis during emergency situations. One objective of this paper is to formally specify the behavior of different components of a collaborative system architecture in telemedicine. The objective of these formal specifications is to increase the confidence in the collaborative architecture and to verify the consistency of the components assembly. This is important towards building a robust system free from specification errors and inconsistencies.}, isbn = {978-3-319-11817-8}, issn = {1865-1348}, author = {Ouzzif, Mohammed and Hamdani, Marouane and Mountassir, Hassan and Erradi, Mohammed}, editor = {Hanachi, C and Benaben, F and Charoy, F} } @conference { ISI:000310353000045, title = {PERFORMANCE ANALYSIS OF WiFi/WiMAX VERTICAL HANDOVER BASED ON MEDIA INDEPENDENT HANDOVER}, booktitle = {2012 INTERNATIONAL CONFERENCE ON MULTIMEDIA COMPUTING AND SYSTEMS (ICMCS)}, year = {2012}, note = {International Conference on Multimedia Computing and Systems (ICMCS), Tangiers, MOROCCO, MAY 10-12, 2012}, pages = {239-243}, publisher = {Morocco Sect MTT/AP Joint Chapter}, organization = {Morocco Sect MTT/AP Joint Chapter}, abstract = {Currently, there are several wireless networks deployed around the world. Examples include cellular networks, metropolitan area networks and wireless local area networks. Given the heterogeneity of the existing network technologies, the diversity of mobile applications, and user requirements, ensuring service continuity for a mobile user when changing different access network becomes a mandatory aspect. The aim of this work is to study and analyse a solution based on the IEEE802.21 standard, to enable interoperability between different networks. The assessment takes place in a context of mobility between WiFi and WiMAX networks. The network simulator NS2 is used during this study.}, isbn = {978-1-4673-1520-3}, author = {Benkaouz, Yahya and Angoma, Blaise and Erradi, Mohammed}, editor = {Essaaidi, M and Zaz, Y} } @conference { ISI:000310353000166, title = {TOWARDS A SESSION BASED OrBAC MODEL}, booktitle = {2012 INTERNATIONAL CONFERENCE ON MULTIMEDIA COMPUTING AND SYSTEMS (ICMCS)}, year = {2012}, note = {International Conference on Multimedia Computing and Systems (ICMCS), Tangiers, MOROCCO, MAY 10-12, 2012}, pages = {918-923}, publisher = {Morocco Sect MTT/AP Joint Chapter}, organization = {Morocco Sect MTT/AP Joint Chapter}, abstract = {A collabor ative system allow; a grou p of users to collaborate through a distr i buted platform in order to perform a c ommon task. These users may h av e conc urrent access to shared objec ts. In this contex t, access con trol becomes an important issue tha t must be addressed Access control models are des igned to pro tect shared information a nd resources, of any type and at different levels of granularity. In this work we present SOrBAC: an extension of OrBAC model, in order to provide a mechanism f or securing a dynamic collaborative Session. SOrBAC introduces a new level named Session level to the original OrBAC model. This session level introduces new entities to allow a dynamic access control during a collaborati ve session.}, isbn = {978-1-4673-1520-3}, author = {Madani, Mohamed Amine and Erradi, Mohammed}, editor = {Essaaidi, M and Zaz, Y} } @article {8885929720120901, title = {Using Aspect-Oriented State Machines for Detecting and Resolving Feature Interactions.}, journal = {Computer Science \& Information Systems}, volume = {9}, number = {3}, year = {2012}, pages = {1046 - 1074}, abstract = {The article focuses on the use of aspect-oriented state machines that helps in detecting feature interactions. It mentions that domain- specific language (DSL) is introduced to manage Finite State Machines with pattern matching technique. It mentions that in software product-line (SPL) engineers divides a software system into functional features through feature model.}, keywords = {aspect interactions, Aspect-oriented programming, Computer hardware description languages, Computer software, conflict detection, conflict resolution, domain-specific aspect languages, feature interactions, Finite state machines (Computer science), formal methods, Image registration, object-oriented programming, state machines}, issn = {18200214}, url = {http://search.ebscohost.com/login.aspx?direct=true\&db=iih\&AN=88859297\&site=ehost-live}, author = {Dinkelaker, Tom and Erradi, Mohammed and Ayache, Meryeme} } @article { ISI:000309649500004, title = {Using Aspect-Oriented State Machines for Detecting and Resolving Feature Interactions}, journal = {COMPUTER SCIENCE AND INFORMATION SYSTEMS}, volume = {9}, number = {3, SI}, year = {2012}, month = {SEP}, pages = {1045-1074}, abstract = {Composing different features in a software system may lead to conflicting situations. The presence of one feature may interfere with the correct functionality of another feature, resulting in an incorrect behavior of the system. In this work we present an approach to manage feature interactions. A formal model, using Finite State Machines (FSM) and Aspect-Oriented (AO) technology, is used to specify, detect and resolve features interactions. In fact aspects can resolve interactions by intercepting the events which causes troubleshoot. Also a Domain-Specific Language (DSL) was developed to handle Finite State Machines using a pattern matching technique.}, issn = {1820-0214}, doi = {10.2298/CSIS111216033D}, author = {Dinkelaker, Tom and Erradi, Mohammed and Ayache, Meryeme} } @conference { ISI:000300570200017, title = {HaVe-2W3G: A Vertical Handoff Solution between WLAN, WiMAX and 3G Networks}, booktitle = {2011 7TH INTERNATIONAL WIRELESS COMMUNICATIONS AND MOBILE COMPUTING CONFERENCE (IWCMC)}, series = {International Wireless Communications and Mobile Computing Conference}, year = {2011}, note = {7th IEEE International Wireless Communications and Mobile Computing Conference (IWCMC), Istanbul, TURKEY, JUL 04-08, 2011}, pages = {101-106}, publisher = {IEEE; IEEE Turkey sect; Huawei}, organization = {IEEE; IEEE Turkey sect; Huawei}, abstract = {The demand for the ubiquitous service is increasing due to the rapidly growing demand for increased data rates, mobile Internet and the diversity of wireless communication technologies. Also due to the challenges to interconnect heterogeneous network technologies and to offer ubiquitous services, telecommunications operators look after the best way to provide continuity of service during handover and how to give the mobile client the possibility to get the best connection anywhere and anytime. In this paper we propose an architecture and its implementation which guarantees the continuity of service during a communication in the context of heterogeneous access network technologies. The suggested solution named HaVe-2W3G (Handover Vertical WLAN WiMAX 3G) ensures a Vertical handover between heterogeneous access networks technologies: WLAN, WiMAX and 3G. A performance evaluation of such implementation is shown using a streaming application.}, isbn = {978-1-4244-9537-5}, issn = {2376-6492}, author = {Angoma, Blaise and Erradi, Mohammed and Benkaouz, Yahya and Berqia, Amine and Akalay, Mohammed Charaf} } @article { ISI:000256710200013, title = {Description of a teleconferencing floor control protocol and its implementation}, journal = {ENGINEERING APPLICATIONS OF ARTIFICIAL INTELLIGENCE}, volume = {21}, number = {3}, year = {2008}, note = {6th Conference on Modelling and Simulation, Rabat, MOROCCO, 2006}, month = {APR}, pages = {430-441}, abstract = {In this paper, we present a formal specification of a teleconferencing floor control protocol and its implementation. The services provided by this protocol are described within the SCCP IETF document (Simple Conference Control Protocol). Finite state machines are used to model services behaviours part of this protocol. Temporal properties are defined as constraints of the teleconferencing system using SCCP protocol. The dynamic properties are described by the LTL logic (Linear Temporal Logic) and verified using the model-checker Spin/Promela. A prototype of a multimedia teleconferencing system is implemented and it is based on the specified protocol. This implementation uses UML notation and is developed with JMF (Java Media Framework) API. (C) 2007 Elsevier Ltd. All rights reserved.}, issn = {0952-1976}, doi = {10.1016/j.engappai.2007.11.003}, author = {Ouzzif, Mohammed and Erradi, Mohammed and Mountassir, Hassan} }