Our times are characterized by the massive presence of highly distributed and mobile systems consisting of diverse and specialized devices, forming heterogeneous networks, and providing
different services and applications. The resulting computational systems are usually referred to as
*Ubiquitous Computing*, (see, e.g., the UK Grand Challenge initiative under the name
*Sciences for Global Ubiquitous Computing*
).
*Security*is one of the fundamental concerns that arises in this setting. The problem of
*privacy*, in particular, is exacerbated by orders of magnitude: The frequent interaction between users and electronic devices, and the continuous connection between these devices and the
internet, offer to malicious agents the opportunity to gather and store huge amount of information, often without the individual being even aware of it. Mobility is also an additional source of
vulnerability, since tracing may reveal significant information. To avoid these hazards, honest agents should use special protocols, called
*security protocols*.

The systems above are usually very complex and based on impressive engineering technologies, but they do not always exhibit a satisfactory level of robustness and reliability. The same holds for security protocols: they usually look simple, but the properties that they are supposed to ensure are extremely subtle, and it is also difficult to capture the capabilities of the attacker. As a consequence, even protocols that seem at first “obviously correct” are later (often years later) found to be prone to attacks.

In order to overcome these drawbacks, we need to develop formalisms, reasoning techniques, and tools, to specify systems and protocols, their intended properties, and to guarantee that these intended properties are indeed satisfied. The challenges that we envisage are (a) to find suitably expressive formalisms which capture essential new features such as mobility, probabilistic behavior, presence of uncertain information, and potentially hostile environment, (b) to build suitably representative models in which to interpret these formalisms, and (c) to design efficient tools to perform the verification in presence of these new features.

Catuscia Palamidessi has been keynote speaker at the 2011 edition of the conference ICALP (Internetional Colloquium on Automata, Languages and Programming,
http://

Much of the research of Cométe focuses on security and privacy. In particular, we are interested in the problem of the leakage of secret information through public observables.

Ideally we would like systems to be completely secure, but in practice this goal is often impossible to achieve. Therefore, we need to reason about the amount of information leaked, and the utility that it can have for the adversary, i.e. the probability that the adversary be able to exploit such information.

The recent tendency is to use information theoretic approach to model the problem and define the leakage in a quantitative way. The idea is to consider that system as an
information-theoretic
*channel*. The input represents the secret, the output represents the observable, and the correlation between the input and output (
*mutual information*) represents the information leakage.

Information theory depends on the notion of entropy. Most of the proposals in the literature use
*Shannon entropy*, which is the most established measure of uncertainty. From the security point of view, this measure corresponds to a particular model of attack and a particular way of
estimating the security threat (vulnerability of the secret). We consider also other notions, in particular the Rényi min-entropy, which seem to be more appropriate for security in common
scenarios like the one-try attacks.

We will focus our efforts on a probabilistic variant of the asynchronous

We intend to study models and languages for concurrent, probabilistic and mobile systems, with a particular attention to expressiveness issues. We aim at developing criteria to assess the expressive power of a model or formalism in a distributed setting, to compare existing models and formalisms, and to define new ones according to an intended level of expressiveness, taking also into account the issue of (efficient) implementability.

Our research in ccp develops along the following two lines:

The study of a bisimulation semantics for ccp. The advantage of bisimulation, over other kinds of semantics, is that it can be efficiently verified.

Enriching ccp with epistemic constructs, which will allow to reason about the knowledge of agents.

We plan to develop model-checking techniques and tools for verifying properties of systems and protocols specified in the above formalisms.

Model checking addresses the problem of establishing whether the model (for instance, a finite-state machine) of a certain specification satisfies a certain logical formula.

We intend to concentrate our efforts on aspects that are fundamental for the verification of security protocols, and that are not properly considered in existing tools. Namely, we will focus on:

the combination of probability and mobility, which is not provided by any of the current model checkers,

the interplay between nondeterminism and probability, which in security present subtleties that cannot be handled with the traditional notion of scheduler,

the development of a logic for expressing security (in particular privacy) properties.

Concerning the last point (the logic), we should capture both probabilistic and epistemological aspects, the latter being necessary for treating the knowledge of the adversary.

Logics of this kind have been already developed, but the investigation of the relation with the models coming from process calculi, and their utilization in model checking, is still in its infancy.

The aim of our research is the specification and verification of protocols used in mobile distributed systems, in particular security protocols. We are especially interested in protocols for
*information hiding*.

Information hiding is a generic term which we use here to refer to the problem of preventing the disclosure of information which is supposed to be secret or confidential. The most prominent
research areas which are concerned with this problem are those of
*secure information flow*and of
*privacy*.

Secure information flow refers to the problem of avoiding the so-called
*propagation*of secret data due to their processing. It was initially considered as related to software, and the research focussed on type systems and other kind of static analysis to
prevent dangerous operations, Nowadays the setting is more general, and a large part of the research effort is directed towards the investigation of probabilistic scenarios and treaths.

Privacy denotes the issue of preventing certain information to become publicly known. It may refer to the protection of
*private data*(credit card number, personal info etc.), of the agent's identity (
*anonymity*), of the link between information and user (
*unlinkability*), of its activities (
*unobservability*), and of its
*mobility*(
*untraceability)*.

The common denominator of this class of problems is that an adversary can try to infer the private information (
*secrets*) from the information that he can access (
*observables*). The solution is then to obfuscate the link between secrets and observables as much as possible, and often the use randomization, i.e. the introduction of
*noise*, can help to achieve this purpose. The system can then be seen as a
*noisy channel*, in the information-theoretic sense, between the secrets and the observables.

We intend to explore the rich set of concepts and techniques in the fields of information theory and hypothesis testing to establish the foundations of quantitive information flow and of
privacy, and to develop heuristics and methods to improve mechanisms for the protection of secret information. Our approach will be based on the specification of protocols in the probabilistic
asynchronous

In collaborations with Dave Parker and Marta Kwiatkowska, we are developing a model checker for the probabilistic asynchronous

Technically we use MMC as a compiler to encode the probabilistic

In the meanwhile we are also attempting a direct and more flexible approach to the development of a model checker for the probabilistic

This software generates PRISM models for the Dining Cryptographers and Crowds protocols. It can also use PRISM to calculate the capacity of the corresponding channels. More information can
be found in
and in the file README file width instructions at the URL
http://

The software can be download at
http://

The corner points can be used to compute the maximum probability of error and to improve the Hellman-Raviv and Santhi-Vardy bounds. More information can be found in
and in the file README file width instructions at the URL
http://

The software can be download at
http://

MMCsp is a compiler from a simple probabilistic

The tool was developed by Peng Wu during his postdoc period in Comète in the context of the collaboration between the teams Comète and PRISM under the INRIA/ARC Project ProNoBib (
http://

The source code is free and can be download from
http://

Information hiding refers to the problem of protecting private information while performing certain tasks or interactions, and trying to avoid that an adversary can infer such information.

This is one of the main areas of research in Comète, and two PhD thesis based on this topic have been defended this year in Comète , have been defended this year. We are exploring several topics, described below. An overview of our results is contained in .

The analysis of probabilistic concurrent systems usually relies on the notion of scheduler in order to solve the nondeterminism. Unfortunately the classical notion of scheduler, which is a
mathematical functions that chooses the next step depending on the history of the computation, can leak any secret information contained in the history. This creates false positives, and it
is known as the problem of the
*allmighty scheduler*. One way to solve this problem, already explored in literature, is to fix the strategy of the scheduler beforehand
. However this solution is considered too rigid and unrealistic. In
we have propose a milder restriction on the schedulers, and we have
defined the notion of strong (probabilistic) information hiding under various notions of observables. Furthermore, we have proposed a method, based on the notion of automorphism, to verify
that a system satisfies the property of strong information hiding, namely strong anonymity or no-interference, depending on the context.

In we have developed a game semantics for process algebra with two interacting agents. The purpose of our semantics is to make manifest the role of knowledge and information flow in the interactions between agents and to control the information available to interacting agents. We have defined games and strategies on process algebras, so that two agents interacting according to their strategies determine the execution of the process, replacing the traditional scheduler. We have shown that different restrictions on strategies represent different amounts of information being available to a scheduler. We have also shown that a certain class of strategies corresponds to the syntactic schedulers of Chatzikokolakis and Palamidessi , which were developed to overcome problems with traditional schedulers modeling interaction. The restrictions on these strategies have an explicit epistemic flavor.

Differential privacy is a notion that has emerged in the community of statistical databases, as a response to the problem of protecting the privacy of the database's participants when
performing statistical queries. The idea is that a randomized query satisfies differential privacy if the likelihood of obtaining a certain answer for a database

In , , we have analyzed critically the notion of differential privacy in light of the conceptual framework provided by the Rényi min information theory. We have shown that there is a close relation between differential privacy and leakage, due to the graph symmetries induced by the adjacency relation. Furthermore, we have considered the utility of the randomized answer, which measures its expected degree of accuracy. We have focused on certain kinds of utility functions called “binary”, which have a close correspondence with the Rényi min mutual information. Again, it turns out that there can be a tight correspondence between differential privacy and utility, depending on the symmetries induced by the adjacency relation and by the query. Depending on these symmetries we can also build an optimal-utility randomization mechanism while preserving the required level of differential privacy. Our main contribution is a study of the kind of structures that can be induced by the adjacency relation and the query, and how to use them to derive bounds on the leakage and achieve the optimal utility.

*Bisimilarity*is one of the main representative equivalences for concurrent behaviour. It captures our intuitive notion of process equivalence; two processes are equivalent if they can
match each other's moves. Furthermore, it provides an elegant co-inductive proof technique based on the notion of bisimulation. Nevertheless, there have been few attempts to define a notion
of bisimilarity for
*concurrent constraint programming*(ccp). The ones we were aware of are those in
and
but they are not completely satisfactory: The first one may tell
apart processes with identical observable behaviour, while the second quantifies over all possible inputs from the environment, and hence it is not clear whether it can lead to a feasible
proof technique.

Bisimilarity relies on
*labelled transitions*: each evolution step of a system is tagged by some information aimed at capturing the possible interactions of a process with the environment. In
we have provided a labelled transition system for ccp and we have
proposed a notion of ccp bisimilarity. Intuitively, in this transition system the labels represent the minimal information that processes require from the environment to execute. Furthermore
we have shown that, unlike previous approaches, our notion of bisimilarity coincides with the standard notion of equivalence for (deterministic) ccp. This way we have provided ccp with an
alternative co-inductive proof technique, coherent with previous equivalences, for process behaviour.

When the state space of a system is finite, the ordinary notion of bisimilarity can be computed via the well-known partition refinement algorithm, but unfortunately, this algorithm does not work for ccp bisimilarity. In we have proposed a variation of the partition refinement algorithm for verifying ccp bisimilarity. To the best of our knowledge this is the first work providing for the automatic verification of program equivalence for ccp.

The molecular mechanisms of cell communication with the environment involve many concurrent processes governing dynamically the cell function. This concurrent behavior makes traditional methods, such as differential equations, unsatisfactory as a modeling strategy since they do not scale well when a more detailed view of the system is required.

In we have presented a type checking algorithm for establishing a session-based discipline in the pi calculus of Milner, Parrow and Walker . Our session types are qualified as linear or unrestricted. Linearly typed communication channels are guaranteed to occur in exactly one thread, possibly multiple times; afterwards they evolve as unrestricted channels. Session protocols are described by a type constructor that denotes the two ends of one and the same communication channel. We have proved the soundness of the algorithm by showing that processes consuming all linear resources are accepted by a typing system preserving typings during the computation and that type checking is consistent w.r.t. structural congruence.

This project is financed by the ANR, for the years 2009-2011. The partners involved are:

EPIs Comète and Parsifal at INRIA Saclay. Responsible: Catuscia Palamidessi

CEA Saclay. Responsible: Emmanuel Haucourt

Pôle Parisien. Responsible: Damiano Mazza

Pôle Méditerranéen. Responsible: Emmanuel Godard

Airbus. Responsible: Jean Souyris.

This project is financed by the ANR, for the years 2009-2011. The partners involved are:

LSV. Responsible: Jean Goubault-Larrecq

EPIs Comète and Parsifal at INRIA Saclay. Responsible: Catuscia Palamidessi

CEA LIST. Responsible: Olivier Bouissou

Supelec SSE. Responsible: Gilles Fleury

Supelec L2S. Responsible: Michel Kieffer

PRINTEMPS (PRobability and INformation Theory for Modeling Privacy and Secrecy) focuses on the applications of Information Theory to security. We are particularly interested in studying the interactions between Concurrency and Information Theory.

This project has started in January 2006 and includes the following sites:

INRIA Futurs. Responsible: C. Palamidessi

McGill University, Canada. Responsible: P. Panangaden

Home page:
http://

Moreno Falaschi, Dipartimento di Scienze Matematiche e Informatiche, Università di Siena, Italy.

Camillo Rueda and Carlos Olarte, Pontificia Universidad Javeriana, Colombia.

Geoffrey Smith, School of Computing and Information Sciences, Florida International University, USA

Vladimiro Sassone, School of Electronics and Computer Science University of Southampton, United Kingdom.

Geoffrey Smith, Professor at the Florida Florida International University, USA. He visited for four months, from 26/8/2011 until 23/12/2011.

Moreno Falaschi, professor at the Università di Siena, Italy. He visited for one month, from 1/11/2011 till 30/11/2011.

Vladimiro Sassone, professor at the University of Southampton, United Kingdom, Italy. He visited for one month, from 1/12/2011 till 31/12/2011.

Marco Stronati, master student at the Università di Pisa, Italy. He is visiting for six months, from 1/10/2011 till 31/3/2012. He is doing his master thesis under the co-supervision of Giorgio Levi (Univ. di Pisa) and Catuscia Palamidessi.

Lili Xu, PhD student at the Academy of Science of Beijing, China. She is visiting for nine months, from 15/10/2011 until 15/7/2012. She is doing her PhD thesis under the co-supervision of Huimin Li (Ch. Academy of Science, Beijing) and Catuscia Palamidessi.

Note: In this section we include only the activities of the permanent internal members of Comète.

Catuscia Palamidessi is:

Member of the Editorial Board of the journal on Mathematical Structures in Computer Science, published by the Cambridge University Press.

Member of the Editorial Board of the journal on Theory and Practice of Logic Programming, published by the Cambridge University Press.

Member of the Editorial Board of the Electronic Notes of Theoretical Computer Science, Elsevier Science.

Co-editor (with Frank Pfenning) of the special issue of Logical Methods in Computer Science dedicated to selected papers of FoSSaCS 2013.

Co-editor (with Samson Abramsky and Michael Mislove) of the special issue of Theoretical Computer Science dedicated to selected papers of MFPS XXV.

Co-editor (with Geoffrey Smith) of the special issue of Mathematical Structures in Computer Sciencededicated to Quantitative Information Flow.

Frank D. Valencia is:

Area editor (for the area of Concurrency) of the ALP Newsletter.

Co-editor of the special issue of Mathematical Structures in Computer Sciencededicated to the 17th International Workshop on Expressiveness in Concurrency.

Konstantinos Chatzikokolakis and Catuscia Palamidessi are:

Co-editors (with Sebastian Mödersheim) of the special issue of the Journal of Computer Securitydedicated to selected papers of TOSCA 2011and SecCo 2011.

Catuscia Palamidessi is member of:

The Council of EATCS, the European Association for Theoretical Computer Science. Since 2005.

The Steering Committee of ETAPS, the European Joint Conferences on Theory and Practice of Software. Since 2006.

The IFIP Technical Committee 1 – Foundations of Computer Science. Since 2007.

The IFIP Working Group 2.2 – Formal Description of Programming Concepts. Since 2001.

The IFIP Working Group 1.7 – Theoretical Foundations of Security Analysis and Design. Since 2010.

Catuscia Palamidessi has given invited talks at the following conferences and workshops:

(Keynote speaker) ICALP 2011. The 38th International Colloquium on Automata, Languages and Programming, Zürich, Switzerland, July 2011.

SecCo 2011. International Workshop on Security Issues in Concurrency. (Part of Aachen Concurrency and Dependability Week.) Aachen, Germany, September 2011.

Catuscia Palamidessi has served as PC co-chair of QEST 2011. 8th International Conference on Quantitative Evaluation of SysTems. Aachen, Germany, August 2011.

Catuscia Palamidessi has served as PC co-chairs of the first edition of TOSCA (Theory Of SeCurity and Applications). Associated with the ETAPS conferences,
http://

Catuscia Palamidessi is serving as PC co-chair of TGC 2012. 7th International Symposium on Trustworthy Global Computing. Newcastle, UK, 7-8 September 2012.

Frank Valencia has co-chaired EXPRESS 2011, the workshop on Expressiveness in Concurrency Theory (
http://

Konstantino Chatzikokolakis has co-chaired SecCo 2011, the 9th International Workshop on Security Issues in Concurrency (
http://

Catuscia Palamidessi has been/is a member of the program committees of the following conferences:

FOSSACS 2013. 16th Int.l Conf. on Foundations of Software Science and Computation Structures. (Part of ETAPS 2013.) Rome, Italy, March 2013.

QEST 2012. International Conference on Quantitative Evaluation of SysTems. London, UK, September 2012.

PPDP 2012. International ACM SIGPLAN Conference on Principles and Practice of Declarative Programming. Leuven, Belgium, September 2012.

CONCUR 2012. 21st International Conference on Concurrency Theory. Newcastle, UK, September 2012.

CSF 2012. The 25th IEEE Computer Security Foundations Symposium. Cambridge MA, USA, June 2012.

POST 2012. First Conference on Principles of Security and Trust. Tallin, Estonia, March 2012.

CALCO 2011. Fourth International Conference on Algebra and Coalgebra in Computer Science. Winchester, UK, August 2011.

CSF 2011. The 24th IEEE Computer Security Foundations Symposium. Domaine de l'Abbaye des Vaux de Cernay, France, June 2011.

27th Int.l Conference on Mathematical Foundations of Programming Semantics. CMU, Pittsburgh, USA, May 2011.

Konstantinos Chatzikokolakis has been/is a member of the program committees of the following conferences and workshops:

ESOP 2012: 21th European Symposium on Programming.

ISPEC 2012: 8th International Conference on Information Security Practice and Experience.

QAPL 2012: 10th Workshop on Quantitative Aspects of Programming Languages .

TGC 2011: 6th International Symposium on Trustworthy Global Computing.

QAPL 2011: 9th Workshop on Quantitative Aspects of Programming Languages.

FAST 2011: The 8th International Workshop on Formal Aspects of Security & Trust.

Catuscia Palamidessi has served in the following committees:

The EAPLS PhD Award (
http://

Frank D. Valencia and Andrés Aristizábal are the organizer of the Comète-Parsifal Seminar. This seminar takes place weekly at LIX, and it is meant as a forum where the
members of Comète and Parsifal present their current works and exchange ideas. See
http://

Geoffrey Smith, Professor, Florida International University, USA. He has visited Comète for three months from the end of August until the end of December, 2011.

Moreno Falaschi, Professor, University of Siena, Italy. He has visited Comète for one month in November 2011.

Vladimiro Sassone, Professor, University of Southampton, UK. He has visited Comète for one month in December 2011.

Catuscia Palamidessi has served as:

Member of the Comité d'Orientation Scientifique et Technique, Groupe de travail Relation Internationales (COST-GTRI). Since November 2007.

Directrice adjointe du LIX, le Laboratoire d'Informatique de l'Ecole Polytechnique. Since April 2010.

President of the selection committee for the EATCS Best Paper Award at the ETAPS conferences. Since 2006.

Member of the Comité de These for Mathematics and Computer Science at the École Polytechnique. Since October 2007.

Reviewer for the projects proposal for the program PRIN, sponsored by the Italian MIUR (“Ministero dell'Istruzione, dell'Università e della Ricerca”). Since 2004.

Member of the Comité Academique de l'Ecole Polytechnique. Since November 2010.

Frank Valencia has served as:

Member of the Evaluation Committee of the LIX/Qualcomm postdoc grants for the year 2011.

Master: Konstantinos Chatzikokolakis has been teaching the course “Concurrence” at the “Master Parisien de Recherche en Informatique” (MPRI) in Paris. Level M2. Total 12 hours.

Doctorat: Catuscia Palamidessi has been teaching a course on Quantitative Information Flow at the 11th International School on Foundations of Security Analysis and Design, Bertinoro, Italy. Total 6 hours.

PhD :
Mario Sergio Ferreira Alvim Junior.
Ecole Polytechnique. Grant CNRS/DGA. Title of his PhD thesis:
*Quantitative Approaches for Information Flow: An Analysis of Interactive Systems and Statistical Databases*. Defended on 12 October 2011. Supervised by Catuscia Palamidessi.

PhD in progress (2011-) Lili Xu. Ecole Polytechnique and Chinese academy of Science, Beijing, China. Co-supervised by Catuscia Palamidessi and Huimin Li.

PhD in progress (2011-) Nicolás Bordenabe. Ecole Polytechnique. Grant INRIA/DGA. Supervised by Catuscia Palamidessi.

PhD in progress (2011-) Luis Fernando Pino Duque. Ecole Polytechnique. Grant INRIA/DGA. Co-supervised by Catuscia Palamidessi and Frank D. Valencia.

PhD in progress (2010-) Sophia Knight. Ecole Polytechnique. Grant INRIA/CORDIS. Co-supervised by Catuscia Palamidessi and Frank D. Valencia.

PhD in progress (2009-) Andrés Aristizábal. Ecole Polytechnique. Grant CNRS/DGA. Co-supervised by Catuscia Palamidessi and Frank D. Valencia.

PhD in progress (2009-) Ivan Gazeau. Ecole Polytechnique. Grant ANR. Co-supervised by Catuscia Palamidessi and Dale Miller.

PhD in progress : Nom du doctorant, titre (provisoire) du mémoire, date du début de la thèse, encadrant(s)

Catuscia Palamidessi has been “rapporteur” for the thesis of the following PhD students:

Jacopo Mauro (University of Bologna, Italy). PhD thesis reviewer. Title of the thesis:
*Constraints meet Concurrency*. Advised by Maurizio Gabbrielli. Defended in April 2012.

Morgan Barbier (Ecole Polytechnique, France). Member of the committee board at the PhD defense. Title of the thesis:
*Décodage en liste et application à la sécurité de l'information*. Advised by Daniel Augot. Defended in December 2011.

Giulio Caravagna (University of Pisa, Italy). PhD thesis reviewer. Title of the thesis:
*Formal Modeling and Simulation of Biological Systems with Delays.*Defended in December 2011.

Robert Abo (Conservatoire National des Arts et Métiers, France). PhD thesis reviewer and member of the committee board at the PhD defense. Title of the thesis:
*Approches formelles pour l?analyse de la performabilité des systèmes communicants mobiles : Application aux réseaux de capteurs sans fil*. Advised by Kamel Barkaoui. Defended in
December 2011.

Mathieu Sassolas (University of Paris VI, France). PhD thesis reviewer and member of the committee board at the PhD defense. Title of the thesis:
*Méthodes qualitatives et quantitatives pour la détection d'information cachée*. Advised by Béatrice Bérard. Defended in November 2011.