Agency: Cordis | Branch: H2020 | Program: ERC-COG | Phase: ERC-CoG-2015 | Award Amount: 1.89M | Year: 2016
The security of modern web applications depends on a variety of critical components including cryptographic libraries, Transport Layer Security (TLS), browser security mechanisms, and single sign-on protocols. Although these components are widely used, their security guarantees remain poorly understood, leading to subtle bugs and frequent attacks. Rather than fixing one attack at a time, we advocate the use of formal security verification to identify and eliminate entire classes of vulnerabilities in one go. With the aid of my ERC starting grant, I have built a team that has already achieved landmark results in this direction. We built the first TLS implementation with a cryptographic proof of security. We discovered high-profile vulnerabilities such as the recent Triple Handshake and FREAK attacks, both of which triggered critical security updates to all major web browsers and TLS libraries. So far, our security theorems only apply to carefully-written standalone reference implementations. CIRCUS proposes to take on the next great challenge: verifying the end-to-end security of web applications running in mainstream software. The key idea is to identify the core security components of web browsers and servers and replace them by rigorously verified components that offer the same functionality but with robust security guarantees. Our goal is ambitious and there are many challenges to overcome, but we believe this is an opportune time for this proposal. In response to the Snowden reports, many cryptographic libraries and protocols are currently being audited and redesigned. Standards bodies and software developers are inviting researchers to help analyse their designs and code. Responding to their call requires a team of researchers who are willing to deal with the messy details of nascent standards and legacy code, and at the same time prove strong security theorems based on precise cryptographic assumptions. We are able, we are willing, and the time is now.
Agency: Cordis | Branch: H2020 | Program: RIA | Phase: ICT-10-2015 | Award Amount: 1.97M | Year: 2016
The objective of the NEXTLEAP project is to build the fundamental interdisciplinary internet science necessary to create decentralized, secure, and rights-preserving protocols for the next generation of collective awareness platforms. The long-term goal of NEXTLEAP is to have Europe take the next leap ahead of the rest of the world by solving the fundamental challenge of determining how both to scientifically build and how to help citizens and institutions adopt open-source decentralized and privacy-preserving digital social platforms in contrast to proprietary centralized cloud-based services and pervasive surveillance that function at the expense of rights and technological sovereignty.
Institute National Of Recherche En Informatique Et En Automatique and Mauna Kea Technologies | Date: 2011-07-08
The present invention concerns a mosaicing method taking into account motion distortions, irregularly sampled frames and non-rigid deformations of the imaged tissue. The invention relates to a method for mosaicing frames from a video sequence acquired from a scanning device such as a scanning microscope, the method comprising the steps of: The method is based on a hierarchical framework that is able to recover a globally consistent alignment of the input frames, to compensate for the motion distortions and to capture the non-rigid deformations.
Agency: Cordis | Branch: H2020 | Program: RIA | Phase: ICT-30-2015 | Award Amount: 6.96M | Year: 2016
AGILE project aims to create an open, flexible and widely usable IoT solution at disposal of industries (startups, SMEs, tech companies) and individuals (researchers, makers, entrepreneurs) as a framework that consists of: A modular IoT gateway enabling various types of devices (wearables, home appliances, sensors, actuators, etc.) to be connected with each other and to the Internet; Data management and device control maximizing security and privacy, at local level and in the cloud, technologies and methodologies to better manage data privacy and ownership in the IoT; Support of various open and private clouds; Recommender and visual developers interfaces enabling easy creation of applications to manage connected devices and data; Support of mainstream IoT/M2M protocols, and SDKs from different standardization bodies for device discovery and communication; Two separate gateway hardware versions: a) the makers version, based on the popular RaspberryPi platform for easily prototyping and attracting the current community; b) the industrial version for more industrial and production-ready applications; An ecosystem of IoT applications shareable among users and developers leveraging on existing initiatives by key stakeholders in this domain, like Canonical and Ubuntu Snappy IoT ecosystem. Piloted in relevant open areas (fields and in a port) for field & cattle monitoring through drones, air quality & pollution monitoring and in smart retail, AGILE will be easily adaptable and usable in different contexts serving as an horizontal technology for fast IoT prototyping and engineering in different domains. Following an open hardware/software approach, harnessing the power of IoT developers and entrepreneurs communities, AGILE aims to offer tools to overcome limitations imposed by closed and vertical walled gardens for IoT apps development, offering a fully open platform for integration and adaptation with 3rd parties enabling a new marketplace for IoT apps
Institute National Of Recherche En Informatique Et En Automatique and French Atomic Energy Commission | Date: 2011-06-23
A data processing device includes a memory, a direct memory access controller including a receiving module configured to receive data coming from outside the device and for writing the data in a main buffer memory of the memory, and a processing unit programmed to read and process data written by the receiving module in a work area of the main buffer memory. The main buffer memory is divided between a used space, where the receiving module is configured not to write, and free space, where the receiving module is configured to write. The processing unit is further programmed to define the work area, and the direct memory access controller includes a buffer memory manager configured to free data written in the main buffer memory, by defining a location of this data as a free space, only when this data is outside the work area.