Selected papers by Luigi Logrippo and associates (other papers can be found here)


The following list is a mix of recent papers and older ones that may still be useful, in chronological order.

In most cases, they are corrected or updated versions of published papers.

Refer to the publisher’s sources to find the published versions.

If you have remarks or questions on these materials, I am interested in hearing from you.

PDF Luigi Logrippo. Multi-level models for data security in networks and in the Internet of things. Revised copy of paper under review by a journal.

PDF Luigi Logrippo, Abdelouadoud Stambouli. Configuring data flows in the Internet of Things for security and privacy requirements. 11th International Symposium on Foundations and Practice of Security (FPS 2018). Montreal, Nov. 13-15, 2018. Springer LNCS Vol. 11358, 115-130.  See also the presentation.

PDF Abdelouadoud Stambouli, Luigi Logrippo. Data flow analysis from capability lists, with application to RBAC and LaBAC. Augmented version of paper titled: Data flow analysis from capability lists, with application to RBAC. Information Processing Letters (Elsevier) 141 (2019) 30–40.

PDF Luigi Logrippo. Multi-level access control, directed graphs and partial orders in flow control for data secrecy and privacy. Augmented version of paper appeared in: Foundations and Practice of Security. FPS 2017. Springer LNCS 10723 (2018), 111-123. Springer, DOI See also the presentation.

PDF Sofiene Boulares, Kamel Adi, Luigi Logrippo. Insider threat likelihood assessment for flexible access control. Proc. of the 7th Intern. MCETECH Conference on eTechnologies. Ottawa, 2017. Refer to Springer site for the official copy. In: Aïmeur E., Ruhi U., Weiss M. (eds) E-Technologies: Embracing the Internet of Things. LNBIP 289, Springer, 77-95.

PDF Sofiene Boulares, Kamel Adi, Luigi Logrippo. Insider threat likelihood assessment for access control systems: Quantitative approach. Proc. of the 9th International Symposium on Foundations and Practice of Security (FPS), Québec, October 2016, Lecture Notes in Computer Science 10128, Springer 2017, 135-142. Springer Copyright. Refer to Springer LNBIP site for the official copy.

PDF Luigi Logrippo, Causality in Computer Science. Letter to the Editor of the Communications of the ACM, 59(7), 9, 2016.

PDF Riaz Ahmed Shaikh, Kamel Adi, Luigi Logrippo. A data classification method for inconsistency and incompleteness detection in access control policy data sets. International Journal of Information Security, 16(1), 91-113, 2017. A related policy generation tool is available.

PDF Jamal Abd-Ali, Karim El Guemhioui, Luigi Logrippo. Metamodelling with Formal Semantics with Application to Access Control Specification. MODELSWARD 2015: 354-36

PDF Jamal Abd-Ali, Karim El Guemhioui, Luigi Logrippo. A Meta-model for Access Control Policies. Journal of Software 10(7), 2015, 784-797.

PDF Sofiene Boulares, Kamel Adi, Luigi Logrippo. Information flow-based security levels assessment for access control systems. LNBIP 209 105-121. Proc. of the 6th International MCETECH Conference on eTechnologies. Montreal, May 2015. Springer Copyright. Refer to Springer LNBIP site for the official copy.

PDF Luigi Logrippo. Logical Method for Reasoning about Access Control and Data Flow Control Models. Proc. of the 7th International Symposium on Foundations and Practice of Security, Montréal, Nov. 2014. F. Cuppens et al. (Eds.): FPS 2014, LNCS 8930, 205–220, 2015. Springer Copyright. Refer to Springer LNCS volume for the official copy (this is an extended version). (See also PRESENTATION). This paper is my first in this research direction, My view of this topic has changed considerably, but unfortunately a much better paper has been rejected for publication, and I’ll have to find the time to fix and resubmit it.

PDF Omar Abahmane, Luigi Logrippo. Granularity Based Flow Control. Proc. 12th Annual International Conference on Privacy, Security and Trust (PST), Toronto, July 2014, 239-248. (see also PRESENTATION).

PDF Salim Khamadja, Kamel Adi, Luigi Logrippo. Designing Flexible Access Control Models for the Cloud. Proc. of the 6th International Conference on Security of Information and Networks (SIN 2013), Aksaray, Turkey, Nov. 2013, 225-232. ACM Copyright. Refer to ACM site for official copy.

PDF Waël Hassan, Luigi Logrippo. Towards a Process for Legally Compliant Software. Proc. 6th International IEEE Workshop on Requirements Engineering and Law, (RELAW 2013) Rio de Janeiro, 44-52. IEEE copyright: Refer to IEEE site for official copy.

PDF Hemanth Khambhammettu, Sofiene Boulares, Kamel Adi, Luigi Logrippo. A Framework for Risk Assessment in Access Control Systems. Computers & Security (Elsevier), 39, Part A, 2013, 86-103.

PDF Muyiwa Olurin, Carlisle Adams, Luigi Logrippo. Platform for Privacy Preferences (P3P): Current Status and Future Directions. In: N. Cuppens-Boulahia, P.Fong, J. García-Alfaro, S. Marsh, J.-P. Steghöfer (Eds.): Tenth Annual International Conference on Privacy, Security and Trust, PST 2012, Paris, France, July 16-18, 2012, 217-220.

PDF Riaz Ahmed Shaikh, Kamel Adi, Luigi Logrippo. Dynamic Risk-based Decision Methods for Access Control Systems. Computers and Security (Elsevier), 31(4): 447-464, 2012.

PDF Bernard Stepien, Hemanth Khambhammettu,  Kamel Adi, Luigi Logrippo. CatBAC: A Generic Framework for Designing and Validating Hybrid Access Control Models. Proc. of SFCS 2012, the First IEEE International Workshop on Security and Forensics in Communication Systems, Ottawa, June 10-15, 6721-6726.

This paper continues the work presented in the paper by Slimani et al. (see below) by presenting an access control language that extends the graphical UML notation proposed in this second paper.

PDF Yacine Bouzida, Luigi Logrippo, Sergei Mankovski. Concrete and Abstract Based Access Control. Intern.J. of Inform. Security, 10 (4) Aug. 2011, 223-238.  Copyright by Springer

PDF Logrippo, L. From e-business to e-laws and e-judgments: 4,000 years of experience. CYBERLAWS 2011, Proc. of the Second International Conference on Technical and Legal Aspects of the e-Society, Guadeloupe, Feb 2011, 22-28.

Several Google searches in year 2011 on keyword ‘e-judgment’ or ‘electronic judgment’ have consistently ranked this document among the top five. The other documents listed used the term in a different meaning (as databases of judgments). So it appears that I am the inventor of this term. We’ll see how useful it will be. In 1961, fresh from law school, I was hired to study the uses that computers could have in legal establishments. It then occurred to me that computers could help decide simple legal cases. It took me fifty years to come up with a paper on this topic! People interested in this subject may be interested also in the following: HTML

PDF Slimani, N., Khambhammettu, H., Adi, K., Logrippo, L. UACML: Unified Access Control Modeling Language. In: New Technologies, Mobility and Security (NTMS), 2011 4th IFIP Intern. Conf. on,  2011, 1-8.

PDF Ma, J., Logrippo, L., Adi, K., Mankovski, S. Risk Analysis in Access Control Systems Based on Trust Theories. The 3rd Workshop on Logics for Intelligent Agents and Multi-Agent Systems (WLIAMas 2010). Toronto, Aug. 2010, 415-418.

Shaikh, R.A., Adi, K., Logrippo, L., Mankovski, S. Inconsistency Detection Method for Access Control Policies. IEEE sixth International Conference on Information Assurance and Security (IAS 2010), Atlanta, Aug. 2010, 204-209. This paper has been superseded by our 2017 paper: PDF

PDF Ma, J., Adi, K., Mejri, M., Logrippo, L. Risk Analysis in Access Control Systems. Eight Intern. Conf. on Privacy, Security, and Trust (PST 2010). Ottawa, Aug. 2010, 160-166.

Shaikh, R.A., Adi,K., Logrippo, L., Mankovski, S. Detecting Incompleteness in Access Control Policies Using Data Classification Schemes, In Proc. of the 5th International Conference on Digital Information Management (ICDIM 2010), Thunder Bay, Canada, July 2010, IEEE Press, 417-422.  This paper has been superseded by our 2017 paper: PDF

PDF Ma, J., Adi, K., Logrippo, L., Mankovski, S. Risk Management in Dynamic Role Based Access Control Systems. Proc. of the 5th International Conference on Digital Information Management (ICDIM 2010), Thunder Bay, Canada, July 2010, IEEE Press, 423-430.

PDF Plesa, R., Logrippo, L. An Agent-Based Architecture for Providing Enhanced Communication Services. Chapter 15 in: Laurence T. Yang (Ed.) Research in Mobile Intelligence – Wiley series on Parallel and Distributed Computing, 2010. 320-342.

PDF Hassan, W., Logrippo, L. A Governance Requirements Extraction Model for Legal Compliance Validation. In Proc. IEEE 17th International Requirements Engineering Conference (RE'09): RELAW Workshop. Atlanta, GA.  Sep. 2009, 7-12.

PDF Adi, K., Bouzida, Y.,  Hattak, I., Logrippo, L., Mankovskii, S. Typing for Conflict Detection in Access Control Policies. In: G. Babin, P. Kropf, M. Weiss (Eds.): E-Technologies: Innovation in an Open World. Proc. of the 4th Intern. Conf. MCETECH 2009 (Ottawa, May 2009), Lecture Notes in Business Information Processing (LNBIP 26), Springer, 2009, 212-226.

PDF Hassan, W., Logrippo, L. Detecting inconsistencies of mixed secrecy models and business policies. University of Ottawa Technical Report, 2009.

PDF Hassan, W. and Logrippo, L. Requirements and Compliance in Legal Systems: a Logic Approach. In Proc. IEEE 16th International Requirements Engineering Conference (RE'08): RELAW Workshop. Barcelona, Spain.  Sep. 2008, 40-44.

PDF Logrippo, L. Normative Systems: the Meeting Point between Jurisprudence and Information Technology? In: H. Fujita, D. Pisanelli (Eds.): New Trends in Software Methodologies, Tools and Techniques – Proc. of the 6th SoMeT_07. IOS Press, 2007,  343-354.

PDF Layouni, A., Logrippo, L., Turner, K.J. Conflict Detection in Call Control Using First-Order Logic Model Checking. In: L. DuBousquet, Jean-Luc Richier (Eds): 9th International Conference on Feature Interactions in Software and Communication Systems, IOS Press, 2008 (Proc. of ICFI ’07, Grenoble, France, Sept. 2007), 77-92.

PDF Plesa, R., Logrippo, L. An Agent-Based Architecture for Contex-Aware Communications. Proc. of the 21st International Conference on Advanced Information Networking and Applications Workshops (PCAC-07 Niagara Falls, May 2007), IEEE Press, Vol.2, 133-138.

PDF Xu, Y., Logrippo, L., Sincennes, J. Detecting Feature Interactions in CPL. Journal of Network and Computer Applications 30 (2) (2007), 775-799.

Keywords: Call Processing Language, consistency

PDF Crespo, R.G., Carvalho, M., Logrippo, L. Distributed Resolution of Feature Interactions for Internet Applications. Computer Networks 51 (2)  (2007)  382-397.

PDF Jiang, D., Liscano, R., Logrippo, L. Personalization of Internet Telephony Services for Presence with SIP and Extended CPL. Computer Communications 29 (18)  (Nov. 2006)  3766-3779.

PDF Gorse, N., Logrippo, L., Sincennes, J. Formal Detection of Feature Interactions with Logic Programming and LOTOS.  Journal on Software and System Modelling, 5 (2),  2006, 121-134.

Note 1: This paper was mistakenly published under the title: Detecting Feature Interactions in CPL. Note 2: Although the title of this paper is rather specific with its reference to Logic Programming and LOTOS, the principles presented in the first part are generic and have been used in other papers.

PDF de Castro Andrade, R. M., Logrippo, L. MoRaR: A Pattern Language for Mobility and Radio Resource Management. Appeared in reedited form in: D.Manolescu, J.Noble, M. Voelter - Pattern Languages of Program Design 5, Chapter 10. Addison-Wesley, 2006, 213-255

This paper is a rather extensive study of patterns occurring in mobile telephony systems software, almost unique in its kind.

PDF Amyot, D., Gray, T., Liscano, R., Logrippo, L., Sincennes, J. Interactive Conflict Detection and Resolution for Personalized Features. Journal of Communications and Networks, 7 (3), 2005, 353-366.

PDF Plesa, R., Logrippo, L. Enhanced Communications Servers through Context Integration. In T. Magedanz, A. Karmouch, S. Pierre, I. Venieris (Eds) - Mobility Aware Technologies and Applications – (MATA, Montreal Oct. 2005)  Short papers volume, 1-5.

PDF Mankai, M., Logrippo, L. Access Control Policies: Modeling and Validation. Proceedings of NOTERE 2005 (Gatineau, August) 85-91. Keywords: XACML, consistency checking, Alloy

This was one of the very first papers published on the subject of consistency checking for XACML policies but it doesn’t get cited. Oh, well …

PDF Hassan, W., Logrippo, L. Governance Policies for Privacy Access Control and their Interactions. In: S.Reiff-Marganiec, M.D. Ryan (Eds) Feature Interactions in Telecommunications and Software Systems. (Proc. of the VIII International Conference on Feature Interaction, ICFI 2005), Leicester, UK, IOS Press, 2005, 114-130.

PDF Amyot, L., Logrippo, L., Weiss, M. Generation of test purposes from Use Case Maps. Computer Networks 49 (5), 2005, 643-660.

PDF Dini, P., Clemm, A., Gray, T., Lin, F.J., Logrippo, L., Reiff-Marganiec, S. Policy-enabled Mechanisms for Feature Interactions: Reality, Expectations, Challenges. Computer Networks, 45 (5), 2004, 585 - 603.



Old papers that are still cited occasionally …

This is a repository where I put papers that are still being cited or for which I have received requests.

PDF Haj-Hussein, M., Logrippo, L., Sincennes, J.  Goal-oriented Execution of LOTOS Specifications.  In: M. Diaz and R. Groz (Eds.) Formal Description Techniques, V. North- Holland, 1993  (Proc. of the 4rth FORmal TEchniques International Conference, Perros- Guirec, France, 1992. Sponsored by IFIP WG 6.1) 311-327.

The concept of goal-oriented execution for LOTOS was discovered almost simultaneously by our group and a Dutch group (Ed Brinksma and Henk Eertink). It is applicable to CCS and CSP, as well as to other process-algebraic languages. However strangely, many years later, this extension has not been done, for what I know. It is a useful technique for state exploration in infinite-state systems. The PhD thesis of Mazen Haj-Hussein, that explained the concept in detail, is available in the web.

PDF Logrippo, L., Faci, M., and Haj-Hussein, M. An Introduction to LOTOS: Learning by Examples.  Computer Networks and ISDN Systems 23(5) (1992) 325-342. Errata in 25(1) (1992) 99-100.

PDF Guillemot, R., Haj-Hussein, M., Logrippo, L. Executing large LOTOS specifications. In: S. Aggarwal, K. Sabnani (Eds): Protocol Specification, Testing and Verification VIII (Proc. of the PSTV VIII Symposium). Elsevier-IFIP 1988, 399-410.

PDF Logrippo, L., Obaid, A., Briand, J.P., Fehri, M.C. An Interpreter for LOTOS, a Specification Language for Distributed Systems. Software-Practice and Experience Vol 18(4), 365-385 (April 1988).

Note: This paper was written in 1986. It presents the first LOTOS interpreter realized in the world. However the language discussed is different from the one that eventually became a standard.

PDF Vissers, C.A., Logrippo, L. The Importance of the Service Concept in the Design of Data Communications Protocols.

This paper appeared, in slightly different form, in M. Diaz (Ed.) Protocol Specification, Testing, and Verification, V. (Proc. of the IFIP WG 6.1 Fifth International Workshop on Protocol Specification, Testing and Verification) Elsevier-North-Holland, 1986, 3-17. 

PDF Logrippo, L., Stepien, B. Cluster Analysis for the Computer-Assisted Statistical Analysis of Melodies. Computers and the Humanities, Vol. 20, No. 1, 19-33 (Jan.-March 1986).

Keywords: Inuit music; Canadian Eskimo music; a-ja-jai songs; ajajai songs; statistical methods in ethno-musicology; transcriptions; music score.

A chapter by the same authors, including further documentation on this work, can be found in the following book: Pelinski, R. La musique des inuit du caribou. Presses de l’Université de Montréal, 1981. Because this book is out of print, I have put on line the following excerpts (PDF) which include: 1) transcriptions of the songs collected by Pelinski; 2) information on the CD realized by Pelinsky, which I believe can still be purchased.

PDF Pelinski, R., Logrippo, L., Hickey, P.J., Strong, E. A comparative computer analysis of Inuit songs. University of Ottawa, Computer Science Department, Technical Report TR80.08 (1980).

Keywords: Inuit music; Canadian Eskimo music; a-ja-jai songs; ajajai songs; statistical methods in ethno-musicology. See also previous title.


Open Distributed Processing (ODP) Tutorials


The Open Distributed Processing (ODP) concept was much ahead of its time and is still of current interest.

Although this is not often recognized, the Service Oriented Architecture (SOA) is based on ODP concepts.

Here are some tutorial papers and research reports that we wrote quite a while ago (1993-1996), with my student Kazi Farooqui.

I think that they are still useful.

PDF Farooqui, K., Logrippo, L., DeMeer, J. The ISO Reference Model for Open Distributed Processing:

an introduction.  Computer Networks and ISDN Systems 27 (1995) 1215-1229.

PDF Farooqui, K., Logrippo, L. Architecture for Open Distributed Software Systems. Technical Report, University of Ottawa, 1994. A shorter version of this tutorial was published in: Zomaya, A.Y.S. (Ed.). Parallel and Distributed Computing Handbook. McGraw-Hill, 1996, 303-329.

PDF Farooqui, K., Logrippo, L. Introduction to the ODP Computational Model. Technical Report, University of Ottawa, 1994.

PDF Farooqui, K., Logrippo, L. Introduction to the ODP Engineering Model. Technical Report, University of Ottawa, 1994.


Very old papers that haven’t been cited at all…


Some of my best papers are those that resulted from my PhD thesis, years of work… with the help of my supervisors, John Brzozowski and Ed Ashcroft, as well as the inspiration of my external examiner, Ray Miller. They have received extremely few citations, probably because the topic has not been fashionable. But I know that they are a lot better than some papers of mine that have been cited dozens of times. So much for citation counts.


PDF Logrippo, L. Renamings and Economy of Memory in Program Schemata. J. ACM 25(1), (Jan. 1978), 10-22

It is possible to change the name of the variables in programs in such a way that the results computed are unchanged. This equivalence-preserving transformation is at the basis of program optimizations such as efficient register allocation or efficient memory allocation, used in optimizing compilers. This paper justifies theoretically this transformation and explains how it works.

PDF Logrippo, L. Renamings, Maximal Parallelism, and Space-Time Tradeoff in Program Schemata. J. ACM 26(4), (Oct. 1979), 819 - 833 

This paper continues the work presented in the previous paper. It shows formally that by allocating more memory space, more variables, or more registers, the parallelism of a program can be increased. For example, the parallelism of a producer-consumer system can be increased by increasing the length of the queue between the producer and consumer. Pipelined processors with instruction look-ahead use the same principle. This equivalence-preserving transformation can be applied automatically in order to take advantage of computational resources as they become available, at execution time or at compilation time.

It is useful to review the results of this paper in the light of Amdahl’s famous law. One of several ways of interpreting this law states that the speedup that can be obtained in the execution of a program P by using increasingly larger numbers of processors in parallel computing arrangements is limited by the time needed for executing the sequential parts of P. Amdahl’s law assumes that the sequential and parallelizable parts of P are known in advance and cannot be changed (unless the program is redesigned). This paper shows that: 1) it may be possible to execute a program at different levels of parallelisms at different points of execution 2) it may possible to increase the parallelism of a program by spreading its working space in memory, essentially by using queue or queue-like mechanisms. This paper also characterizes the program structures where this can or cannot be done. Intuitively, these concepts are well recognized in Computer Science however here they are formally analyzed.



Some non-technical papers

HTML From Sumerian Codes to Computer Code: A Formal Logic Perspective on Legal Theory and Information Technology in a Historical Context.

This is a sort of evolving notebook that I keep on this subject. I make it available in case others are interested and I am always interested in readers’ opinions.

HTML Pierre Stanislas Bédard : a precursor of symbolic logic. October 2013

PDF Mario Bolognani, Luigi Logrippo. Le origini del software industriale in Italia (The origins of Software Industry in Italy, in Italian). Sviluppo e Organizzazione, Marzo-Aprile 2009, 52-63.

HTML My first two computers: Elea 9003 and Elea 6001. Winter 2007.

PDF Review of two books on early electronic music in Italy. MusicWorks. Winter 2006

PDF A capsule history of the Department of Computer Science, University of Ottawa

HTML Memorial: Otto G. Wadsted



Neither papers, nor technical, nor mine!


PDF L’église de Saint Joachim. Sculptures par François Baillargé et autres, photos par Licia Paolucci


PDF  (1 MB); JPEG (6 MB); TIFF (97 MB); IMAGO URBIS ROMAE ANNO MDCCCLXX – Pianta Map Carte Roma Rome 1870