References of "Lenzini, Gabriele 50002200"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailModelling Metrics for Transparency in Medical Systems
Pierina Brustolin Spagnuelo, Dayana UL; Bartolini, Cesare UL; Lenzini, Gabriele UL

in Proceedings of TrustBus 2017 (in press)

Detailed reference viewed: 28 (7 UL)
Full Text
Peer Reviewed
See detailA Security Analysis, and a Fix, of a Code-Corrupted Honeywords System
Genç, Ziya Alper UL; Lenzini, Gabriele UL; Ryan, Peter UL et al

in Proceedings of the 4th International Conference on Information Systems Security and Privacy (2018)

In 2013 Juels and Rivest introduced the Honeywords System, a password-based authentication system designed to detect when a password file has been stolen. A Honeywords System stores passwords together ... [more ▼]

In 2013 Juels and Rivest introduced the Honeywords System, a password-based authentication system designed to detect when a password file has been stolen. A Honeywords System stores passwords together with indistinguishable decoy words so when an intruder steals the file, retrieves the words, and tries to log-in, he does not know which one is the password. By guessing one from the decoy words, he may not be lucky and reveal the leak. Juels and Rivest left a problem open: how to make the system secure even when the intruder corrupted the login server’s code. In this paper we study and solve the problem. However, since “code corruption” is a powerful attack, we first define rigorously the threat and set a few assumptions under which the problem is still solvable, before showing meaningful attacks against the original Honeywords System. Then we elicit a fundamental security requirement, implementing which, we are able to restore the honeywords System’s security despite a corrupted login service. We verify the new protocol’s security formally, using ProVerif for this task. We also implement the protocol and test its performance. Finally, at the light of our findings, we discuss whether it is still worth using a fixed honeywords-based system against such a powerful threat, or whether it is better, in order to be resilient against code corruption attacks, to design afresh a completely different password-based authentication solution. [less ▲]

Detailed reference viewed: 31 (9 UL)
Full Text
Peer Reviewed
See detailSecurity in the Shell : An Optical Physical Unclonable Function made of Shells of Cholesteric Liquid Crystals
Lenzini, Gabriele UL; Samir, Ouchani; Roenne, Peter UL et al

in Proc. of the 9th IEEE Workshop on Information Forensics and Security (2017, October 02)

We describe the application in security of shells of Cholesteric Liquid Crystals (ChLCs). Such shells have a diameter in the microns range and can be gathered in hundreds in a surface area as small as a ... [more ▼]

We describe the application in security of shells of Cholesteric Liquid Crystals (ChLCs). Such shells have a diameter in the microns range and can be gathered in hundreds in a surface area as small as a nail’s head. Because of their structural properties, a bundle of them reflects light, creating colorful patterns that we argue to be unique and computationally hard to predict. We argue also that the bundle itself is unclonable. These are typical properties of Physically Unclonable Functions, a family to which shells of ChLCs belong too. Herein we discuss their physical and security properties and their potential use in object authentication. [less ▲]

Detailed reference viewed: 45 (1 UL)
Full Text
Peer Reviewed
See detailInsider Threats to Information Security, Digital Espionage, and Counter-Intelligence
You, Ilsun; Lenzini, Gabriele UL; De Santis, Alfredo

in IEEE Systems Journal (2017), 11(2),

Detailed reference viewed: 28 (2 UL)
Full Text
Peer Reviewed
See detailThe Cipher, the Random and the Ransom: A Survey on Current and Future Ransomware
Genç, Ziya Alper UL; Lenzini, Gabriele UL; Ryan, Peter UL

in Advances in Cybersecurity 2017 (2017)

Although conceptually not new, ransomware recently regained attraction in the cybersecurity community: notorious attacks in fact have caused serious damage, proving their disruptive effect. This is likely ... [more ▼]

Although conceptually not new, ransomware recently regained attraction in the cybersecurity community: notorious attacks in fact have caused serious damage, proving their disruptive effect. This is likely just the beginning of a new era. According to a recent intelligence report by Cybersecurity Ventures, the total cost due to ransomware attacks is predicted to exceed $5 billion in 2017. How can this disruptive threat can be contained? Current anti-ransomware solutions are effective only against existing threats, and the worst is yet to come. Cyber criminals will design and deploy more sophisticated strategies, overcoming current defenses and, as it commonly happens in security, defenders and attackers will embrace a competition that will never end. In this arm race, anticipating how current ransomware will evolve may help at least being prepared for some future damage. In this paper, we describe existing techniques to mitigate ransomware and we discuss their limitations. Discussing how current ransomware could become even more disruptive and elusive is crucial to conceive more solid defense and systems that can mitigate zero-day ransomware, yielding higher security levels for information systems, including critical infrastructures such as intelligent transportation networks and health institutions. [less ▲]

Detailed reference viewed: 107 (9 UL)
Full Text
Peer Reviewed
See detailPrivacy-Preserving Verifiability: A Case for an Electronic Exam Protocol
Giustolisi, Rosario; Iovino, Vincenzo UL; Lenzini, Gabriele UL

in Giustolisi, Rosario; Iovino, Vincenzo; Lenzini, Gabriele (Eds.) Privacy-Preserving Verifiability: A Case for an Electronic Exam Protocol (2017)

We introduce the notion of privacy-preserving verifiability for security protocols. It holds when a protocol admits a verifiability test that does not reveal, to the verifier that runs it, more pieces of ... [more ▼]

We introduce the notion of privacy-preserving verifiability for security protocols. It holds when a protocol admits a verifiability test that does not reveal, to the verifier that runs it, more pieces of information about the protocol’s execution than those required to run the test. Our definition of privacy-preserving verifiability is general and applies to cryptographic protocols as well as to human security protocols. In this paper we exemplify it in the domain of e-exams. We prove that the notion is meaningful by studying an existing exam protocol that is verifiable but whose verifiability tests are not privacy-preserving. We prove that the notion is applicable: we review the protocol using functional encryption so that it admits a verifiability test that preserves privacy to our definition. We analyse, in ProVerif, that the verifiability holds despite malicious parties and that the new protocol maintains all the security properties of the original protocol, so proving that our privacy-preserving verifiability can be achieved starting from existing security. [less ▲]

Detailed reference viewed: 34 (4 UL)
Full Text
Peer Reviewed
See detailFrom Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective Analysis
Huynen, Jean-Louis UL; Lenzini, Gabriele UL

in Proceedings of the 3rd International Conference on Information Systems Security and Privacy (2017)

Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied ... [more ▼]

Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied prospectively, the methodology guides analysts to assess socio-technical vulnerabilities in a system, helping them to evaluate their choices in designing security policies and controls. But the methodology works also retrospectively. It assists analysts in retrieving the causes of an observed socio-technical attack, guiding them to understand where the information security management of the system has failed. The methodology is tuned to find causes that root in the human-related factors that an attacher can exploit to execute its intrusion. [less ▲]

Detailed reference viewed: 128 (8 UL)
Full Text
Peer Reviewed
See detailA Framework to Reason about the Legal Compliance of Security Standards
Bartolini, Cesare UL; Giurgiu, Andra UL; Lenzini, Gabriele UL et al

in Proceedings of the Tenth International Workshop on Juris-informatics (JURISIN) (2016, November)

Achieving compliance with legal regulations is no easy task. Normally, laws state general requirements but do not provide clear parameters to determine when such requirements are met. On a different level ... [more ▼]

Achieving compliance with legal regulations is no easy task. Normally, laws state general requirements but do not provide clear parameters to determine when such requirements are met. On a different level, industrial standards and best practices define specific objectives that can be certified by means of auditing procedures from qualified bodies. Implementing a standard does not per se guarantee legal compliance, with the rare exception when the standard is also endorsed by the law itself. But standards and laws in the same domain may have overlaps and correlations, so adopting the former may provide an argument to demonstrate that adequate measures were taken to achieve legal compliance. In this paper, we introduce a framework that, using state-of-the-art Natural Language Semantics techniques, helps process legal documents and standards to build a knowledge base to store their logic representations, and the correlations between them. The knowledge base will help legal experts assess what requirements of the law are met by the standard and, consequently, recognize what requirements still need to be implemented to fill the remaining gaps. An application of the framework is exemplified by comparing a provision of the European General Data Protection Regulation against the ISO/IEC 27001:2013 standard. [less ▲]

Detailed reference viewed: 139 (12 UL)
Full Text
Peer Reviewed
See detailTowards legal compliance by correlating Standards and Laws with a semi-automated methodology
Bartolini, Cesare UL; Lenzini, Gabriele UL; Robaldo, Livio UL

in Proceedings of the 28 Benelux Conference on Artificial Intelligence (BNAIC) (2016, November)

Since legal regulations do not generally provide clear parameters to determine when their requirements are met, achieving legal compliance is not trivial. If there were a clear correspondence between the ... [more ▼]

Since legal regulations do not generally provide clear parameters to determine when their requirements are met, achieving legal compliance is not trivial. If there were a clear correspondence between the provisions of a specific standard and the regulation’s requirements, one could implement the standard to claim a presumption of compliance. However, finding those correspondences is a complex process; additionally, correlations may be overridden in time, for instance, because newer court decisions change the interpretation of certain provisions. To help solve this problem, we present a framework that supports legal experts in recognizing correlations between provisions in a standard and requirements in a given law. The framework relies on state-of-the-art Natural Language Semantics techniques to process the linguistic terms of the two documents, and maintains a knowledge base of the logic representations of the terms, together with their defeasible correlations, both formal and substantive. An application of the framework is shown by comparing a provision of the European General Data Protection Regulation against the ISO/IEC 27018:2014 standard. [less ▲]

Detailed reference viewed: 95 (6 UL)
Full Text
Peer Reviewed
See detailTransparent Medical Data Systems
Pierina Brustolin Spagnuelo, Dayana UL; Lenzini, Gabriele UL

in Journal of Medical Systems (2016)

Transparency is described as the quality to be open about policies and practices. It is intended to inform end users of what happens to their data. It promotes good quality of service and is believed to ... [more ▼]

Transparency is described as the quality to be open about policies and practices. It is intended to inform end users of what happens to their data. It promotes good quality of service and is believed to sustain people's demand for privacy. However, at least for medical data systems, a clear definition of the property is missing and there is no agreement on what requirements qualify it. We look into this problem. First we identify concepts that relate with transparency: openness, empowerment, auditability, availability, accountability, verifiability. We discuss them in Health Information Technology, so clarifying what transparency is. Then we elicit a list of requirements that indicate how transparency can be realised in modern medical data systems such as those managing electronic health records. [less ▲]

Detailed reference viewed: 64 (16 UL)
Full Text
Peer Reviewed
See detailMetrics for Transparency
Pierina Brustolin Spagnuelo, Dayana UL; Bartolini, Cesare UL; Lenzini, Gabriele UL

in Proceedings of DPM 2016 and QASA 2016 (2016, September)

Transparency is a novel non-functional requirement for software systems. It is acclaimed to improve the quality of service since it gives users access to information concerning the system's processes ... [more ▼]

Transparency is a novel non-functional requirement for software systems. It is acclaimed to improve the quality of service since it gives users access to information concerning the system's processes, clarifying who is responsible if something goes wrong. Thus, it is believed to support people's right to a secure and private processing of their personal data. We define eight quality metrics for transparency and we demonstrate the usage and the effectiveness of the metrics by assessing transparency on the Microsoft HealthVault, an on-line platform for users to collect, store, and share medical records. [less ▲]

Detailed reference viewed: 103 (18 UL)
Full Text
Peer Reviewed
See detailHigh-fidelity spherical cholesteric liquid crystal Bragg reflectors generating unclonable patterns for secure authentication
Geng, Yong UL; Noh, Junghyun UL; Drevensek-Olenik, Irena et al

in Scientific Reports (2016), 6(26840), 1-8

Monodisperse cholesteric liquid crystal microspheres exhibit spherically symmetric Bragg reflection, generating, via photonic cross communication, dynamically tuneable multi-coloured patterns. These ... [more ▼]

Monodisperse cholesteric liquid crystal microspheres exhibit spherically symmetric Bragg reflection, generating, via photonic cross communication, dynamically tuneable multi-coloured patterns. These patterns, uniquely defined by the particular sphere arrangement, could render cholesteric microspheres very useful in countless security applications, as tags to identify and authenticate their carriers, mainly physical objects or persons. However, the optical quality of the cholesteric droplets studied so far is unsatisfactory, especially after polymerisation, a step required for obtaining durable samples that can be used for object identification. We show that a transition from droplets to shells solves all key problems, giving rise to sharp patterns and excellent optical quality even after polymerisation, the polymerised shells sustaining considerable mechanical deformation. Moreover, we demonstrate that, counter to prior expectation, cross communication takes place even between non-identical shells. This opens additional communication channels that add significantly to the complexity and unique character of the generated patterns. [less ▲]

Detailed reference viewed: 246 (34 UL)
Full Text
Peer Reviewed
See detailPatient-Centred Transparency Requirements for Medical Data Sharing Systems
Pierina Brustolin Spagnuelo, Dayana UL; Lenzini, Gabriele UL

in Proceedings of the 4th World Conference on Information Systems and Technologies (2016)

We compose, propose, and discuss several requirements to support transparency in Medical Data Sharing Systems. Transparency is a property that suggests openness and compliance with policies, practices ... [more ▼]

We compose, propose, and discuss several requirements to support transparency in Medical Data Sharing Systems. Transparency is a property that suggests openness and compliance with policies, practices, and processes employed to secure data, and it is believed to promote good quality of service in healthcare. Our requirements indicate how transparency can be realised on modern medical data sharing systems such as those managing electronic health records [less ▲]

Detailed reference viewed: 83 (18 UL)
Full Text
Peer Reviewed
See detailComparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare
Ferreira, Ana; Lenzini, Gabriele UL

in Proc. of the nd Int. Conference on International Conference in Information Systems Security and Privacy (ICISSP) (2016)

In healthcare security, Role-based Access Control (RBAC) should be flexible and include capabilities such as Break-the-Glass and Delegation. The former is useful in emergencies to overcome otherwise a ... [more ▼]

In healthcare security, Role-based Access Control (RBAC) should be flexible and include capabilities such as Break-the-Glass and Delegation. The former is useful in emergencies to overcome otherwise a denial of access, the latter to transfer rights temporarily, for example, to substitute doctors. Current research studies these policies separately, but it is unclear whether they are different and independent capabilities. Motivated to look into this matter, we present a formal characterization of Break-the-Glass andDelegation in the RBAC model and we inquire on how these two policies relate. After giving arguments in favour of keeping them apart as different policies, we propose an RBAC model that includes them [less ▲]

Detailed reference viewed: 93 (1 UL)
Full Text
Peer Reviewed
See detailAnalysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems
Lenzini, Gabriele UL; Mauw, Sjouke UL; Ouchani, Samir UL

in Barthe, Gilles; Markatos, Evangelos (Eds.) Security and Trust Management - STM 2016 (2016)

A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question ... [more ▼]

A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization's employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds. [less ▲]

Detailed reference viewed: 102 (19 UL)
Full Text
Peer Reviewed
See detailFormal Security Analysis of Traditional and Electronic Exams
Dreier, Jannik; Giustosi, Rosario; Kassem, Ali et al

in Communications in Computer and Information Science (2015), 554

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they ... [more ▼]

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they can reach larger audiences, but they are exposed to new threats that can potentially ruin the whole exam business. These threats are amplified by two issues: the lack of understanding of what security means for electronic exams (except the old concern about students cheating), and the absence of tools to verify whether an exam process is secure. This paper addresses both issues by introducing a formal description of several fundamental authentication and privacy properties, and by establishing the first theoretical framework for an automatic analysis of exam security. It uses the applied π-calculus as a framework and ProVerif as a tool. Three exam protocols are checked in depth: two Internet exam protocols of recent design, and the pencil-and-paper exam used by the University of Grenoble. The analysis highlights several weaknesses. Some invalidate authentication and privacy even when all parties are honest; others show that security depends on the honesty of parties, an often unjustified assumption in modern exams. [less ▲]

Detailed reference viewed: 74 (6 UL)
Peer Reviewed
See detail2015 Workshop on Socio-Technical Aspects in Security and Trust, STAST 2015, Verona, Italy, July 13, 2015
Bella, Giampaolo; Lenzini, Gabriele UL

Scientific Conference (2015, July 13)

Detailed reference viewed: 17 (0 UL)
Full Text
Peer Reviewed
See detailSecurity analysis of socio-technical physical systems
Lenzini, Gabriele UL; Mauw, Sjouke UL; Ouchani, Samir UL

in Computers electrical engineering (2015)

Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents – here called socio-technical physical systems – have limitations: their agent behavior is too ... [more ▼]

Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents – here called socio-technical physical systems – have limitations: their agent behavior is too simple, they just estimate feasibility and not the likelihood of attacks, or they do estimate likelihood but on explicitly provided attacks only. We propose a model that can detect and quantify attacks. It has a rich set of agent actions with associated probability and cost. We also propose a threat model, an intruder that can misbehave and that competes with honest agents. The intruder’s actions have an associated cost and are constrained to be realistic. We map our model to a probabilistic symbolic model checker and we express templates of security properties in the Probabilistic Computation Tree Logic, thus supporting automatic analysis of security properties. A use case shows the effectiveness of our approach. [less ▲]

Detailed reference viewed: 108 (8 UL)
Full Text
Peer Reviewed
See detailService security and privacy as a socio-technical problem
Bella, Giampaolo; Curzon, Paul; Lenzini, Gabriele UL

in JOURNAL OF COMPUTER SECURITY (2015), 23(5), 563-585

The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly ... [more ▼]

The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users. [less ▲]

Detailed reference viewed: 42 (1 UL)