References of "Lenzini, Gabriele 50002200"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailSocio-technical formal analysis of TLS certificate validation in modern browsers
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL

in PST (2013)

Detailed reference viewed: 3848 (21 UL)
Full Text
Peer Reviewed
See detailA Socio-technical Understanding of TLS Certificate Validation
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL

in Trust Management VII (2013)

Detailed reference viewed: 205 (20 UL)
Full Text
Peer Reviewed
See detailWhat Security for Electronic Exams?
Giustolisi, Rosario UL; Lenzini, Gabriele UL; Bella, Giampaolo

in 8th International Conference onRisk and Security of Internet and Systems (CRiSIS), 2013 (2013)

Detailed reference viewed: 195 (9 UL)
Full Text
Peer Reviewed
See detailSocio-Technical Study On the Effect of Trust and Context when Choosing WiFi Names
Ferreira, Ana UL; Huynen, Jean-Louis UL; Koenig, Vincent UL et al

in Lecture Notes in Computer Science (2013), 8203

We study trust and context as factors influencing how people choose wireless network names. Our approach imagines the mindset of a hypothetical attacker whose goal is to ensnare unsuspecting victims into ... [more ▼]

We study trust and context as factors influencing how people choose wireless network names. Our approach imagines the mindset of a hypothetical attacker whose goal is to ensnare unsuspecting victims into accessing dishonest WiFi access points. For this purpose, we conducted an online survey. We used two separate forms. The first form asked a random group of participants to rate a list of wireless names according to their preferences (some real and others purposely made-up) and afterwards with implied trust in mind. The second form was designed to assess the effect of context and it asked a different set of respondents to rate the same list of wireless names in relation to four different contexts. Our results provide some evidence confirming the idea that trust and context can be exploited by an attacker by purposely, or strategically, naming WiFi access points with reference to trust or within certain contexts. We suggest, in certain cases, possible defence strategies. [less ▲]

Detailed reference viewed: 362 (21 UL)
Full Text
Peer Reviewed
See detailLocation Assurance and Privacy in GNSS Navigation
Chen, Xihui; Harpes, Carlo; Lenzini, Gabriele UL et al

in ERCIM News (2013), 2013(94),

The growing popularity of location-based services such as GNSS (Global Navigation Satellite System) navigation requires confidence in the reliability of the calculated locations. The exploration of a ... [more ▼]

The growing popularity of location-based services such as GNSS (Global Navigation Satellite System) navigation requires confidence in the reliability of the calculated locations. The exploration of a user’s location also gives rise to severe privacy concerns. Within an ESA (European Space Agency) funded project, we have developed a service that not only verifies the correctness of users’ locations but also enables users to control the accuracy of their revealed locations. [less ▲]

Detailed reference viewed: 127 (7 UL)
Full Text
Peer Reviewed
See detailA trust framework for evaluating GNSS signal integrity
Chen, Xihui UL; Lenzini, Gabriele UL; Martins, Miguel et al

in Proceedings of 26th IEEE Computer Security Foundations Symposium (CSF'13) (2013)

Detailed reference viewed: 325 (6 UL)
Full Text
Peer Reviewed
See detailDesign and formal analysis of a group signature based electronic toll pricing system
Chen, Xihui UL; Lenzini, Gabriele UL; Mauw, Sjouke UL et al

in Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (2013), 4(1), 55-75

Detailed reference viewed: 132 (13 UL)
Full Text
Peer Reviewed
See detailStudies in Socio-Technical Security Analysis: Authentication of Identities with TLS Certificates
Ferreira, Ana UL; Giustolisi, Rosario UL; Huynen, Jean-Louis UL et al

in IEEE TrustCom (2013)

Authenticating web identities with TLS certificates is a typical problem whose security depends on both technical and human aspects, and that needs, to be fully grasped, a socio-technical analysis. We ... [more ▼]

Authenticating web identities with TLS certificates is a typical problem whose security depends on both technical and human aspects, and that needs, to be fully grasped, a socio-technical analysis. We performed such an analysis, and in this paper we comment on the tools and methodology we found appropriate. We first analysed the interaction ceremonies between users and the most used browsers in the market. Then we looked at user's understanding of those interactions. Our tools and our methodology depend on whether the user model has a non-deterministic or a realistic behaviour. We successfully applied formal methods in the first case. In the second, we had to define a security framework consistent with research methods of experimental cognitive science. [less ▲]

Detailed reference viewed: 219 (34 UL)
See detailSTAST 2012 Proc. of the 2nd Int. Workshop on Socio-Technical Aspects in Security and Trust
Lenzini, Gabriele UL; Bella, Giampaolo

Book published by IEEE (2012)

The last few years have consolidated our understanding that security and trust are a socio-technical matter. Hence a call for researchers from different disciplines, such as sociology, psychology and ... [more ▼]

The last few years have consolidated our understanding that security and trust are a socio-technical matter. Hence a call for researchers from different disciplines, such as sociology, psychology and informatics, to construct a holistic vision of security and trust. STAST, the workshop on Socio-Technical Aspects in Security and Trust, is an international event to support such interdisciplinary research. It reaches its second edition in 2012. The first took place at the University of Milano (Milan, Italy), hosted by the International Conference on Network and System Security (NSS). The second edition was held at Harvard University (Cambridge, MA, USA), hosted by the Computer Security Foundation Symposium (CSF) — this volume gathers its post-proceedings. [less ▲]

Detailed reference viewed: 97 (8 UL)
Full Text
Peer Reviewed
See detailImplementation and Validation of a Localisation Assurance Service Provider
Chen, Xihui UL; Harpes, Carlo; Lenzini, Gabriele UL et al

in Proc. 6th ESA Workshop on Satellite Navigation Technologies (2012)

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with ... [more ▼]

Existing Global Navigation Satellite Systems offer no authentication to the open service signals and so stand-alone receivers are vulnerable to meaconing and spoofing attacks. These attacks interfere with the integrity and authenticity of satellite signals: they can delay signals, or re-broadcast signals. Positioning is thus compromised and location-based services are at risk.This paper describes a solution to mitigate this risk. It is a trusted third-party Localisation Assurance service that informs location-based services providers up to which level a location claimed by client can be trusted. It runs several tests over the localisation data of client receivers and certifies the level of assurance of locations. An assurance level expresses the amount of trust the third-party has that a receiver's location is calculated from integral and authentic satellite signals. [less ▲]

Detailed reference viewed: 225 (6 UL)
Full Text
Peer Reviewed
See detailA group signature based electronic toll pricing system
Chen, Xihui UL; Lenzini, Gabriele UL; Mauw, Sjouke UL et al

in Proc. 7th International Conference on Availability, Reliability and Security (2012)

Detailed reference viewed: 169 (2 UL)
Full Text
Peer Reviewed
See detailTrustworthy agent-based recommender system in a mobile P2P environment
Sahli, N.; Lenzini, Gabriele UL; Eertink, H.

in Lecture Notes in Computer Science (2012), 6573 LNAI

Current major P2P systems focus on PCs and do not provide services for the mobile environment. Compared to traditional P2P, characteristics of Mobile P2P include unreliable connections, limited bandwidth ... [more ▼]

Current major P2P systems focus on PCs and do not provide services for the mobile environment. Compared to traditional P2P, characteristics of Mobile P2P include unreliable connections, limited bandwidth and constraints of mobile devices. In addition, nomadic users demand applications and services that are context-aware, personalised, secure, and trustworthy. Recommender systems are one of these applications. In this paper, we aim at building a mobile P2P recommender system which dramatically reduces wireless traffic between peers, brings trustworthiness (each peer can choose to rely on opinions of peers whom he trusts), and ffers unobtrusiveness (the target system is mainly autonomous and requires a minimum user intervention). Our solution is based on multi-agent systems and is illustrated on a slow-food restaurant recommender system. © 2012 Springer-Verlag. [less ▲]

Detailed reference viewed: 150 (7 UL)
Full Text
Peer Reviewed
See detailDefending against insider threats and internal data leakage
You, Ilsun; Lenzini, Gabriele UL; Ogiela, Marek R. et al

in Security and Communication Networks (2012), 5(8), 831-833

Detailed reference viewed: 186 (6 UL)
Peer Reviewed
See detailAdaptive Trust Management
Seigneur, Jean-Marc; Lenzini, Gabriele UL; Hulsebosch, Bob

in Serugendo, Giovanna Di Marzo; Gleizes, Marie-Pierre; Karageorgos, Anthony (Eds.) Self-Organizing Software - From Natural to Artificial Adaptation (2011)

Chapter 8 of this book has explained how computational trust and reputation can be used to select the trustworthy pieces of software among the plethora of pieces of software emerging from this dynamic ... [more ▼]

Chapter 8 of this book has explained how computational trust and reputation can be used to select the trustworthy pieces of software among the plethora of pieces of software emerging from this dynamic self-organising software world as envisioned in this book. This chapter goes beyond mere initial static selection of pieces of software because over time the situation changes and previously trustworthy configuration of pieces of software may become untrustworthy. In this chapter, an approach for adaptive trust management, meaning that the trust algorithms adapt automatically themselves depending on the context, is explained and examplified in the domain of context-aware authentication applications. [less ▲]

Detailed reference viewed: 198 (5 UL)
See detailSTAST 2011 Proc. of the 1st Workshop on Socio-Technical Aspects in Security and Trust
Coles-Kemp, Lizzie; Lenzini, Gabriele UL; Ryan, Peter UL et al

Book published by IEEE (2011)

Detailed reference viewed: 242 (11 UL)
Full Text
Peer Reviewed
See detailSelective location blinding using hash chains
Lenzini, Gabriele UL; Mauw, Sjouke UL; Pang, Jun UL

in Proc. 19th International Workshop on Security Protocols (2011)

Detailed reference viewed: 181 (7 UL)
Full Text
Peer Reviewed
See detailContextual biometric-based authentication for ubiquitous services
Buhan, Ileana; Lenzini, Gabriele UL; Radomirovic, Sasa UL

in Proc. of the 7th International Conference on Ubiquitous Intelligence and Computing (UIC 2010) (2010)

We introduce and comment on the concept of contextual pseudo identity. A contextual pseudo identity is a soft identity token that is built from both a user's biometric and the context. When it comes to ... [more ▼]

We introduce and comment on the concept of contextual pseudo identity. A contextual pseudo identity is a soft identity token that is built from both a user's biometric and the context. When it comes to ubiquitous authentication, a contextual pseudo identity promises better security than that o ered by traditional biometrics-based identity tokens: the use of context improves the tokens' disposability and renewability, which are two essential properties in the protection of a user's real identity. Our algorithm for generating contextual pseudo identities extends a Fuzzy Embedder so that it accepts both biometric and context dependent input. We prove that our way of processing the context preserves the security and reliability properties of the Fuzzy Embedder used in our extension. An example shows how a user can utilize contextual pseudo identity to authenticate to and access ubiquitous services. [less ▲]

Detailed reference viewed: 163 (4 UL)
Peer Reviewed
See detailTrust-Based and Context-Aware Authentication in a Software Architecture for Context and Proximity-Aware Services
Lenzini, Gabriele UL

in de Lemos, R.; Fabre, J. C.; Gacek, C. (Eds.) et al Architecting Dependable Systems VI 2018-09-18 22:51:18 +0000 2019-06-15 18:11:00 +0200 (2009)

Detailed reference viewed: 50 (1 UL)
Peer Reviewed
See detailA Formal Specification and Validation of a Control System in Presence of Byzantine Errors
Gnesi, Stefania; Latella, Diego; Lenzini, Gabriele UL et al

in Proc.~of the 6th Int. Conference Tool and Algorithms for the Construction and Analysis of Systems (TACAS 2000), in ETAPS 2000 -- March 25 - April 2, 2000, Berlin, Germany (2000)

This paper describes an experience in formal specification and fault tolerant behavior validation of a railway critical system. The work, performed in the context of a real industrial project, had the ... [more ▼]

This paper describes an experience in formal specification and fault tolerant behavior validation of a railway critical system. The work, performed in the context of a real industrial project, had the following main targets: (a) to validate specific safety properties in the presence of byzantine system components or of some hardware temporary faults; (b) to design a formal model of a critical railway system at a right level of abstraction so that could be possible to verify certain safety properties and at the same time to use the model to simulate the system. For the model specification we used the Promela language, while the verification was performed using the SPIN model checker. Safety properties were specifi%% Part Glue ed by means of both assertions and temporal logic formulae. To make the problem of validation tractable in the SPIN environment, we used ad hoc abstraction techniques. http://matrix.iei.pi.cnr.it/~lenzini/papers/tacas00.ps.gz 2018-09-18 22:51:18 +0000 2019-06-15 18:30:22 +0200 [less ▲]

Detailed reference viewed: 75 (0 UL)
Peer Reviewed
See detailModel Checking of Cryptographic Protocols using HD-Automata
Gnesi, Stefania; Latella, Diego; Lenzini, Gabriele UL

in 4th Italian Workshop on Sistemi Distribuiti: Algoritmi, Architetture e Linguaggi (WSDAAL'99), June 13-15, 1999, Fonte Cerreto (L'Aquila), Italy 2018-09-18 22:51:18 +0000 2019-06-15 18:31:23 +0200 (1999)

In this work we will present a preliminary study about the design of a model checking environment for cryptographic protocols. In particular given a specification of a protocol in spi-calculus and given ... [more ▼]

In this work we will present a preliminary study about the design of a model checking environment for cryptographic protocols. In particular given a specification of a protocol in spi-calculus and given some properties expressed in an appropriate logic (i.e., ACTL) we will propose a specialized version of the History Dependent Automata Laboratory (HAL) environment, in such a way to treat with cryptographic protocols. HAL is an integrated tool set for specification, verification an analysis of concurrent system, based on HD automata. [less ▲]

Detailed reference viewed: 77 (0 UL)