References of "Lenzini, Gabriele 50002200"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailA Framework to Reason about the Legal Compliance of Security Standards
Bartolini, Cesare UL; Giurgiu, Andra UL; Lenzini, Gabriele UL et al

in Proceedings of the Tenth International Workshop on Juris-informatics (JURISIN) (2016, November)

Achieving compliance with legal regulations is no easy task. Normally, laws state general requirements but do not provide clear parameters to determine when such requirements are met. On a different level ... [more ▼]

Achieving compliance with legal regulations is no easy task. Normally, laws state general requirements but do not provide clear parameters to determine when such requirements are met. On a different level, industrial standards and best practices define specific objectives that can be certified by means of auditing procedures from qualified bodies. Implementing a standard does not per se guarantee legal compliance, with the rare exception when the standard is also endorsed by the law itself. But standards and laws in the same domain may have overlaps and correlations, so adopting the former may provide an argument to demonstrate that adequate measures were taken to achieve legal compliance. In this paper, we introduce a framework that, using state-of-the-art Natural Language Semantics techniques, helps process legal documents and standards to build a knowledge base to store their logic representations, and the correlations between them. The knowledge base will help legal experts assess what requirements of the law are met by the standard and, consequently, recognize what requirements still need to be implemented to fill the remaining gaps. An application of the framework is exemplified by comparing a provision of the European General Data Protection Regulation against the ISO/IEC 27001:2013 standard. [less ▲]

Detailed reference viewed: 357 (38 UL)
Full Text
Peer Reviewed
See detailTransparent Medical Data Systems
Pierina Brustolin Spagnuelo, Dayana UL; Lenzini, Gabriele UL

in Journal of Medical Systems (2016)

Transparency is described as the quality to be open about policies and practices. It is intended to inform end users of what happens to their data. It promotes good quality of service and is believed to ... [more ▼]

Transparency is described as the quality to be open about policies and practices. It is intended to inform end users of what happens to their data. It promotes good quality of service and is believed to sustain people's demand for privacy. However, at least for medical data systems, a clear definition of the property is missing and there is no agreement on what requirements qualify it. We look into this problem. First we identify concepts that relate with transparency: openness, empowerment, auditability, availability, accountability, verifiability. We discuss them in Health Information Technology, so clarifying what transparency is. Then we elicit a list of requirements that indicate how transparency can be realised in modern medical data systems such as those managing electronic health records. [less ▲]

Detailed reference viewed: 162 (19 UL)
Full Text
Peer Reviewed
See detailMetrics for Transparency
Pierina Brustolin Spagnuelo, Dayana UL; Bartolini, Cesare UL; Lenzini, Gabriele UL

in Proceedings of DPM 2016 and QASA 2016 (2016, September)

Transparency is a novel non-functional requirement for software systems. It is acclaimed to improve the quality of service since it gives users access to information concerning the system's processes ... [more ▼]

Transparency is a novel non-functional requirement for software systems. It is acclaimed to improve the quality of service since it gives users access to information concerning the system's processes, clarifying who is responsible if something goes wrong. Thus, it is believed to support people's right to a secure and private processing of their personal data. We define eight quality metrics for transparency and we demonstrate the usage and the effectiveness of the metrics by assessing transparency on the Microsoft HealthVault, an on-line platform for users to collect, store, and share medical records. [less ▲]

Detailed reference viewed: 179 (21 UL)
Full Text
Peer Reviewed
See detailHigh-fidelity spherical cholesteric liquid crystal Bragg reflectors generating unclonable patterns for secure authentication
Geng, Yong UL; Noh, Junghyun UL; Drevensek-Olenik, Irena et al

in Scientific Reports (2016), 6(26840), 1-8

Monodisperse cholesteric liquid crystal microspheres exhibit spherically symmetric Bragg reflection, generating, via photonic cross communication, dynamically tuneable multi-coloured patterns. These ... [more ▼]

Monodisperse cholesteric liquid crystal microspheres exhibit spherically symmetric Bragg reflection, generating, via photonic cross communication, dynamically tuneable multi-coloured patterns. These patterns, uniquely defined by the particular sphere arrangement, could render cholesteric microspheres very useful in countless security applications, as tags to identify and authenticate their carriers, mainly physical objects or persons. However, the optical quality of the cholesteric droplets studied so far is unsatisfactory, especially after polymerisation, a step required for obtaining durable samples that can be used for object identification. We show that a transition from droplets to shells solves all key problems, giving rise to sharp patterns and excellent optical quality even after polymerisation, the polymerised shells sustaining considerable mechanical deformation. Moreover, we demonstrate that, counter to prior expectation, cross communication takes place even between non-identical shells. This opens additional communication channels that add significantly to the complexity and unique character of the generated patterns. [less ▲]

Detailed reference viewed: 409 (40 UL)
Full Text
Peer Reviewed
See detailPatient-Centred Transparency Requirements for Medical Data Sharing Systems
Pierina Brustolin Spagnuelo, Dayana UL; Lenzini, Gabriele UL

in Proceedings of the 4th World Conference on Information Systems and Technologies (2016)

We compose, propose, and discuss several requirements to support transparency in Medical Data Sharing Systems. Transparency is a property that suggests openness and compliance with policies, practices ... [more ▼]

We compose, propose, and discuss several requirements to support transparency in Medical Data Sharing Systems. Transparency is a property that suggests openness and compliance with policies, practices, and processes employed to secure data, and it is believed to promote good quality of service in healthcare. Our requirements indicate how transparency can be realised on modern medical data sharing systems such as those managing electronic health records [less ▲]

Detailed reference viewed: 186 (20 UL)
Full Text
Peer Reviewed
See detailAnalysing the Efficacy of Security Policies in Cyber-Physical Socio-Technical Systems
Lenzini, Gabriele UL; Mauw, Sjouke UL; Ouchani, Samir UL

in Barthe, Gilles; Markatos, Evangelos (Eds.) Security and Trust Management - STM 2016 (2016)

A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question ... [more ▼]

A crucial question for an ICT organization wishing to improve its security is whether a security policy together with physical access controls protects from socio-technical threats. We study this question formally. We model the information flow defined by what the organization's employees do (copy, move, and destroy information) and propose an algorithm that enforces a policy on the model, before checking against an adversary if a security requirement holds. [less ▲]

Detailed reference viewed: 211 (20 UL)
Full Text
Peer Reviewed
See detailComparing and Integrating Break-the-Glass and Delegation in Role-based Access Control for Healthcare
Ferreira, Ana; Lenzini, Gabriele UL

in Proc. of the nd Int. Conference on International Conference in Information Systems Security and Privacy (ICISSP) (2016)

In healthcare security, Role-based Access Control (RBAC) should be flexible and include capabilities such as Break-the-Glass and Delegation. The former is useful in emergencies to overcome otherwise a ... [more ▼]

In healthcare security, Role-based Access Control (RBAC) should be flexible and include capabilities such as Break-the-Glass and Delegation. The former is useful in emergencies to overcome otherwise a denial of access, the latter to transfer rights temporarily, for example, to substitute doctors. Current research studies these policies separately, but it is unclear whether they are different and independent capabilities. Motivated to look into this matter, we present a formal characterization of Break-the-Glass andDelegation in the RBAC model and we inquire on how these two policies relate. After giving arguments in favour of keeping them apart as different policies, we propose an RBAC model that includes them [less ▲]

Detailed reference viewed: 199 (4 UL)
Full Text
Peer Reviewed
See detailFormal Security Analysis of Traditional and Electronic Exams
Dreier, Jannik; Giustosi, Rosario; Kassem, Ali et al

in Communications in Computer and Information Science (2015), 554

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they ... [more ▼]

Nowadays, students can be assessed not only by means of pencil-and-paper tests but also by electronic exams which they take in examination centers or even from home. Electronic exams are appealing as they can reach larger audiences, but they are exposed to new threats that can potentially ruin the whole exam business. These threats are amplified by two issues: the lack of understanding of what security means for electronic exams (except the old concern about students cheating), and the absence of tools to verify whether an exam process is secure. This paper addresses both issues by introducing a formal description of several fundamental authentication and privacy properties, and by establishing the first theoretical framework for an automatic analysis of exam security. It uses the applied π-calculus as a framework and ProVerif as a tool. Three exam protocols are checked in depth: two Internet exam protocols of recent design, and the pencil-and-paper exam used by the University of Grenoble. The analysis highlights several weaknesses. Some invalidate authentication and privacy even when all parties are honest; others show that security depends on the honesty of parties, an often unjustified assumption in modern exams. [less ▲]

Detailed reference viewed: 204 (10 UL)
Full Text
Peer Reviewed
See detailDo graphical cues effectively inform users? A Socio-Technical Security Study in Accessing Wifi Networks
Ferreira, Ana; Huynen, Jean-Louis; Koenig, Vincent UL et al

in Proc. of the International Conference on Human Aspects of Information Security, Privacy, and Trust (2015, July 21)

We study whether the padlock and the signal strength bars, two visual cues shown in network managers, convey their intended messages. Since users often choose insecure networks when they should not ... [more ▼]

We study whether the padlock and the signal strength bars, two visual cues shown in network managers, convey their intended messages. Since users often choose insecure networks when they should not, finding the answer is not obvious; in our study we clarify whether the problem lies in uninformative and ambiguous cues or in the user who, despite understanding the cues, chooses otherwise. This paper describes experiments and comments the results that bring evidence to our study [less ▲]

Detailed reference viewed: 50 (1 UL)
Peer Reviewed
See detail2015 Workshop on Socio-Technical Aspects in Security and Trust, STAST 2015, Verona, Italy, July 13, 2015
Bella, Giampaolo; Lenzini, Gabriele UL

Scientific Conference (2015, July 13)

Detailed reference viewed: 58 (2 UL)
Full Text
Peer Reviewed
See detailSecurity analysis of socio-technical physical systems
Lenzini, Gabriele UL; Mauw, Sjouke UL; Ouchani, Samir UL

in Computers electrical engineering (2015)

Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents – here called socio-technical physical systems – have limitations: their agent behavior is too ... [more ▼]

Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents – here called socio-technical physical systems – have limitations: their agent behavior is too simple, they just estimate feasibility and not the likelihood of attacks, or they do estimate likelihood but on explicitly provided attacks only. We propose a model that can detect and quantify attacks. It has a rich set of agent actions with associated probability and cost. We also propose a threat model, an intruder that can misbehave and that competes with honest agents. The intruder’s actions have an associated cost and are constrained to be realistic. We map our model to a probabilistic symbolic model checker and we express templates of security properties in the Probabilistic Computation Tree Logic, thus supporting automatic analysis of security properties. A use case shows the effectiveness of our approach. [less ▲]

Detailed reference viewed: 196 (16 UL)
Full Text
Peer Reviewed
See detailAn Analysis of Social Engineering Principles in Effective Phishing
Ferreira, Ana; Lenzini, Gabriele UL

in Proc. of the 5th International Workshop on Socio-Technical Security and Trust (2015)

Detailed reference viewed: 236 (9 UL)
Full Text
Peer Reviewed
See detailMaybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security
Beneson, Zinaida; Lenzini, Gabriele UL; Oliveira, Daniela et al

in Maybe Poor Johnny Really Cannot Encrypt - The Case for a Complexity Theory for Usable Security (2015)

This paper discusses whether usable security is unattainable for some security tasks due to intrinsic bounds of human cognitive capacities. Will Johnny ever be able to encrypt? Psychology and neuroscience ... [more ▼]

This paper discusses whether usable security is unattainable for some security tasks due to intrinsic bounds of human cognitive capacities. Will Johnny ever be able to encrypt? Psychology and neuroscience literature shows that there are upper bounds on the human capacity for executing cognitive tasks and for information processing. We argue that the usable security discipline should scientifically understand human capacities for security tasks, i.e., what we can realistically expect from people. We propose a framework for evaluation of human capacities in security that assigns socio-technical systems to complexity classes according to their security and usability. The upper bound of human capacity is considered the point at which people start experiencing cognitive strain while performing a task, because cognitive strain demonstrably leads to errors in the task execution. The ultimate goal of the work we initiate in this paper is to provide designers of security mechanisms or policies with the ability to say:“This feature of the security mechanism X or this security policy element Y is inappropriate, because this evidence shows that it is beyond people’s capacity. [less ▲]

Detailed reference viewed: 76 (1 UL)
Full Text
Peer Reviewed
See detailDo graphical cues effectively inform users? A socio-technical security study in accessing wifi networks.
Ferreira, Ana UL; Huynen, Jean-Louis UL; Koenig, Vincent UL et al

in Lecture Notes in Computer Science (2015), 9190

We study whether the padlock and the signal strength bars, two visual cues shown in network managers, convey their intended messages. Since users often choose insecure networks when they should not ... [more ▼]

We study whether the padlock and the signal strength bars, two visual cues shown in network managers, convey their intended messages. Since users often choose insecure networks when they should not, finding the answer is not obvious; in our study we clarify whether the problem lies in uninformative and ambiguous cues or in the user who, despite understanding the cues, chooses otherwise. This paper describes experiments and comments the results that bring evidence to our study. [less ▲]

Detailed reference viewed: 260 (93 UL)
Full Text
Peer Reviewed
See detailIn Cyber-Space No One Can Hear You S·CREAM, A Root Cause Analysis for Socio-Technical Security
Ferreira, Ana UL; Huynen, Jean-Louis UL; Koenig, Vincent UL et al

in Foresti, Sara (Ed.) Security and Trust Management (2015)

Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause ... [more ▼]

Inspired by the root cause analysis techniques that in the field of safety research and practice help investigators understand the reasons of an incident, this paper investigates the use of root cause analysis in security. We aim at providing a systematic method for the security analyst to identify the socio-technical attack modes that can potentially endanger a system’s security. [less ▲]

Detailed reference viewed: 182 (14 UL)
Full Text
Peer Reviewed
See detailGenerating attacks in SysML activity diagrams by detecting attack surfaces
Ouchani, Samir UL; Lenzini, Gabriele UL

in Journal of Ambient Intelligence and Humanized Computing (2015), 6(3), 361-373

In the development process of a secure system is essential to detect as early as possible the system’s vulnerable points, the so called attack surfaces, and to estimate how feasible it would be that known ... [more ▼]

In the development process of a secure system is essential to detect as early as possible the system’s vulnerable points, the so called attack surfaces, and to estimate how feasible it would be that known attacks breach through them. Even if attack surfaces can be sometimes detected automatically, mapping them against known attacks still is a step apart. Systems and attacks are not usually modelled in compatible formalisms. We develop a practical framework that automates the whole process. We formalize a system as SysML activity diagrams and in the same formalism we model libraries of patterns taken from standard catalogues of social engineering and technical attacks. An algorithm that we define, navigates the system’s diagrams in search for its attack surfaces; then it evaluates the possibility and the probability that the detected weak points host attacks among those in the modelled library. We prove the correctness and the completeness of our approach and we show how it works on a use case scenario. It represents a very common situation in the domain of communication and data security for corporations. [less ▲]

Detailed reference viewed: 135 (5 UL)
Full Text
Peer Reviewed
See detailCan Transparency Enhancing Tools support patient's accessing Electronic Health Records?
Lenzini, Gabriele UL; Ferreira, Ana UL

in Advances in Intelligent Systems and Computing (2015)

Patients that access their health records take more care of their health and, when in therapy, commit more seriously to improve their condition. This leads to a more effective and more efficient ... [more ▼]

Patients that access their health records take more care of their health and, when in therapy, commit more seriously to improve their condition. This leads to a more effective and more efficient healthcare management, and is also in agreement with European directives on data protection. However, accessing medical data can be risky. Security should be assured and it should be evident to the patients, who has access to what data and any violation to patient's privacy requirements should be reported. We call this property transparency. Precisely this work looks into the Transparency Enhancing Tools that have been proposed to increase people's awareness about security and privacy on the Internet, and discusses to which extent these tools can empower transparency in healthcare. [less ▲]

Detailed reference viewed: 176 (10 UL)
Full Text
Peer Reviewed
See detail4.2 Social Dynamics Metrics-Working Group Report
Benenson, Zinaida; Bleikertz, Sören; Foley, Simon N. et al

in Socio-Technical Security Metrics (2015)

Individuals continually interact with security mechanisms when performing tasks in everyday life. These tasks may serve personal goals or work goals, be individual or shared. These interactions can be ... [more ▼]

Individuals continually interact with security mechanisms when performing tasks in everyday life. These tasks may serve personal goals or work goals, be individual or shared. These interactions can be influenced by peers and superiors in the respective environments (workplace, home, public spaces), by personality traits of the users, as well as by contextual constraints such as available time, cognitive resources, and perceived available effort. All these influencing factors, we believe, should be considered in the design, implementation and maintenance of good socio-technical security mechanisms. Therefore, we need to observe reliable socio-technical data, and then transform them into meaningful and helpful metrics for user interactions and influencing factors. More precisely, there are three main questions that the group discussed: 1. What data do we need to observe and what of this data we actually can observe and measure? 2. How can we observe and measure? 3. What can we do with the results of the observations? [less ▲]

Detailed reference viewed: 68 (3 UL)
Full Text
Peer Reviewed
See detailService security and privacy as a socio-technical problem
Bella, Giampaolo; Curzon, Paul; Lenzini, Gabriele UL

in JOURNAL OF COMPUTER SECURITY (2015), 23(5), 563-585

The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly ... [more ▼]

The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users. [less ▲]

Detailed reference viewed: 135 (6 UL)