References of "Bella, Giampaolo"
     in
Bookmark and Share    
Full Text
Peer Reviewed
See detailTrustworthy exams without trusted parties
Bella, Giampaolo; Giustolisi, Rosario; Lenzini, Gabriele UL et al

in Computer and Security (2017), 67

Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam ... [more ▼]

Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam scandals confirm, also invigilators and authorities may pose security threats. The introduction of computers into the different phases of an exam, such as candidate registration, brings new security issues that should be addressed with the care normally devoted to security protocols. This paper proposes a protocol that meets a wide set of security requirements and resists threats that may originate from candidates as well as from exam administrators. By relying on a combination of oblivious transfer and visual cryptography schemes, the protocol does not need to rely on any trusted third party. We analyse the protocol formally in ProVerif and prove that it verifies all the stated security requirements. [less ▲]

Detailed reference viewed: 313 (8 UL)
Peer Reviewed
See detail2015 Workshop on Socio-Technical Aspects in Security and Trust, STAST 2015, Verona, Italy, July 13, 2015
Bella, Giampaolo; Lenzini, Gabriele UL

Scientific Conference (2015, July 13)

Detailed reference viewed: 79 (2 UL)
Full Text
Peer Reviewed
See detailA Secure Exam Protocol Without Trusted Parties
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL et al

in ICT Systems Security and Privacy Protection. 30th IFIP TC 11 International Conference, SEC 2015, Hamburg, Germany, May 26-28, 2015 (2015)

Detailed reference viewed: 329 (14 UL)
Full Text
Peer Reviewed
See detailService security and privacy as a socio-technical problem
Bella, Giampaolo; Curzon, Paul; Lenzini, Gabriele UL

in JOURNAL OF COMPUTER SECURITY (2015), 23(5), 563-585

The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly ... [more ▼]

The security and privacy of the data that users transmit, more or less deliberately, to modern services is an open problem. It is not solely limited to the actual Internet traversal, a sub-problem vastly tackled by consolidated research in security protocol design and analysis. By contrast, it entails much broader dimensions pertaining to how users approach technology and understand the risks for the data they enter. For example, users may express cautious or distracted personas depending on the service and the point in time; further, pre-established paths of practice may lead them to neglect the intrusive privacy policy offered by a service, or the outdated protections adopted by another. The approach that sees the service security and privacy problem as a socio-technical one needs consolidation. With this motivation, the article makes a threefold contribution. It reviews the existing literature on service security and privacy, especially from the socio-technical standpoint. Further, it outlines a general research methodology aimed at layering the problem appropriately, at suggesting how to position existing findings, and ultimately at indicating where a transdisciplinary task force may fit in. The article concludes with the description of the three challenge domains of services whose security and privacy we deem open socio-technical problems, not only due to their inherent facets but also to their huge number of users. [less ▲]

Detailed reference viewed: 181 (6 UL)
Full Text
Peer Reviewed
See detailSecure exams despite malicious management
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL

in Twelfth Annual International Conference on Privacy, Security and Trust (PST), Ryerson University, Toronto, July 23-24, 2014 (2014)

Detailed reference viewed: 165 (8 UL)
Full Text
Peer Reviewed
See detailA Socio-Technical Methodology for the Security and Privacy Analysis of Services
Bella, Giampaolo; Curzon, Paul; Giustolisi, Rosario UL et al

in IEEE 38th Annual International Computers, Software and Applications Conference Workshops, 27–29 July 2014, Västerås, Sweden (2014)

Detailed reference viewed: 165 (5 UL)
Peer Reviewed
See detailProceedings of the 2014 Workshop on Socio-Technical Aspects in Security and Trust, STAST 2014
Bella, Giampaolo; Lenzini, Gabriele UL

Scientific Conference (2014)

Detailed reference viewed: 71 (1 UL)
Full Text
Peer Reviewed
See detailWhat Security for Electronic Exams?
Giustolisi, Rosario UL; Lenzini, Gabriele UL; Bella, Giampaolo

in 8th International Conference onRisk and Security of Internet and Systems (CRiSIS), 2013 (2013)

Detailed reference viewed: 171 (9 UL)
Full Text
Peer Reviewed
See detailA Socio-technical Understanding of TLS Certificate Validation
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL

in Trust Management VII (2013)

Detailed reference viewed: 185 (20 UL)
Full Text
Peer Reviewed
See detailSocio-technical formal analysis of TLS certificate validation in modern browsers
Bella, Giampaolo; Giustolisi, Rosario UL; Lenzini, Gabriele UL

in PST (2013)

Detailed reference viewed: 3832 (21 UL)
See detailSTAST 2012 Proc. of the 2nd Int. Workshop on Socio-Technical Aspects in Security and Trust
Lenzini, Gabriele UL; Bella, Giampaolo

Book published by IEEE (2012)

The last few years have consolidated our understanding that security and trust are a socio-technical matter. Hence a call for researchers from different disciplines, such as sociology, psychology and ... [more ▼]

The last few years have consolidated our understanding that security and trust are a socio-technical matter. Hence a call for researchers from different disciplines, such as sociology, psychology and informatics, to construct a holistic vision of security and trust. STAST, the workshop on Socio-Technical Aspects in Security and Trust, is an international event to support such interdisciplinary research. It reaches its second edition in 2012. The first took place at the University of Milano (Milan, Italy), hosted by the International Conference on Network and System Security (NSS). The second edition was held at Harvard University (Cambridge, MA, USA), hosted by the Computer Security Foundation Symposium (CSF) — this volume gathers its post-proceedings. [less ▲]

Detailed reference viewed: 81 (8 UL)
Full Text
Peer Reviewed
See detailEnforcing privacy in e-commerce by balancing anonymity and trust
Bella, Giampaolo; Giustolisi, Rosario UL; Riccobene, Salvatore

in Computers and Security (2011), 30(8), 705-718

Detailed reference viewed: 126 (6 UL)
See detailSTAST 2011 Proc. of the 1st Workshop on Socio-Technical Aspects in Security and Trust
Coles-Kemp, Lizzie; Lenzini, Gabriele UL; Ryan, Peter UL et al

Book published by IEEE (2011)

Detailed reference viewed: 220 (11 UL)