Interdisciplinary Research Group in Socio-technical CybersecurityPrinciples of Persuasion in Social Engineering and Their Use in PhishingAna Ferreira, Lynne Coventry, Gabriele LenziniAbstract:Research on marketing and deception has identified principles of persuasion that influence human decisions. However, this research is scattered: it focuses on specific contexts and produces different taxonomies. In regard to frauds and scams, three … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityCan Transparency Enhancing Tools support patient’s accessing Electronic Health Records?Ana Ferreira, Gabriele LenziniAbstract:Patients that access their health records take more care of their health and, when in therapy, commit more seriously to improve their condition. This leads to a more effective and more efficient healthcare management, and is also in … Continued

Interdisciplinary Research Group in Socio-technical CybersecuritySecurity analysis of socio-technical physical systemsGabriele Lenzini, Sjouke Mauwa, Samir OuchaniAbstract:Recent initiatives that evaluate the security of physical systems with objects as assets and people as agents – here called socio-technical physical systems – have limitations: their agent behavior is too simple, they just estimate feasibility and not the likelihood … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityGenerating attacks in SysML activity diagrams by detecting attack surfacesSamir Ouchani, Gabriele Lenzini Abstract:In the development process of a secure system is essential to detect as early as possible the system’s vulnerable points, the so called attack surfaces, and to estimate how feasible it would be that known attacks breach … Continued

Interdisciplinary Research Group in Socio-technical CybersecuritySecurity on medical data sharing (a literature review)Dayana Spagnuelo, Gabriele LenziniAbstract:Medical records (e.g., test results and health reports) are about patients. Hospitals and healthcare institutions generate them after a patient’s visit. Today they are digitized, stored electronically, and accessed remotely by professionals. European directives suggest that patients should access these … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityA Socio-Technical Methodology for the Security and Privacy Analysis of ServicesGiampaolo Bella, Paul Curzon, Rosario Giustolisi, Gabriele LenziniAbstract:There is a widely accepted need for methodologies to verify the security of services. A typical service requires user data and then makes them available through the Internet independently from access platforms or … Continued

Interdisciplinary Research Group in Socio-technical CybersecuritySecure exams despite malicious managementGiampaolo Bella, Rosario Giustolisi, Gabriele LenziniAbstract:An exam is a practise for assessing the knowledge of a candidate from an examination she takes. Exams are used in various contexts, such as in university tests and public competitions. We begin by identifying various security and privacy requirements that … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityProceedings of the 2014 Workshop on Socio-Technical Aspects in Security and Trust, STAST 2014Bella Giampaolo, Lenzini GabrieleAbstract:Authors:Bella Giampaolo, Lenzini GabrielePublication date:July 2014Published in:IEEE Computer SocietyReference:Get in touch with us SnT - Interdisciplinary Centre for Security, Reliability and Trust Maison du Nombre, 6, avenue de la Fonte L-4364 Esch-sur-Alzette info-irisc-lab@uni.lu

Interdisciplinary Research Group in Socio-technical CybersecurityOn the verifiability of (electronic) examsDreier Jannik, Giustolisi Rosario, Kassem Ali, Lafourcade Pascal, Lenzini GabrieleAbstract:The main concern for institutions that organize exams is to detect when students cheat. Actually more frauds are possible and even authorities can be dishonest. If institutions wish to keep exams a trustworthy business, anyone and … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityFormal Analysis of Electronic ExamsJannik Dreier, Rosario Giustolisi, Ali Kassem, Pascal Lafourcade, Gabriele Lenzini, Peter Y. A. RyanAbstract:Universities and other educational organizations are adopting computer and Internet-based assessment tools (herein called e-exams) to reach widespread audiences. While this makes examination tests more accessible, it exposes them to new threats. At … Continued