Interdisciplinary Research Group in Socio-technical CybersecurityQualifying and Measuring Transparency: A Medical Data System Case StudyDayana Spagnuelo, Cesare Bartolini, Gabriele LenziniAbstract:Transparency is a data processing principle enforced by the GDPR but purposely left open to interpretation. As such, the means to adhere to it are left unspecified. Article 29 Working Party provides practical guidance on how … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityTowards legal compliance by correlating Standards and Laws with a semi-automated methodologyCesare Bartolini, Andra Giurgiu, Gabriele Lenzini, Livio RobaldoAbstract:Since generally legal regulations do not provide clear parameters to determine when their requirements are met, achieving legal compliance is not trivial. The adoption of standards could help create an argument of … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityLaw and the software development life cycleBartolini Cesare, Lenzini GabrieleAbstract:The increasing demand of reliable software services and the dependability that our daily personal and professional life have on them is bringing significant changes in the domain of software service engineering. One of the most revolutionary is the introduction of regulations, … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityHuman Rights in the era of Information and Communication TechnologyBartolini Cesare, Lenzini GabrieleAbstract:Authors:Bartolini Cesare, Lenzini GabrielePublication date:May, 2017Published in:Speeches/Talks (2017)Reference:Bartolini, C., & Lenzini, G. (2017). Human Rights in the era of Information and Communication Technology.Get in touch with us SnT - Interdisciplinary Centre for Security, Reliability and Trust Maison du … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityTrustworthy exams without trusted partiesGiampaolo Bella, Rosario Giustolisi, Gabriele Lenzini, Peter Y.A.RyanAbstract:Historically, exam security has mainly focused on threats ascribed to candidate cheating. Such threats have been normally mitigated by invigilation and anti-plagiarism methods. However, as recent exam scandals confirm, also invigilators and authorities may pose security threats. The introduction … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityPrivacy-Preserving Verifiability: A Case for an Electronic Exam ProtocolRosario Giustolisi, Vincenzo Iovino, Gabriele LenziniAbstract:We introduce the notion of privacy-preserving verifiability for security protocols. It holds when a protocol admits a verifiability test that does not reveal, to the verifier that runs it, more pieces of information about the protocol’s execution … Continued

Interdisciplinary Research Group in Socio-technical CybersecurityFrom Situation Awareness to Action: An Information Security Management Toolkit for Socio-Technical Security Retrospective and Prospective AnalysisHuynen Jean-Louis, Lenzini GabrieleAbstract:Inspired by the root cause analysis procedures common in safety, we propose a methodology for a prospective and a retrospective analysis of security and a tool that implements it. When applied … Continued