A Socio-Technical Methodology for the Security and Privacy Analysis of Services

Interdisciplinary Research Group in Socio-technical CybersecurityA Socio-Technical Methodology for the Security and Privacy Analysis of ServicesGiampaolo Bella, Paul Curzon, Rosario Giustolisi, Gabriele LenziniAbstract:There is a widely accepted need for methodologies to verify the security of services. A typical service requires user data and then makes them available through the Internet independently from access platforms or … Continued

Secure exams despite malicious management

Interdisciplinary Research Group in Socio-technical CybersecuritySecure exams despite malicious managementGiampaolo Bella, Rosario Giustolisi, Gabriele LenziniAbstract:An exam is a practise for assessing the knowledge of a candidate from an examination she takes. Exams are used in various contexts, such as in university tests and public competitions. We begin by identifying various security and privacy requirements that … Continued

Proceedings of the 2014 Workshop on Socio-Technical Aspects in Security and Trust, STAST 2014

Interdisciplinary Research Group in Socio-technical CybersecurityProceedings of the 2014 Workshop on Socio-Technical Aspects in Security and Trust, STAST 2014Bella Giampaolo, Lenzini GabrieleAbstract:Authors:Bella Giampaolo, Lenzini GabrielePublication date:July 2014Published in:IEEE Computer SocietyReference:Get in touch with us SnT - Interdisciplinary Centre for Security, Reliability and Trust29, Avenue J.F Kennedy L-1855 Luxembourginfo-irisc-lab@uni.lu

On the verifiability of (electronic) exams

Interdisciplinary Research Group in Socio-technical CybersecurityOn the verifiability of (electronic) examsDreier Jannik, Giustolisi Rosario, Kassem Ali, Lafourcade Pascal, Lenzini GabrieleAbstract:The main concern for institutions that organize exams is to detect when students cheat. Actually more frauds are possible and even authorities can be dishonest. If institutions wish to keep exams a trustworthy business, anyone and … Continued

Formal Analysis of Electronic Exams

Interdisciplinary Research Group in Socio-technical CybersecurityFormal Analysis of Electronic ExamsJannik Dreier, Rosario Giustolisi, Ali Kassem, Pascal Lafourcade, Gabriele Lenzini, Peter Y. A. RyanAbstract:Universities and other educational organizations are adopting computer and Internet-based assessment tools (herein called e-exams) to reach widespread audiences. While this makes examination tests more accessible, it exposes them to new threats. At … Continued

A Conceptual Framework to Study Socio-Technical Security

Interdisciplinary Research Group in Socio-technical CybersecurityA Conceptual Framework to Study Socio-Technical SecurityAna Ferreira, Jean-Louis Huynen, Vincent Koenig, Gabriele LenziniAbstract:We propose an operational framework for a social, technical and contextual analysis of security. The framework provides guidelines about how to model a system as a layered set of interacting elements, and proposes two methodologies to analyse … Continued

Socio-technical Security Analysis of Wireless Hotspots

Interdisciplinary Research Group in Socio-technical CybersecuritySocio-technical Security Analysis of Wireless HotspotsAna Ferreira, Jean-Louis Huynen, Vincent Koenig, Gabriele LenziniAbstract:We present a socio-technical analysis of security of Hotspot and Hotspot 2.0. The analysis focuses is user-centric, and aim at understanding which user action can compromise security in presence of a attacker. We identify research questions about possible … Continued

Envisioning secure and usable access control for patients

Interdisciplinary Research Group in Socio-technical CybersecurityEnvisioning secure and usable access control for patientsAna Ferreira, Gabriele Lenzini, Catia Santos-Pereira, Alexandre B. Augusto, Manuel E. CorreiaAbstract:Several pilot tests show that patients who are able to access their Electronic Health Records (EHR), become more responsible and involved in the maintenance of their health. However, despite technologically feasible and … Continued

Remark!: A Secure Protocol for Remote Exams

Interdisciplinary Research Group in Socio-technical CybersecurityRemark!: A Secure Protocol for Remote ExamsRosario Giustolisi, Gabriele Lenzini, Peter Y. A. RyanAbstract:This manuscript presents Remark!, an electronic exam protocol which achieves several authentication, (conditional) anonymity, privacy, and verifiability properties without trusted third parties. Remark! is primarily designed for invigilated Internet-based exams but it also fits computer-based exams with … Continued