Visible to the public Biblio

Filters: Author is Damiani, Ernesto  [Clear All Filters]
2023-03-31
Cuzzocrea, Alfredo, Damiani, Ernesto.  2021.  Privacy-Preserving Big Data Exchange: Models, Issues, Future Research Directions. 2021 IEEE International Conference on Big Data (Big Data). :5081–5084.
Big data exchange is an emerging problem in the context of big data management and analytics. In big data exchange, multiple entities exchange big datasets beyond the common data integration or data sharing paradigms, mostly in the context of data federation architectures. How to make big data exchange while ensuring privacy preservation constraintsƒ The latter is a critical research challenge that is gaining momentum on the research community, especially due to the wide family of application scenarios where it plays a critical role (e.g., social networks, bio-informatics tools, smart cities systems and applications, and so forth). Inspired by these considerations, in this paper we provide an overview of models and issues in the context of privacy-preserving big data exchange research, along with a selection of future research directions that will play a critical role in next-generation research.
2022-02-04
Anisetti, Marco, Ardagna, Claudio A., Berto, Filippo, Damiani, Ernesto.  2021.  Security Certification Scheme for Content-centric Networks. 2021 IEEE International Conference on Services Computing (SCC). :203–212.
Content-centric networking is emerging as a credible alternative to host-centric networking, especially in scenarios of large-scale content distribution and where privacy requirements are crucial. Recently, research on content-centric networking has focused on security aspects and proposed solutions aimed to protect the network from attacks targeting the content delivery protocols. Content-centric networks are based on the strong assumption of being able to access genuine content from genuine nodes, which is however unrealistic and could open the door to disruptive attacks. Network node misbehavior, either due to poisoning attacks or malfunctioning, can act as a persistent threat that goes unnoticed and causes dangerous consequences. In this paper, we propose a novel certification methodology for content-centric networks that improves transparency and increases trustworthiness of the network and its nodes. The proposed approach builds on behavioral analysis and implements a continuous certification process that collects evidence from the network nodes and verifies their non-functional properties using a rule-based inference model. Utility, performance, and soundness of our approach have been experimentally evaluated on a simulated Named Data Networking (NDN) network targeting properties availability, integrity, and non-repudiation.
2020-08-24
Cuzzocrea, Alfredo, Damiani, Ernesto.  2019.  Making the Pedigree to Your Big Data Repository: Innovative Methods, Solutions, and Algorithms for Supporting Big Data Privacy in Distributed Settings via Data-Driven Paradigms. 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC). 2:508–516.
Starting from our previous research where we in- troduced a general framework for supporting data-driven privacy-preserving big data management in distributed environments, such as emerging Cloud settings, in this paper we further and significantly extend our past research contributions, and provide several novel contributions that complement our previous work in the investigated research field. Our proposed framework can be viewed as an alternative to classical approaches where the privacy of big data is ensured via security-inspired protocols that check several (protocol) layers in order to achieve the desired privacy. Unfortunately, this injects considerable computational overheads in the overall process, thus introducing relevant challenges to be considered. Our approach instead tries to recognize the “pedigree” of suitable summary data representatives computed on top of the target big data repositories, hence avoiding computational overheads due to protocol checking. We also provide a relevant realization of the framework above, the so- called Data-dRIven aggregate-PROvenance privacy-preserving big Multidimensional data (DRIPROM) framework, which specifically considers multidimensional data as the case of interest. Extensions and discussion on main motivations and principles of our proposed research, two relevant case studies that clearly state the need-for and covered (related) properties of supporting privacy- preserving management and analytics of big data in modern distributed systems, and an experimental assessment and analysis of our proposed DRIPROM framework are the major results of this paper.
2020-04-13
Agostino Ardagna, Claudio, Asal, Rasool, Damiani, Ernesto, El Ioini, Nabil, Pahl, Claus.  2019.  Trustworthy IoT: An Evidence Collection Approach Based on Smart Contracts. 2019 IEEE International Conference on Services Computing (SCC). :46–50.
Today, Internet of Things (IoT) implements an ecosystem where a panoply of interconnected devices collect data from physical environments and supply them to processing services, on top of which cloud-based applications are built and provided to mobile end users. The undebatable advantages of smart IoT systems clash with the need of a secure and trustworthy environment. In this paper, we propose a service-based methodology based on blockchain and smart contracts for trustworthy evidence collection at the basis of a trustworthy IoT assurance evaluation. The methodology balances the provided level of trustworthiness and its performance, and is experimentally evaluated using Hyperledger fabric blockchain.
2019-02-13
Sepehri, Masoomeh, Trombetta, Alberto, Sepehri, Maryam, Damiani, Ernesto.  2018.  An Efficient Cryptography-Based Access Control Using Inner-Product Proxy Re-Encryption Scheme. Proceedings of the 13th International Conference on Availability, Reliability and Security. :12:1–12:10.
Inner-product encryption (IPE) is a well-known functional encryption primitive that allows decryption when the inner-product of the attribute vectors, upon which the encrypted data and the decryption key depend, is equal to zero. Using IPE, it is possible to define fine-grained access policies over encrypted data whose enforcement can be outsourced to the cloud where the data are stored. However, current IPE schemes do not support efficient access policy changes. In this paper, we propose an efficient inner-product proxy re-encryption (E-IPPRE) scheme that provides the proxy server with a transformation key, with which a ciphertext associated with an attribute vector can be transformed to a new ciphertext associated with a different attribute vector, providing a policy update mechanism with a performance suitable for many practical applications. We experimentally assess the efficiency of our protocol and show that it is selective attribute-secure against chosen-plaintext attacks in the standard model under the Asymmetric Decisional Bilinear Diffie-Hellman assumption.
2018-12-03
Sepehri, Maryam, Cimato, Stelvio, Damiani, Ernesto.  2017.  Efficient Implementation of a Proxy-based Protocol for Data Sharing on the Cloud. Proceedings of the Fifth ACM International Workshop on Security in Cloud Computing. :67–74.

In this paper, we provide a secure and efficient outsourcing scheme for multi-owner data sharing on the cloud. More in detail we consider the scenario where multiple data owners outsource their data to an untrusted cloud provider, and allow authorized users to query the resulting database, composed of the encrypted data contributed by the different owners. The scheme relies on a proxy re-encryption technique that is implemented using an El-Gamal Elliptic Curve(ECC) crypto-system. We experimentally assess the efficiency of the implementation in terms of computation time, including the key translation process, data encryption and re-encryption modules, and show that it improves over previous proposals.