Mariagrazia Fugini | Politecnico di Milano (original) (raw)

Papers by Mariagrazia Fugini

2014 IEEE 23rd International WETICE Conference, 2014

2008 19th International Conference on Database and Expert Systems Applications, 2008

Failures during web service execution may depend on a wide variety of causes, such as network fau... more Failures during web service execution may depend on a wide variety of causes, such as network faults, server crashes, or application-related errors, such as unavailability of a requested web service, errors in the orchestration of choreography of applications, missing data or parameters in an execution flow, or low Quality of Service (QoS). In this paper, we propose a healing architecture able to handle web service faults in a selfhealing way, discussing infrastructural faults and web service and Web application faults. The self-healing architecture manages repair actions, such as substitution of a faulty service or duplication of overloaded services. Implemented prototypes involving QoS in coordinated web services are illustrated and discussed. 1

2012 IEEE 21st International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2012

... Yannick Naudet , CRP Henri Tudor, Luxembourg ADDITIONAL REVIEWERS David Allison, University W... more ... Yannick Naudet , CRP Henri Tudor, Luxembourg ADDITIONAL REVIEWERS David Allison, University Western Ontario, Canada Katarina Grolinger, University Western Ontario, Canada Nesrine Khabou, Redcad, Tunisia Kaouthar Fakhfakh, Redcad, Tunisia B. Chairs ...

24th International Conference on Enabling Technologies: Infrastructures for Collaborative Enterprises, Jun 2015

This paper describes the cooperative interface of RAMIRES, a prototype web application where envi... more This paper describes the cooperative interface of RAMIRES, a prototype web application where environmental risks are reported in a dashboard for the risk management team. It shows monitored areas, supports risk managers in understanding the risk and its consequences, and supports decision making so empowering risk managers to mitigate risks improving the environment resilience. To treat risks, RAMIRES is adaptive regarding risk and security. For risk, it adapts the information towards the environment to obtain more data about the observed area to understand the risk and its consequences. It also adapts the user interface according to the involved actor. For security, RAMIRES is adaptive in that security rules determine the data views to different actors. The tool interaction with the environment and with risk mangers is presented using storyboards of interactions.

Lecture Notes in Business Information Processing, 2014

This paper presents adaptive access control for areas where risks require modifying authorization... more This paper presents adaptive access control for areas where risks require modifying authorizations dynamically at run time to enlarge and/or restrict privileges for risk rescue teams. Resources, which have a spatial description, as well as data elements of the areas to be protected, are considered. Based on a risk scenario, principles of access control based on the ABAC (Attribute Based Access Control) model for Subjects and Objects are given. Adaptivity of access control rules apply to subjects who intervene in the risk area and who require enlarged privileges to access to resources. The Access Control Domain concept models the policies of adaptive changes to Subject/Object attributes to face the crisis events. Events have a spatial description to enable managing the crisis according to where the event has occurred, since the same event can have different impacts on the environment depending on where it happens.

2010 10th Annual International Conference on New Technologies of Distributed Systems (NOTERE), 2010

... socio-technical design factors, supports for human-to-human interaction and the analysis of s... more ... socio-technical design factors, supports for human-to-human interaction and the analysis of societal ... Another problem regards privacy and security since the communication between sensors and the back ... by the antenna radio beam, a tag sends back a signal powered by the ...

Lecture Notes in Computer Science, 1990

ABSTRACT Reuse of development documents regarding application requirements makes the application ... more ABSTRACT Reuse of development documents regarding application requirements makes the application development process more efficient and reliable. The REquirements Collection And Specification Tool (RECAST) being developed in the framework of the ESPRIT ITHACA project aimed at reusability under an object-oriented approach for Information System applications is presented in the paper. Two types of application developers interact with RECAST: the Application Engineer, who maintains the knowledge about reusable components, and the Application Developer, who develops specific applications; their interaction with RECAST is presented. RECAST guides these developers using design knowledge stored in a Software Information Base (SIB).

Lecture Notes in Computer Science, 2014

This paper presents the design principles for adaptive security for areas where changing conditio... more This paper presents the design principles for adaptive security for areas where changing conditions trigger events signaling risks that might require modifying authorizations of risk management teams. Spatial resources and information of the areas to be protected are considered in sample scenarios, and principles of security design are introduced building on ABAC (Attribute Based Access Control). Adaptivity of security rules applying to subjects who intervene in the risk area is the core of our security model so as to make it responsive to risks by dynamically granting privileges to subjects to access resources.

2014 IEEE 23rd International WETICE Conference, 2014

This paper presents the design principles for dynamic security modeling in risk-prone environment... more This paper presents the design principles for dynamic security modeling in risk-prone environments, where elements of the environment to be protected are classified in Contexts and are monitored and geo-referenced. Based on a motivating scenario, the security model elements are introduced building on the ABAC (Attribute Based Access Control) paradigm. Dynamicity is integrated into the model to make it self-adaptable to dynamic changes in the environment conditions, including the occurrence of risks and emergencies. The model aims at dynamically authorizing subjects to access diverse data and physical objects (resources) based on adaptive activation/deactivation of security rules and changes in subject or object attributes, while still preserving the need-to-know principle.

2010 10th Annual International Conference on New Technologies of Distributed Systems (NOTERE), 2010

... Claudia Raibulet, Luigi Ubezio Dipartimento di Informatica, Sistemistica e Comunicazione, Uni... more ... Claudia Raibulet, Luigi Ubezio Dipartimento di Informatica, Sistemistica e Comunicazione, Università degli Studi di Milano-Bicocca, Italy raibulet@disco.unimib.it ... 563-566 [4] S. de Deugd, R. Carroll, KE Kelly, B. Millett, and J. Ricker, "SODA: Service-Oriented Device Architecture ...

2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology, 2009

One of the challenging topics to address through the advances made in information technology doma... more One of the challenging topics to address through the advances made in information technology domain is the management of risk in work environments. This is due to the heterogeneity of issues which should be considered such as technological and social just to name two of the most important ones. In this context the key ideas of Web-enabled architectures are approached

2009 Fourth International Conference on Software Engineering Advances, 2009

... the device is excited by the antenna radio beam, a tag sends back a signal powered by the ...... more ... the device is excited by the antenna radio beam, a tag sends back a signal powered by the ... [3] M. Gupta, S. Banerjee, M. Agrawal and HR Rao, “Security Analysis of Internet Technology Components Enabling Globally Distributed Workplaces - a Framework”, ACM Trans. ...

2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology, 2009

A fundamental issue in wearable computing is that of personal empowerment, through its ability to... more A fundamental issue in wearable computing is that of personal empowerment, through its ability to equip the individual with a personalized, customizable information space, owned, operated, and controlled by the wearer. In this view, one interesting application is ...

Interdisciplinary Aspects of Information Systems Studies, 2008

We are investigating how “coopetition” (Co-opetition, New York: Doubleday &am... more We are investigating how “coopetition” (Co-opetition, New York: Doubleday & Company, 1996; EURAM, Second Annual Conference – Innovative Research in Management, Stockholm, 9–11 May 2002) can improve information-based services by fostering knowledge sharing while safeguarding both competitive interests and business objectives of the involved actors. We explore the issues related to the development and to the governance of a coopetitive

The paper proposes a characterization of risks and a service-oriented prototype to face risky sit... more The paper proposes a characterization of risks and a service-oriented prototype to face risky situations in work environments, such as in industrial plants or building construction areas. A risk is the overture of emergencies that produce human and/or material damages. Therefore, it is particularly critical to identify and manage risks to avoid their evolution into emergencies. In this paper, we outline the technological features of a risk environment and propose a risk model and a service-based simulation prototype aimed to improve safety in work environments. We discuss engineering issues concerning risk modeling and management. Furthermore, we propose a risk management system solution and its related implemented prototype composed of services able to detect and also to prevent the occurrence of risk conditions. M. FUGINI, C. RAIBULET AND L. UBEZIO and so on. However, the existing rules and laws, in particular for work environments, prescribe the use of garments suitable for accident prevention such as jackets, shoes, or glasses. Nevertheless, the requirements for sensor networks and wearable services providing the necessary technology to signal dangerous situations are increasing continuously. This is also due to what is expected from a smart environment for security in workplaces , which may exploit hardware and software components and services .

Hewlett-Packard Laboratories, 1501 Page Mill Road, Palo Alto, CA, 94304, California, USA 2 Dipartimento di Elettronica e Informazione, Politecnico di Milano, via Ponzio 34/5, I-20133 Milano, Italy 3 Dpartement Informatique, Universit de Nice-Sophia Antipolis, Parc Valrose, 06108 France

The design of a Web-geographical information system strongly requires methodological and operatio... more The design of a Web-geographical information system strongly requires methodological and operational tools to deal with information distributed in multiple, autonomous and heterogeneous data sources, and a uniform data publishing methodology and policy over Internet web ...

2014 IEEE 23rd International WETICE Conference, 2014

2008 19th International Conference on Database and Expert Systems Applications, 2008

Failures during web service execution may depend on a wide variety of causes, such as network fau... more Failures during web service execution may depend on a wide variety of causes, such as network faults, server crashes, or application-related errors, such as unavailability of a requested web service, errors in the orchestration of choreography of applications, missing data or parameters in an execution flow, or low Quality of Service (QoS). In this paper, we propose a healing architecture able to handle web service faults in a selfhealing way, discussing infrastructural faults and web service and Web application faults. The self-healing architecture manages repair actions, such as substitution of a faulty service or duplication of overloaded services. Implemented prototypes involving QoS in coordinated web services are illustrated and discussed. 1

2012 IEEE 21st International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2012

... Yannick Naudet , CRP Henri Tudor, Luxembourg ADDITIONAL REVIEWERS David Allison, University W... more ... Yannick Naudet , CRP Henri Tudor, Luxembourg ADDITIONAL REVIEWERS David Allison, University Western Ontario, Canada Katarina Grolinger, University Western Ontario, Canada Nesrine Khabou, Redcad, Tunisia Kaouthar Fakhfakh, Redcad, Tunisia B. Chairs ...

24th International Conference on Enabling Technologies: Infrastructures for Collaborative Enterprises, Jun 2015

This paper describes the cooperative interface of RAMIRES, a prototype web application where envi... more This paper describes the cooperative interface of RAMIRES, a prototype web application where environmental risks are reported in a dashboard for the risk management team. It shows monitored areas, supports risk managers in understanding the risk and its consequences, and supports decision making so empowering risk managers to mitigate risks improving the environment resilience. To treat risks, RAMIRES is adaptive regarding risk and security. For risk, it adapts the information towards the environment to obtain more data about the observed area to understand the risk and its consequences. It also adapts the user interface according to the involved actor. For security, RAMIRES is adaptive in that security rules determine the data views to different actors. The tool interaction with the environment and with risk mangers is presented using storyboards of interactions.

Lecture Notes in Business Information Processing, 2014

This paper presents adaptive access control for areas where risks require modifying authorization... more This paper presents adaptive access control for areas where risks require modifying authorizations dynamically at run time to enlarge and/or restrict privileges for risk rescue teams. Resources, which have a spatial description, as well as data elements of the areas to be protected, are considered. Based on a risk scenario, principles of access control based on the ABAC (Attribute Based Access Control) model for Subjects and Objects are given. Adaptivity of access control rules apply to subjects who intervene in the risk area and who require enlarged privileges to access to resources. The Access Control Domain concept models the policies of adaptive changes to Subject/Object attributes to face the crisis events. Events have a spatial description to enable managing the crisis according to where the event has occurred, since the same event can have different impacts on the environment depending on where it happens.

2010 10th Annual International Conference on New Technologies of Distributed Systems (NOTERE), 2010

... socio-technical design factors, supports for human-to-human interaction and the analysis of s... more ... socio-technical design factors, supports for human-to-human interaction and the analysis of societal ... Another problem regards privacy and security since the communication between sensors and the back ... by the antenna radio beam, a tag sends back a signal powered by the ...

Lecture Notes in Computer Science, 1990

ABSTRACT Reuse of development documents regarding application requirements makes the application ... more ABSTRACT Reuse of development documents regarding application requirements makes the application development process more efficient and reliable. The REquirements Collection And Specification Tool (RECAST) being developed in the framework of the ESPRIT ITHACA project aimed at reusability under an object-oriented approach for Information System applications is presented in the paper. Two types of application developers interact with RECAST: the Application Engineer, who maintains the knowledge about reusable components, and the Application Developer, who develops specific applications; their interaction with RECAST is presented. RECAST guides these developers using design knowledge stored in a Software Information Base (SIB).

Lecture Notes in Computer Science, 2014

This paper presents the design principles for adaptive security for areas where changing conditio... more This paper presents the design principles for adaptive security for areas where changing conditions trigger events signaling risks that might require modifying authorizations of risk management teams. Spatial resources and information of the areas to be protected are considered in sample scenarios, and principles of security design are introduced building on ABAC (Attribute Based Access Control). Adaptivity of security rules applying to subjects who intervene in the risk area is the core of our security model so as to make it responsive to risks by dynamically granting privileges to subjects to access resources.

2014 IEEE 23rd International WETICE Conference, 2014

This paper presents the design principles for dynamic security modeling in risk-prone environment... more This paper presents the design principles for dynamic security modeling in risk-prone environments, where elements of the environment to be protected are classified in Contexts and are monitored and geo-referenced. Based on a motivating scenario, the security model elements are introduced building on the ABAC (Attribute Based Access Control) paradigm. Dynamicity is integrated into the model to make it self-adaptable to dynamic changes in the environment conditions, including the occurrence of risks and emergencies. The model aims at dynamically authorizing subjects to access diverse data and physical objects (resources) based on adaptive activation/deactivation of security rules and changes in subject or object attributes, while still preserving the need-to-know principle.

2010 10th Annual International Conference on New Technologies of Distributed Systems (NOTERE), 2010

... Claudia Raibulet, Luigi Ubezio Dipartimento di Informatica, Sistemistica e Comunicazione, Uni... more ... Claudia Raibulet, Luigi Ubezio Dipartimento di Informatica, Sistemistica e Comunicazione, Università degli Studi di Milano-Bicocca, Italy raibulet@disco.unimib.it ... 563-566 [4] S. de Deugd, R. Carroll, KE Kelly, B. Millett, and J. Ricker, "SODA: Service-Oriented Device Architecture ...

2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology, 2009

One of the challenging topics to address through the advances made in information technology doma... more One of the challenging topics to address through the advances made in information technology domain is the management of risk in work environments. This is due to the heterogeneity of issues which should be considered such as technological and social just to name two of the most important ones. In this context the key ideas of Web-enabled architectures are approached

2009 Fourth International Conference on Software Engineering Advances, 2009

... the device is excited by the antenna radio beam, a tag sends back a signal powered by the ...... more ... the device is excited by the antenna radio beam, a tag sends back a signal powered by the ... [3] M. Gupta, S. Banerjee, M. Agrawal and HR Rao, “Security Analysis of Internet Technology Components Enabling Globally Distributed Workplaces - a Framework”, ACM Trans. ...

2009 IEEE/WIC/ACM International Joint Conference on Web Intelligence and Intelligent Agent Technology, 2009

A fundamental issue in wearable computing is that of personal empowerment, through its ability to... more A fundamental issue in wearable computing is that of personal empowerment, through its ability to equip the individual with a personalized, customizable information space, owned, operated, and controlled by the wearer. In this view, one interesting application is ...

Interdisciplinary Aspects of Information Systems Studies, 2008

We are investigating how “coopetition” (Co-opetition, New York: Doubleday &am... more We are investigating how “coopetition” (Co-opetition, New York: Doubleday & Company, 1996; EURAM, Second Annual Conference – Innovative Research in Management, Stockholm, 9–11 May 2002) can improve information-based services by fostering knowledge sharing while safeguarding both competitive interests and business objectives of the involved actors. We explore the issues related to the development and to the governance of a coopetitive

The paper proposes a characterization of risks and a service-oriented prototype to face risky sit... more The paper proposes a characterization of risks and a service-oriented prototype to face risky situations in work environments, such as in industrial plants or building construction areas. A risk is the overture of emergencies that produce human and/or material damages. Therefore, it is particularly critical to identify and manage risks to avoid their evolution into emergencies. In this paper, we outline the technological features of a risk environment and propose a risk model and a service-based simulation prototype aimed to improve safety in work environments. We discuss engineering issues concerning risk modeling and management. Furthermore, we propose a risk management system solution and its related implemented prototype composed of services able to detect and also to prevent the occurrence of risk conditions. M. FUGINI, C. RAIBULET AND L. UBEZIO and so on. However, the existing rules and laws, in particular for work environments, prescribe the use of garments suitable for accident prevention such as jackets, shoes, or glasses. Nevertheless, the requirements for sensor networks and wearable services providing the necessary technology to signal dangerous situations are increasing continuously. This is also due to what is expected from a smart environment for security in workplaces , which may exploit hardware and software components and services .

Hewlett-Packard Laboratories, 1501 Page Mill Road, Palo Alto, CA, 94304, California, USA 2 Dipartimento di Elettronica e Informazione, Politecnico di Milano, via Ponzio 34/5, I-20133 Milano, Italy 3 Dpartement Informatique, Universit de Nice-Sophia Antipolis, Parc Valrose, 06108 France

The design of a Web-geographical information system strongly requires methodological and operatio... more The design of a Web-geographical information system strongly requires methodological and operational tools to deal with information distributed in multiple, autonomous and heterogeneous data sources, and a uniform data publishing methodology and policy over Internet web ...

This presentation presents the design principles for adaptive security for areas where changing c... more This presentation presents the design principles for adaptive security for areas where changing conditions trigger events signaling risks that might require modifying authorizations of risk management teams. Spatial resources and information of the areas to be protected are considered in sample scenarios, and principles of security design are introduced building on ABAC (Attribute Based Access Control). Adaptivity of security rules apply-ing to subjects who intervene in the risk area is the core of our security model so as to make it responsive to risks by dynamically granting privileges to subjects to access re-sources.

This paper describes the cooperative interface of RAMIRES, a prototype web application where envi... more This paper describes the cooperative interface of RAMIRES, a prototype web application where environmental risks are reported in a dashboard for the risk management team. It shows monitored areas, supports risk managers in understanding the risk and its consequences, and supports decision making so empowering risk managers to mitigate risks improving the environment resilience. To treat risks, RAMIRES is adaptive regarding risk and security. For risk, it adapts the information towards the environment to obtain more data about the observed area to understand the risk and its consequences. It also adapts the user interface according to the involved actor. For security, RAMIRES is adaptive in that security rules determine the data views to different actors. The tool interaction with the environment and with risk mangers is presented using storyboards of interactions.

In monitored environments, where risks can be prevented via sensors and spatia... more In monitored environments, where risks can be prevented via sensors and spatial data technologies, security rules, in particular access control rules, should be made adaptive to the situation at hand at run time. The paper presents adaptive access controls suitable for “smart environments”, based on the Attribute-based Access Control paradigm. Risks are notified by monitoring devices and managed by a Risk Management System, which is illustrated. To adapt the access control decisions to risk mitigation needs, security policies are defined to dynamically activate or deactivate access rules according to the operations required to manage the risks.

This presentation presents adaptive access control for areas where risks require modifying autho... more This presentation presents adaptive access control for areas where risks require modifying authorizations dynamically at run time to enlarge and/or restrict privileges for risk rescue teams. Resources, which have a spatial description, as well as data elements of the areas to be protected, are considered. Based on a risk scenario, principles of access control based on the ABAC (Attribute Based Access Control) model for Subjects and Objects are given. Adaptivity of access control rules apply to subjects who intervene in the risk area and who require enlarged privileges to access to resources. The Access Control Domain concept models the policies of adaptive changes to Subject/Object attributes to face the crisis events. Events have a spatial description to enable managing the crisis according to where the event has occurred, since the same event can have different impacts on the environment depending on where it happens.