Domenico Sacca - Profile on Academia.edu (original) (raw)
Papers by Domenico Sacca
IEEE Transactions on Dependable and Secure Computing/IEEE transactions on dependable and secure computing, 2024
Smart tags are compact electronic devices affixed to or embedded into objects to facilitate ident... more Smart tags are compact electronic devices affixed to or embedded into objects to facilitate identification, monitoring, and data exchange. Consequently, secure authentication of these tags is a crucial issue, as objects must reliably verify their identity before sharing sensitive information with other entities. The application of Physical Unclonable Functions (PUF) as a device's "digital fingerprint" has attracted significant attention, yet existing PUF-based authentication methods exhibit security vulnerabilities, either due to the authentication protocol itself or the limited reliability of the PUF technology used. Moreover, there has been a considerable focus on the software aspect, often overlooking the critical role of hardware design, which can become a target for attacks aimed at compromising the device's identity or act as a hindrance in the manufacturing process. In light of these points, this paper introduces an identification tag architecture that leverages PUF technology, focusing on authentication. This architecture features a straightforward but efficient authentication protocol, underpinned by a new and highly stable PUF model. The overall architecture encompasses particular hardware implementation aspects that significantly simplify the tag's enrollment phase and minimize vulnerabilities to attacks. The paper also describes a prototype of this identification tag and provide detailed insights into its application.
The widespread and ever increasing number of services and devices which expose their interfaces t... more The widespread and ever increasing number of services and devices which expose their interfaces to the Internet make the cyberspace a fertile ground for malware activities. Hence there is a strong demand for cybersecurity solutions ensuring their safe operation. Honeypots are networked computer systems purposely designed and crafted to mimic regular services, operating systems and devices with the goal of capturing and storing information about the interactions with attacking entities and we repute them a crucial technology in the study of cyber threats and attacks. We presents the main features of EMPHAsis, a data streaming analytics system based on high-interaction honeypots, which enables the collection and analysis of relevant data about intercepted malware.
BPM 2006 International Workshops, BPD, BPI, ENEI, GPWW, DPM, semantics4ws, Vienna, Austria, September 4-7, 2006, Springer Verlag, Lecture Notes in Computer Science, September, LNCS 4103
HAL (Le Centre pour la Communication Scientifique Directe), 2006
ABSTRACT These proceedings record the papers presented at the 6 international workshops jointly o... more ABSTRACT These proceedings record the papers presented at the 6 international workshops jointly organised withthe BPM2006 conference
Evaluating Deep Packet Inspection in Large-scale Data Processing
Accountability of IoT Devices
Springer eBooks, Nov 10, 2022
Estimating range queries using aggregate data
SEBD, 2000
ABSTRACT The problem of recovering (count and sum) range queries over multidimensional data only ... more ABSTRACT The problem of recovering (count and sum) range queries over multidimensional data only on the basis of aggregate information on such data is addressed. This problem can be formalized as follows. Suppose that a transformation T producing a summary from a multidimensional data set is used. Now, given a data set D, a summary S=T(D) and a range query r on D, the problem consists of studying r by modelling it as a random variable defined over the sample space of all the data sets D' such that T(D) = S. The study of such a random variable, done by the definition of its probability distribution and the computation of its mean value and variance, represents a well-founded, theoretical probabilistic approach for estimating the query only on the basis of the available information (that is the summary S) without assumptions on original data.
The increasing complexity of new malware and the constant refinement of detection mechanisms are ... more The increasing complexity of new malware and the constant refinement of detection mechanisms are driving malware writers to rethink the malware development process. In this respect, compilers play a key role and can be used to implement evasion techniques able to defeat even the new generation of detection algorithms. In this paper we provide an overview of the endless battle between malware writers and detectors and we discuss some considerations on the benefits of using high level languages and even exotic compilers (e.g. single instruction compilers) in the process of writing malicious code.
Future Generation Computer Systems, Dec 1, 2018
In the last few years, cybersecurity has become a hot topic because of the ever-increasing availa... more In the last few years, cybersecurity has become a hot topic because of the ever-increasing availability of Internet accessible services driven by the diffusion of connected devices. The consequent exposition to cyber threats demands for suitable methodologies, techniques and tools allowing to adequately handle issues arising in such a complex domain. This paper describes the architecture of SmallWorld, a scalable software platform designed to reproduce realistic scenarios achieved by the immersion of real systems into a software defined virtual environment. SmallWorld enables the assessment, teaching and learning of cybersecurity related aspects in different areas and for various purposes. It exploits innovative and state-ofthe-art virtualization and simulation techniques for reproducing in a realistic setting a dynamic environment where large distributed computer systems can be deployed and from where they can interact with real life entities. One of the main features of SmallWorld is the support for designing and building complex scenarios which are dynamic and reactive and where a number of autonomous software agents can be deployed. Agents are able to reproduce the behaviors of human users and/or malicious applications into a SmallWorld scenario making it a more realistic testing environment. The practical use of SmallWorld is shown by means of two realistic case studies.
ACM transactions on interactive intelligent systems, Jun 30, 2017
Due to the emerging Big Data paradigm, driven by the increasing availability of intelligent servi... more Due to the emerging Big Data paradigm, driven by the increasing availability of intelligent services easily accessible by a large number of users (e.g., social networks), traditional data management techniques are inadequate in many real-life scenarios. In particular, the availability of huge amounts of data pertaining to user social interactions, user preferences, and opinions calls for advanced analysis strategies to understand potentially interesting social dynamics. Furthermore, heterogeneity and high speed of user-generated data require suitable data storage and management tools to be designed from scratch. This article presents a framework tailored for analyzing user interactions with intelligent systems while seeking some domain-specific information (e.g., choosing a good restaurant in a visited area). The framework enhances a user's quest for information by exploiting previous knowledge about their social environment, the extent of influence the users are potentially subject to, and the influence they may exert on other users. User influence spread across the network is dynamically computed as well to improve user search strategy by providing specific suggestions, represented as tailored faceted features. Such features are the result of data exchange activity (called data posting) that enriches information sources with additional background information and knowledge derived from experiences and behavioral properties of domain experts and users. The approach is tested in an important application scenario such as tourist recommendation, but it can be profitably exploited in several other contexts, for example, viral marketing and food education.
In many application contexts, like statistical databases, scientific databases, query optimizers,... more In many application contexts, like statistical databases, scientific databases, query optimizers, OLAP, and so on, data are often summarized into synopses of aggregate values. Summarization has the great advantage of saving space, but querying aggregate data rather than the original ones introduces estimation errors which cannot be in general avoided, as summarization is a lossy compression. A central problem in designing summarization techniques is to retain a certain degree of accuracy in reconstructing query answers. In this paper we restrict our attention to two-dimensional data, which are relevant for a number of applications, and propose a hierarchical summarization technique which is combined with the use of indices, i.e. compact structures providing an approximate description of portions of the original data. Experimental results show that the technique gives approximation errors much smaller than other "general purpose" techniques, such as wavelets and various types of multi-dimensional histogram.
arXiv (Cornell University), Jan 14, 2005
The problem of recovering (count and sum) range queries over multidimensional data only on the ba... more The problem of recovering (count and sum) range queries over multidimensional data only on the basis of aggregate information on such data is addressed. This problem can be formalized as follows. Suppose that a transformation τ producing a summary from a multidimensional data set is used. Now, given a data set D, a summary S = τ (D) and a range query r on D, the problem consists of studying r by modelling it as a random variable defined over the sample space of all the data sets D ′ such that τ (D ′ ) = S. The study of such a random variable, done by the definition of its probability distribution and the computation of its mean value and variance, represents a well-founded, theoretical probabilistic approach for estimating the query only on the basis of the available information (that is the summary S) without assumptions on original data.
Malevolent Activities Detection and Cyber Range Scenarios Orchestration
Dottorato di Ricerca in Information and Computation Technologies, Ciclo XXXincreasing availabilit... more Dottorato di Ricerca in Information and Computation Technologies, Ciclo XXXincreasing availability of Internet accessible services driven by the di usion of connected devices. The consequent exposition to cyber-threats demands for suitable methodologies, techniques and tools allowing to adequately handle issues arising in such a complex domain. Most Intrusion Detection Systems are capable of detecting many attacks, but cannot provide a clear idea to the analyst because of the huge number of false alerts generated by these systems. This weakness in the IDS has led to the emergence of many methods in which to deal with these alerts, minimize them and highlight the real attacks. Furthermore, experience shows that the inter- pretation of the alerts usually requires more than the single messages provided by the sensors, so there is a need for techniques that can analyse the alerts within the context in which they have been generated. This might require the ability to correlate them with some other contextual information provided by other devices. Using synthetic data to design, implement and test these techniques its not fair and reliable because the variety and unpredictability of the real world data. On the other hand retrieve these information from real world networks is not easy (and sometimes impossible) due to privacy and con dential restrictions. Virtual Environments, Software De ned Systems and Software De ned Net- work will play a critical role in many cyber-security related aspects like the assessment of newly devised intrusion detection techniques, the generation of real world like logs, the evaluation of skills of cyber-defence team members and the evaluation of the disruptive e ects caused by the di usion of new malware. This thesis proposes, among other things, a novel domain-speci c platform, named SmallWorld, aimed to easily design, build and deploy realistic com- puter network scenarios achieved by the immersion of real systems into a software de ned virtual environment, enriched by Software De ned Agents put in charge of reproducing users or bot behaviours. Additionally, to provide validation and performance evaluation of the proposed platform, a number of Scenarios (including penetration testing laboratories, IoT and domotics net- works and a reproduction of the most common services on Internet like a DNS server, a MAIL server, a booking service and a payment gateway) have been developed inside SmallWorld. Over time the platform has been rewrit- ten and radically improved leading to the birth of Hacking Square. This new version is currently available on-line and freely accessible from anyone. The impact of this research prototype has been demonstrated, above all, during the course of "Metodi e Strumenti per la Sicurezza Informatica" for the mas- ter degree in Cyber Security at DIMES, University of Calabria. In fact, the platform has been employed to build the laboratory of the course as an in cloud service for students (including all the material to conduct exercises and assignments) and to organize a, practical, Capture the Flag (CTF) like nal test. Finally, the platform is under the attention of Consorzio Interuniver- sitario per l'Informatica (CINI), as it could be used to manage and deploy training content for the CyberChallenge 2018.Università della Calabri
Very Large Data Bases, Oct 31, 1983
Dterministic and non-deterministic stable model semantics for unbound DATALOG queries
Lecture Notes in Computer Science, 1995
ABSTRACT
Making IoT Services Accountable: A Solution Based on Blockchain and Physically Unclonable Functions
Nowadays, an important issue in the IoT landscape consists of enabling the dynamic instauration o... more Nowadays, an important issue in the IoT landscape consists of enabling the dynamic instauration of interactions among two or more objects, operating autonomously in a distributed and heterogeneous environment, which participate in the enactment of accountable cross-organization business processes. In order to achieve the above goal, a decentralized and reliable approach is needed. Here, we propose a solution based on physical unclonable function (PUF) and blockchain technologies that represent the building blocks of the devised IT infrastructure. The core of the authentication process is based on a purposely designed circuit for the PUF bitcell, implemented in a 65 nm CMOS technology. One of the most important aspects of this work is represented by the concept of accountability node, an element inspired to a blockchain 3.0 masternode. This is the key element of the proposed architecture, acting as the main interface for cooperating services and IoT objects which relieve the users/ob...
Exploiting Silicon Fingerprint for Device Authentication Using CMOS-PUF and ECC
2021 IEEE International Conference on Smart Internet of Things (SmartIoT), 2021
Device authentication is an important issue in Internet of Things (IoT) for enabling the connecti... more Device authentication is an important issue in Internet of Things (IoT) for enabling the connection of ubiquitous objects/things to the Internet. One of the emerging authentication approaches is based on some device characteristic (fingerprint) such as its type, firmware version, or signature. The usage of a Physically Unclonable Function (PUF) as device “digital fingerprint” for authentication has attracted great interest, however existing solutions present security drawbacks related to the authentication protocol, or to the poor reliability of the adopted PUF technology. The authentication protocol may require challenge-response pairs to be stored in a dependable repository, with an elevated risk of information leakage. To overcome the above limitations, this paper presents a reliable CMOS-PUF which produces a stable output that is used as private key in an authentication protocol based on Elliptic Curve Cryptography (ECC). The overall device architecture embeds the PUF and ECC components in a memory-less framework so that the device is resilient to cyberattacks and capable to perform authentication tasks with a stable and durable identity. The main advantages of the proposed framework are that no challenge–response pairs need to be previously stored, and no error correction mechanism is needed. A prototype implementation of the CMOS-PUF is sketched and three important key points (Randomness, Circuit Reliability and Security) of the proposed device authentication scheme are discussed as well.
Proceedings of the 6th International Conference on Data Science, Technology and Applications, 2017
The pervasive diffusion of new data generation devices has recently caused the generation of mass... more The pervasive diffusion of new data generation devices has recently caused the generation of massive data flows containing heterogeneous information generated at different rates and having different formats. These data are referred as Big Data and require new storage and analysis approaches to be investigated for managing them. In this paper we will describe a system for dealing with massive big data stores. We defined an open source tool that exploits a NoSQL approach for data warehousing in order to offer user am intuitive way to easily query data that could be quite hard to be understood otherwise.
Lecture Notes in Computer Science, 2016
HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific r... more HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.
The Kiwi(S) Projects: Past and Future
Esprit ’89, 1989
IEEE Transactions on Dependable and Secure Computing/IEEE transactions on dependable and secure computing, 2024
Smart tags are compact electronic devices affixed to or embedded into objects to facilitate ident... more Smart tags are compact electronic devices affixed to or embedded into objects to facilitate identification, monitoring, and data exchange. Consequently, secure authentication of these tags is a crucial issue, as objects must reliably verify their identity before sharing sensitive information with other entities. The application of Physical Unclonable Functions (PUF) as a device's "digital fingerprint" has attracted significant attention, yet existing PUF-based authentication methods exhibit security vulnerabilities, either due to the authentication protocol itself or the limited reliability of the PUF technology used. Moreover, there has been a considerable focus on the software aspect, often overlooking the critical role of hardware design, which can become a target for attacks aimed at compromising the device's identity or act as a hindrance in the manufacturing process. In light of these points, this paper introduces an identification tag architecture that leverages PUF technology, focusing on authentication. This architecture features a straightforward but efficient authentication protocol, underpinned by a new and highly stable PUF model. The overall architecture encompasses particular hardware implementation aspects that significantly simplify the tag's enrollment phase and minimize vulnerabilities to attacks. The paper also describes a prototype of this identification tag and provide detailed insights into its application.
The widespread and ever increasing number of services and devices which expose their interfaces t... more The widespread and ever increasing number of services and devices which expose their interfaces to the Internet make the cyberspace a fertile ground for malware activities. Hence there is a strong demand for cybersecurity solutions ensuring their safe operation. Honeypots are networked computer systems purposely designed and crafted to mimic regular services, operating systems and devices with the goal of capturing and storing information about the interactions with attacking entities and we repute them a crucial technology in the study of cyber threats and attacks. We presents the main features of EMPHAsis, a data streaming analytics system based on high-interaction honeypots, which enables the collection and analysis of relevant data about intercepted malware.
BPM 2006 International Workshops, BPD, BPI, ENEI, GPWW, DPM, semantics4ws, Vienna, Austria, September 4-7, 2006, Springer Verlag, Lecture Notes in Computer Science, September, LNCS 4103
HAL (Le Centre pour la Communication Scientifique Directe), 2006
ABSTRACT These proceedings record the papers presented at the 6 international workshops jointly o... more ABSTRACT These proceedings record the papers presented at the 6 international workshops jointly organised withthe BPM2006 conference
Evaluating Deep Packet Inspection in Large-scale Data Processing
Accountability of IoT Devices
Springer eBooks, Nov 10, 2022
Estimating range queries using aggregate data
SEBD, 2000
ABSTRACT The problem of recovering (count and sum) range queries over multidimensional data only ... more ABSTRACT The problem of recovering (count and sum) range queries over multidimensional data only on the basis of aggregate information on such data is addressed. This problem can be formalized as follows. Suppose that a transformation T producing a summary from a multidimensional data set is used. Now, given a data set D, a summary S=T(D) and a range query r on D, the problem consists of studying r by modelling it as a random variable defined over the sample space of all the data sets D' such that T(D) = S. The study of such a random variable, done by the definition of its probability distribution and the computation of its mean value and variance, represents a well-founded, theoretical probabilistic approach for estimating the query only on the basis of the available information (that is the summary S) without assumptions on original data.
The increasing complexity of new malware and the constant refinement of detection mechanisms are ... more The increasing complexity of new malware and the constant refinement of detection mechanisms are driving malware writers to rethink the malware development process. In this respect, compilers play a key role and can be used to implement evasion techniques able to defeat even the new generation of detection algorithms. In this paper we provide an overview of the endless battle between malware writers and detectors and we discuss some considerations on the benefits of using high level languages and even exotic compilers (e.g. single instruction compilers) in the process of writing malicious code.
Future Generation Computer Systems, Dec 1, 2018
In the last few years, cybersecurity has become a hot topic because of the ever-increasing availa... more In the last few years, cybersecurity has become a hot topic because of the ever-increasing availability of Internet accessible services driven by the diffusion of connected devices. The consequent exposition to cyber threats demands for suitable methodologies, techniques and tools allowing to adequately handle issues arising in such a complex domain. This paper describes the architecture of SmallWorld, a scalable software platform designed to reproduce realistic scenarios achieved by the immersion of real systems into a software defined virtual environment. SmallWorld enables the assessment, teaching and learning of cybersecurity related aspects in different areas and for various purposes. It exploits innovative and state-ofthe-art virtualization and simulation techniques for reproducing in a realistic setting a dynamic environment where large distributed computer systems can be deployed and from where they can interact with real life entities. One of the main features of SmallWorld is the support for designing and building complex scenarios which are dynamic and reactive and where a number of autonomous software agents can be deployed. Agents are able to reproduce the behaviors of human users and/or malicious applications into a SmallWorld scenario making it a more realistic testing environment. The practical use of SmallWorld is shown by means of two realistic case studies.
ACM transactions on interactive intelligent systems, Jun 30, 2017
Due to the emerging Big Data paradigm, driven by the increasing availability of intelligent servi... more Due to the emerging Big Data paradigm, driven by the increasing availability of intelligent services easily accessible by a large number of users (e.g., social networks), traditional data management techniques are inadequate in many real-life scenarios. In particular, the availability of huge amounts of data pertaining to user social interactions, user preferences, and opinions calls for advanced analysis strategies to understand potentially interesting social dynamics. Furthermore, heterogeneity and high speed of user-generated data require suitable data storage and management tools to be designed from scratch. This article presents a framework tailored for analyzing user interactions with intelligent systems while seeking some domain-specific information (e.g., choosing a good restaurant in a visited area). The framework enhances a user's quest for information by exploiting previous knowledge about their social environment, the extent of influence the users are potentially subject to, and the influence they may exert on other users. User influence spread across the network is dynamically computed as well to improve user search strategy by providing specific suggestions, represented as tailored faceted features. Such features are the result of data exchange activity (called data posting) that enriches information sources with additional background information and knowledge derived from experiences and behavioral properties of domain experts and users. The approach is tested in an important application scenario such as tourist recommendation, but it can be profitably exploited in several other contexts, for example, viral marketing and food education.
In many application contexts, like statistical databases, scientific databases, query optimizers,... more In many application contexts, like statistical databases, scientific databases, query optimizers, OLAP, and so on, data are often summarized into synopses of aggregate values. Summarization has the great advantage of saving space, but querying aggregate data rather than the original ones introduces estimation errors which cannot be in general avoided, as summarization is a lossy compression. A central problem in designing summarization techniques is to retain a certain degree of accuracy in reconstructing query answers. In this paper we restrict our attention to two-dimensional data, which are relevant for a number of applications, and propose a hierarchical summarization technique which is combined with the use of indices, i.e. compact structures providing an approximate description of portions of the original data. Experimental results show that the technique gives approximation errors much smaller than other "general purpose" techniques, such as wavelets and various types of multi-dimensional histogram.
arXiv (Cornell University), Jan 14, 2005
The problem of recovering (count and sum) range queries over multidimensional data only on the ba... more The problem of recovering (count and sum) range queries over multidimensional data only on the basis of aggregate information on such data is addressed. This problem can be formalized as follows. Suppose that a transformation τ producing a summary from a multidimensional data set is used. Now, given a data set D, a summary S = τ (D) and a range query r on D, the problem consists of studying r by modelling it as a random variable defined over the sample space of all the data sets D ′ such that τ (D ′ ) = S. The study of such a random variable, done by the definition of its probability distribution and the computation of its mean value and variance, represents a well-founded, theoretical probabilistic approach for estimating the query only on the basis of the available information (that is the summary S) without assumptions on original data.
Malevolent Activities Detection and Cyber Range Scenarios Orchestration
Dottorato di Ricerca in Information and Computation Technologies, Ciclo XXXincreasing availabilit... more Dottorato di Ricerca in Information and Computation Technologies, Ciclo XXXincreasing availability of Internet accessible services driven by the di usion of connected devices. The consequent exposition to cyber-threats demands for suitable methodologies, techniques and tools allowing to adequately handle issues arising in such a complex domain. Most Intrusion Detection Systems are capable of detecting many attacks, but cannot provide a clear idea to the analyst because of the huge number of false alerts generated by these systems. This weakness in the IDS has led to the emergence of many methods in which to deal with these alerts, minimize them and highlight the real attacks. Furthermore, experience shows that the inter- pretation of the alerts usually requires more than the single messages provided by the sensors, so there is a need for techniques that can analyse the alerts within the context in which they have been generated. This might require the ability to correlate them with some other contextual information provided by other devices. Using synthetic data to design, implement and test these techniques its not fair and reliable because the variety and unpredictability of the real world data. On the other hand retrieve these information from real world networks is not easy (and sometimes impossible) due to privacy and con dential restrictions. Virtual Environments, Software De ned Systems and Software De ned Net- work will play a critical role in many cyber-security related aspects like the assessment of newly devised intrusion detection techniques, the generation of real world like logs, the evaluation of skills of cyber-defence team members and the evaluation of the disruptive e ects caused by the di usion of new malware. This thesis proposes, among other things, a novel domain-speci c platform, named SmallWorld, aimed to easily design, build and deploy realistic com- puter network scenarios achieved by the immersion of real systems into a software de ned virtual environment, enriched by Software De ned Agents put in charge of reproducing users or bot behaviours. Additionally, to provide validation and performance evaluation of the proposed platform, a number of Scenarios (including penetration testing laboratories, IoT and domotics net- works and a reproduction of the most common services on Internet like a DNS server, a MAIL server, a booking service and a payment gateway) have been developed inside SmallWorld. Over time the platform has been rewrit- ten and radically improved leading to the birth of Hacking Square. This new version is currently available on-line and freely accessible from anyone. The impact of this research prototype has been demonstrated, above all, during the course of "Metodi e Strumenti per la Sicurezza Informatica" for the mas- ter degree in Cyber Security at DIMES, University of Calabria. In fact, the platform has been employed to build the laboratory of the course as an in cloud service for students (including all the material to conduct exercises and assignments) and to organize a, practical, Capture the Flag (CTF) like nal test. Finally, the platform is under the attention of Consorzio Interuniver- sitario per l'Informatica (CINI), as it could be used to manage and deploy training content for the CyberChallenge 2018.Università della Calabri
Very Large Data Bases, Oct 31, 1983
Dterministic and non-deterministic stable model semantics for unbound DATALOG queries
Lecture Notes in Computer Science, 1995
ABSTRACT
Making IoT Services Accountable: A Solution Based on Blockchain and Physically Unclonable Functions
Nowadays, an important issue in the IoT landscape consists of enabling the dynamic instauration o... more Nowadays, an important issue in the IoT landscape consists of enabling the dynamic instauration of interactions among two or more objects, operating autonomously in a distributed and heterogeneous environment, which participate in the enactment of accountable cross-organization business processes. In order to achieve the above goal, a decentralized and reliable approach is needed. Here, we propose a solution based on physical unclonable function (PUF) and blockchain technologies that represent the building blocks of the devised IT infrastructure. The core of the authentication process is based on a purposely designed circuit for the PUF bitcell, implemented in a 65 nm CMOS technology. One of the most important aspects of this work is represented by the concept of accountability node, an element inspired to a blockchain 3.0 masternode. This is the key element of the proposed architecture, acting as the main interface for cooperating services and IoT objects which relieve the users/ob...
Exploiting Silicon Fingerprint for Device Authentication Using CMOS-PUF and ECC
2021 IEEE International Conference on Smart Internet of Things (SmartIoT), 2021
Device authentication is an important issue in Internet of Things (IoT) for enabling the connecti... more Device authentication is an important issue in Internet of Things (IoT) for enabling the connection of ubiquitous objects/things to the Internet. One of the emerging authentication approaches is based on some device characteristic (fingerprint) such as its type, firmware version, or signature. The usage of a Physically Unclonable Function (PUF) as device “digital fingerprint” for authentication has attracted great interest, however existing solutions present security drawbacks related to the authentication protocol, or to the poor reliability of the adopted PUF technology. The authentication protocol may require challenge-response pairs to be stored in a dependable repository, with an elevated risk of information leakage. To overcome the above limitations, this paper presents a reliable CMOS-PUF which produces a stable output that is used as private key in an authentication protocol based on Elliptic Curve Cryptography (ECC). The overall device architecture embeds the PUF and ECC components in a memory-less framework so that the device is resilient to cyberattacks and capable to perform authentication tasks with a stable and durable identity. The main advantages of the proposed framework are that no challenge–response pairs need to be previously stored, and no error correction mechanism is needed. A prototype implementation of the CMOS-PUF is sketched and three important key points (Randomness, Circuit Reliability and Security) of the proposed device authentication scheme are discussed as well.
Proceedings of the 6th International Conference on Data Science, Technology and Applications, 2017
The pervasive diffusion of new data generation devices has recently caused the generation of mass... more The pervasive diffusion of new data generation devices has recently caused the generation of massive data flows containing heterogeneous information generated at different rates and having different formats. These data are referred as Big Data and require new storage and analysis approaches to be investigated for managing them. In this paper we will describe a system for dealing with massive big data stores. We defined an open source tool that exploits a NoSQL approach for data warehousing in order to offer user am intuitive way to easily query data that could be quite hard to be understood otherwise.
Lecture Notes in Computer Science, 2016
HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific r... more HAL is a multi-disciplinary open access archive for the deposit and dissemination of scientific research documents, whether they are published or not. The documents may come from teaching and research institutions in France or abroad, or from public or private research centers. L'archive ouverte pluridisciplinaire HAL, est destinée au dépôt et à la diffusion de documents scientifiques de niveau recherche, publiés ou non, émanant des établissements d'enseignement et de recherche français ou étrangers, des laboratoires publics ou privés.
The Kiwi(S) Projects: Past and Future
Esprit ’89, 1989