_data/publications.yml

# PLEASE KEEP ALPHABETICAL ORDER BY ID WITHIN YEARS

# ===== template for a new publication =====
# - id:                       # Choose a unique ID for the publication, will be referenced later
#   id_iris:                  # ID of the publication in FBK IRIS (e.g., "324208") (optional)
#   title:                    # Title of the publication
#   authors:                  # Authors of the publication (create a new line for each author)
#     -                       # ... (remember that authors should exist in "_data/people.yml")
#   tags:                     # Tags of the publication (create a new line for each tag)
#     -                       # ... (remember that tags should exist in "_data/tags.yml")
#   abstract: >               # Abstract (optional)
#     textual abstract    
#   destination:              # Unique ID of the destination (remember that destinations should exist in "_data/destinations.yml")
#   destinationAddon:         # Addon to the destination journal or proceedings (e.g., volume, pages) (optional)
#   isALEPH:                  # Whether the publication should appear in all pages including the list of publications of ALEPH (then, set to "true") or in all pages excluding the list of publications of ALEPH (then, set to "false")
#   year:               # year of publication (e.g., 2023)
#   doi:                # doi (e.g., 10.1145/3320269.3384767)
#   urlComplementary:   # url of complementary (in "_complementary")


## 2020
- id: ASIACCS2020
  id_iris: 323366
  title: "Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization"
  authors:
    - StefanoBerlato
    - RobertoCarbone
    - AdamJLee
    - SilvioRanise
  abstract: >
    To facilitate the adoption of cloud by organizations, Cryptographic Access Control (CAC) is the obvious solution to control data sharing among users while preventing partially trusted Cloud Service Providers (CSP) to access sensitive data. Indeed, several CAC schemes have been proposed in the literature. Despite their differences, available solutions are based on a common set of entities—e.g., a data storage service or a proxy mediating the access of users to encrypted data—that operate in different (security) domains—e.g., on-premise or the CSP. However, the majority of the CAC schemes assumes a fixed assignment of entities to domains; this has security and usability implications that are not made explicit and can make inappropriate the use of a CAC scheme in certain scenarios with specific requirements. For instance, assuming that the proxy runs at the premises of the organization avoids the vendor lock-in effect but may substantially mine scalability. To the best of our knowledge, no previous work considers how to select the best possible architecture (i.e., the assignment of entities to domains) to deploy a CAC scheme for the requirements of a given scenario. In this paper, we propose a methodology to assist administrators to explore different architectures of CAC schemes for a given scenario. We do this by identifying the possible architectures underlying the CAC schemes available in the literature and formalize them in simple set theory. This allows us to reduce the problem of selecting the most suitable architecture satisfying a heterogeneous set of requirements arising from the considered scenario to a Multi-Objective Optimization Problem (MOOP) for which state-of-the-art solvers can be invoked. Finally, we show how the capability of solving the MOOP can be used to build a prototype tool assisting administrators to preliminary perform a ``What-if'' analysis to explore the trade-offs among the various architectures and then use available standards and tools (such as TOSCA and Cloudify) for automated deployment in multiple CSPs.
  destination: ASIACCS2020
  isALEPH: false
  year: 2020
  doi: 10.1145/3320269.3384767

- id: TOPS2020_2
  id_iris: 329068
  title: "Formal Modelling and Automated Trade-Off Analysis of Enforcement Architectures for Cryptographic Access Control in the Cloud"
  authors:
    - StefanoBerlato
    - RobertoCarbone
    - AdamJLee
    - SilvioRanise
  abstract: >
    To facilitate the adoption of cloud by organizations, Cryptographic Access Control (CAC) is the obvious solution to control data sharing among users while preventing partially trusted Cloud Service Providers (CSP) from accessing sensitive data. Indeed, several CAC schemes have been proposed in the literature. Despite their differences, available solutions are based on a common set of entities---e.g., a data storage service or a proxy mediating the access of users to encrypted data---that operate in different (security) domains---e.g., on-premise or the CSP. However, the majority of these CAC schemes assumes a fixed assignment of entities to domains; this has security and usability implications that are not made explicit and can make inappropriate the use of a CAC scheme in certain scenarios with specific trust assumptions and requirements. For instance, assuming that the proxy runs at the premises of the organization avoids the vendor lock-in effect but may give rise to other security concerns (e.g., malicious insiders attackers). To the best of our knowledge, no previous work considers how to select the best possible architecture (i.e., the assignment of entities to domains) to deploy a CAC scheme for the trust assumptions and requirements of a given scenario. In this paper, we propose a methodology to assist administrators in exploring different architectures for the enforcement of CAC schemes in a given scenario. We do this by identifying the possible architectures underlying the CAC schemes available in the literature and formalizing them in simple set theory. This allows us to reduce the problem of selecting the most suitable architectures satisfying a heterogeneous set of trust assumptions and requirements arising from the considered scenario to a decidable Multi-Objective Combinatorial Optimization Problem (MOCOP) for which state-of-the-art solvers can be invoked. Finally, we show how we use the capability of solving the MOCOP to build a prototype tool assisting administrators to preliminary perform a ``What-if'' analysis to explore the trade-offs among the various architectures and then use available standards and tools (such as TOSCA and Cloudify) for automated deployment in multiple CSPs.
  destination: TOPS
  isALEPH: false
  year: 2020
  
## 2021
- id: SECRYPT2021_2
  id_iris: 327652
  title: "Cryptographic Enforcement of Access Control Policies in the Cloud: Implementation and Experimental Assessment"
  authors:
    - StefanoBerlato
    - RobertoCarbone
    - SilvioRanise
  abstract: >
    While organisations move their infrastructure to the cloud, honest but curious Cloud Service Providers (CSPs) threaten the confidentiality of cloud-hosted data. In this context, many researchers proposed Cryptographic Access Control (CAC) schemes to support data sharing among users while preventing CSPs from accessing sensitive data. However, the majority of these schemes focuses on high-level features only and cannot adapt to the multiple requirements arising in different scenarios. Moreover, (almost) no CAC scheme implementation is available for enforcement of authorisation policies in the cloud, and performance evaluation is often over- looked. To fill this gap, we propose the toolchain COERCIVE, short for CryptOgraphy killEd (the honest but) cuRious Cloud servIce proVidEr, which is composed of two tools: TradeOffBoard and CryptoAC. TradeOff- Board assists organisations in identifying the optimal CAC architecture for their scenario. CryptoAC enforces authorisation policies in the cloud by deploying the architecture selected with TradeOffBoard. In this paper, we describe the implementation of CryptoAC and conduct a thorough performance evaluation to demonstrate its scalability and efficiency with synthetic benchmarks.
  destination: SECRYPT2021
  isALEPH: false
  year: 2021
  
## 2022
- id: DBSEC2022
  id_iris: 335865
  title: "End-to-End Protection of IoT Communications Through Cryptographic Enforcement of Access Control Policies"
  authors:
    - StefanoBerlato
    - RobertoCarbone
    - UmbertoMorelli
    - SilvioRanise
  abstract: >
    It is crucial to ensure the security and privacy of communications in IoT scenarios that process an increasingly large amount of sensitive data. In this context, we propose a cryptographic enforcement mechanism of access control policies to guarantee the confidentiality and integrity of messages exchanged with the MQTT protocol in presence of external attackers, malicious insiders and "honest-but-curious" service providers. A preliminary performance evaluation with a prototype implementation in an open-source tool shows the overhead is acceptable in relevant use case scenarios and provides a higher level of security with respect to other approaches.
  destination: DBSEC2022
  isALEPH: false
  year: 2022
  doi: 10.1007/978-3-031-10684-2_14

- id: EVOTEID2022
  title: "Adaptation of an i-voting scheme to Italian Elections for Citizens Abroad"
  authors:
    - RiccardoLongo
    - UmbertoMorelli
    - ChiaraSpadafora
    - AlessandroTomasi
  abstract: >
    We adapt the Araújo-Traoré protocol to Italian elections, with emphasis on anti-coercion measures. In this short paper we focus on a new method for managing anti-coercion credentials for each voter.
  destination: EVOTEID2022
  isALEPH: false
  year: 2022
  doi: 10.15157/diss/027
  tags:                     
    - ThresholdCryptography
    - ZKP
    - SMPC
    - PrivacyEnhancingCryptography
    - DecentralizationOfTrust
    - EVoting

# 2023
- id: AppliedSciences2023
  title: "On Pseudorandomness and Deep Learning: A Case Study"
  authors:
    - ZahraEbadiAnsaroudi
    - RoccoZaccagnino
    - PaoloD'Arco
  abstract: >
    Pseudorandomness is a crucial property that the designers of cryptographic primitives aim to achieve. It is also a key requirement in the calls for proposals of new primitives, as in the case of block ciphers. Therefore, the assessment of the property is an important issue to deal with. Currently, an interesting research line is the understanding of how powerful machine learning methods are in distinguishing pseudorandom objects from truly random objects. Moving along such a research line, in this paper a deep learning-based pseudorandom distinguisher is developed and trained for two well-known lightweight ciphers, Speck and Simon. Specifically, the distinguisher exploits a convolutional Siamese network for distinguishing the outputs of these ciphers from random sequences. Experiments with different instances of Speck and Simon show that the proposed distinguisher highly able to distinguish between the two types of sequences, with an average accuracy of 99.5%  for Speck and 99.6% for Simon. Hence, the proposed method could significantly impact the security of these cryptographic primitives and of the applications in which they are used.
  destination: ApplSci
  destinationAddon: Volume 13, Issue 5
  isALEPH: true
  year: 2023
  doi: 10.3390/app13053372
  tags:   
    - Cryptanalysis
  
- id: EVOTEID2023
  isALEPH: true
  year: 2023
  title: "Coercion-resistant i-voting with short PIN and OAuth 2.0"
  authors:
    - MatteoBitussi
    - RiccardoLongo
    - FrancescoAntonioMarino
    - UmbertoMorelli
    - AmirSharif
    - ChiaraSpadafora
    - AlessandroTomasi
  abstract: >
    This paper presents an architecture for an OAuth 2.0-based i-voting solution using a mobile native client in a variant of the Araújo-Traoré protocol. We follow a systematic approach by identifying relevant OAuth 2.0 specifications and best practices. Having defined our framework, we identify threats applicable to our proposed methodology and detail how our design mitigates them to provide a safer i-voting process.
  destination: EVOTEID2023
  doi: 10.18420/e-vote-id2023_04
  tags:                     
    - ThresholdCryptography
    - ZKP
    - SMPC
    - PrivacyEnhancingCryptography
    - DecentralizationOfTrust
    - EVoting
    
- id: POLSIM2023
  #id_iris: 323366
  title: "A Simulation Framework for the Experimental Evaluation of Access Control Enforcement Mechanisms based on Business Processes"
  authors:
    - StefanoBerlato
    - RobertoCarbone
    - SilvioRanise
  abstract: >
    While the security analysis of Access Control (AC) policies has received a lot of attention, the same cannot be said for their enforcement. As systems become more distributed (e.g., centralized services may become a bottleneck) and legal compliance constraints stricter (e.g., the problem of honest but curious Cloud providers in the light of privacy regulations), the fine-tuning of AC enforcement mechanisms is likely to become more and more important. This is especially true in scenarios where the quality of service may suffer from computationally heavy security mechanisms and low latency is a prominent requirement. As a first step towards a principled approach to fine-tune AC enforcement, this paper introduces a methodology providing the means to measure the performance of AC enforcement mechanisms through the simulation of realistic deployment scenarios. To do so, we base our methodology on Business Process Model and Notation (BPMN) workflows—that provide for an appropriate abstraction of the sequence of requests toward AC enforcement mechanisms performed by applications—to derive lists of AC operations (e.g., access a resource, revoke a permission) and execute them to evaluate and compare the performance of different mechanisms. Finally, we implement our methodology and apply it to three case studies representative of both traditional centralized AC—i.e., the Open Policy Agent (OPA) and the eXtensible Access Control Markup Language (XACML)—and decentralized Cryptographic Access Control (CAC)—i.e., CryptoAC—.
  destination: POLSIM2023
  isALEPH: false
  year: 2023
  #doi: 10.1145/3320269.3384767

- id: SECRYPT2023
  id_iris: 338307
  title: "A First Appraisal of Cryptographic Mechanisms for the Selective Disclosure of Verifiable Credentials"
  authors:
    - AndreaFlamini
    - SilvioRanise
    - GiadaSciarretta
    - MarioScuro
    - AmirSharif
    - AlessandroTomasi 
  tags:                     
    # - VerifiableCredentials
    # - SelectiveDisclosure
    - ZKP
    - PrivacyEnhancingCryptography
  abstract: >
    Verifiable credentials are a digital analogue of physical credentials. Their authenticity and integrity are protected by means of cryptographic techniques, and they can be presented to verifiers to prove claims about the holder of the credential itself. One way to preserve privacy during presentation consists in selectively disclosing the attributes in a credential. In this paper we present the most widespread cryptographic mechanisms used to enable selective disclosure of attributes, describing their structure and comparing them in terms of performance, size of the associated verifiable presentations, and the ability to produce predicate proofs and unlinkable presentations.
  destination: SECRYPT2023
  isALEPH: true
  year: 2023
  doi: 10.5220/0012084000003555

- id: TCS 2023 PaoloD'Arco
  title: 'Multi-stage Proof-of-Works: Properties and vulnerabilities'
  authors:
  - PaoloD'Arco
  - ZahraEbadiAnsaroudi
  - FrancescoMogavero
  destination: TCS
  year: 2023
  doi: 10.1016/j.tcs.2023.114108
  isALEPH: true
  destinationAddon: Volume 976
  tags:
  - DecentralizationOfTrust

## 2024
- id: ICIN2024MOMO
  id_iris: 346387
  title: "Multi-Objective Microservice Orchestration: Balancing Security and Performance in CCAM"
  authors:
    - StefanoBerlato
    - SilvioCretti
    - DomenicoSiracusa
    - SilvioRanise
  tags:
    - CAC
    - CloudComputing
    - PrivacyEnhancingCryptography
  abstract: >               # Abstract (optional)
    We (devise and) demonstrate the benefits of a methodology and a toolset for orchestrating Cloud-native applications to balance the minimization of risks due to the presence of security threats and the achievement of service performance requirements — expressed on, e.g., computational resources, network throughput and latency. The demo proves the effectiveness of the methodology in orchestrating a set of microservices implementing a prominent Cooperative, Connected and Automated Mobility (CCAM) service.    
  destination: ICIN2024
  isALEPH: true
  year: 2024
  doi: 10.1109/ICIN60470.2024.10494482

- id: JISA 2024 AndreaFlamini
  title: On cryptographic mechanisms for the selective disclosure of verifiable credentials
  authors:
  - AndreaFlamini
  - GiadaSciarretta
  - MarioScuro
  - AmirSharif
  - AlessandroTomasi
  - SilvioRanise
  destination: JISA
  year: 2024
  doi: 10.1016/j.jisa.2024.103789
  isALEPH: true
  destinationAddon: Volume 83
  tags:
  - PrivacyEnhancingCryptography
  - ZKP
  
- id: JMC 2024 MarcoCalderini
  title: Searchable encryption with randomized ciphertext and randomized keyword search
  authors:
  - MarcoCalderini
  - RiccardoLongo
  - MassimilianoSala
  - IreneVilla
  destination: JMC
  year: 2024
  doi: 10.1515/jmc-2023-0029
  isALEPH: true
  abstract: "<jats:title>Abstract</jats:title>\n               <jats:p>The notion\
    \ of public-key encryption with keyword search (PEKS) was introduced to search\
    \ over encrypted data without performing any decryption. In this article, we propose\
    \ a PEKS scheme in which both the encrypted keyword and the trapdoor are randomized\
    \ so that the cloud server is not able to recognize identical queries <jats:italic>a\
    \ priori</jats:italic>. Our scheme is <jats:italic>Ciphertext-Indistinguishabiltity</jats:italic>\
    \ secure in the single-user setting and <jats:italic>Trapdoor-Indistinguishability</jats:italic>\
    \ secure in the multi-user setting with a stronger security, i.e., with <jats:italic>multi-trapdoor</jats:italic>.</jats:p>"
  destinationAddon: Volume 18, Issue 1
  tags:
  - CAC
  - CloudComputing
  - PrivacyEnhancingCryptography

- id: SECRYPT2024 RiccardoGermenia
  title: 'Automating Compliance for Improving TLS Security Postures: An Assessment of Public Administration Endpoints'
  authors:
  - RiccardoGermenia
  - SalvatoreManfredi
  - MatteoRizzi
  - GiadaSciarretta
  - AlessandroTomasi
  - SilvioRanise
  destination: SECRYPT2024
  year: 2024
  doi: 10.5220/0012764700003767
  isALEPH: false

- id: SECRYPT2024 RiccardoLongo
  title: 'Amun: Securing E-Voting Against Over-the-Shoulder Coercion'
  authors:
  - RiccardoLongo
  - ChiaraSpadafora
  destination: SECRYPT2024
  year: 2024
  doi: 10.5220/0012786800003767
  isALEPH: true
  tags:
  - PrivacyEnhancingCryptography
  - ZKP

- id: OSVS2024CRYPTOAC
  id_iris: 350627
  title: "Work-in-Progress: A Sidecar Proxy for Usable and Performance-Adaptable End-to-End Protection of Communications in Cloud Native Applications"
  authors:
    - StefanoBerlato
    - MatteoRizzi
    - MatteoFranzil
    - SilvioCretti
    - PietroDeMatteis
    - RobertoCarbone
  tags:
    - AccessControl
    - CAC
    - CloudNative
    - DecentralizationOfTrust
  abstract: >
    The characteristics of cloud native applications — like the inherent decentralization, the intricate threat model, and the presence of highly dynamic and interconnected microservices — bring forth a number of challenges to the security of the (often sensitive) data exchanged in cloud native applications. Besides, data security is not absolute, and its achievement must be mindful of relevant performance and usability aspects (e.g., minimal overhead, transparency, automation, interoperability with external services). In this work-in-progress paper, we discuss the use of Cryptographic Access Control (CAC) in sidecar proxies as a means to guarantee End-to-End (E2E) protection — in terms of confidentiality and integrity — for communications in cloud native applications, as well as usability and adaptable performance.
  destination: OSVS2024
  isALEPH: true
  year: 2024
  doi: 10.1109/EuroSPW61312.2024.00086

- id: CRISIS2024EVOTE
  #id_iris: 
  title: "Modeling and Assessing Coercion Threats in Electronic Voting"
  authors:
    - RiccardoLongo
    - MajidMollaeefar
    - UmbertoMorelli
    - ChiaraSpadafora
    - AlessandroTomasi
    - SilvioRanise
  tags:
    #- ThresholdCryptography
    #- ZKP
    #- SMPC
    #- PrivacyEnhancingCryptography
    - EVoting
    - DecentralizationOfTrust
    - ThreatModelling
    - RiskAnalysis
  abstract: >
    Electronic voting holds the potential to increase voter participation and streamline election processes, but its broad use is limited by many challenges, e.g., ensuring system security and usability. One of the most difficult threats to counter is coercion; i.e., the ability to monitor and force voters' actions. This paper proposes a methodology to assess an e-voting system's resistance to coercion by gathering the security properties that an e-voting solution should offer from both academia and regulation, and adapting the Microsoft STRIDE and LINDDUN threats and the OWASP Risk Rating Technologies to the e-voting scenario.
  destination: CRISIS2024
  isALEPH: true
  year: 2024
  urlComplementary: /complementary/CRISIS2024EVOTE/CRISIS2024EVOTE

## 2025
# ...

# PLEASE KEEP ALPHABETICAL ORDER BY ID WITHIN YEARS