Home » Archivo » Archivio 2013/2014

Archivio 2013/2014

Salta il menu di secondo livello

Corsi Laurea

Corsi Laurea Magistrale


  • Automated Generation of Attack Trees - il giorno 19/06/2014 - Roberto Vigo (Technical University of Denmark (DTU))

    Abstract: Attack trees are widely used to represent threat scenarios in a succinct and intuitive manner, suitable for conveying security information to non-experts. The manual construction of such objects relies on the creativity and experience of specialists, and therefore it is error-prone and impracticable for large systems. Nonetheless, the automated generation of attack trees has only been explored in connection to computer networks and levering rich models, whose analysis typically leads to an exponential blow-up of the state space. We propose a static analysis approach where attack trees are automatically inferred from a process algebraic specification in a syntax-directed fashion, encompassing a great many application domains and avoiding incurring systematically an exponential explosion. Moreover, we show how the standard propositional denotation of an attack tree can be used to phrase interesting quantitative problems, that can be solved through an encoding into Satisfiability Modulo Theories. The flexibility and effectiveness of the approach is demonstrated on the study of a national-scale authentication system, whose attack tree is computed thanks to a Java implementation of the framework.

  • Secure positioning through enlargement miscontrol detection - il giorno 29/05/2014 - Pericle Perazzo (Universita' di Pisa)

    Abstract: Positioning technologies are in general vulnerable to spoofing attacks that deceive the system into measuring false positions. This has a tremendous impact on the security of many systems. As a countermeasure, wireless distance-bounding protocols turned out to be an extremely useful tool. In this talk, we analyze the feasibility of enlargement attacks against wireless distance bounding based on 802.15.4a UWB. We show that the overshadow strategies, generally considered feasible by the existing literature, are actually difficult to carry out. Depending on the enlargement that the adversary wants to introduce, the effect of the attack is poorly controllable. We further present EMCD-ML (Enlargement MisControl Detection MuliLateration), an algorithm for secure localization which leverages on the difficulty of controlling enlargement attacks. EMCD-ML offers high levels of security and sensibly reduces the number of needed verifiers (-93%) with respect to the state of the art methods.

  • Secure Group Communication in WSNs and beyond - il giorno 29/05/2014 - Gianluca Dini (Universita' di Pisa)

    Abstract: Group communication has proven a powerful paradigm for designing applications and services in Wireless Sensor Networks (WSNs). However, in order to fully exploit the group communication paradigm we need to secure it. Traditionally, this requirement has been formalized in terms of backward and forward security and fulfilled by means of rekeying. In WSNs, group rekeying becomes particularly a complex problem because communication takes place over an easily accessible wireless medium and because sensor nodes have severe limitations in terms of computing, storage, energy, and tamper-resistance capabilities for cost reasons. In this talk we present a few solutions that we have proposed over time. Such solutions have been conceived for WSNs but can be applied to other Cyber-physical Systems (CPSs). They can be classified as logical key graph, combinatorial, and overlay. In this talk we mainly focus on the first two classes.

  • Fasten Your Seatbelts – Overview and Security Considerations of Next Generation Air Traffic Communication - il giorno 06/05/2014 - Prof. Ivan Martinovic (University of Oxford)

    Abstract: This lecture is about the security of the next generation air traffic surveillance technology based on Automatic Dependent Surveillance – Broadcast (ADS-B). The ADS-B protocol is already supported by the majority of international aircraft and will become mandatory in 2020 for most airspaces worldwide. While it is known that ADS-B might be susceptible to different impersonation and DoS attacks, the complexity and impact of launching these attacks has been debated controversially by the air traffic control community. Yet, the literature remains unclear on the requirements of launching ADS-B attacks in real-world environments, and on the constraints which affect their feasibility. In this lecture, we take a scientific approach to systematically evaluate realistic ADS-B attacks. Our objective is to shed light on the practicability of different threats and to quantify the main factors that impact the success of such attacks. Our results reveal some bad news: attacks on ADS-B can be inexpensive and highly successful. Using a controlled experimental design, we offer insights from a real-world feasibility analysis that leads to the conclusion that any safety-critical air traffic decision process should not rely exclusively on the ADS-B system.

  • The Process of Process Modeling - il giorno 08/05/2014 - Barbara Weber (Universita' di Innsbruck)

    Abstract: Business process models have gained significant importance due to their critical role for managing business processes. Still, process models display a wide range of quality problems. For example, literature reports on error rates between 10% and 20% in industrial process model collections. Most research in the context of quality issues in process models puts a strong emphasis on the product or outcome of the process modeling act (i.e., the resulting process models), while the process followed for creating process models is only considered to a limited extent. The creation of process models involves the elicitation of requirements from the domain as well as the formalization of these requirements as process models. In this presentation the focus will be on the formalization of process models, which can be considered a process by itself -- the process of process modeling (PPM). In particular, this presentation will shed light on the way how process models are created and present different behavioral patterns that can be observed, discuss factors that influence the PPM, e.g., modeler-specific factors like domain knowledge or process modeling competence and task-specific factors. Moreover, it will present a specialized modeling environment, which logs all interactions of the process modeler with the modeling environment, thus, providing the infrastructure to investigate the PPM. In addition, the presentation discusses how methods like eye movement analysis, think aloud, or the analysis of bio-feedback (e.g., pulse or heart rate) might enable even deeper insights into the PPM.

  • Measuring Query Privacy in Location-Based Services - il giorno 06/03/2014 - Tooska Dargahi (Islamic Azad University, Science and Research branch, Tehran, Iran)

    Abstract: This presentation is based on the approach proposed by Chen and Pang in the paper entitled “Measuring Query Privacy in Location-Based Services” which has been published in the Proceedings of the second ACM conference on Data and Application Security and Privacy, ACM, 2012. The popularity of location-based services leads to serious concerns on user privacy. A common mechanism to protect users’ location and query privacy is spatial generalization. As more user information becomes available with the fast growth of Internet applications, e.g., social networks, attackers have the ability to construct users’ personal profiles. This gives rise to new challenges and reconsideration of the existing privacy metrics, such as k-anonymity. In this work, the authors propose new metrics to measure users’ query privacy taking into account user profiles. Furthermore, they design spatial generalization algorithms to compute regions satisfying users’ privacy requirements expressed in these metrics.

  • Data Gathering and Dissemination in Urban Scenario - il giorno 13/02/2014 - Armir Bujari (Universita' di Padova)

    Abstract: Only a decade ago, digital information was mainly confined to electrical wires while today we are immersed in a digital fountain and information is being produced everywhere around us. As of current practice, we rely on infrastructure acting as an intermediary, providing access to the data. However, infrastructure-based connectivity might not always be available or the best alternative. Moreover, it is often the case where the data and the processes acting upon them are of local scopus. As an alternative, ad hoc networking could be employed as an enabler which can factually support an infrastructure-less, provider-less communication platform encompassing the above requirements. In this context, the speaker will present his research activity discussing some novel data gathering and dissemination strategies tailored to the characteristics of mobile disruptive networks.

  • The Terrestrial Delay/Disruption Tolerant Network Paradigm - il giorno 12/02/2014 - Armir Bujari (Universita' di Padova)

    Abstract: In this talk the speaker will introduce the Terrestrial Delay/Disruption Tolerant Network (tDTN) paradigm relying on node mobility to move data between interested parties. To this end, the concept of tDTN as well as a brief historical background on mobile networks and the notion of DTN will be provided. The talk also focuses on two practical case studies: (1) exploiting the Public Transportation System as a routing backbone in order to support elastic, non-real time service delivery and (2) AirCache: a floating data network.

  • Opportunistic Routing/Forwarding and Applicative Scenarios - il giorno 04/02/2014 - Armir Bujari (Universita' di Padova)

    Abstract: In this talk the speaker will focus on the routing/forwarding problem in mobile environments. A complete taxonomy will be presented and the trade-offs that arise will be discussed. Next, the talk will focus on a practical case study, that of the floating data concept.

  • The Opportunistic Networking Paradigm: Opportunities and Trends - il giorno 04/02/2014 - Armir Bujari (Universita' di Padova)

    Abstract: In this talk the speaker will introduce the Opportunistic Networking (OppNet) paradigm relying on node mobility to move data between interested parties. To this end, I will start with a brief historical background on mobile networks and the notion of opportunism in wireless networks, further explaining how these relate to the OppNet paradigm. Next, the talk will focus on a practical case study where the Public Transportation System is exploited as a routing backbone in order to support elastic, non-real time service delivery.

  • Opportunistic Data Gathering and Dissemination in Urban Scenarios - il giorno 28/02/2014 - Armir Bujari (Universita di Padova)

    Abstract: Only a decade ago, digital information was mainly confined to electrical wires while today we are immersed in a digital fountain and information is being produced everywhere around us. As of current practice, we rely on infrastructure acting as an intermediary, providing access to the data. However, infrastructure-based connectivity might not always be available or the best alternative. Moreover, it is often the case where the data and the processes acting upon them are of local scopus. As an alternative, ad hoc networking could be employed as an enabler which can factually support an infrastructure-less, provider-less communication platform encompassing the above requirements. In this context, the speaker will present his research activity discussing some novel data gathering and dissemination strategies tailored to the characteristics of mobile disruptive networks.

  • A semantic based tool for firewall configuration - il giorno 25/02/2014 - Riccardo Focardi (Univ. Ca' Foscari, Venice, Italy)

    Abstract: The management and specification of access control rules that enforce a given policy is a non-trivial, complex, and time consuming task. In this paper we aim at simplifying this task both at specification and verification levels. For that, we propose a formal model of Netfilter, a firewall system integrated in the Linux kernel. We define an abstraction of the concepts of chains, rules, and packets existent in Netfilter configurations, and give a semantics that mimics packet filtering and address translation. We then introduce a simple but powerful language that permits to specify firewall configurations which are unaffected by the relative ordering of rules and that does not depend on the underlying Netfilter chains. We give a semantics for this language and show that it can be translated into our Netfilter abstraction. We demonstrate the feasibility of our approach by providing a publicly available tool that translates abstract firewall specifications into real Netfilter configurations.

  • Where are we going - il giorno 20/11/2013 - Prof. Andrew S. Tanenbaum (Vrije Universiteit Amsterdam)

    Abstract: The world of computers has moved at an incredible pace during the past 30 years. In 1983, the computer world was dominated by the IBM System/370 mainframes, the smallest model of which (the 135) had 96 KB of RAM and cost $475,000. But if you didn't have that kind of money, you could get a VAX 11/780 minicomputer with 1 MB for a mere $120,000. That year also marked the introduction of the IBM PC/XT, which ran MS-DOS from a revolutionary 10-MB hard disk. A high-speed Hayes modem ran at 1200 bps but it cost $1199. That didn't matter so much, however, because the first graphical browser, Mosaic, wouldn't be released for another decade. By way of comparison, an iPad is about 500 times faster than the System 370/135, has 10,000 times more RAM, and costs about 1000x less. But this talk isn't about the past 30 years. It is about the next 30 years.

  • Accuracy is not enough - a theoretical and practical tour of machine learning for medical decision support - il giorno 23/10/2013 - Prof. Paulo Lisboa (Liverpool John Moores University and St Helens and Knowsley Teaching Hospitals )

    Abstract: Computer-based decision support in clinical medicine is likely to grow in importance as the 4P agenda develops (predictive, preventive, personalised, participatory healthcare). In practical terms, this involves complex non-linear data, combinations of different modalities, high-dimensionality and potentially also integration into clinical reasoning. Each of these aspects has implications for data-based modelling. In parallel, advances in machine learning have generated a plethora of high performing models, very few of which are ever used in the clinical setting. This talk will show why model evaluation necessarily involves more than performance accuracy or even ROC characteristics; explore some implications for model design; and discuss resulting theoretical developments related to information theory.

  • Electoral equilibria under scoring rules - il giorno 09/10/2013 - Arkadii Slinko (University of Auckland)

    Abstract: We use Hotelling's spatial model of competition to investigate the position-taking behaviour of political candidates under a class of electoral systems known as scoring rules. In a scoring rule election, voters rank all the candidates running for office, following which the candidates are assigned points according to a vector of nonincreasing scores. Convergent Nash equilibria in which all candidates adopt the same policy were characterised by Cox \cite{cox1}. Here, we investigate nonconvergent equilibria, where candidates adopt divergent policies. We identify a number of classes of scoring rules exhibiting a range of different equilibrium properties. For some of these, nonconvergent equilibria do not exist. For others, nonconvergent equilibria in which candidates cluster at positions spread across the issue space are observed. In particular, we prove that the class of convex rules does not have Nash equilibria (convergent or nonconvergent) with the exception of some derivatives of Borda rule. Finally, we examine the special cases of four-, five- and six- candidate elections. In the former two cases, we provide a complete characterisation of nonconvergent equilibria. This is a joint work with Dodge Cahan (UCSD) and John-McCabe Dansted (Univ of Western Australia)

  • Extreme Apprenticeship, a new way of teaching CS? - il giorno 18/09/2013 - Prof. Gabriella Dodero (Libera Universita di Bolzano )

    Abstract: Extreme Apprenticeship (XA) is a new methodology for teaching Computer Science, recently developed and being actively practised at the University of Helsinki. Papers about XA have been published, stressing the improvements over traditional lecture-based format of teaching, which can be gained with XA when teaching introductory programming courses. The XA methodology is based on Cognitive Apprenticeship, that is, a task is learned by apprentices looking at the master who is performing it, and then repeating a task under master´s guidance. The seminar shall illustrate the basic principles and the main practices which have been adopted so far at the Universities of Helsinki and Bolzano, within introductory programming courses, and within Operating Systems lab respectively. Organizational practices at both universities, including considerations on costs and scalability to hundreds of students, and possible support obtainable from learning management systems, shall be illustrated.

  • Predicting Parallel Speed-ups for Las Vegas Algorithms - il giorno 05/09/2013 - Philippe Codognet (JFLI - CNRS / UPMC / University of Tokyo)

    Abstract: We propose a probabilistic model for the parallel execution of Las Vegas algorithms, i.e. randomized algorithms whose runtime might vary from one execution to another, even with the same input. This model aims at predicting the parallel performances (i.e. speedups) by an analysis the runtime distribution of the sequential runs of the algorithm. Then, we study in practice the case of a particular Las Vegas algorithm for combinatorial optimization (a constraint-based local search method) on three classical CSP problems, and compare with an actual parallel implementation up to 256 cores. We show that the prediction can be quite accurate, matching the actual speedups very well up to 100 parallel cores and then with a deviation of about 20% up to 256 cores. We will also present an application of this framework for the prediction of parallel speedups of two SAT local search solvers on a variety of instances. In this domain again, the predicted results are in accordance with the parallel experiments. This is a joint work with Charlotte Truchet & Florian Richoux from University of Nantes, France, and Alejandro Arbelaez from JFLI / University of Tokyo, Japan.

  • Low Complexity Attribute Based Encryption for Mobile Devices - il giorno 25/07/2013 - Yogachandran Rahulamathavan (City University London, UK )

    Abstract: In multi-authority attribute based encryption (MA-ABE) schemes, multiple authorities monitor different set of attributes and the corresponding shared-decryption-keys. In such schemes the encryptor can encrypt a message and upload to the cloud, whereas only users who satisfy a set of attributes from each authority can decrypt that message. In this talk I will discuss how to extend the MA-ABE scheme for mobile users by introducing a cloud based semi-trusted-authority (STA) between the mobile user and attribute authorities. Hence, substantial amount of communications and computations are outsourced to the STA without compromising the security and privacy of the MA-ABE scheme. The STA interacts with the attribute-authorities on behalf of the user and obtains the masked shared-decryption-keys. Later the STA combines all the keys and gets one masked-key which can only be unmasked by a user to decrypt the message. In particular, STA cannot decrypt the message nor determine the attributes of the mobile user, hence, the security and privacy of the proposed MA-ABE scheme is preserved.

  • Privacy Preserving Machine Learning Techniques for Data Classification - il giorno 24/07/2013 - Yogachandran Rahulamathavan (City University London, UK)

    Abstract: The recent trend towards remote outsourcing and cloud computing can be exploited in many data classification tasks such as remote diagnostic and affect detection as cloud services. These services could be utilized by any users in a flexible manner such as on-demand or pay-per use. This new notion overcomes the difficulties that would be faced by the users such as having to collect a large number of samples (i.e. rich data set), and requiring high computational and storage resources to build their own data classification tool. However, there is now a risk that the cloud servers are potentially untrusted servers. Hence, releasing the data samples owned by the user to the untrusted server raises privacy concerns. This drawback can affect the adoption of outsourcing techniques. Furthermore, the server may not wish to disclose the features of the data classification tool even if it offers the service to the users. In this talk I will go through how to modify the well-known machine learning tools such as support vector machine in order to preserve the privacy of both the user data and the cloud data.

  • Social Network Games - il giorno 03/09/2013 - Krzysztof R. Apt (CWI and University of Amsterdam, The Netherlands)

    Abstract: In this lecture we survey our recent works on social network games. They are tailored to study a model of social networks introduced by Apt and Markakis in 2011 in which the nodes influenced by their neighbours can adopt one out of several products. In these games the payoff of each player weakly increases when more players choose his strategy, which is exactly opposite to the congestion games. We show that such games may have no Nash equilibrium and that determining an existence of a Nash equilibrium is NP-complete. We also clarify the status and the complexity of the finite best response property (FBRP), the finite improvement property (FIP), and of a new property that we call the uniform FIP. Further, we exhibit in this framework some paradoxes. One of them allows us to explain `bubbles' in a financial market, in which a decision of a trader to switch to some new financial product triggers a sequence of transactions, as a result of which all traders involved become worse off. Based on joint works with Evangelos Markakis and Sunil Simon.

  • Declarative Process Mining - il giorno 05/06/2013 - Fabrizio Maria Maggi (Institute of Computer Science - University of Tartu, Estonia )

    Abstract: The increasing availability of event data recorded by contemporary information systems makes process mining a valuable instrument to improve and support business processes. Starting point for process mining is an event log. Typically, three types of process mining can be distinguished: (a) process discovery (learning a model from example traces in an event log), (b) conformance checking (comparing the observed behavior in the event log with the modeled behavior), and (c) model enhancement (extending models based on additional information in the event logs, e.g., to highlight bottlenecks). Existing process mining techniques mainly use procedural process modeling languages for describing the business processes under examination. However, these languages are suitable to be used in stable environment where process executions are highly predictable. In turbulent environments, where process executions involve multiple alternatives, process models tend to be complex and difficult to understand. In this talk, we introduce a new family of process mining techniques based on declarative languages. These techniques are very suitable to be used for analyzing less structured business processes working in environments where high flexibility is required. These techniques have been implemented in the process mining tool ProM and range from process discovery to models repair and extension, to offline and online conformance checking.

  • Friend in the middle - il giorno 24/05/2013 - Filipe Beato (K.U.Leuven)

    Abstract: With the large growth of Online Social Networks (OSNs), several privacy threats have been highlighted, as well as solutions to mitigate them. Most solutions focus on restricting the visibility of users information. A number of systems have been proposed to protect data shared online; yet these solutions typically just shift trust to another third party server, are platform specific (e.g., work for Facebook only), or fail to hide that confidential communication is taking place. However, OSNs also represent a threat for contextual information, such as the OSN structure and how users communicate among each other, and users anonymity. Recently proposed de-anonymization techniques proved to be effective in re-identifying users in anonymized social network. In this talk, we present the novel approach Friend in the Middle (FiM) that makes (1) OSNs graph more resilient against de-anonymization attack, and (2) OSNs users more protected against Bizantine attacks into their anonymity. In addition we evaluate and demonstrate throughout experimental results the feasibility and effectiveness of our proposal for the de-anonymization.

  • Role Mining - il giorno 20/05/2013 - Mario Frank (II) (University of California, Berkeley)

    Abstract: Controlling access in a system with thousands of users and thousands of resources is cumbersome and error-prone if this task is carried out at the level of individual assignments of users to access-permissions. The preferred model, that drastically simplifies administration, is role-based access control (RBAC). An RBAC configuration consists of a user-role assignment matrix and a role-permission matrix. Thereby, a user is assigned all permissions that are contained in his roles. The migration step from an existing system of direct user-permission assignments to an RBAC configuration has been identified as one of the costliest aspects of RBAC. I will explain the role mining problem, the problem of automatically migrating an existing access control configuration to RBAC. I propose a probabilistic model for clustering Boolean vectors such that each vector can be simultaneously assigned to multiple clusters. I will present experimental results on real-world access control data and demonstrate how to find roles that generalize well to hold-out system users. More info can be found at http://www.mariofrank.net/rolemining.html.

  • Touchalytics - il giorno 20/05/2013 - Mario Frank (University of California, Berkeley)

    Abstract: Many users do not protect their smart phone with a PIN or a secret gesture, and those who do are bothered by this frequently requested act. I propose an alternative authentication mechanism that makes PINs obsolete or at least reduces the number of PIN requests to a tolerable degree. This mechanism continuously analyzes the way how the user interacts with the touch screen to reason about the authenticity of the user. I will describe an experimental analysis designed to investigate if such an authentication method is feasible and how it could be deployed. More info can be found at http://www.mariofrank.net/touchalytics/index.html.

  • Uncertainty and incomplete knowledge in Bayesian networks using subjective logic - il giorno 25/03/2013 - Prof. Audun Josang (University of Oslo)

    Abstract: It is problematic to analyse traditional Bayesian network models where the input arguments have unknown probability values, because the analyst can be tempted to invent input values simply to make the model operational. This problem can be solved by expressing input arguments with degrees of uncertainty using subjective logic. As a result, Bayesian networks models based on subjective logic can be analysed even when input arguments are unknown or partially uncertain.

  • Cache Pollution Attacks and Detection in Named Data Networking - il giorno 30/01/2013 - Marco Teoli (University of Padua (Studente Laurea Magistrale))

    Abstract: Content-Centric Networking (CCN) is an emerging paradigm being considered as a possible replacement for the current IP-based host-centric Internet infrastructure. In CCN, content is decoupled from its location. This allows, among other things, the implementation of ubiquitous caching. Named-Data Networking (NDN) is a prominent example of CCN. In NDN, all nodes (i.e., hosts, routers) are allowed to have a local cache, used to satisfy incoming requests for content. However, reliance on caching allows an adversary to perform attacks that are very effective and relatively easy to implement. In this talk, we focus on cache pollution attacks, where the adversary’s goal is to disrupt cache locality to increase link utilization and cache misses for honest consumers. We show, via simulations, that such attacks can be implemented in NDN using limited resources, and that their effectiveness is not limited to small topologies. We then illustrate that existing proactive countermeasures are ineffective against more realistic adversaries. Finally, we introduce and evaluate a new technique for detecting pollution attacks in NDN.

  • Android SSL Considered Harmful - il giorno 23/01/2013 - Sebastiano Gottardo (Universita' di Padova -studente Laurea Magistrale-)

    Abstract: The Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are well known and widely used cryptographic protocols designed to protect network communication from eavesdropping and tampering. SSL/TLS are known to be secure, in theory. In practice: a non proper use of these security ''tools'' might lead to serious security threats as disclosing private information and credentials that grant access to restricted services (e.g., let's say your home banking account!). In this talk, we discuss potential security threats posed by a non proper use of SSL/TLS protocols in benign Android apps (that are assumed to protect data they transmit). Finally, we will give some advices to both users are developers. Part of this talk is based on the content of two papers appeared in ACM CCS 2012: [1] S. Fahl, M. Harbach, T. Muders, M.S.L. Baumgartner, B. Freisleben. Why Eve and Mallory Love Android: An Analysis of Android SSL (In)Security'' [2] M. Georgiev, S. Iyengar, S. Jana, R. Anubhai, D. Boneh, V. Shmatikov. The Most Dangerous Code in the World: Validating SSL Certificates in Non-Browser Software''

  • Privacy protection in location-based services - il giorno 09/11/2012 - Pablo A. Perez-Martinez (Universitat Rovira i Virgili, Tarragona, Catalonia, Spain )

    Abstract: The number of telecommunications companies that currently exist and their offers of data connection for mobile devices, which are able to self-localise, are enormous. As a consequence, much people use the Internet connection in their mobile phones to access location-based services (LBS). By doing so, users could expose private information, as for example their locations or their preferences, and it could be a threat to their privacy if the information they share is not managed properly. In this talk we will discuss the current techniques for privacy protection in LBS and we will have a look at several techniques we propose.

  • Optimal Solutions for Pairing Services on Smartphones: a Strategy to Minimize Energy Consumption - il giorno 08/11/2012 - Daniele Diodati (University of Perugia, Italy)

    Abstract: Energy consumption is one of the main concerns that refrain users from fully exploiting their smartphone capabilities. Guided by energy measurements on smartphones, which show that some services performed in parallel require less energy than their stand-alone executions, we investigate the possibility to delay some services to the time when other services have already been scheduled in such a way the total energy consumption is minimized once all services are accomplished. We define two new energy optimization problems, called Single Overlapping Pair (SOP) and Multiple Overlapping Pairs (MOP). The former assumes that a delay-tolerant service must be paired with a single pre-scheduled service, the latter that a delay-tolerant service may be paired with multiple pre-scheduled services. We propose new algorithms to solve both SOP and MOP optimally in polynomial time, when the set of services to be executed is known in advance. Finally, we evaluate the benefits of the energy-efficient pairing strategy via simulations on synthetic traces. The results of our preliminary experiments show a neat energy gain achievable by pairing executions, if compared to stand-alone executions. Indeed, the solution for SOP shows a 30% decrease in energy consumption, while the one for MOP shows a 70% decrease in energy demanding. The talk is based on the results published in: Mauro Conti, Daniele Diodati, Cristina M. Pinotti, and Bruno Crispo. Optimal Solutions for Pairing Services on Smartphones: a Strategy to Minimize Energy Consumption. In Proceedings of the IEEE International Conference on Cyber, Physical and Social Computing (IEEE CPSCom 2012), to appear, Besançon, France, November 20-23, 2012.

  • Privacy vs. Knowledge: Two Opposite Rights - il giorno 07/11/2012 - Agusti Solanas (Universitat Rovira i Virgili, Tarragona, Catalonia, Spain)

    Abstract: Privacy is a fundamental right recognized by the Universal Declaration of Human Rights. However, it has become usual to endanger privacy for the sake of knowledge and security. In this talk we will elaborate on the necessary equilibrium between the right of people to privacy and the right of the society to knowledge and security. To do so, we will consider two case studies: (i) Location Based-Services and, (ii) Statistical Data and Statistical Disclosure Control. - Location-Based Services (LBS) can be accessed from a variety of mobile devices to obtain value added information related to the location of the user. In many cases, these LBS are provided by untrusted parties. Thus, users might compromise their location privacy to obtain value added services. In this regard, we will introduce the concept of W3-Privacy and we will show several techniques to protect the privacy of LBS users. - The amount of data collected by statistical agencies, governments and private companies is growing steadily. With the use of innovative techniques for big data analysis (e.g. Artificial Intelligence) unprecedented amounts of private information could be revealed. We will show how statistical disclosure control (SDC) aims at reducing the privacy risks of citizens, Internet users, and the like.

  • Physical-Layer Security in Wireless Localization and Communications - il giorno 25/10/2012 - Nils Ole Tippenhauer (ETH Zurich)

    Abstract: Localization systems have become increasingly popular in recent years due to the emergence of mobile phones, public GPS, and smartphones. Nowadays, such hand-held devices allow the user to find his position via GSM triangulation, GPS or WLAN-based localization. From a security perspective, most localization protocols are inherently insecure as they use physical-layer characteristics such a message propagation delay, received signal strength, or angle-of-arrival to estimate the location. Such physical-layer characteristics cannot be protected by cryptographic measures only--even if such measures are applied, attackers can influence the localization result by selective forwarding and replay of the signals, or other manipulations. In this talk, Nils presents his recent work on physical-layer security of localization systems and secure distance bounding.

  • A Server-Side Authenticated Key-Establishment with Low Computational Workload - il giorno 25/10/2012 - Gabriele Oligeri (University of Trento)

    Abstract: Server-side authenticated key-establishment protocols are characterized by demanding a heavy workload at the server-side. We propose a new protocol that allows to amortize server’s workload peaks by moving the computational burden partially to the clients and partially to the low-workload periods of the server itself. This solution is particularly suitable for servers that cannot undertake the overall computational burden produced by many concurrent clients. We show the effectiveness of our protocol through extensive measurements on a real client-server pair, and show how the performance of our solution outperforms previous ones.