Nuova ricerca

FEDERICO MAGNANINI

Home |


Pubblicazioni

2022 - Flexible and Survivable Single Sign-On [Relazione in Atti di Convegno]
Magnanini, Federico; Ferretti, Luca; Colajanni, Michele
abstract

2021 - Scalable, Confidential and Survivable Software Updates [Articolo su rivista]
Magnanini, F.; Ferretti, L.; Colajanni, M.
abstract

Software update systems must guarantee high availability, integrity and security even in presence of cyber attacks. We propose the first survivable software update framework for the secure distribution of confidential updates that is based on a distributed infrastructure with no single points of failure. Previous works guarantee either survivability or confidentiality of software updates but do not ensure both properties. Our proposal is based on an original application of a multi-authority attribute-based encryption scheme in the context of decentralized access control management that avoids single-point-of-vulnerability. We describe the original framework, propose the protocols to implement it, and demonstrate its feasibility through a security and performance evaluation.

2021 - Survivable zero trust for cloud computing environments [Articolo su rivista]
Ferretti, L.; Magnanini, F.; Andreolini, M.; Colajanni, M.
abstract

The security model relying on the traditional defense of the perimeter cannot protect modern dynamic organizations. The emerging paradigm called zero trust proposes a modern alternative that enforces access control on every request and avoids implicit trust based on the physical location of people and devices. These architectures rely on several trusted components, but existing proposals make the unrealistic assumption that attackers cannot compromise some of them. We overcome these assumptions and present a novel survivable zero trust architecture that can guarantee the necessary security level for cloud computing environments. The proposed architecture guarantees a high level of security and robustness and under specific conditions it can tolerate intrusions and can recover from failures and successful attacks.

2019 - Efficient License Management Based on Smart Contracts Between Software Vendors and Service Providers [Relazione in Atti di Convegno]
Magnanini, Federico; Ferretti, Luca; Colajanni, Michele
abstract