logo

You are here

Home » Publications

Publications

  1. Daniel, Ricardo dos Santos; Silvio, Ranise; Serena, Elisa Ponta,
    Modularity for Security-Sensitive Workflows,
    An established trend in software engineering insists on using components
    (sometimes also called services or packages) to encapsulate a set of related
    functionalities or data. By defining interfaces specifying what functionalities
    they provide or use, components can be combined with others to form more
    complex components. In this way, IT systems can be designed by mostly re-using
    existing components and developing new ones to provide new functionalities. In
    this paper, we introduce a notion of component and a combination mechanism for
    an important class of software artifacts, called security-sensitive workflows.
    These are business processes in which execution constraints on the tasks are
    complemented with authorization constraints (e.g., Separation of Duty) and
    authorization policies (constraining which users can execute which tasks). We
    show how well-known workflow execution patterns can be simulated by our
    combination mechanism and how authorization constraints can also be imposed
    across components. Then, we demonstrate the usefulness of our notion of
    component by showing (i) the scalability of a technique for the synthesis of
    run-time monitors for security-sensitive workflows and (ii) the design of a
    plug-in for the re-use of workflows and related run-time monitors inside an
    editor for security-sensitive workflows.    ,
    2015
  2. Evandro Alencar Rigon;Carla Merkle Westphall;Daniel Ricardo dos Santos;Carlos Becker Westphall,
    A cyclical evaluation model of information security maturity,
    in «INTERNATIONAL JOURNAL OF INFORMATION AND COMPUTER SECURITY»,
    vol. 22,
    2014
    , pp. 265 -
    278
  3. Bruttomesso R.; Ghilardi S.; Ranise S.,
    Quantifier-free interpolation in combinations of equality interpolating theories,
    in «ACM TRANSACTIONS ON COMPUTATIONAL LOGIC»,
    vol. 15,
    n. 1,
    2014
  4. Armando A.; Ponta S. E.,
    Model checking authorization requirements in business processes,
    in «COMPUTERS & SECURITY»,
    vol. 40,
    2014
    , pp. 1 -
    22
  5. Armando A.; Costa G.; Verderame L.; Merlo A.,
    Securing the "Bring Your Own Device" Paradigm,
    in «COMPUTER»,
    vol. 47,
    n. 6,
    2014
    , pp. 48 -
    56
  6. Armando A.; Costa G.; Merlo A.; Verderame L.,
    Formal modeling and automatic enforcement of Bring Your Own Device policies,
    in «INTERNATIONAL JOURNAL OF INFORMATION SECURITY»,
    2014
    , pp. 1 -
    18
  7. Armando A.; Benerecetti M.; Mantovani J.,
    Counterexample-guided abstraction refinement for linear programs with arrays,
    in «AUTOMATED SOFTWARE ENGINEERING»,
    vol. 21,
    n. 2,
    2014
    , pp. 225 -
    258
  8. Alberti F.; Bruttomesso R.; Ghilardi S.; Ranise S.; Sharygina N.,
    An extension of lazy abstraction with interpolation for programs with arrays,
    in «FORMAL METHODS IN SYSTEM DESIGN»,
    vol. 45,
    n. 1,
    2014
    , pp. 63 -
    109
  9. Armando A.; Merlo A.; Verderame L.,
    Security considerations related to the use of mobile devices in the operation of critical infrastructures,
    in «INTERNATIONAL JOURNAL OF CRITICAL INFRASTRUCTURE PROTECTION»,
    vol. 7,
    n. 4,
    2014
    , pp. 247 -
    256
  10. Armando A.; Carbone R.; Compagna L.,
    SATMC: a SAT-based Model Checker for Security-critical Systems,
    in «LECTURE NOTES IN COMPUTER SCIENCE»
    Tools and Algorithms for the Construction and Analysis of Systems- 20th International Conference, {TACAS} 2014,
    Springer Berlin Heidelberg,
    vol.8413,
    2014
    , pp. 31-
    45
    , (20th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS),
    Grenoble, France,
    5-13 April 2014)

Pages