1,720,985 research outputs found
Hyperproperties for Safe and Secure RFID Systems
No full textAlthough there have been many contributions to the rigorous description and verification of RFID-based systems
and their safety and security properties, there has yet to be much progress toward an explicit formalization of
information flow policies for such systems in terms of hyperproperties. In this paper, we introduce three classes
of hyperproperties related to the analysis of anti-collision protocols for RFID tags: hyper-reachability, hyperadaptivity,
and generalized non-interference. As a modeling framework, we employ an event-based model (suitable
for representing a large portion of existing RFID systems, both with passive and battery-powered tags) featuring
a component-oriented notion of state and allowing us to express hyperproperties in terms of event satisfaction
by component configurations. For each hyperproperty, we provide a formalization à la Clarkson-Schneider and a
hyperlogic characterization. We also propose some insights about decidability issues
Preface, CEUR Workshop Proceedings, 2024
No full textITASEC24 is the 8th Edition of the Italian conference on Cybersecurity, which is an annual event supported and organized by the CINI Cybersecurity National Lab, and also backed by the Italy’s Agency for National Cybersecurity (ACN). As in previous editions, ITASEC24 includes a Scientific and Technical (S&T) Track whose purpose is to gather Italian researchers, policy, industry, and society working in the field of Cybersecurity. It is thought as a forum to meet, discuss, and exchange experiences among people coming from academy and industry who are interested in cybersecurity and all its applications
ECC's Achilles'Heel: Unveiling Weak Keys in Standardized Curves
Full text linkThe strength of Elliptic curve cryptography (ECC) relies on curve choice. This work analyzes weak keys in standardized curves, i.e., private keys within small subgroups of the auxiliary group Z∗p. We quantify weak key prevalence across standardized curves, revealing a potential vulnerability due to numerous small divisors in auxiliary group orders. To address this, we leverage the implicit baby-steps giant-steps algorithm, which transforms the complex elliptic curve discrete logarithm problem into a simpler problem within Z∗p. This enables efficient detection of weak keys in small-order subgroups. Our findings highlight the importance of rigorous key testing in applications using standardized ECC. While random weak keys are unlikely, malicious actors could exploit this by manipulating key generation libraries. To this end, we show how users can assess their private key vulnerabilities and mitigate risks by eliminating weak keys. Hence, this work contributes to improved ECC security through proactive key management practices
Cybersecurity Assessment of Digital Twin in Smart Grids
Full text linkThe advent of the digital twin paradigm marks a technological revolution, particularly within smart grid systems enhanced by the Internet of Things (IoT). This study investigates the application of the PILAR tool for assessing the potential cyber risk in a smart grid, leveraging digital twins for improved data management and system
performance. Our methodology, informed by standards such as ISO/IEC 27002:2022, the cybersecurity framework, and GDPR, evaluates the security measures necessary for protecting these infrastructures. The effectiveness of PILAR in risk and security control identification is underscored through a comparative analysis with current literature, establishing a proactive risk management approach vital for the cyber-resilience of a smart grid
Is the Road to Hell Paved with Good Intentions? A Criminological and Criminal Law Analysis of Prospective Regulation for Ethical Hacking in Italy and the EU
Full text linkThe article aims to contribute to the current research on regulatory frameworks and best practices for ethical hacking, from the perspective of criminology and criminal law, providing insights into the Italian legal system that may also inform EU-wide regulations in this domain. The research employs a multidisciplinary approach by: (i) conducting a historical and criminological analysis of the contemporary “renaissance” of ethical hacking, which includes analyzing the rules of engagement in BBPs and the key factors influencing hackers’ choices between responsible disclosure and malicious exploitation of vulnerabilities; (ii) addressing the prevailing uncertainty about the legal qualification of ethical hacking, by assessing the criminal regime that might still be applicable to “well-intentioned” computer intrusions in Italy; (iii) providing a comparative perspective on EU legal systems that have decriminalized or otherwise incentivized ethical hacking practices as pivotal tools for enhancing a holistic notion of cybersecurity
On the Convergence of a Parallel Algorithm for Finding Polynomial Zeros
No full textThe problem of finding the zeros of a polynomial p(z) of degree n is considered. Some results related to a parallel algorithm given by Bini and Gemignani are improved. The algorithm is a reformulation of Householder's sequential algorithm ([7]) that is based on the computation of the polynomial remainder sequence generated by the Euclidean scheme. The approximation to the sought after zeros (or factors) can be carried out if, at the generic j-th step of the Euclidean scheme, the modulus of a certain quantity fi j , that depends on the remainder of the division, is "sufficiently small." This condition is verified through the detection of a strong break-point for the zeros, that is, a value of j such that if z i , i = 1; : : : ; n are the zeros of p(z), then fi fi fi a(z j+1 ) a(z j ) fi fi fi ! 1 \Gamma 1 n k for a given k and for a given function a(z). In this paper we present sufficient conditions and necessary conditions for the existence of a strong break point. 1 Introducti..
Going Beyond Counting First Authors in Author Co-citation Analysis
Full text linkThe present study examines one of the fundamental aspects of author co-citation analysis (ACA) - the way co-citation
counts are defined. Co-citation counting provides the data on which all subsequent statistical analyses and mappings
are based, and we compare ACA results based on two different types of co-citation counting - the traditional type that
only counts the first one among a cited work's authors on the one hand and a non-traditional type that takes into
account the first 5 authors of a cited work on the other hand. Results indicate that the picture produced through this non-traditional author co-citation counting contains more coherent author groups and is therefore considerably clearer. However, this picture represents fewer specialties in the research field being studied than that produced through the traditional first-author co-citation counting when the same number of top-ranked authors is selected and analyzed. Reasons for these effects are discussed
Variations on the Author
Full text link“Variations on the Author” discusses two of Eduardo Coutinho’s recent films (Um Dia na Vida, from 2010, and Últimas Conversas, posthumously released in 2015) and their contribution to the general question of documentary authorship. The director’s filmography is characterized by a consistent yet self-effacing form of authorial self-inscription: Coutinho often features as an interviewer that rather than express opinions propels discourses; an interviewer that is good at listening. This mode of self-inscription characterizes him as an author who is not expressive but who is nonetheless markedly present on the screen. In Um Dia na Vida, however, Coutinho is completely absent form the image, while Últimas Conversas, on the contrary, includes a confessional prologue that moves the director from the margins to the center of his films. This article examines the ways in which these works stand out in the filmography of a director who offers new insights into the notion of cinematic authorship
- …
