From 856ee2b87751f2adf434220e07116d509353f759 Mon Sep 17 00:00:00 2001 From: Marco Pernpruner Date: Thu, 26 Sep 2024 11:58:19 +0200 Subject: [PATCH] General fixes --- _data/destinations.yml | 2 +- _data/people.yml | 3 +-- _data/publications.yml | 14 -------------- 3 files changed, 2 insertions(+), 17 deletions(-) diff --git a/_data/destinations.yml b/_data/destinations.yml index c7715ff..e944313 100644 --- a/_data/destinations.yml +++ b/_data/destinations.yml @@ -1031,7 +1031,7 @@ - id: ARES2023 name: 18th International Conference on Availability, Reliability and Security acronym: ARES 2023 - url: https://www.ares-conference.eu + url: https://2023.ares-conference.eu/ type: conference location: Benevento, Italy startDate: "2023-08-29" diff --git a/_data/people.yml b/_data/people.yml index 32c396c..d12bf47 100644 --- a/_data/people.yml +++ b/_data/people.yml @@ -39,7 +39,7 @@ institution: University of Genoa place: Genoa, Italy email: alessandro.armando@unige.it - image: https://rubrica.unige.it/static/foto/VUZDXlxu.jpg?1688135377.3747 + image: https://rubrica.unige.it/static/foto/VUZDXlxu.jpg - id: AlessandroBiasi name: Alessandro @@ -175,7 +175,6 @@ - id: CarlottaTagliaro name: Carlotta surname: Tagliaro - image: https://media-exp1.licdn.com/dms/image/C4E03AQEPRt71VVgABw/profile-displayphoto-shrink_200_200/0?e=1611187200&v=beta&t=mmnzNewMBhrMwqgAbd0ne8RA6kTdqBtvnn8YCCpbkq4 - id: CeciliaPasquini name: Cecilia diff --git a/_data/publications.yml b/_data/publications.yml index 4d93633..961c836 100644 --- a/_data/publications.yml +++ b/_data/publications.yml @@ -2033,20 +2033,6 @@ - SMPC - PrivacyEnhancingCryptography - DecentralizationOfTrust - -- id: POLSIM2023 - #id_iris: - title: "A Simulation Framework for the Experimental Evaluation of Access Control Enforcement Mechanisms based on Business Processes" - authors: - - StefanoBerlato - - RobertoCarbone - - SilvioRanise - abstract: > - While the security analysis of Access Control (AC) policies has received a lot of attention, the same cannot be said for their enforcement. As systems become more distributed (e.g., centralized services may become a bottleneck) and legal compliance constraints stricter (e.g., the problem of honest but curious Cloud providers in the light of privacy regulations), the fine-tuning of AC enforcement mechanisms is likely to become more and more important. This is especially true in scenarios where the quality of service may suffer from computationally heavy security mechanisms and low latency is a prominent requirement. As a first step towards a principled approach to fine-tune AC enforcement, this paper introduces a methodology providing the means to measure the performance of AC enforcement mechanisms through the simulation of realistic deployment scenarios. To do so, we base our methodology on Business Process Model and Notation (BPMN) workflows—that provide for an appropriate abstraction of the sequence of requests toward AC enforcement mechanisms performed by applications—to derive lists of AC operations (e.g., access a resource, revoke a permission) and execute them to evaluate and compare the performance of different mechanisms. Finally, we implement our methodology and apply it to three case studies representative of both traditional centralized AC—i.e., the Open Policy Agent (OPA) and the eXtensible Access Control Markup Language (XACML)—and decentralized Cryptographic Access Control (CAC)—i.e., CryptoAC—. - destination: POLSIM2023 - year: 2023 - #doi: - urlComplementary: /complementary/POLSIM2023 - id: RACS2023 id_iris: 344627