Alessandro Sorniotti

Learn More
Deduplication is a technique used to reduce the amount of storage needed by service providers. It is based on the intuition that several users may want (for different reasons) to store the same content. Hence, storing a single copy of these files is sufficient. Albeit simple in theory, the implementation of this concept introduces many security risks. In(More)
As more corporate and private users outsource their data to cloud storage providers, recent data breach incidents make end-toend encryption an increasingly prominent requirement. Unfortunately, semantically secure encryption schemes render various cost-effective storage optimization techniques, such as data deduplication, ineffective. We present a novel(More)
A key-value store (KVS) offers functions for storing and retrieving values associated with unique keys. KVSs have become widely used as shared storage solutions for Internet-scale distributed applications. We present a fault-tolerant wait-free efficient algorithm that emulates a multi-reader multi-writer register from a set of KVS replicas in an(More)
Browser-based Single Sign-On (SSO) is replacing conventional solutions based on multiple, domain-specific credentials by offering an improved user experience: clients log on to their company system once and are then able to access all services offered by the company’s partners. By focusing on the emerging SAML standard, in this paper we show that the(More)
Although very developed in many sectors (databases, filesystems), access control schemes are still somewhat elusive when it comes to wireless sensor networks. However, it is clear that many WSN systems – such as healthcare and automotive ones – need a controlled access to data that sensor nodes produce, given its high sensitivity. Enforcing access control(More)
In this paper we present the first framework that allows the creation of Secret Interest Groups (SIGs) in Online Social Networks; SIGs are self managed groups formed outside of the social network, around secret, sensitive or private topics. Members exchange credentials that can be used inside the social network to authenticate upon friendship requests or to(More)
Securely deleting data from storage systems has become difficult today. Most storage space is provided as a virtual resource and traverses many layers between the user and the actual physical storage medium. Operations to properly erase data and wipe out all its traces are typically not foreseen, particularly not in networked and cloud-storage systems. This(More)
Deduplication is a widely used technique in storage services, since it affords a very efficient usage of resources-being especially effective for consumer-grade storage services (e.g. Dropbox). Deduplication has been shown to suffer from several security weaknesses, the most severe ones enabling a malicious user to obtain possession of a file it is not(More)
Secret Handshake is becoming an ever more popular research subject in the field of privacypreserving authentication protocols. Revocation of credentials in Secret Handshakes is a difficult challenge, as it mixes the conflicting requirements of tracing revoked users and of the untraceability and unlinkability of legitimate protocol players. The schemes(More)