Learn More
Passwords and PINs are still the most deployed authentica-tion mechanisms and their protection is a classical branch of research in computer security. Several password schemes, as well as more sophisticated tokens, algorithms, and protocols, have been proposed during the last years. Some proposals require dedicated devices, such as biometric sensors,(More)
Introduction The economic value of user profiles Rich user profiles = Money An incentive for providers to collect lots of personal (sensitive) information (and sell it!) user name, birth date, gender, detailed address, credit card information ESORICS'11 – 14/9/2011 Introduction The economic value of user profiles Rich user profiles = Money An incentive for(More)
In this paper, we propose a new proactive password checker, a program which prevents the choice of easy-to-guess passwords. The checker uses a decision tree, constructed applying the minimum description length principle and a pessimistic pruning technique. Experimental results show a substantial improvement in performance of this checker compared to(More)
This paper deals with the access control problem. We assume that valuable resources need to be protected against unauthorized users and that, to this aim, a password-based access control scheme is employed. Such an abstract scenario captures many applicative settings. The issue we focus our attention on is the following: password-based schemes provide a(More)
It is often observed that agents tend to imitate the behavior of their neighbors in a social network. This imitating behavior might lead to the strategic decision of adopting a public behavior that differs from what the agent believes is the right one and this can subvert the behavior of the population as a whole. In this paper, we consider the case in(More)
The cloud computing paradigm requires solutions supporting customers in the selection of services that satisfy their functional and non-functional requirements. These solutions must i) support the dynamic, multi-cloud nature of service provisioning, ii) manage scenarios where no total preference relation over service properties is available, and iii)(More)