Passwords and PINs are still the most deployed authentica-tion mechanisms and their protection is a classical branch of research in computer security. Several password schemes, as well as more sophisticated tokens, algorithms, and protocols, have been proposed during the last years. Some proposals require dedicated devices, such as biometric sensors,… (More)
In this paper we address the problem of estimating the number of stations in a wireless network. Under the assumption that each station can detect collisions, we show that it is possible to estimate the number stations in the network within a factor 2 from the correct value in time O(log n log log n). We further show that if no station can detect… (More)
Context-aware access control systems should reactively adapt access control decisions to dynamic environmental conditions. In this paper we present an extension of the TRBAC model that allows the specification and enforcement of general reactive policies. Then we extend XACML to support the new model, and illustrate a prototype implementation of the PDP.
We study network load games, a class of routing games in networks which generalize selfish routing games on networks consisting of parallel links. In these games, each user aims to route some traffic from a source to a destination so that the maximum load she experiences in the links of the network she occupies is minimum given the routing decisions of… (More)
Introduction The economic value of user profiles Rich user profiles = Money An incentive for providers to collect lots of personal (sensitive) information (and sell it!) user name, birth date, gender, detailed address, credit card information ESORICS'11 – 14/9/2011 Introduction The economic value of user profiles Rich user profiles = Money An incentive for… (More)
It is often observed that agents tend to imitate the behavior of their neighbors in a social network. This imitating behavior might lead to the strategic decision of adopting a public behavior that differs from what the agent believes is the right one and this can subvert the behavior of the population as a whole. In this paper, we consider the case in… (More)
In this paper we evaluate the security of a two-factor Graph-ical Password scheme proposed in . As in the original paper, we model the attack of a passive adversary as a boolean formula whose truth assignment corresponds to the user secret. We show that there exist a small number of secrets that a passive adversary cannot extract, independently from the… (More)