Clemente Galdi

Learn More
Context-aware access control systems should reactively adapt access control decisions to dynamic environmental conditions. In this paper we present an extension of the TRBAC model that allows the specification and enforcement of general reactive policies. Then we extend XACML to support the new model, and illustrate a prototype implementation of the PDP.
Passwords and PINs are still the most deployed authentication mechanisms and their protection is a classical branch of research in computer security. Several password schemes, as well as more sophisticated tokens, algorithms, and protocols, have been proposed during the last years. Some proposals require dedicated devices, such as biometric sensors,(More)
In this paper, we propose a new proactive password checker, a program which prevents the choice of easy-to-guess passwords. The checker uses a decision tree, constructed applying the minimum description length principle and a pessimistic pruning technique. Experimental results show a substantial improvement in performance of this checker compared to(More)
We study network load games, a class of routing games in networks which generalize selfish routing games on networks consisting of parallel links. In these games, each user aims to route some traffic from a source to a destination so that the maximum load she experiences in the links of the network she occupies is minimum given the routing decisions of(More)
Graphical passwords are a promising research branch, but implementation of many proposed schemes often requires considerable resources (e.g., data storage, high quality displays) making difficult their usage on small devices, such as old-fashioned ATM terminals. Furthermore, most of the time, such schemes lack a careful security analysis. In this paper, we(More)
Nowadays, e-mail has become one of the most widely used communication medium. Because of its characteristics of inexpensivity and rapidity in the delivery of messages, e-mail is increasingly used in place of ordinary mail. However, the e-mail service exposes users to several risks related to the lack of security during the message exchange. Furthermore,(More)
The cloud computing paradigm requires solutions supporting customers in the selection of services that satisfy their functional and non-functional requirements. These solutions must i) support the dynamic, multi-cloud nature of service provisioning, ii) manage scenarios where no total preference relation over service properties is available, and iii)(More)