Andrea Margheri scite author profile

Cyber attacks are increasing in number and sophistication, causing organisations to continuously adapt management strategies for cyber security risks. As a key risk mitigation policy, organisations are investing in professional training courses for their employees to raise awareness on cyber attacks and related defences. Serious games have emerged as a new approach that can complement instruction-led or computer-based security training by providing a fun environment where players learn and practice cyber security concepts through the game. In this paper we propose Riskio, a tabletop game to increase cyber security awareness for people with no-technical background working in organisations. Riskio provides an active learning environment where players build knowledge on cyber security attacks and defences by playing both the role of the attacker and the defender of critical assets in a fictitious organisation.

show abstract

A Blockchain-based Infrastructure for Reliable and Cost-effective IoT-aided Smart Grids

Lombardi

Aniello

Angelis

et al. 2018

100

View full text Add to dashboard Cite

One of the main trends in the evolution of smart grids is transactive energy, where distributed energy resources, e.g. smart meters, develop towards Internet-of-Things (IoT) devices enabling prosumers to trade energy directly among each other, without the need of involving any centralised third party. The expected advantages in terms of cost-effectiveness would be significant, indeed technical solutions are being investigated and large-scale deployment are planned by major utilities companies. However, introducing transactive energy in the smart grid entails new security threats, such as forging energy transactions. This paper introduces an infrastructure to support reliable and cost-effective transactive energy, based on blockchain and smart contracts, where functionalities are implemented as fully decentralised applications. Energy transactions are stored in the blockchain, whose high replication level ensures stronger guarantees against tampering. Energy auctions are carried out according to transparent rules implemented as smart contracts, hence visible to all involved actors. Threats deriving from known vulnerabilities of smart meters are mitigated by temporarily keeping out exposed prosumers and updating their devices as soon as security patches become available.

show abstract

Decentralised provenance for healthcare data

Margheri

Masi²,

Miladi³

et al. 2020

International Journal of Medical Informatics

View full text Add to dashboard Cite

Objective. The creation and exchange of patients' Electronic Healthcare Records have developed significantly in the last decade. Patients' records are however distributed in data silos across multiple healthcare facilities, posing technical and clinical challenges that may endanger patients' safety. Current healthcare sharing systems ensure interoperability of patients' records across facilities, but they have limits in presenting doctors with the clinical context of the data in the records. We design and implement a platform for managing provenance tracking of Electronic Healthcare Records based on blockchain technology, compliant with the latest healthcare standards and following the patient-informed consent preferences. Methods. The platform leverages two pillars: the use of international standards such as Integrating the Healthcare Enterprise (IHE), Health Level Seven International (HL7)

show abstract

Differentially Private Data Sharing in a Cloud Federation with Blockchain

Yang

Margheri

et al. 2018

IEEE Cloud Comput.

View full text Add to dashboard Cite

Cloud federation is an emergent Cloud-computing paradigm that allows services from different Cloud systems to be aggregated in a single pool. To support secure data-sharing in a Cloud federation, anonymisation services that obfuscate sensitive datasets under differential privacy have been recently proposed. However, by outsourcing data protection to the Cloud, data owners lose control over their data, raising privacy concerns. This is even more compelling in multi-query scenarios where maintaining privacy amounts to controlling the allocation of so-called privacy budget. In this paper we propose a blockchain-based approach that enables data owners to control the anonymisation process, and enhances the security of the services. Our approach relies on blockchain to validate the usage of privacy budget and adaptively change its allocation via smart contracts, depending on the privacy requirements provided by data owners. Prototype implementation with the Hyperledger permissioned blockchain validates our approach with respect to privacy guarantee and practicality. Cloud federation builds up interconnectivity and cooperation among already deployed clouds, enabling organisations to achieve various business goals, such as controlled sharing of data, services and optimisation of computing resources usage 1-3. To support secure sharing of federated data, anonymisation services have been proposed as a building component of Federation-as-a-Service (FaaS), 3-4 a recent Cloud federation solution. This component implements differential privacy in order to obfuscate the result of statistical queries towards sensitive datasets, 5 enabling its privacy-preserving sharing. Offering this service in the context of a Cloud federation has benefits-access to multiple data sources and different service providers-but raises significant challenges for privacy management: sensitive datasets

show abstract

The SCEL Language: Design, Implementation, Verification

Nicola

Latella

Lafuente

et al. 2015

View full text Add to dashboard Cite

Abstract. SCEL (Service Component Ensemble Language) is a new language specifically designed to rigorously model and program autonomic components and their interaction, while supporting formal reasoning on their behaviors. SCEL brings together various programming abstractions that allow one to directly represent aggregations, behaviors and knowledge according to specific policies. It also naturally supports programming interaction, self-awareness, context-awareness, and adaptation. The solid semantic grounds of the language is exploited for developing logics, tools and methodologies for formal reasoning on system behavior to establish qualitative and quantitative properties of both the individual components and the overall systems.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Andrea Margheri

Riskio: A Serious Game for Cyber Security Awareness and Education

A Blockchain-based Infrastructure for Reliable and Cost-effective IoT-aided Smart Grids

Decentralised provenance for healthcare data

Differentially Private Data Sharing in a Cloud Federation with Blockchain

The SCEL Language: Design, Implementation, Verification

Contact Info

Product

Resources

About