Roberto Sassu scite author profile

Roberto Sassu

5Publications

29Citation Statements Received

33Citation Statements Given

How they've been cited

How they cite others

Affiliations

Polytechnic University of Turin, Turin Polytechnic University

Publications

Order By: Most citations

Virtualized security at the network edge: a user-centric approach

et al. 2015

View full text Add to dashboard Cite

The current device-centric protection model against security threats has serious limitations. On the one hand, the proliferation of user terminals such as smart-phones, tablets, notebooks, smart TVs, game consoles and desktop computers makes it extremely difficult to achieve the same level of protection regardless of the device used. On the other hand, when various users share devices (e.g., parents and kids using the same devices at home), the set up of distinct security profiles, policies, and protection rules for the different users of a terminal is far from trivial. In light of this, this paper advocates for a paradigm shift in user protection. In our model, the protection is decoupled from the users' terminals, and it is provided by the access network through a Trusted Virtual Domain (TVD). Each TVD provides unified and homogeneous security for a single user, irrespective of the terminal employed. We describe a user-centric model, where non-technically savvy users can define their own profiles and protection rules in an intuitive way. We show that our model can harness from the virtualization power offered by nextgeneration access networks, especially, from Network Functions Virtualization (NFV) in the Points of Presence (POPs) at the edge of Telecom operators. We also analyze the distinctive features of our model, and the challenges faced based on the experience gained in the development of a proof-of-concept.

show abstract

On scalability of remote attestation

Cesena

Ramunno

Sassu

et al. 2011

View full text Add to dashboard Cite

The Trusted Platform Agent

et al. 2011

View full text Add to dashboard Cite

Exploiting the Network for Securing Personal Devices

Dalton

Lioy

López

et al. 2014

View full text Add to dashboard Cite

Abstract. Personal devices (such as smartphones and laptops) often experience incoherent levels of security due to the different protection applications available on the various devices. This paper presents a novel approach that consists in offloading security applications from personal devices and relocating them inside the network; this will be achieved by enriching network devices with the appropriate computational capabilities to execute generic security applications. This approach is fostered by the Secured project, which will define the architecture, data and protocols needed to turn this vision into reality.

show abstract

Practical Assessment of Biba Integrity for TCG-Enabled Platforms

Sassu

Ramunno

Lioy

2014

View full text Add to dashboard Cite

Checking the integrity of an application is necessary to determine if the latter will behave as expected. The method defined by the Trusted Computing Group consists in evaluating the fingerprints of the hardware and software components of a platform required for the proper functioning of the application to be assessed. However, this only ensures that a process was working correctly at load-time but not for the whole life-cycle. Policy-Reduced Integrity Measurement Architecture (PRIMA) addresses this problem by enforcing a security policy that denies information flows from potentially malicious processes to an application target of the evaluation and its dependencies (required by CW-Lite, an evolution of the Biba integrity model). Given the difficulty of deploying PRIMA, as platform administrators have to tune their security policies to satisfy the CW-Lite requirements, we propose Enhanced IMA, an extended version of the Integrity Measurement Architecture (IMA) that, unlike PRIMA, works almost out of the box and just reports information flows instead of enforcing them. In addition, we introduce a model to evaluate the information reported by Enhanced IMA with existing techniques.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Roberto Sassu

Virtualized security at the network edge: a user-centric approach

On scalability of remote attestation

The Trusted Platform Agent

Exploiting the Network for Securing Personal Devices

Practical Assessment of Biba Integrity for TCG-Enabled Platforms

Contact Info

Product

Resources

About