Bruno Crispo

I am hiring!

Interested in doing research on System security, Internet of Things, trust technology or web security? Then please send me an e-mail. I am always looking for good candidates for PhD, junior or senior researcher and also as a professor.

Find more info about our new results on behavioural biometrics here.

Find more info about the CINI Cyber Security National Lab i am involved with, by clicking on its logo .

Applications to the CyberChallenge CTF 2024 are open.

News

Dec 2023

Our paper OAuth 2.0 Redirect URI Validation Falls Short, Literally" has been presented at ACSAC 2023 by Elsevier.

July 2023

Our paper AppBox: A Black-Box Application Sandboxing Technique for Mobile App Management Solutions" has been presented at IEEE ISCC 2023.

Feb. 2023

Our paper "A Survey of Human-Computer Interaction (HCI) & Natural Habits-based Behavioural Biometric Modalities for User Recognition Schemes" has been accepted at Pattern Recognition Journal published by Elsevier.

Dec. 2022

Our paper "AI-enabled IoT Penetration Testing: State-of-the-art and Research Challenges" has been accepted at Enterprise Information Systems Journal published by Taylor & Francis.

RelBAC: Relation Based Access Control

Project description
What distinguishes RelBAC from other access control models is the way it models PERMISSION in addition to the basic components such as SUBJECT and OBJECT. The intuition is that a PERMISSION is an operation that users (SUBJECTs) can perform on certain resources (OBJECTs).

To capture this intuition a PERMISSION is named with the name of the operation it refers to, e.g., Write, and Read operation or some more high-level operation, e.g., Assign, Manage, etc. In RelBAC, the original form of a verb is used as a PERMISSION name with the first letter capitalized. The generalization (loops) on each components represent IS-A relations. They are the most common and important relations among the knowledge. Groups of SUBJECT and classes of OBJECT are organized with IS-A hierarchies. The most interesting part is the loop on PERMISSION which represents the IS-A relations among named pairs. Modeling a PERMISSION as a set of named pairs allows us to use set theories on PERMISSIONs.RelBAC allows to model and express access control policies and the related properties (e.g. separation of duty) in a simple way and to use the logic behind the model to reason about such properties.

People: Bruno Crispo, Fausto Giunchiglia
Publications:

Fausto Giunchiglia, Rui Zhang, Bruno Crispo, "RelBAC: Relation Based Access Control",In the proceedings of the Fourth International Conference on Semantics, Knowledge and Grid. (SKG 2008) December 2008, pages 3-11.
Rui Zhang, Alessandro Artale, Fausto Giunchiglia, Bruno Crispo, "Using Description Logics in Relation Based Access Control". In the proceedings of the 22nd International Workshop on Description Logics. (DL 2009), July 2009.
Rui Zhang, Fausto Giunchiglia, Bruno Crispo, Lingyang Song, "Relation-Based Access Control: An Access Control Model for Context-aware Computing Environment", in Wireless Personal Communications Journal, Volume 55, Number 1, 5-17, DOI: 10.1007/s11277-009-9782-4. Springer 2009. (WPC).
Fausto Giunchiglia, Rui Zhang, Bruno Crispo, "Ontology Driven Community Access Control". In the proceedings of the Trust and Privacy on the Social and Semantic Web Workshop. (SPOT 2009) June 2009. pdf
Alessandro Artale, Bruno Crispo, Fausto Giunchiglia, Fatih Turkmen and Rui Zhang, "Reasoning about Relation Based Access Control", In the proceedings of the 4th IEEE International Conference on Network and System Security (NSS 2010), September, 2010

Bruno Crispo

"Men willingly believe what they wish" (Julius Caesar, "De Bello Gallico", III, 18)

Sample menu:

I am hiring!

News

RelBAC: Relation Based Access Control