I am hiring!

I am looking for a PostDoc on the topic of Security of the Internet of Things. if you are interested, please drop me an e-mail with your CV.
I am also looking for a PhD candidate on one of the following topics: Security of the Internet of Things, Adversarial Machine Learning. If you are interested, please drop me an e-mail with your CV.

Find more info about our new results on behavioural biometrics here.


Find more info about the CINI Cyber Security National Lab i am involved with, by clicking on its logo Cyber Security National Lab .

News

RelBAC: Relation Based Access Control


Project description
What distinguishes RelBAC from other access control models is the way it models PERMISSION in addition to the basic components such as SUBJECT and OBJECT. The intuition is that a PERMISSION is an operation that users (SUBJECTs) can perform on certain resources (OBJECTs).


To capture this intuition a PERMISSION is named with the name of the operation it refers to, e.g., Write, and Read operation or some more high-level operation, e.g., Assign, Manage, etc. In RelBAC, the original form of a verb is used as a PERMISSION name with the first letter capitalized. The generalization (loops) on each components represent IS-A relations. They are the most common and important relations among the knowledge. Groups of SUBJECT and classes of OBJECT are organized with IS-A hierarchies. The most interesting part is the loop on PERMISSION which represents the IS-A relations among named pairs. Modeling a PERMISSION as a set of named pairs allows us to use set theories on PERMISSIONs.RelBAC allows to model and express access control policies and the related properties (e.g. separation of duty) in a simple way and to use the logic behind the model to reason about such properties.


People: Bruno Crispo, Fausto Giunchiglia
Publications: