Progettazione e sviluppo di uno strumento per la tutela della riservatezza delle informazioni in applicazioni .NET

In questa tesi si propone uno strumento di analisi statica del codice atto a rilevare il trattamento improprio di informazioni personali da parte di applicazioni .NET. Il flusso di propagazione delle informazioni viene tracciato in base ad impostazioni di livello di sicurezza, fornite in modo manuale o automatico ai Tipi definiti nell'applicazione .NET. A partire dalle informazioni di sicurezza vengono definite una serie di regole atte a formalizzare il comportamento del codice .NET in questo nuovo contesto. Obiettivo finale del lavoro è stato lo sviluppo di uno strumento in grado di rilevare possibili violazioni della privacy, dovute all'esecuzione di programmi che hanno accesso ad informazioni riservate

Uno strumento per l'analisi delle dipendenze e la verifica del flusso di informazione sicuro nel CIL

In questa tesi si propone uno strumento per il calcolo delle dipendenze tra le istruzioni del codice CIL ed uno per la verifica del flusso di informazione sicuro negli assembly .Ne

Proceedings of the 3rd International Workshop on Formal Aspects in Security and Trust (FAST2005)

The present report contains the pre-proceedings of the third international Workshop on Formal Aspects in Security and Trust (FAST2005), held in Newcastle upon Tyne, 18-19 July 2005. FAST is an event affliated with the Formal Methods 2005 Congress (FM05). The third international Workshop on Formal Aspects in Security and Trust (FAST2005) aims at continuing the successful effort of the previous two FAST workshop editions for fostering the cooperation among researchers in the areas of security and trust. The new challenges offered by the so-called ambient intelligence space, as a future paradigm in the information society, demand for a coherent and rigorous framework of concepts, tools and methodologies to provide user\u27s trust&confidence on the underlying communication/interaction infrastructure. It is necessary to address issues relating to both guaranteeing security of the infrastructure and the perception of the infrastructure being secure. In addition, user confidence on what is happening must be enhanced by developing trust models effective but also easily comprehensible and manageable by users

Formal Aspects in Security and Trust

his book constitutes the thoroughly refereed post-proceedings of the Third International Workshop on Formal Aspects in Security and Trust, FAST 2005, held in Newcastle upon Tyne, UK in July 2005. The 17 revised papers presented together with the extended abstract of 1 invited paper were carefully reviewed and selected from 37 submissions. The papers focus on formal aspects in security and trust policy models, security protocol design and analysis, formal models of trust and reputation, logics for security and trust, distributed trust management systems, trust-based reasoning, digital assets protection, data protection, privacy and ID issues, information flow analysis, language-based security, security and trust aspects in ubiquitous computing, validation/analysis tools, web service security/trust/privacy, GRID security, security risk assessment, and case studies

2017 Special Track on Computer Security

status: publishe