VALUTAZIONE DELLA GESTIONE DEI CANILI RUOLO DEL MEDICO VETERINARIO

In questo lavoro si abbiamo descritto un metodo per il controllo e la vigilanza all'interno delle strutture che ospitano in cani prendendo in considerazione le norme emanate dalla Regione Lazio in quanto non esiste una procedura codificata a livello regionale per tale attività . Il nostro obbiettivo era proporre un sistema di valutazione oggettivo, tracciabile, che fornisse una valutazione qualitativa del servizio offerto e che ribadisse il ruolo primario del Medico Veterinario in tale attività. Dopo aver illustrato il metodo, che si basa sulla compilazione di una check list e la successiva elaborazione della stessa, lo abbiamo provato su quattro canili della provincia di Viterbo per verificare l'applicabilità, il tempo necessario per la singola valutazione e il raggiungimento degli obbiettivi. Sebbene le prove sono state limitate nel numero il metodo è risultato applicabile anche se con un impegno in termini di tempo relativamente lungo. Dalle prove in campo gli obbiettivi che ci eravamo prefissati sono stati rispettati. In this paper we have described a method of control and supervision within the structures that house dogs in considering the rules issued by the Lazio Region as there is no written procedures at the regional level for such activities. Our goal was to offer an objective evaluation system, traceable, that would provide a qualitative assessment of the service offered and were to maintain that the primary role of the veterinarian in such activities. After explaining the method, which is based on the compilation of a checklist and subsequent processing of the same, we tried it on four kennels of the province of Viterbo to verify the applicability, the time required for the individual assessment and achievement of objectives . Although the tests have been limited in the number result, the method is applicable even if with a commitment in terms of relatively long time. From field testing the goals that we set have been met

On the Security of Software Systems and Services

This work investigates new methods for facing the security issues and threats arising from the composition of software. This task has been carried out through the formal modelling of both the software composition scenarios and the security properties, i.e., policies, to be guaranteed. Our research moves across three different modalities of software composition which are of main interest for some of the most sensitive aspects of the modern information society. They are mobile applications, trust-based composition and service orchestration. Mobile applications are programs designed for being deployable on remote platforms. Basically, they are the main channel for the distribution and commercialisation of software for mobile devices, e.g., smart phones and tablets. Here we study the security threats that affect the application providers and the hosting platforms. In particular, we present a programming framework for the development of applications with a static and dynamic security support. Also, we implemented an enforcement mechanism for applying fine-grained security controls on the execution of possibly malicious applications. In addition to security, trust represents a pragmatic and intuitive way for managing the interactions among systems. Currently, trust is one of the main factors that human beings keep into account when deciding whether to accept a transaction or not. In our work we investigate the possibility of defining a fully integrated environment for security policies and trust including a runtime monitor. Finally, Service-Oriented Computing (SOC) is the leading technology for business applications distributed over a network. The security issues related to the service networks are many and multi-faceted. We mainly deal with the static verification of secure composition plans of web services. Moreover, we introduce the synthesis of dynamic security checks for protecting the services against illegal invocations

Jalapa: Securing Java with Local Policies Tool Demonstration

AbstractWe present Jalapa, a tool for securing Java bytecode programs with history-based usage policies. Policies are defined by usage automata, that recognize the forbidden execution histories. Usage automata are expressive enough to allow programmers specify of many real-world usage policies; yet, they are simple enough to permit formal reasoning. Programmers can sandbox untrusted pieces of code with usage policies. The Jalapa tool rewrites the Java bytecode by adding the hooks for the mechanism that enforces the given policies at run-time

Automating the Generation of Cyber Range Virtual Scenarios with VSDL

A cyber range is an environment used for training security experts and testing attack and defence tools and procedures. Usually, a cyber range simulates one or more critical infrastructures that attacking (red) and defending (blue) teams must compromise and protect, respectively. The infrastructure can be physically assembled, but much more convenient is to rely on the Infrastructure as a Service (IaaS) paradigm. Although some modern technologies support the IaaS, the design and deployment of scenarios of interest is mostly a manual operation. As a consequence, it is a common practice to have a cyber range hosting few (sometimes only one), consolidated scenarios. However, reusing the same scenario may significantly reduce the effectiveness of the training and testing sessions. In this paper, we propose a framework for automating the definition and deployment of arbitrarily complex cyber range scenarios. The framework relies on the virtual scenario description language (VSDL), i.e., a domain-specific language for defining high-level features of the desired infrastructure while hiding low-level details. The semantics of VSDL is given in terms of constraints that must be satisfied by the virtual infrastructure. These constraints are then submitted to an SMT solver for checking the satisfiability of the specification. If satisfiable, the specification gives rise to a model that is automatically converted to a set of deployment scripts to be submitted to the IaaS provider

VeriOSS: Using the Blockchain to Foster Bug Bounty Programs

Nowadays software is everywhere and this is particularly true for free and open source software (FOSS). Discovering bugs in FOSS projects is of paramount importance and many bug bounty programs attempt to attract skilled analysts by promising rewards. Nevertheless, developing an effective bug bounty program is challenging. As a consequence, many programs fail to support an efficient and fair bug bounty market. In this paper, we present VeriOSS, a novel bug bounty platform. The idea behind VeriOSS is to exploit the blockchain technology to develop a fair and efficient bug bounty market. To this aim, VeriOSS combines formal guarantees and economic incentives to ensure that the bug disclosure is both reliable and convenient for the market actors