Strong and Provably Secure Database Access Control

Existing SQL access control mechanisms are extremely limited. Attackers can leak information and escalate their privileges using advanced database features such as views, triggers, and integrity constraints. This is not merely a problem of vendors lagging behind the state-of-the-art. The theoretical foundations for database security lack adequate security definitions and a realistic attacker model, both of which are needed to evaluate the security of modern databases. We address these issues and present a provably secure access control mechanism that prevents attacks that defeat popular SQL database systems.Comment: A short version of this paper has been published in the proceedings of the 1st IEEE European Symposium on Security and Privacy (EuroS&P 2016

Securing Databases from Probabilistic Inference

Databases can leak confidential information when users combine query results with probabilistic data dependencies and prior knowledge. Current research offers mechanisms that either handle a limited class of dependencies or lack tractable enforcement algorithms. We propose a foundation for Database Inference Control based on ProbLog, a probabilistic logic programming language. We leverage this foundation to develop Angerona, a provably secure enforcement mechanism that prevents information leakage in the presence of probabilistic dependencies. We then provide a tractable inference algorithm for a practically relevant fragment of ProbLog. We empirically evaluate Angerona's performance showing that it scales to relevant security-critical problems.Comment: A short version of this paper has been accepted at the 30th IEEE Computer Security Foundations Symposium (CSF 2017

Exorcising Spectres with Secure Compilers

Attackers can access sensitive information of programs by exploiting the side-effects of speculatively-executed instructions using Spectre attacks. To mitigate theses attacks, popular compilers deployed a wide range of countermeasures. The security of these countermeasures, however, has not been ascertained: while some of them are believed to be secure, others are known to be insecure and result in vulnerable programs. To reason about the security guarantees of these compiler-inserted countermeasures, this paper presents a framework comprising several secure compilation criteria characterizing when compilers produce code resistant against Spectre attacks. With this framework, we perform a comprehensive security analysis of compiler-level countermeasures against Spectre attacks implemented in major compilers. This work provides sound foundations to formally reason about the security of compiler-level countermeasures against Spectre attacks as well as the first proofs of security and insecurity of said countermeasures

A geodatabase for multisource data applied to cultural heritage: The case study of Villa Revedin Bolasco

In this paper we present the results of the development of a Web-based archiving and documenting system aimed to the management of multisource and multitemporal data related to cultural heritage. As case study we selected the building complex of Villa Revedin Bolasco in Castefranco Veneto (Treviso, Italy) and its park. Buildings and park were built in XIX century after several restorations of the original XIV century area. The data management system relies on a geodatabase framework, in which different kinds of datasets were stored. More specifically, the geodatabase elements consist of historical information, documents, descriptions of artistic characteristics of the building and the park, in the form of text and images. In addition, we used also floorplans, sections and views of the outer facades of the building extracted by a TLS-based 3D model of the whole Villa. In order to manage and explore these rich dataset, we developed a geodatabase using PostgreSQL and PostGIS as spatial plugin. The Web-GIS platform, based on HTML5 and PHP programming languages, implements the NASA Web World Wind virtual globe, a 3D virtual globe we used to enable the navigation and interactive exploration of the park. Furthermore, through a specific timeline function, the user can explore the historical evolution of the building complex

A Turning Point for Verified Spectre Sandboxing

Spectre attacks enable an attacker to access restricted data in an application's memory. Both the academic community and industry veterans have developed several mitigations to block Spectre attacks, but to date, very few have been formally vetted; most are "best effort" strategies. Formal guarantees are particularly crucial for protecting isolated environments like sandboxing against Spectre attacks. In such environments, a subtle flaw in the mitigation would allow untrusted code to break out of the sandbox and access trusted memory regions. In our work, we develop principled foundations to build isolated environments resistant against Spectre attacks. We propose a formal framework for reasoning about sandbox execution and Spectre attacks. We formalize properties that sound mitigation strategies must fulfill and we show how various existing mitigations satisfy (or fail to satisfy!) these properties

Analysis of geospatial behaviour of visitors of urban gardens: is positioning via smartphones a valid solution?

Tracking locations is practical and speditive with smartphones, as they are omnipresent devices, relatively cheap, and have the necessary sensors for positioning and networking integrated in the same box. Nowadays recent models have GNSS antennas capable of receiving multiple constellations. In the proposed work we test the hypothesis that GNSS positions directly recorded by smartphones can be a valid solution for spatial analysis of people's behaviour in an urban garden. Particular behaviours can be linked to therapeutic spots that promote health and well-being of visitors. Three parts are reported: (i) assessment of the accuracy of the positions relative to a reference track, (ii) implementation of a framework for automating transmission and processing of the location information, (iii) analysis of preferred spots via spatial analytics. Different devices were used to survey at different times and with different methods, i.e. in the pocket of the owner or on a rigid frame. Accuracy was estimated using distance of each located point to the reference track, and precision was estimated with static multiple measures. A chat-bot through the Telegram application was implemented to allow users to send their data to a centralized computing environment thus automating the spatial analysis. Results report a horizontal accuracy below ~2.3 m at 95% confidence level, without significant difference between surveys, and very little differences between devices. GNSS-only and assisted navigation with telephone cells also did not show significant difference. Autocorrelation of the residuals over time and space showed strong consistency of the residuals, thus proving a valid solution for spatial analysis of walking behaviour

A synoptic characterization of the dust transport and associated thermal anomalies in the Mediterranean basin

Presentación realizada para las XXXII Jornadas Científicas de la Asociación Meteorológica Española y 13º Encuentro Hispano-Luso de Meteorología celebrados en Alcobendas (Madrid), del 28 al 30 de mayo de 2012