Blockchain Tree for eHealth

The design of access control mechanisms for healthcare systems is challenging: it must strike the right balance between permissions and restrictions. In this work, we propose a novel approach that is based on the Blockchain technology for storage patient medical data and create an audit logging system able to protect health data from unauthorized modification and access. The proposed method consists of a tree structure: a main chain linked with the patient's identity and one or several Subchains which are used for storing additional critical data (e.g., medical diagnoses or access logs)

A Wizard-based Approach for Secure Code Generation of Single Sign-On and Access Delegation Solutions for Mobile Native Apps

Many available mobile applications (apps) have poorly implemented Single Sign-On and Access Delegation solutions leading to serious security issues. This could be caused by inexperienced developers who prioritize the implementation of core functionalities and/or misunderstand security critical parts. The situation is even worse in complex API scenarios where the app interacts with several providers. To address these problems, we propose a novel wizard-based approach that guides developers to integrate multiple third-party Identity Management (IdM) providers in their apps, by (i) “enforcing” the usage of best practices for native apps, (ii) avoiding the need to download several SDKs and understanding their online documentations (a list of known IdM providers with their configuration information is embedded within our approach), and (iii) automatically generating the code to enable the communication with the different IdM providers. The effectiveness of the proposed approach has been as sessed by implementing an Android Studio plugin and using it to integrate several IdM providers, such as OKTA, Auth0, Microsoft, and Google

The eIDAS Regulation: A Survey of Technological Trends for European Electronic Identity Schemes

The eIDAS regulation aims to provide an interoperable European framework to enable EU citizens to authenticate and communicate with services of other Member States by using their national electronic identity. While a number of high-level requirements (e.g., related to privacy and security) are established to make interoperability among Member States possible, the eIDAS regulation does not explicitly specify the technologies that can be adopted during the development phase to meet the requirements as mentioned earlier. To the best of our knowledge, there is no work available in the literature investigating the technological trends within the notified eIDAS electronic identity schemes used by Member States. To fill this gap, this paper analyzes how the different technological trends of notified schemes satisfy the requirements of the eIDAS regulation. To do this, we define a set of research questions that allow us to investigate the correlations between different design dimensions such as security, privacy, and usability. Based on these findings, we provide a set of lessons learned that would be valuable to the security community, as they can provide useful insights on how to more efficiently protect interoperable national digital identities. Furthermore, we provide a brief overview regarding the new eIDAS regulation (eIDAS 2.0) that aims to provide a more privacy-preserving electronic identity solution by moving from a centralized approach to a decentralized one

6. Automated Assistance to the Security Assessment of API for Financial Services

This chapter presents the challenges related to the security assessment and the auto- mated synthesis of mitigation measures of APIs for financial services. The focus is on the APIs supporting the implementation of the new Payment Services Directive. It also gives an overview of an innovative approach to address these challenges by (i) the automated identification and mitigation of security misconfigurations underlying sessions based on Transport Layer Security, which is ubiquitously used to build a foundation layer of security; and (ii) the automated penetration testing and synthesis of mitigations for the functionalities provided by APIs built on top of it, both business (e.g., payments) and security (e.g., authentication or authorization). The main novelty of the proposed approach lies in the tight integration of identification and mitigation phases by means of actionable measures that allow users to significantly strengthen the security posture of the entire API ecosystem

A methodology for the design and security assessment of mobile identity management: applications to real-world scenarios

The widespread use of digital identities in our everyday life, along with the release of sensitive data on many online transactions, calls for Identity Management (IdM) solutions that are secure, privacy-aware, and compatible with new technologies, such as mobile and cloud computing. While there exist many secure IdM solutions for web applications, their adaptation in the mobile context is a new and open challenge. The majority of mobile IdM solutions currently used are based on proprietary protocols and their security analysis lacks standardization in the structure, definitions of notions and entities, and specific considerations to identify the attack surface that turns out to be quite different from well understood web scenarios. This makes a comparison among different solutions very complex or, in the worst case, misleading. To overcome these difficulties, we propose a novel methodology for the design and security assessment of mobile IdM solutions. The design space is characterized by the identification of: (i) national (e.g., SPID for Italy) and European (e.g., eIDAS) laws, regulations and guideline principles that are particularly relevant to digital identity and privacy; (ii) a list of security and usability requirements that are related to IdM solutions (e.g., single sign-on and multi-factor authentication); (iii) a set of implementation mechanisms that are relevant to authentication and authorization on mobile devices and simplify the satisfaction of the requirements in (ii). All the designed solutions use as blueprint a reference model resulting from a rational reconstruction of the mobile IdM solution adopted by Facebook and a study of the OAuth specification for native applications. Regarding the security assessment, our methodology supports analyses ranging from semi-formal to formal. For the former, an IdM designer is required to specify the security relevant parts of the protocol using message sequence charts, the threat model and the security properties; these offer the starting point to argue whether the protocol satisfies the specified properties. For the latter, an IdM designer is required to specify the protocol flow, the attacker properties and the security properties using one of the available formal specification languages for the description of cryptographic and browser-based protocols, and verify the security property violations using an automated tool for protocol analysis. To validate our approach, we applied it to four different real-world scenarios that represent different functional and usability requirements: 1. TreC: a multi-factor authentication solution with a single sign-on experience for mobile e-Health applications. 2. Smart Community: a secure delegated access solution in the context of smart-cities. 3. DigiMat-Lab (Istituto Poligrafico e Zecca dello Stato): a mobile multi-factor authentication solution that uses as second factor the Italian electronic identity card. 4. FIDES: an IdM solution that combines federation and cross-border aspects in the context of the European single digital market. The custom designs obtained by applying our methodology in the four scenarios above show the generality and effectiveness of our methodology. When using formal analysis, we have re-used the specification language and tools developed in the context of the AVANTSSAR EU-founded project

Formal Analysis of Mobile Multi-Factor Authentication with Single Sign-On Login

none4Over the last few years, there has been an almost exponential increase in the number of mobile applications that deal with sensitive data, such as applications for e-commerce or health. When dealing with sensitive data, classical authentication solutions based on username-password pairs are not enough, and multi-factor authentication solutions that combine two or more authentication factors of different categories are required instead. Even if several solutions are currently used, their security analyses have been performed informally or semiformally at best, and without a reference model and a precise definition of the multi-factor authentication property. This makes a comparison among the different solutions both complex and potentially misleading. In this article, we first present the design of two reference models for native applications based on the requirements of two real-world use-case scenarios. Common features between them are the use of one-time password approaches and the support of a single sign-on experience. Then, we provide a formal specification of our threat model and the security goals, and discuss the automated security analysis that we performed. Our formal analysis validates the security goals of the two reference models we propose and provides an important building block for the formal analysis of different multi-factor authentication solutions.noneSciarretta, Giada; Carbone, Roberto; Ranise, Silvio; Viganò, LucaSciarretta, Giada; Carbone, Roberto; Ranise, Silvio; Viganò, Luc

A Framework for Security and Risk Analysis of Enrollment Procedures: Application to Fully-remote Solutions based on eDocuments

none3noMore and more online services are characterised by the need for strongly verifying the real-world identity of end users, especially when sensitive operations have to be carried out: just imagine a fully-remote signature of a contract, and what could happen whether someone managed to perform it by using another person’s name. For this reason, the identity management lifecycle contains specific procedures – called enrollment or onboarding – providing a certain level of assurance on digital users’ real identities. These procedures must be as secure as possible to prevent frauds and identity thefts. In this paper, we present a framework composed of a specification language, a security analysis methodology and a risk analysis methodology for enrollment solutions. For concreteness, we apply our framework to a real use case (i.e., fully-remote solutions relying on electronic documents as identity evidence) in the context of a collaboration with an Italian FinTech startup. Beyond validating the framework, we analyse and highlight the essential role of mitigations on the overall security of enrollment procedures.nonePernpruner, Marco; Sciarretta, Giada; Ranise, SilvioPernpruner, Marco; Sciarretta, Giada; Ranise, Silvi

A delegated authorization solution for smart-city mobile applications

An increasingly popular scenario for Smart Cities is the one in which mobile apps attempt to access resources (e.g., open data about public transportation or e-government services) made available by city authorities through the use of Application Programming Interfaces (APIs). There is a growing awareness of the benefits of using APIs to foster civic engagement through a more efficient and personalized delivery of government services, and as an enabler of a new wave of innovation contributing to a more automated and sustainable city functioning. Despite these advantages, there are several factors hindering the exploitation of APIs. One of the most important technical barriers to the creation of mobile apps following the recurrent pattern of consuming data (e.g., selected parts of open data or user profiles) stored by other applications or services is the lack of a secure delegation mechanism. In this paper, we discuss the main security issues underlying the design of such a delegation mechanism for Smart City mobile apps and present a solution-based on OAuth 2.0-overcoming the security problems. An implementation of the solution has been integrated in the Smart Community Platform for developing open services in the Trentino region and is being used daily by up to 13,000 users. To date, no security issue has been reported

Enroll, and Authentication Will Follow

High-assurance user identification and credentials provisioning are crucial for accessing digital services. Usability, service customization, and security should be carefully balanced to offer an appropriate user experience. We propose an eID-based enrollment approach for tailoring authentication to the particular needs of the service provider and strike a good trade-off between usability and security via the registration of authenticators, artifacts providing identity proofs. We demonstrate the practicality of our approach in the case of patient access to Electronic Health Records (EHR) through an Android application: enrollment is done by using the Italian national eID card to register the mobile authenticator, unlocked by the user’s fingerprint, customized to interact with the identity and access management system of the EHR

Design and Security Assessment of Usable Multi-factor Authentication and Single Sign-On Solutions for Mobile Applications

Part 2: Workshop and Tutorial PapersInternational audienceIn this interactive workshop we focused on multi-factor authentication and Single Sign-On solutions for mobile native applications. The main objective was to create awareness of the current limitations of these solutions in the mobile context. Thus, after an introduction part, the participants were invited to discuss usability and security issues of different mobile authentication scenarios. After this interactive part, we concluded the workshop presenting our on-going work on this topic by briefly describing our methodology for the design and security assessment of multi-factor authentication and Single Sign-On solutions for mobile native applications; and presenting a plugin that helps developers make their mobile native application secure