Browsing by Author "Bella, Giampaolo"
Now showing 1 - 14 of 14
Results Per Page
Sort Options
Item Metadata only Enforcing privacy in e-commerce by balancing anonymity and trust(Elsevier Ltd, 2011) Bella, Giampaolo; Giustolisi, Rosario; Riccobene, SalvatorePrivacy is a major concern in e-commerce. There exist two main paradigms to protect the customer’s privacy: one relies on the customer’s trust that the network will conform to his privacy policy, the other one insists on the customer’s anonymity. A new paradigm is advanced here as a natural balance between these two. It sees the customer act using his real identity but only circulate cover data that conceal the resources he requires. Privacy enforcement is thus shifted from the customer’s identity to his purchase preferences. The new paradigm is suitable for scenarios such as eBay purchases where trust that a network sticks to a privacy policy is problematic, while anonymity is either forbidden or impossible. The computation of cover data is done by a node other than the customer in order to minimize impact on the customer. That node will therefore see the customer’s private data that are used to compute the cover. This demands some technology to prevent the node from exposing private data. An existing protocol developed for self-enforcing privacy in the area of e-polls is thoroughly analysed and found somewhat weak in terms of fairness among its participants. A stronger version is designed and adopted, together with an innovative differential-privacy preserving function, in the new privacy paradigm. The strengthened e-poll protocol and the new differential-privacy preserving function, which strictly speaking only are side contributions of this paper, each appear as important as the new e-commerce privacy paradigm.Item Metadata only Evaluating the device reputation through full observation in MANETs(2009) Bella, Giampaolo; Costantino, G.; Riccobene, S.The use of small portables and mobile devices has made MANETs (Mobile Ad Hoc Networks) very popular. A MANET is a network composed by a group of mobile nodes without any fixed device or a central coordination. They work in an open net and their collaboration is the sole means to allow communications and the survival of the MANET itself. A critical issue is to assess the behaviour of the nodes that participate in the network, possibly identifying selfish conduct that can compromise the functioning of the system. This paper shows a method to evaluate the behaviour of all nodes by establishing a reputation value that represents the trustworthiness of each node. A protocol is presented to calculate the reputation of a node by locally observing the node from another one, and then tuning this intermediate value with additional observations from other participants. When the reputation value of a node is available, it is stored into a node’s table. Moreover, all values are shared and distributed uniformly over the network. So, all participants are able to recognize all nodes that are part of the net, between old and new ones. This reputation protocol is viable. Each node can efficiently calculate the reputation values of its neighbours and then of all network nodes. In addition, it has been analysed through different situations wherein nodes have taken several behaviours. A variety of simulations conducted using the network simulator NS-2 strongly support these claims.Item Metadata only Extend the UTAUT to Measure the Adoption of On-line Shopping in Saudi Environment(IADIS, 2013-03-13) Alsharif, Faisal; Siewe, Francois; Fidler, Christine; Bella, GiampaoloDue to the growing importance of electronic commerce and on-line shopping economically and socially in people's lives, the researchers took interest in conducting several studies in order to identify the factors that urges people to adopt this type of electronic activity. This study among these studies aimed at to the same purpose. Particularly, this study aimed to investigate the constructs that are related to the adoption of online shopping, and also explore the relative importance of factors that encourage or discourage Saudi use on-line shopping. The Unified Theory of Acceptance and Use Technology (UTAUT) for (Venkatesh et al. 2003) were adopted by this study. In this study, a set of hypotheses based at the original model in addition to the factors added to extend the model were used. The results of this study confirmed the validity of the added factors as influential constructs in the process of adopting on-line shopping in Saudi Arabia, also showed the relative importance of each element.Item Metadata only Holistic analysis of mix protocols.(IEEE, 2011) Bella, Giampaolo; Butin, D.; Gray, D.Item Metadata only Inductive study of confidentiality: for everyone(Springer, 2012) Bella, GiampaoloItem Metadata only Internet users' security and privacy while they interact with Amazon(IEEE, 2011) Bella, Giampaolo; Coles-Kemp, L.Item Metadata only Layered analysis of security ceremonies(IFIP, 2012) Bella, Giampaolo; Coles-Kemp, L.Item Metadata only Multi-attacker protocol validation.(Springer, 2010) Arsac, W.; Bella, Giampaolo; Chantry, X.; Compagna, L.Item Open Access The On-line Shopping Consumption Patterns of Saudi Shoppers(International Journal of Computer and Communication Engineering, 2013-07) Alsharif, Faisal; Siewe, Francois; Fidler, Christine; Bella, GiampaoloThe world is witnessing a significant change in the global economic dimension in recent years; this change is reflected in the transformation from traditional commerce to electronic commerce. Confirms this shifts the indicators and statistical estimates the growth of individuals online shoppers in the whole world. Through follow-up of these indicators is clear to the observer different shopping patterns from one country to another and from one society to another. The aim of this study is to identify the consumption patterns used in electronic shopping by the Saudis . To achieve this aim, the on-line questionnaire was used and the respondents were 472 participants. The results showed the lake of use and adoption on-line shopping although the high number of Internet users and increase the experience to use the computers and the Internet by Saudis. Also the results showed that the top five factors that encourage the Saudis to electronic shopping are as follows: Save time, cheaper, easy and faster shopping and delivery services.Item Metadata only The principle of guarantee availability for security protocol analysis.(Springer, 2010-04) Bella, GiampaoloItem Metadata only Remote management of face-to-face written authenticated though anonymous exams.(2011) Bella, Giampaolo; Costantino, G.; Coles-Kemp, L.; Riccobene, S.Item Metadata only Retaliation against protocol attacks(2008) Bella, Giampaolo; Bistarelli, StefanoSecurity protocols intend to give their parties reasonable assurance that certain security properties will protect their communication session. However, the literature confirms that the protocols may suffer subtle and hidden attacks. Flawed protocols are customarily sent back to the design process, but the costs of reengineering a deployed protocol may be prohibitive. This paper outlines the concept of retaliation: who would steal a sum of money today, should this pose significant risks of having twice as much stolen back tomorrow? When ethics is left behind, attacks are always balanced decisions: if an attack can be retaliated, the economics of security may convince the attacker to refrain from attacking, and us to live with a flawed protocol. This new perspective requires a new threat model where any party may decide to subvert the protocol for his own sake, depending on the risks of retaliation. This threat model, which for example is also suitable to studying nonrepudiation protocols, seems more appropriate than the Dolev-Yao model to the present technological/social setting. It is demonstrated that machine-assisted protocol verification can effectively be adapted to the new threat model.Item Metadata only Verifying privacy by little interaction and no process equivalence(2012) Butlin, D.; Bella, GiampaoloItem Metadata only What is correctness of security protocols?(2008) Bella, GiampaoloAs soon as major protocol flaws were discovered empirically — a good luck that is not older than the early 1990s — this title question came up to the world. It was soon realised that some notion of formal correctness was necessary to substantiate the confidence derived from informal analyses. But protocol correctness was born in a decade when security in general was only beginning to ferment. Security protocols aim at a large variety of goals. This is partly due to the increasing domains where the protocols are finding an application, such as secure access to local area network services, secure e-mail, e-commerce, public-key registration at certification authorities and so on. Also, several interpretations are possible about each goal. Clearly, it is impossible to study protocol correctness profitably without a universal and unambiguous interpretation of its goals. What may be typical of security problems is that it is at least as important to state a detailed and appropriate model of threats that a secure system is meant to withstand. This has been a second and significant source of perhaps useless debates around many protocols. These are certain to be some of the reasons why dozens of papers appeared about one, now popular, protocol attack in just a few years of the second half of the last decade. One of the protocol designers firmly refused those ”findings” because his protocol had been conceived within a different threat model — and perhaps for different goals — from the one that the publications had been constructed upon. It seems obvious that an ant may survive under a single sheet of paper but certainly will not under a hard-back bulky book. It should be clarified what an ant and a bulky book precisely are. With particular attention to similar issues, this position paper discusses some findings of the author’s in the area of protocol formal analysis. Their significance mostly is methodical rather than specific for particular protocols. The paper then outlines the author’s favourite tool, the Inductive Method, and concludes with a few open problems.