Daniel Ricardo dos Santos
fondazione bruno kessler
Network
Latest external collaboration on country level. Dive into details by clicking on the dots.
Publication
Featured researches published by Daniel Ricardo dos Santos.
network operations and management symposium | 2014
Daniel Ricardo dos Santos; Carla Merkle Westphall; Carlos Becker Westphall
Cloud computing is a distributed computing model that still faces problems. New ideas emerge to take advantage of its features and among the research challenges found in the cloud, we can highlight Identity and Access Management. The main problems of the application of access control in the cloud are the necessary flexibility and scalability to support a large number of users and resources in a dynamic and heterogeneous environment, with collaboration and information sharing needs. This paper proposes the use of risk-based dynamic access control for cloud computing. The proposal is presented as an access control model based on an extension of the XACML standard with three new components: the Risk Engine, the Risk Quantification Web Services and the Risk Policies. The risk policies present a method to describe risk metrics and their quantification, using local or remote functions. The risk policies allow users and cloud service providers to define how to handle risk-based access control for their resources, using different quantification and aggregation methods. The model reaches the access decision based on a combination of XACML decisions and risk analysis. A prototype of the model is implemented, showing it has enough expressivity to describe the models of related work. In the experimental results, the prototype takes between 2 and 6 milliseconds to reach access decisions using a risk policy. A discussion on the security aspects of the model is also presented.
computer and communications security | 2015
Clara Bertolissi; Daniel Ricardo dos Santos; Silvio Ranise
Run-time monitors are crucial to the development of security-aware workflow management systems, which need to mediate access to their resources by enforcing authorization policies and constraints, such as Separation of Duty. In this paper, we introduce a precise technique to synthesize run-time monitors capable of ensuring the successful termination of workflows while enforcing authorization policies and constraints. An extensive experimental evaluation shows the scalability of our technique on the important class of hierarchically specified security-sensitive workflows with several hundreds of tasks.
tools and algorithms for construction and analysis of systems | 2016
Luca Compagna; Daniel Ricardo dos Santos; Serena Elisa Ponta; Silvio Ranise
Cerberus is a tool to automatically synthesize run-time enforcement mechanisms for security-sensitive Business Processes BPs. The tool is capable of guaranteeing that the execution constraints
Journal of Network and Computer Applications | 2016
Daniel Ricardo dos Santos; Roberto Marinho; Gustavo Roecker Schmitt; Carla Merkle Westphall; Carlos Becker Westphall
symposium on access control models and technologies | 2016
Daniel Ricardo dos Santos; Serena Elisa Ponta; Silvio Ranise
EC
IFIP Annual Conference on Data and Applications Security and Privacy | 2015
Daniel Ricardo dos Santos; Silvio Ranise; Luca Compagna; Serena Elisa Ponta
International Journal of Security and Networks | 2014
Daniel Ricardo dos Santos; Tiago Jaime Nascimento; Carla Merkle Westphall; Marcos Aurélio Pedroso Leandro; Carlos Becker Westphall
on the tasks together with the authorization policy
Information Management & Computer Security | 2014
Evandro Alencar Rigon; Carla Merkle Westphall; Daniel Ricardo dos Santos; Carlos Becker Westphall
conference on data and application security and privacy | 2017
Luca Compagna; Daniel Ricardo dos Santos; Serena Elisa Ponta; Silvio Ranise
AP
workshop on cyber physical systems | 2017
Davide Fauri; Daniel Ricardo dos Santos; Elisa Costante; Jerry den Hartog; Sandro Etalle; Stefano Tonetta
