Fabio Ricciato

A timing-accurate modeling and simulation environment for networked embedded systems

The design of state-of-the-art, complex embedded system requires the capability of modeling and simulating the complex networked environment in which such systems operate. This implies the availability of both a networking modeling environment and traditional system-level modeling and simulation methodology based on a timing accurate integration of a system-level modeling language (SystemC) and a network simulation environment (NS-2). The efficiency of the proposed design environment has been demonstrated on a description of an 802.11 MAC layer.

Cross-Platform Access Control for Mobile Web Applications

Web browsers are a common platform for delivering cross-platform applications. However, they currently fail to provide consistent access control for security and privacy sensitive JavaScript APIs, such as geolocation and local storage. This problem is exacerbated by new HTML5 APIs and the increasing number of personal devices people own and use. In this paper we present the webinos platform which aims to provide a single, cross-device policy system for web applications on a wide range of web-enabled devices including TVs, smartphones, in-car systems and PCs. webinos solves the existing deficiencies in web authorisation by introducing the concept of a personal zone, the set of all devices and services owned by a particular user. All devices in this zone can synchronize their access control policies through interoperable middleware and can create flexible rules which may refer to an individual user, device or the entire zone. We provide details of the architecture and explain how our experience during design highlighted several conceptual challenges.

SecureDroid: An Android security framework extension for context-aware policy enforcement

Mobile devices became the main repository of personal data and source of user-generated contents as well as the principal controller of our social networked life. In this scenario, malicious applications try to take advantage of all the possibilities left open by users and operating systems. In this paper, we propose SecureDroid: an extension of the Android security framework able to enforce flexible and declarative security policies at run-time, providing a fine-grained access control system. In particular, we focus on context dependent policies that allow the user to specify the way in which applications work according to current context.

Embedded SW design issues for distributed applications on mobile terminals

Mobile terminals are embedded systems with growing elaboration capacity, even still limited, which are continuously connected to a worldwide communication network. Thus, the idea of embedding in mobile terminals remote computing services seems attractive and it is more and more exploited. This paper evaluates a middleware platform based on the simple object access protocol (SOAP) to develop distributed applications on mobile terminals.

Finding the Mobile Trusted Element

Nowadays a number of services and applications delivered on mobile terminals need to be secured in order to guarantee the user privacy, the business stakeholders and the commercial and legal issues related to security threads.