Home Keynote

Keynote Talks and Presentations

  • C.A. Ardagna, Cloud Standardization: A Perspective on Assurance, IEEE 2013 International Workshop on Security and Privacy Engineering, Assurance, and Certi cation (SPEAC 2013), June 27, 2013, Santa Clara, CA, USA
  • E. Damiani, An overview of cloud assurance: challenges and issues, Hitachi, Yokohama, Japan, June 10, 2013
  • E. Damiani, Cloud assurance: the notion and the issues, at AICCSA 2013, Fes, Morocco, May 27, 2013
  • E. Damiani, NoE APARSEN (http://www.rinascimento-digitale.it/workshopPI2012.phtml), Firenze, Italy, December 13, 2012
  • Ernesto Damiani, “Business process assurance: the Notion and the Issue”, at Software Complexity and Evolution: Advances and Visions, Trento, Italy, February 7, 2013
  • Ernesto Damiani, “NoE APARSEN”, Firenze, Italy, December 13, 2012
  • C.A. Ardagna, “Standardization on Service SLA”, Annual meeting of the IFIP WG 2.14 Working group on Services-oriented Systems, University of Bologna, Bologna, September 2012
  • E. Damiani, TSC Board Meeting/TC-SVC Board Meeting, Honolulu, HI, Hawaii, June 2012
  • C.A. Ardagna, E. Damiani, 19th IEEE International Conference on Web Services (ICWS 2012), Honolulu, HI, USA, June, 2012
  • C.A. Ardagna, E. Damiani, 5th IEEE International Conference on Cloud Computing (CLOUD 2012), Honolulu, HI, USA, June, 2012
  • J.C Pazzaglia, “Can you leverage certifications over the cloud? And what do they mean?,” ETSI CLOUD Meeting, Sophia-Antipolis, France, January 26-27, 2012.
  • M. Bezzi “Ensuring Trust by Software Certification”, CNR, Pisa, Italy, February 12, 2012.
  • M. Bezzi, Ensuring trust in service consumption through security certification”, Trust Management Symposium: Industry Meets Academia (2012), Potsdam, Germany, 22-23 March, Slides and talk recordings available at: http://www.tele-task.de/archive/series/overview/888/
  • Claudio A. Ardagna, "Advanced Security Service cERTifi cate for SOA (ASSERT4SOA): An Overview", Kick-off meeting of the IFIP WG 2.14 Working group on Services-oriented Systems, Lugano, Switzerland, September 13, 2011.
    Talk report: the presentation illustrated an overview of the ASSERT4SOA project, discussing its challenges, research issues, and goals.
  • Ernesto Damiani, "Toward Certi ably Secure Services", International Conference on Data and Knowledge Engineering (ICDKE 2011), Milan, Italy, September 7, 2011.
    Talk report: the presentation discussed challenges and solutions in three main research areas: i) testing and formal methods for certi ed WS security, ii) run-time selection of secure services, iii) models and techniques for building end-to-end certi ed processes.
  • Ernesto Damiani, "Towards the Certifi cation of Services", BPM Workshop on Workflow Security Audit and Certi cation (WfSAC), Clermont-Ferrand, France, August 19, 2011.
    Talk report: the presentation illustrated the problem of certifying security properties of services. To this aim, it fi rst gave an introduction to current security certi cation of software. It then explored the new trust model for service certification and presented the ASSERT4SOA project. It further illustrated an approach to certi fication based on testing and the need of a certifi cation scheme
    for service composition. It finally discussed the problem of applying a security certi cation scheme for services to the emerging Cloud paradigm.
  • Jean-Christophe Pazzaglia, “Ensuring security the last barrier to cloud adoption: the ASSERT4SOA Approach”, at the Conference on “Cloud computing, Trust & Security”, 7 July 2011, Pole SCS with INRIA & Activeeon - http://www.pole-scs.org/ – Gardanne, France.
    Talk report: The consumption of cloud services in scenarios crossing administrative domains require to establish a trust network between the different actors. Trust should embrace not only the technical infrastructure but also the definition of processes and underlying operations. In this talk, we sketch how the ASSERT4SOA concepts can act as an enabler to insure that only trustworthy services are consumed to achieve sensitive business processes.
  • Ernesto Damiani, "Toward Risk-Aware Business Processes", Workshop on Socio-economics in Trustworthy ICT", Brussels, Belgium, June 22, 2011.
    Talk report: the presentation outlined the need of economics-based models for the value of information, introducing a discussion on how to diff erentiate between what is valuable versus what is not that valuable. Inter-organizational business processes were presented as an example, suggesting the alternative of secure orchestrations of processes, in order to minimize the risks of attacks by shaping information flows according to information value. It was noted that what is most valuable at the beginning could be less valuable at the end of the product life cycle, and that this can be quantifi ed (although further research is still needed). Importance was given to the consequences of the heterogeneity of exchanged information. Disclosure risk was discussed in terms of the need to quantify and predict the combination of dysfunctional behaviour, probability and impact. The final proposal was to explore modeling business processes as games.
  • Claudio A. Ardagna, "Security Certi cation of Services", Second International Workshop on Policies for the Future Internet (PoFI 2011), Pisa, Italy, June 9, 2011.
    Talk report: the presentation described the Advanced Security Service cERTificate for SOA (ASSERT4SOA) and its goals, mainly focusing on the need to integrate security certi cation in the SOA service lifecycle to enable certi ficate based selection and comparison of services. The presentation then discussed and analyzed an approach to test-based certi cation of services, which provides evidence-based proofs that a test carried out on the service has given a result and a given security property holds for a service. It finally presented open issue and new research directions in the context of security certi cation of services.

  • Ernesto Damiani, Effectsplus 2nd cluster meeting, Amsterdam, The Netherlands, 4 July, 2011
  • Domenico Presenza, Effectsplus 2nd cluster meeting, Amsterdam, The Netherlands, July 4, 2011
  • Ernesto Damiani, Effectsplus 1st technical cluster meeting, Brussels, Belgium, March 29-30, 2011
  • Ernesto Damiani, NoE ECRYPT, Bochum, Germany, February 2-4, 2011.
    Talk report: the presentation introduced the challenges and objectives of the ASSERT4SOA project. In particular, it discussed the problem of providing a security certifi cation scheme that ts the SOA ecosystem. Further, it provided a first description of a test-based solution to security certi cation of services suitable for SOA. It also focused on distinguishing between container-level security certi cation and service-level security certi cation. The presentation finally discussed the role of malicious users and security attacks in the testbased security certi fication of services.
  • Michele Bezzi, J.C. Pazzaglia (SAP), SAPWorld Tour, Milan, Italy, 10 November 2010.
    Talk report: SAP world tour is a major customer events for SAP. Within this event, the SAP Security and Trust research group presented its current work and vision. Software assurance, including ASSERT4SOA vision, has been presented, stressing the relevance of running certified software in heterogeneous ecosystems, and how current research work may contribute to improve the trust level in external software providers in the future.






















template joomla