Andrea MargheriUniversity of Southampton · Department of Electronics and Computer Science (ECS)
Andrea Margheri
Computer Science
About
37
Publications
25,736
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
1,512
Citations
Introduction
Andrea Margheri currently works at the Department of Electronics and Computer Science (ECS), University of Southampton. Andrea does research in Cyber Security and Distributed Computing, with focus on blockchain, access control and cloud computing.
Additional affiliations
July 2016 - present
November 2015 - June 2016
November 2012 - October 2015
Publications
Publications (37)
Smart contracts are challenging the traditional business structure by offering a trustworthy decentralized platform where business transactions can be conducted with accountability, transparency, and traceability guarantees. Smart contracts, enabled by the distributed ledger technology, can be employed in many business sectors to reduce transaction...
Electronic healthcare solutions permit interconnecting hospitals and clinics to enable sharing of electronic medical records according to interoperability and legal standards. However, healthcare record data is siloed across hospitals and data sharing processes are unsuccessful in providing accountable audit of the data. Blockchain technology has b...
Self-driving cars and autonomous vehicles are revolutionizing the automotive sector, shaping the future of mobility altogether. Although the integration of novel technologies such as Artificial Intelligence (AI) and Cloud/Edge computing provides golden opportunities to improve autonomous driving applications, there is the need to modernize accordin...
Self-driving cars and autonomous vehicles are revolutionizing the automotive sector, shaping the future of mobility altogether. Although the integration of novel technologies such as Artificial Intelligence (AI) and Cloud/Edge computing provides golden opportunities to improve autonomous driving applications, there is the need to modernize accordin...
Provenance is the foundation of data quality, usually implemented by automatically capturing the trace of data manipulation over space and time. In healthcare, provenance becomes critical since it encompasses both clinical research and patient safety. In this proposal we aim at exploiting and innovating existing health IT deployments by enabling da...
Objective
The creation and exchange of patients’ Electronic Healthcare Records have developed significantly in the last decade. Patients’ records are however distributed in data silos across multiple healthcare facilities, posing technical and clinical challenges that may endanger patients’ safety. Current healthcare sharing systems ensure interope...
Cyber attacks are increasing in number and sophistication, causing organisations to continuously adapt management strategies for cyber security risks. As a key risk mitigation policy, organisations are investing in professional training courses for their employees to raise awareness on cyber attacks and related defences. Serious games have emerged...
One of the main obstacles to the widespread adoption of IoT devices and services is consumers' privacy concerns related to personal data collection, processing and sharing with third parties. Indeed, many IoT devices have been found collecting consumers' personal data without their knowledge or consent. While frameworks for identifying and mitigati...
As software becomes ever more embedded into the fabric of society, more systems are becoming critical to large numbers of people, either by design or unintentionally. Even those that may not be considered safety-critical can have a large impact when they fail (e.g. banking systems). Consequently, software can be critical for a number of reasons, in...
The evolution of Internet-of-Things (IoT) is leading to an increasing number of new security issues. This is due to the nature of IoT devices which use lighter protocols and which may be either hacked or physically tampered with. Thus, common approaches for threat modelling are insufficient on IoT environments , since they hardly catch all possible...
Access control systems are nowadays the first line of defence of modern IT systems. However, their effectiveness is often compromised by policy miscofigurations that can be exploited by insider threats. In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of u...
One of the main trends in the evolution of smart grids is transactive energy, where
istributed energy resources, e.g. smart meters, develop towards Internet-of-Things (IoT) devices enabling prosumers to trade energy directly among each other, without the need of involving any centralised third party. The expected advantages in terms of cost-effect...
Federating Cloud systems is an urgent need of the Public Sector. In this paper, we showcase a recent Cloud Federation-as-a-Service solution empowered by blockchain technology. This solution is used by the Italian Ministry of Economy and Finance to realise a cross-Cloud application for payslip calculation of Police Forces. Blockchain offers decentra...
One of the main trends in the evolution of smart grids is trans-active energy, where distributed energy resources, e.g. smart meters, develop towards Internet-of-Things (IoT) devices enabling prosumers to trade energy directly among each other, without the need of involving any centralised third party. The expected advantages in terms of cost-effec...
Provenance is the foundation of data quality, usually implemented by automatically capturing the trace of data manipulation over space and time. In healthcare, provenance becomes critical since it encompasses both clinical research and patient safety. In this proposal we aim at exploiting and innovating existing health IT deployments by enabling da...
Cloud federation is a novel concept that has been
drawing attention from research and industry. However, there
is a lack of solid proposal that can be widely adopted in practice
to guarantee adequate governance of federations, especially in
the Public Sector contexts due to legal requirements.
In this paper, we propose an innovative governance app...
A Cloud federation is a collaboration of organizations sharing data hosted on their private cloud infrastructures in order to exploit a common business opportunity. However, the adoption of cloud federations is hindered by member organizations’ concerns on sharing their data with potentially competing organizations. For cloud federations to be viab...
Cloud federation is an emergent cloud-computing paradigm that allows services from different cloud systems to be aggregated in a single pool. To support secure data sharing in a cloud federation, anonymization services that obfuscate sensitive datasets under differential privacy have been recently proposed. However, by outsourcing data protection t...
Permissioned blockchains are arising as a solution to federate companies prompting accountable interactions. A variety of consensus algorithms for such blockchains have been proposed, each of which has dierent benets and drawbacks. Proof-of-Authority (PoA) is a new family of BFT consensus algorithms largely used in practice which ensure better perf...
Access control systems are widely used means for the protection of computing systems. They are defined in terms of access control policies regulating the accesses to system resources. In this paper, we introduce a formally-defined, fully-implemented framework for specification, analysis and enforcement of attribute-based access control policies. Th...
This document is the main high-level architecture specification of the SUNFISH cloud federation solution. Its main objective is to introduce the concept of Federation-as-a-Service (FaaS) and the SUNFISH platform. FaaS is the new and innovative cloud federation service proposed by the SUNFISH project. The document defines the functionalities of FaaS...
For supporting the design of self-adaptive computing systems, the PSCEL language offers a principled approach that relies on declarative definitions of adaptation and authorisation policies enforced at runtime. Policies permit managing system components by regulating their interactions and by dynamically introducing new actions to accomplish task-o...
The advent of large-scale, complex computing systems has dramatically
increased the difficulties of securing accesses to systems' resources. To
ensure confidentiality and integrity, the exploitation of access control
mechanisms has thus become a crucial issue in the design of modern computing
systems. Among the different access control approaches p...
The ASCENS project deals with designing systems as ensembles of adaptive components. Among the outputs of the ASCENS project are multiple tools that address particular issues in designing the ensembles, ranging from support for early stage formal modeling to runtime environment for executing and monitoring ensemble implementations. The goal of this...
SCEL (Service Component Ensemble Language) is a new language specifically designed to rigorously model and program autonomic components and their interaction, while supporting formal reasoning on their behaviors. SCEL brings together various programming abstractions that allow one to directly represent aggregations, behaviors and knowledge accordin...
Nowadays, cyber-physical systems consist of a large and possibly unbounded number of nodes operating in a partially unknown environment to which they need to adapt. They also have strong requirements in terms of performances, resource usage, reliability, or security. To face this inherent complexity it is crucial to develop adequate tools and under...
To tackle the complexity of autonomic computing systems it is crucial to provide methods supporting their systematic and principled development. Using the PSCEL language, autonomic systems can be described in terms of the constituent components and their reciprocal interactions. The computational behaviour of components is defined in a procedural s...
Policy-based software architectures are nowadays widely exploited to regulate different aspects of systems’ behavior, such as access control, resource usage, and adaptation. Several languages and technologies have been proposed as, e.g., the standard XACML. However, developing real-world systems using such approaches is still a tricky task, being t...
We introduce PSCEL, a new language for developing autonomic software components capable of adapting their behaviour to react to external stimuli and environment changes. The application logic generating the computational behaviour of systems components is defined in a procedural style, by the programming constructs, while the adaptation logic is de...
The importance of the exchange of Electronic Health Records (EHRs) between hospitals has been recognized by governments and institutions. Due to the sensitivity of data exchanged, only mature standards and implementations can be chosen to operate. This exchange process is of course under the control of the patient, who decides who has the rights to...
The World Wide Web can be thought of as a global com-puting architecture supporting the deployment of distributed networked applications. Currently, such applications can be programmed by resort-ing mainly to two distinct paradigms: one devised for orchestrating dis-tributed services, and the other designed for coordinating distributed (possibly mo...
Questions
Question (1)
Different strategies can be followed for managing virtual machines. For example; an insurance or a provisioning approach. However, I read about an adaptive way which means a continuous monitoring on VM and an adaptation of assigned physical resource (e.g. memory, CPU load etc.) respect to the current state monitorized. Is this approach available in some provider, or it is too complicated to implement?
