Giovanni Mazzeo

Giovanni Mazzeo
Parthenope University of Naples | Università Parthenope · Department of Engineering

PhD in Computer Engineering

About

36
Publications
19,143
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
335
Citations
Additional affiliations
January 2019 - January 2022
Parthenope University of Naples
Position
  • Professor (Assistant)

Publications

Publications (36)
Article
Full-text available
The InfraStress-EU framework was defined in the context of the H2020 project InfraStress, to provide operators of sensitive industrial sites – i.e., industrial plants where dangerous substances are handled and are thus subject to the Seveso III Directive (2012/18/EU) – with a technically sound approach and an accompanying simulation tool for the pr...
Article
Full-text available
Security monitoring is invariably enabled by Security Information and Event Management (SIEM) technology. A major problem with SIEM is that in house deployment and operation are costly in terms of purchase, human resources, and IT infrastructure. Managed Security Services (MSS) offerings can provide high quality security monitoring solutions at a f...
Preprint
Full-text available
The majority of financial organizations managing confidential data are aware of security threats and leverage widely accepted solutions (e.g., storage encryption, transport-level encryption, intrusion detection systems) to prevent or detect attacks. Yet these hardening measures do little to face even worse threats posed on data-in-use. Solutions su...
Chapter
The majority of financial organizations managing confidential data are aware of security threats and leverage widely accepted solutions (e.g., storage encryption, transport-level encryption, intrusion detection systems) to prevent or detect attacks. Yet these hardening measures do little to face even worse threats posed on data-in-use. Solutions su...
Article
Full-text available
Background The increase of healthcare digitalization comes along with potential information security risks. Thus, the EU H2020 KONFIDO project aimed to provide a toolkit supporting secure cross-border health data exchange. Methods KONFIDO focused on the so-called “User Goals”, while also identifying barriers and facilitators regarding eHealth acce...
Article
Intel SGX has started to be widely adopted. Cloud providers (Microsoft Azure, IBM Cloud, Alibaba Cloud) are offering new solutions, implementing data-in-use protection via SGX. A major challenge faced by both academia and industry is providing transparent SGX support to legacy applications. The approach with the highest consensus is linking the tar...
Article
The use of pervasive IoT devices in Smart Cities, have increased the Volume of data produced in many and many field. Interesting and very useful applications grow up in number in E-health domain, where smart devices are used in order to manage huge amount of data, in highly distributed environments, in order to provide smart services able to collec...
Article
Full-text available
The spread adoption of humanoid social robots in different application fields is growing the interest of hackers who could violate the privacy of people, or—even worse—threaten humans’ life from physical and emotional/social point of views. Different vectors of attack exist, which are more easily exploitable if physical access to the target robot i...
Article
Protecting data-in-use from privileged attackers is challenging. New CPU extensions (notably: Intel SGX ) and cryptographic techniques (specifically: Homomorphic Encryption ) can guarantee privacy even in untrusted third-party systems. HE allows sensitive processing on ciphered data. However, it is affected by i) a dramatic ciphertext expansi...
Preprint
A promising approach for designing critical embedded systems is based on virtualization technologies and multi-core platforms. These enable the deployment of both real-time and general-purpose systems with different criticalities in a single host. Integrating virtualization while also meeting the real-time and isolation requirements is non-trivial,...
Preprint
Full-text available
The European Dependable Computing Conference is a unique forum for researchers and practitioners to present and discuss their latest research results on theory, techniques, systems, and tools for the design, validation, operation and evaluation of dependable and secure computing systems. In addition to original papers on research, EDCC welcomes pap...
Article
Full-text available
Sensitive data processing occurs more and more on machines or devices out of users control. In the Internet of Things world, for example, the security of data could be posed at risk regardless the adopted deployment is oriented on Cloud or Edge Computing. In these systems different categories of attacks — such as physical bus sniffing, cold boot, c...
Article
Full-text available
Intel SGX enables developers to protect security critical parts of their application code and data even from privileged software. This type of protection is needed in all cases where applications run on untrusted infrastructures, including public clouds. Since a significant fraction of current applications is written in Java, the research strand on...
Chapter
Cyber-attacks represent a serious threat to public authorities and their agencies are an attractive target for hackers. The public sector as a whole collects lots of data on its citizens, but that data is often kept on vulnerable systems. Especially for Local Public Administrations (LPAs), protection against cyber-attacks is an extremely relevant i...
Chapter
Computing power and flexibility provided by cloud technologies represent an opportunity for Smart Grid applications, in general, and for Wide Area Monitoring Systems, in particular. Even though the cloud model is considered efficient for Smart Grids, it has stringent constraints in terms of security and reliability. An attack to the integrity or co...
Article
The European Commission is very focused on the development of possible solutions to allow effective cross-border healthcare provisioning with the aim of guaranteeing a uniform Quality of Service (QoS) level of healthcare systems across Europe. One of the most relevant efforts in this direction was the epSOS Project, with the release of the OpenNCP...
Article
Full-text available
The need of reducing costs and shortening development time is resulting in a more and more pervasive use of Commercial-Off-The-Shelf components also for the development of Safety-Related systems, which traditionally relied on ad-hoc design. This technology trend exacerbates the inherent difficulty of satisfying – and certifying – the challenging sa...
Conference Paper
The cloud computing has recently emerged as compelling paradigm for managing and delivery services over the internet. However, users as well as critical infrastructure operators, have legitimate concerns about the confidentiality, integrity and availability, in short the dependability, of applications and their data hosted on a third-party cloud. T...
Chapter
Full-text available
This chapter presents a survey about the Internet of Things (IoT). The wide-scale diffusion of the Internet has been the driving force for this emerging trend, namely the use of such global communication infrastructure for enabling machines and smart objects to communicate, cooperate, and take decisions on real word situations. The scope of this su...
Conference Paper
Full-text available
A consolidated trend in designing cloud-based applications is to make use of a reactive microservice architecture, which allows to divide an application in several well-partitioned software units with specific responsibilities. Such an architecture perfectly fits in cloud environments, ensuring a number of advantages (i.e., high availability and sc...
Conference Paper
Full-text available
The micro service paradigm targets the implementation of large and scalable systems while enabling fine-grained service-level maintainability. Due to their scalability, such architectures are frequently used in cloud environments, which are often subject to privacy and trust issues hindering the deployment of services dealing with sensitive data. I...
Conference Paper
Full-text available
Cloud computing paradigm is gaining more and more momentum, to the extent that it is no more confined to its initial application domains, i.e. use by enterprises and businesses willing to lower costs or to increase computing capacity in a flexible manner. In particular, increasing interest is recently being paid to the huge potentials-in terms of b...
Conference Paper
Electronic payment systems have always represented an attractive target for cyber criminals. In this context the Single Euro Payments Area Direct Debit (SDD) service is gaining more and more importance since it has been promoted by the European banking industry as an innovative payment infrastructure. This service allows to perform electronic payme...
Article
Full-text available
Many organizations are stuck in the cloudify or not to cloudify limbo, mainly due to concerns related to the security of enterprise sensitive data. Removing this barrier is a key pre-condition to fully unleash the tremendous potential of cloud computing. In this paper, we provide a comprehensive analysis of the main threats that hamper cloud comput...
Conference Paper
Single Euro Payments Area (SEPA) is an initiative of the European banking industry aiming at making all electronic payments across the Euro area as easy as domestic payments currently are. One of the payment schemes defined by the SEPA mandate is the SEPA Direct Debit (SDD) that allows a creditor (biller) to collect directly funds from a debtor’s...

Network

Cited By

Projects

Projects (5)
Archived project