V. Sassone

V. Sassone
University of Southampton · Department of Electronics and Computer Science (ECS)

PhD in Computer Science

About

311
Publications
35,147
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
5,011
Citations
Introduction

Publications

Publications (311)
Conference Paper
Full-text available
Increased systems complexity and ubiquitous computing drive the need for improved systems design. Model-based systems engineering using general purpose languages such as SysML, is a wellestablished response to this challenge. However, for systems where correctness-by-construction is critical, formal methods are often also deployed. This is a signif...
Article
The globalisation and outsourcing of the IC supply chain have led to a more complex production cycle. Using threat models to understand the attacks can help engineers build stronger countermeasures and evaluate against different options to create better protection from attacks. Gamification is an alternative to teaching engineers threats using thre...
Preprint
Full-text available
In the last few years, serious games have become popular, with a consensus of the benefits for teaching cyber security awareness and education. However, there is still a lack of pedagogical driven methodologies and tools to support serious games design to ensure they achieve the learning objectives. This paper proposes MOTENS, a pedagogical model,...
Article
Full-text available
In the last few years, serious games have become popular, with a consensus of the benefits for teaching cyber security awareness and education. However, there is still a lack of pedagogical driven methodologies and tools to support serious games design to ensure they achieve the learning objectives. This paper proposes MOTENS, a pedagogical model,...
Conference Paper
p>An inability to produce documentary proof of compliance remains a chief reason for audit non-compliance. Herein, we propose a persistent SysML-based method for casting audit outcomes as system requirements, producing documentary evidence of compliance and locating non-compliance prior to audits.</p
Chapter
Event-B, a refinement-based formal modelling language, has traditionally focused on safety, but now increasingly finds a new role in developing secure systems. In this paper we take a fresh look at security and focus on what security means for the system rather than looking at detailed protocols. We use Event-B for proving security from an abstract...
Conference Paper
Event-B, a refinement-based formal modelling language, has traditionally focused on safety, but now increasingly finds a new role in developing secure systems. In this paper we take a fresh look at security and focus on what security means for the system rather than looking at detailed protocols. We use Event-B for proving security from an abstract...
Chapter
Electronic healthcare solutions permit interconnecting hospitals and clinics to enable sharing of electronic medical records according to interoperability and legal standards. However, healthcare record data is siloed across hospitals and data sharing processes are unsuccessful in providing accountable audit of the data. Blockchain technology has b...
Preprint
Full-text available
Provenance is the foundation of data quality, usually implemented by automatically capturing the trace of data manipulation over space and time. In healthcare, provenance becomes critical since it encompasses both clinical research and patient safety. In this proposal we aim at exploiting and innovating existing health IT deployments by enabling da...
Article
Full-text available
Objective The creation and exchange of patients’ Electronic Healthcare Records have developed significantly in the last decade. Patients’ records are however distributed in data silos across multiple healthcare facilities, posing technical and clinical challenges that may endanger patients’ safety. Current healthcare sharing systems ensure interope...
Article
Full-text available
Many academic and industrial research working on Wireless Communications and Networking rely on simulations, at least in the first stages, to obtain preliminary results to be subsequently validated in real settings. Topology generators (TG) are commonly used to generate the initial placement of nodes in artificial Ad Hoc Mesh Network topologies, wh...
Article
Cyber attacks are increasing in number and sophistication, causing organisations to continuously adapt management strategies for cyber security risks. As a key risk mitigation policy, organisations are investing in professional training courses for their employees to raise awareness on cyber attacks and related defences. Serious games have emerged...
Preprint
Full-text available
Many academic and industrial research works on WANETs rely on simulations, at least in the first stages, to obtain preliminary results to be subsequently validated in real settings. Topology generators (TG) are commonly used to generate the initial placement of nodes in artificial WANET topologies, where those simulations take place. The significan...
Conference Paper
As software becomes ever more embedded into the fabric of society, more systems are becoming critical to large numbers of people, either by design or unintentionally. Even those that may not be considered safety-critical can have a large impact when they fail (e.g. banking systems). Consequently, software can be critical for a number of reasons, in...
Conference Paper
Full-text available
The evolution of Internet-of-Things (IoT) is leading to an increasing number of new security issues. This is due to the nature of IoT devices which use lighter protocols and which may be either hacked or physically tampered with. Thus, common approaches for threat modelling are insufficient on IoT environments , since they hardly catch all possible...
Chapter
Full-text available
Access control systems are nowadays the first line of defence of modern IT systems. However, their effectiveness is often compromised by policy miscofigurations that can be exploited by insider threats. In this paper, we present an approach based on machine learning to refine attribute-based access control policies in order to reduce the risks of u...
Poster
Full-text available
One of the main trends in the evolution of smart grids is transactive energy, where istributed energy resources, e.g. smart meters, develop towards Internet-of-Things (IoT) devices enabling prosumers to trade energy directly among each other, without the need of involving any centralised third party. The expected advantages in terms of cost-effect...
Article
Full-text available
Federating Cloud systems is an urgent need of the Public Sector. In this paper, we showcase a recent Cloud Federation-as-a-Service solution empowered by blockchain technology. This solution is used by the Italian Ministry of Economy and Finance to realise a cross-Cloud application for payslip calculation of Police Forces. Blockchain offers decentra...
Conference Paper
Full-text available
One of the main trends in the evolution of smart grids is trans-active energy, where distributed energy resources, e.g. smart meters, develop towards Internet-of-Things (IoT) devices enabling prosumers to trade energy directly among each other, without the need of involving any centralised third party. The expected advantages in terms of cost-effec...
Article
Full-text available
Provenance is the foundation of data quality, usually implemented by automatically capturing the trace of data manipulation over space and time. In healthcare, provenance becomes critical since it encompasses both clinical research and patient safety. In this proposal we aim at exploiting and innovating existing health IT deployments by enabling da...
Conference Paper
Full-text available
Cloud federation is a novel concept that has been drawing attention from research and industry. However, there is a lack of solid proposal that can be widely adopted in practice to guarantee adequate governance of federations, especially in the Public Sector contexts due to legal requirements. In this paper, we propose an innovative governance app...
Conference Paper
A Cloud federation is a collaboration of organizations sharing data hosted on their private cloud infrastructures in order to exploit a common business opportunity. However, the adoption of cloud federations is hindered by member organizations’ concerns on sharing their data with potentially competing organizations. For cloud federations to be viab...
Article
Belief and min-entropy leakage are two well-known approaches to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to...
Conference Paper
Cloud federations are a new collaboration paradigm where organizations share data across their private cloud infrastructures. However, the adoption of cloud federations is hindered by federated organizations’ concerns on potential risks of data leakage and data misuse. For cloud federations to be viable, federated organizations’ privacy concerns sh...
Article
Full-text available
Cloud federation is an emergent cloud-computing paradigm that allows services from different cloud systems to be aggregated in a single pool. To support secure data sharing in a cloud federation, anonymization services that obfuscate sensitive datasets under differential privacy have been recently proposed. However, by outsourcing data protection t...
Conference Paper
Full-text available
Permissioned blockchains are arising as a solution to federate companies prompting accountable interactions. A variety of consensus algorithms for such blockchains have been proposed, each of which has dierent benets and drawbacks. Proof-of-Authority (PoA) is a new family of BFT consensus algorithms largely used in practice which ensure better perf...
Article
Full-text available
This document is the main high-level architecture specification of the SUNFISH cloud federation solution. Its main objective is to introduce the concept of Federation-as-a-Service (FaaS) and the SUNFISH platform. FaaS is the new and innovative cloud federation service proposed by the SUNFISH project. The document defines the functionalities of FaaS...
Conference Paper
Full-text available
As data provenance becomes a significant metadata in validating the origin of information and asserting its quality, it is crucial to hide the sensitive information of provenance data to enable trustworthi-ness prior to sharing provenance in open environments such as the Web. In this paper, a graph rewriting system is constructed from the PROV data...
Article
Full-text available
This paper provides a type theoretic foundation for descriptive types that appear in Linked Data. Linked Data is data published on the Web according to principles and standards supported by the W3C. Such Linked Data is inherently messy: this is due to the fact that instead of being assigned a strict a priori schema, the schema is inferred a posteri...
Conference Paper
Full-text available
Provenance is a record that describes the people, institutions, entities, and activities involved in producing, influencing, or delivering a piece of data or a thing. In particular, the provenance of information is crucial in deciding whether information is to be trusted. PROV is a recent W3C specification for sharing provenance over the Web. Howev...
Article
Full-text available
We provide an introduction to the Web of Linked Data from the perspective of a Web developer who would like to build an application using Linked Data. We identify a weakness in the development stack, namely a lack of domain specific scripting languages for designing background processes that consume Linked Data. To address this weakness, we design...
Article
The aim of this work is to verify an algebra for high level languages for reading and writing Linked Data. Linked Data is raw data published on the Web and interlinked using a collection of standards. The main innovation is simply to use dereferenceable URIs as global identifiers in data, rather than a key local to a dataset. This introduces signif...
Article
This work introduces the notion of descriptive typing. Type systems are typically prescriptive in the sense that they prescribe a space of permitted programs. In contrast, descriptive types assigned to resources in Linked Data provide useful annotations that describe how a resource may be used. Resources are represented by URIs that have no interna...
Article
Full-text available
Anonymity is a security property of paramount importance, as we move steadily towards a wired, online community. Its import touches upon subjects as different as eGovernance, eBusiness and eLeisure, as well as personal freedom of speech in authoritarian societies. Trust metrics are used in anonymity networks to support and enhance reliability in th...
Article
Full-text available
In modern global networks, principals usually have incomplete information about each other. Therefore trust and reputation frameworks have been recently adopted to maximise the security level by basing decision making on estimated trust values for network peers. Existing models for trust and reputation have ignored dynamic behaviours, or introduced...
Article
Full-text available
The Web of Linked Data is the cumulation of over a decade of work by the Web standards community in their effort to make data more Web-like. We provide an introduction to the Web of Linked Data from the perspective of a Web developer that would like to build an application using Linked Data. We identify a weakness in the development stack as being...
Article
We introduce weighted GSOS, a general syntactic framework to specify well-behaved transition systems where transitions are equipped with weights coming from a commutative monoid. We prove that weighted bisimilarity is a congruence on systems defined by weighted GSOS specifications. We illustrate the flexibility of the framework by instantiating it...
Article
Full-text available
Linked Data provides some sensible guidelines for publishing and consuming data on the Web. Data published on the Web has no inherent truth, yet its quality can often be assessed based on its provenance. This work introduces a new approach to provenance for Linked Data. The simplest notion of provenance–viz., a named graph indicating where the data...
Chapter
In this annex, we will set out a few examples of the anonymisation of data, to indicate the range of techniques available to the information manager. The aim is not to provide a manual of anonymisation, but to give a flavour of the field, and of the variety of the options. We do not pretend that this is an exhaustive list of methods, or that the me...
Chapter
In this annex, we will set out a few examples of the anonymisation of data, to indicate the range of techniques available to the information manager. The aim is not to provide a manual of anonymisation, but to give a flavour of the field, and of the variety of the options. We do not pretend that this is an exhaustive list of methods, or that the me...
Conference Paper
Full-text available
Concurrent fine grained updates are essential for using RDF stores in dynamic modern Web applications, where users increasingly contribute content as often as they read content. SPARQL Update is a language proposed by the W3C for fine grained updates for RDF stores. In this work we propose an operational semantics for SPARQL Update, suggesting a po...
Conference Paper
Full-text available
Anonymity systems are of paramount and growing importance in communication networks. They rely on users to cooperate to the realisation of an effective anonymity service. Yet, existing systems are marred by the action of ‘selfish’ free-loaders, so that several cooperation incentives are being proposed. We propose a game-theoretic model of incentive...
Conference Paper
Anonymity is a security property of paramount importance as it helps to protect users' privacy by ensuring that their identity remains unknown. Anonymity protocols generally suffer from denial of service (DoS) attack, as repeated message retransmission affords more opportunities for attackers to analyse traffic and lower the protocols' privacy. In...
Conference Paper
A foundation is investigated for the application of loosely structured data on the Web. This area is often referred to as Linked Data, due to the use of URIs in data to establish links. This work focuses on emerging W3C standards which specify query languages for Linked Data. The approach is to provide an abstract syntax to capture Linked Data stru...
Article
Full-text available
A foundation is investigated for the application of loosely structured data on the Web. This area is often referred to as Linked Data, due to the use of URIs in data to establish links. This work focuses on emerging W3C standards which specify query languages for Linked Data. The approach is to provide an abstract syntax to capture Linked Data stru...
Article
Full-text available
We develop local reasoning techniques for message passing concurrent programs based on ideas from separation logics and resource usage analysis. We extend processes with permission- resources and define a reduction semantics for this extended language. This provides a foundation for interpreting separation formulas for message-passing concurrency....
Article
The term Linked Data is used to describe ubiquitous and emerging semi-structured data formats on the Web. URIs in Linked Data allow diverse data sources to link to each other, forming a Web of Data. A calculus which models concurrent queries and updates over Linked Data is presented. The calculus exhibits operations essential for declaring rich ato...
Conference Paper
Full-text available
Anonymity is a security property of paramount importance, as we move steadily towards a wired, online community. Its import touches upon subjects as different as eGovernance, eBusiness and eLeisure, as well as personal freedom of speech in authoritarian societies. Trust metrics are used in anonymity networks to support and enhance reliability in th...
Article
Full-text available
Belief and vulnerability have been proposed re- cently to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to cope w...
Conference Paper
Belief and vulnerability have been proposed re- cently to quantify information flow in security systems. Both concepts stand as alternatives to the traditional approaches founded on Shannon entropy and mutual information, which were shown to provide inadequate security guarantees. In this paper we unify the two concepts in one model so as to cope w...
Article
Preface to the `Logical Methods in Computer Science', special issue dedicated to ICALP 2006, Track B: Logic, Semantics and Theory of Programming
Conference Paper
Full-text available
The existing analysis of the Crowds anonymity protocol assumes that a participating member is either ‘honest’ or ‘corrupted’. This paper generalises this analysis so that each member is assumed to maliciously disclose the identity of other nodes with a probability determined by her vulnerability to corruption. Within this model, the trust in a prin...
Article
A calculus for modelling concurrent querying and maintenance of linked data is presented. The model is based on processes where the basic operations of querying and updating linked data are primitive. The model is executable due to its operational semantics. A type system ensures that names referring to entities within the model are used correctly....
Article
Talk given at University of Bamberg, Germany on 14.12.09
Article
A calculus for modelling concurrent querying and maintenance of Linked Data is presented. The model is based on processes where the basic operations of querying and updating linked data are primitive. The model is executable due to its operational semantics. A light type system based on RDFS ensures that names which refer to entities within the mod...
Conference Paper
Full-text available
Probabilistic trust has been adopted as an approach to taking security sensitive decisions in modern global computing environments. Existing probabilistic trust frameworks either assume fixed behaviour for the principals or incorporate the notion of `decay' as an ad hoc approach to cope with their dynamic behaviour. Using Hidden Markov Models (HMMs...
Article
Full-text available
We analyse the \textsc{Crowds} anonymity protocol under the novel assumption that the attacker has independent knowledge on behavioural patterns of individual users. Under such conditions we study, reformulate and extend Reiter and Rubin's notion of probable innocence, and provide a new formalisation for it based on the concept of protocol vulnerab...
Article
Research in models for experience-based trust management has either ignored the problem of modelling and reasoning about dynamically changing principal behaviour, or provided ad hoc solutions to it. Probability theory provides a foundation for addressing this and many other issues in a rigorous and mathematically sound manner. Using Hidden Markov M...
Article
Research in models for experience-based trust management has either ignored the problem of modelling and reasoning about dynamically changing principal behaviour, or provided ad hoc solutions to it. Probability theory provides a foundation for addressing this and many other issues in a rigorous and mathematically sound manner. Using Hidden Markov M...
Conference Paper
We argue briefly for the role of computational trust in ubiquitous computing, and in particular for the need of a formal foundation for computational trust. We provide two examples towards such a foun- dation: a formal foundation for a some probabilistic approaches from the literature, and a formal framework for comparing probabilistic trust models...
Conference Paper
Full-text available
We present a formalism for provenance in distributed systems based on the ?-calculus. Its main feature is that all data products are annotated with metadata represent- ing their provenance. The calculus is given a provenance tracking semantics, which ensures that data provenance is updated as the computation proceeds. The calculus also enjoys a pat...
Article
Full-text available
We present a formalism for provenance in distributed systems based on the π-calculus. Its main feature is that all data products are annotated with metadata represent- ing their provenance. The calculus is given a provenance tracking semantics, which ensures that data provenance is updated as the computation proceeds. The calculus also enjoys a pat...
Article
Talk given at ECS, Southampton on 21.10.09
Article
Talk given at INRIA Saclay, Paris on 5.11.09
Article
Talk given at University of Bamberg, Germany on 14.12.09
Article
A unified programming environment, the syndication calculus, is proposed for several technological trends which are attaining a ubiquitous status on the web. Trends suggest a range of technologies providing closely related minimalistic protocols for the management of resources with respect to collections — popularly referred to as feeds. An apparen...
Conference Paper
Full-text available
The BCS launched its first international academic conference, intended as a major international event totake place in the UK. This year's theme was 'Visions of Computer Science'. Our aim was to establish the pattern of a high-quality wide-spectrum UK-based conference, with a strong international profile. Moreover, to energise the UK community and b...
Article
Full-text available
Proceedings of Visions of Computer Science - BCS International Academic Conference
Article
Full-text available
We recapture some of the arguments for trust-based technologies in ubiquitous computing, followed by a brief survey of some of the models of trust that have been introduced in this respect. Based on this, we argue for the need of more formal and foundational trust models.
Conference Paper
Ugo’s research activity in the area of Models of Computation (MoC, for short) has been prominent, influential and broadly scoped. In this introductory contribution we would like to recall some of the influential MoC models put forward by Ugo which cut across the three approaches.
Conference Paper
Full-text available
A syntactic framework called SGSOS, for defining well-behaved Markovian stochastic transition systems, is introduced by analogy to the GSOS congruence format for nondeterministic processes. Stochastic bisimilarity is guaranteed a congruence for systems defined by SGSOS rules. Associativity of parallel composition in stochastic process algebras is als...
Article
We introduce the model of Markov nets, a probabilistic extension of safe Petri nets under the true-concurrency semantics-this means that traces, not firing sequences, are given a probability. This model builds upon our previous work on probabilistic ...
Book
Special issue of Theoretical Computer Science dedicated to Fossacs 2005
Article
Full-text available
Reputation systems are meta systems that record, aggregate and distribute information about principals' behaviour in distributed applications. Similarly, history-based access control systems make decisions based on programs' past security-sensitive actions. While the applications are distinct, the two types of systems are fundamentally making decis...
Article
Full-text available
Ugo’s research activity in the area ofModels of Computation (MoC, for short) has been prominent, influential and broadly scoped. Ugo’s trademark is that undefinable ability to understand and distill computational aspects into new models as if you were reading them out of some evident connection between well-know models: only, most often, that conne...
Article
Talk given at "UbiCom Grand Challenge Retreat", Nottingham 30.10.08
Article
Talk given at "UbiCom Grand Challenge Retreat", Nottingham 30.10.08
Article
Talk given at ECS, Southampton 20.10.08
Article
This paper presents an object-oriented, Java-like core language with primitives for distributed programming and explicit code mobility. We apply our formulation to prove the correctness of several optimisations for distributed programs. Our language ...
Article
Full-text available
Aiming at a unified view of the logics describing spatial structures, we introduce a gen- eral framework, BiLog, whose formulae characterise monoidal categories. As a first instance of the framework we consider bigraphs, which are emerging as a an interesting (meta-)model for spatial structures and distributed calculi. Since bigraphs are built orth...
Article
Full-text available
The application scenarios envisioned for 'global ubiquitous computing ' have unique re- quirements that are often incompatible with traditional security paradigms. One alternative currently being investigated is to support security decision-making by explicit representa- tion of principals' trusting relationships, i.e., via systems for computationa...
Conference Paper
Full-text available
We use the framework of biorthogonality to introduce a novel semantic definition of the concept of barb (basic observable) for process calculi. We develop a uniform basic theory of barbs and demonstrate its robustness by showing that it gives rise to the correct observables in specific process calculi which model synchronous, asynchronous and broad...

Network