About
161
Publications
37,036
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
2,216
Citations
Introduction
Valentina Casola is currently an Associate Professor at the Department of Electrical Engeenering and Information Technology Computer of the University of Napoli Federico II.
Her research activities are both theoretical and experimental and are mainly focused on the design of secure distributed systems. She is currently involved into two EU projects (http://www.specs-project.eu/, http://musa-project.eu/) on Security and Service Level Agreements in the Cloud.
Additional affiliations
October 2015 - present
January 2013 - October 2015
June 2005 - January 2013
Education
September 1994 - June 2001
Publications
Publications (161)
Both cloud and GRID are computing paradigms for the large-scale management of distributed resources, and currently their integration is of great interest. This is typically obtained through the Infrastructure-as-a-Service cloud model, which is exploited in the GRID context to offer machine with full administration rights to users. In this paper the...
Validating an end-entity X. 509 digital certificate prior to authorizing it for using a resource into the computational Grid has become a widely studied topic due to its importance for security. A more comprehensive validation process involves not only a real-time check on the credential's status, but also an evaluation of the trust level applicabl...
Cooperative services in Service Oriented Architectures (SOA) inter act and delegate jobs to each other; when they have to
respect a Service Level Agreement (SLA) they need to explicitly manage it amongst each other. SLAs and, above all, security-SLAs,
are usually expressed in ambiguous ways and this implies that they need to be manually evaluated b...
Dealing with the provisioning of Cloud services granted by Security SLAs is a very challenging research topic. At the state of the art, the main related issues involve: (i) representing security features so that it is understandable by both customers and providers and measurable (by means of verifiable security-related Service Level Objectives (SLO...
In many Internet of Things (IoT) applications, resource-constrained devices often collaborate in groups for the acquisition, transmission, and management of sensitive information. To uphold the security of these operations, symmetric encryption algorithms are commonly employed due to their efficiency and speed. Nevertheless, establishing a key mana...
Convolutional Neural Networks (CNNs) have achieved superhuman performance in computer vision tasks. However, these networks are becoming both increasingly complex and resource-intensive, and are susceptible to adversarial attacks. On one hand, to counter complexity and resource-related limitations, various techniques such as Quantization and Approx...
In the last few decades, the increasing adoption of computer systems for monitoring and control applications has fostered growing attention to real-time behavior, i.e., the property that ensures predictable reaction times to external events. In this perspective, performance of the interrupt management mechanisms are among the most relevant aspects...
Convolutional Neural Networks (CNNs), have demonstrated remarkable performance across a range of domains, including computer vision and healthcare. However, they encounter challenges related to the increasing demands for resources and their susceptibility to adversarial attacks. Despite the significance of these challenges, they are often addressed...
With the rapid proliferation of Internet of Things systems, ensuring secure communication for those applications that need to exchange sensitive and/or critical data is one of the major issues to be faced. Traditional security mechanisms are often impractical due to the constrained resources typically available on IoT devices. On the other hand, Ph...
Nowadays, the edge-cloud (EC) paradigm is adopted in several domains, including manufacturing, health, and critical infrastructure management. Identifying existing threats and vulnerabilities of an EC system and determining appropriate countermeasures is a costly and time-consuming process due to the inherent system complexity and to the heterogene...
In recent years, there has been an increase in Cloud Continuum adoption to support Internet of Things applications. Inevitably, such a paradigm introduces novel security challenges, particularly concerning the security of communicating nodes to prevent malicious actors from tampering within the network, and ensuring the confidentiality of sensitive...
Modern industries widely rely upon software and IT services, in a context where cybercrime is rapidly spreading
in more and more sectors. Unfortunately, despite greater general awareness of security risks and the availability
of security tools that can help to cope with those risks, many organizations (especially medium/small-size ones)
still lag w...
The spread of computing-systems, especially the real-time embedded ones, is rapidly growing in the last years, since they find usage in numerous fields of application, including, but not limited to, industry process, critical infrastructures, transportation systems, as so forth.
Indeed, in these fields, precise time-constraints hold; hence, tasks n...
Continuous compliance and living traceability, i.e., assure the technical quality of the software during the incremental flow of the agile process and trace the requirements’ implementation at any time during the development cycle, are two of the most challenging aspects of adopting agile methodologies in the safety critical domain. This is even mo...
The concept behind Internet of Things (IoT) involves
connecting physical objects to the internet and endowing them
with the ability to identify one another and exchange data. This
communication paradigm arises new security challenges. Mainly,
authenticity of network nodes, to let ones with malicious intent
not thrive in such a network; and confiden...
The evolution of Cloud Computing into a service utility, along with the pervasive adoption of the IoT paradigm, has promoted a significant growth in the need of computational and storage services. The traditional use of cloud services, focused on the consumption of one provider, is not valid anymore due to different shortcomings being the risk of v...
In the last years, agile methodologies are gaining substantial momentum, becoming increasingly popular in a broad plethora of industrial contexts. Unfortunately, many obstacles have been met while pursuing adoption in secure and safe systems, where different standards and operational constraints apply. In this paper, we propose a novel agile method...
The growing markets of Cloud services and IoT platforms have dramatically raised system flexibility and deployment options. However, increasing complexity and dependency on third-party providers make it difficult to assess the security and privacy levels that distributed systems can offer to their users. In the last years, machine-readable Service...
Cyber-physical systems (CPSs) rely upon the deep integration of computation and physical processes/systems, enabled by Internet of Things (IoT), edge computing, and cloud technologies. Noticeably, cybersecurity is a major concern in CPSs, since attacks may exploit both cyber and physical vulnerabilities and damage significantly physical equipment,...
The adoption of agile methodologies in all domains of software development is a desired goal. Unfortunately, many obstacles have been meet in the past for a full adoption in secure and safe systems, where different standards and operational constraints apply. In this paper we propose a novel agile methodology to be applied in the development of saf...
The fourth industrial revolution, or Industry 4.0, brings together digital and physical technologies to create responsive and interconnected operations. Companies use AI, robotics, edge computing, and the cloud to make informed and timely decisions from the supply chain to the smart factory. Solutions designed for the Industrial Internet of Things...
e-Health applications enable one to acquire, process, and share patient medical data to improve diagnosis, treatment, and patient monitoring. Despite the undeniable benefits brought by the digitization of health systems, the transmission of and access to medical information raises critical issues, mainly related to security and privacy. While sever...
Over the last decades, the concept of cybersecurity has been gaining weight in many fields, such as industry or telecommunications, among others. Cybersecurity is defined as a set of processes and technologies designed to protect programs, computers, communication networks and data against attacks and/or unauthorized access, thus ensuring the confi...
The growing convergence among Information and Operation Technology worlds in modern Industrial Internet of Things (IIoT) systems is posing new security challenges, requiring the adoption of novel security mechanisms involving light architectures and protocols to cope with IIoT devices resource constraints. In this paper, we investigate the adoption...
Clinical de-identification aims to identify Protected Health Information in clinical data, enabling data sharing and publication. First automatic de-identification systems were based on rules or on machine learning methods, limited by language changes, lack of context awareness and time consuming feature engineering. Newer deep learning techniques...
In the last years, the need to de-identify privacy-sensitive information within Electronic Health Records (EHRs) has become increasingly felt and extremely relevant to encourage the sharing and publication of their content in accordance with the restrictions imposed by both national and supranational privacy authorities. In the field of Natural Lan...
The COrona VIrus Disease 19 (COVID-19) pandemic required the work of all global experts to tackle it. Despite the abundance of new studies, privacy laws prevent their dissemination for medical investigations: through clinical de-identification, the Protected Health Information (PHI) contained therein can be anonymized so that medical records can be...
This article introduces a model for cloud-aware enterprise governance with a focus on its semantic aspects. It considers the need for Business-IT/OT and Governance-Security alignments. The proposed model suggests the usage of ontologies as specific tools to address the governance of each IT/OT environment in a holistic way. The concrete utilization...
DevOps is becoming one of the most popular software development methodologies, especially for cloud-based applications. In spite of its popularity, it is still difficult to integrate non-functional requirements, such as security, in the full application development life-cycle. In some recent works, security DevOps (or SecDevOps) has been introduced...
As cloud services become central in an increasing number of applications, they process and store more personal and business-critical data. At the same time, privacy and compliance regulations such as GDPR, the EU ePrivacy regulation, PCI, and the upcoming EU Cybersecurity Act raise the bar for secure processing and traceability of critical data. Es...
Cloud computing, Edge computing and IoT are significantly changing from the original architectural models with a pure provisioning of virtual resources (and services) to a transparent and adaptive hosting environment where cloud providers, as well as “on-premise” resources and end-nodes, fully realize the “everything-as-a-service” provisioning conc...
Recent software development methodologies, as DevOps or Agile, are very popular and widely used, especially for the development of cloud services and applications. They dramatically reduce the time-to-market of developed software but, at the same time, they can be hardly integrated with security design and risk management methodologies. These canno...
Security assessment is a very time- and money-consuming activity. It needs specialized security skills and, furthermore, it is not fully integrated into the software development life-cycle.
One of the best solutions for the security testing of an application relies on the use of penetration testing techniques. Unfortunately, penetration testing is...
Security assessment is a very time- and money-consuming activity. It needs specialized security skills and, furthermore, it is not fully integrated into the software development life-cycle.
One of the best solutions for the security testing of an application relies on the use of penetration testing techniques. Unfortunately, penetration testing is...
This book constitutes the refereed proceedings of the 32nd IFIP WG 6.1 International Conference on Testing Software and Systems, ICTSS 2020, which was supposed to be held in Naples, Italy, in December 2020, but was held virtually due to the COVID-19 pandemic.
The 17 regular papers and 4 short papers presented were carefully reviewed and selected fr...
Internet of Things (IoT) ecosystems are recently experiencing a significant grow in complexity. Most IoT applications in domains like healthcare, industry, automotive and smart energy are composed of several interconnected sub-systems that produce, collect, process and exchange a huge amount of data, and that offer composite services to the end-use...
The wide adoption of the Internet of Things (IoT) paradigm in several application domains has raised new security issues, which should be carefully taken into account to achieve a real benefit from the indisputable innovation potential of IoT. In fact, the heterogeneity of involved technologies, including the integration of different resource-const...
The need for SIEM systems increased in the last
few years, especially as cyber-attacks are evolving and targeting
enterprises, which may cause discontinuity of their services,
leakage of their data, and affect their reputation. Cybersecurity
breaches can range from no or limited impact to stealing or
manipulation of data, or even taking control of...
The Internet of Things (IoT) has recently become one of the most relevant emerging technologies in the IT landscape. IoT systems are characterized by the high heterogeneity of involved architectural components (e.g., device platforms, services, networks, architectures) and involve a multiplicity of application domains. In the IoT scenario, the iden...
The widespread diffusion of cloud computing is still slowed down by security and performance concerns. As a matter of fact, issues such as security and confidentiality of data on one hand, fluctuating performance on the other are still limiting factors for the switch from on-premise to cloud-hosted environments. This paper sketches the structure of...
Designing and assessing the security of IoT systems is very challenging, mainly due to the fact that new threats and vulnerabilities affecting IoT devices are continually discovered and published. Moreover, new (typically low-cost) devices are continuously plugged-in into IoT systems, thus introducing unpredictable security issues. This paper propo...
The large adoption of cloud services in many business domains dramatically increases the need for effective solutions to improve the security of deployed services. The adoption of Security Service Level Agreements (Security SLAs) represents an effective solution to state formally the security guarantees that a cloud service is able to provide. Even...
Cloud monitoring and, above all, security monitoring, is of fundamental importance for both providers and consumers. The availability of effective security metrics and related monitoring tools would not only improve the trust of consumers in acquired services and the control of providers over their infrastructures, but it would also enable the adop...
Currently, an increasing number of customers require cloud services with guaranteed security levels. At this aim, the adoption of multi-cloud strategies is spreading in a large number of interesting application domains, since they may potentially improve security and reduce development costs. However, the problem of identifying the optimal distribu...
Next generation Data Centers (ngDC) provide a significant evolution how storage resources can be provisioned. They are cloud-based architectures offering flexible IT infrastructure and services through the virtualization of resources: managing in an integrated way compute, network and storage resources. Despite the multitude of benefits available w...
Security issues are still posing limitations to the full exploitation of the potential of the cloud computing paradigm, and cloud developers are more and more required to take security into account from the very beginning of the development process. Unfortunately, the application of classical security best practices may be not enough due to the inv...
This paper presents a security-by-design methodology for the development of cloud applications, which relies on Security SLAs as a means to express their security requirements. The process followed to build such Security SLAs entails the application of a risk analysis procedure aimed at identifying the main vulnerabilities affecting a cloud applica...
A key issue in electronic health systems is the underlying security and privacy risk. For example, confidential patient information or medical records ending up in the hands of a person not privy to the information could have far-reaching consequences. With the trend toward cloud computing use in the healthcare industry continuing to grow (for exam...
The perception of lack of control over resources deployed in the cloud may represent one of the critical factors for an organization to decide to cloudify or not its own services. The flat security features offered by commercial cloud providers to every customer, from simple practitioners to managers of huge amounts of sensitive data and services,...
We present a case study on the migration to a cloud computing environment of the advanced differential synthetic aperture radar interferometry (DInSAR) technique, referred to as Small BAseline Subset (SBAS), which is widely used for the investigation of Earth surface deformation phenomena. In particular, we focus on the SBAS parallel algorithmic so...
Next generation Data Centers (ngDC) are the cloud-based architectures devoted to offering infrastructure
services in flexible ways: managing in an integrated way compute, network and storage services. This solution
is very attractive from an organisation’s perspective but one of the main challenges to adoption is the perception
of loss of security...
This paper presents a web tool for the unsupervised retrieval of Earth's surface deformation from Synthetic Aperture Radar (SAR) satellite data. The system is based on the implementation of the Differential SAR Interferometry (DInSAR) algorithm referred to as Parallel Small BAseline Subset (P-SBAS) approach, within the Grid Processing on Demand (G-...
In this paper we present a monitoring architecture that is automatically configured and activated based on a signed Security SLA. Such monitoring architecture integrates different security-related monitoring tools (either developed ad-hoc or already available as open-source or commercial products) to collect measurements related to specific metrics...