Luca Cavallaro's research while affiliated with University of Limerick and other places

Publications (21)

Article
Full-text available
A key aspect of engineering secure systems is identifying adequate security requirements to protect critical assets from harm. However, security requirements may compete with other requirements such as cost and usability. For this reason, they may only be satisfied partially and must be traded off against other requirements to achieve “good-enough...
Article
Full-text available
A digital forensic investigation aims to collect and analyse the evidence necessary to demonstrate a potential hypothesis of a digital crime. Despite the availability of several digital forensics tools, investigators still approach each crime case from scratch, postulating potential hypotheses and analysing large volumes of data. This paper propose...
Conference Paper
We propose the use of forensic requirements to drive the automation of a digital forensics process. We augment traditional reactive digital forensics processes with proactive evidence collection and analysis activities, and provide immediate investigative suggestions before an investigation starts. These activities adapt depending on suspicious eve...
Conference Paper
Applications that continuously gather and disclose personal information about users are increasingly common. While disclosing this information may be essential for these applications to function, it may also raise privacy concerns. Partly, this is due to frequently changing context that introduces new privacy threats, and makes it difficult to cont...
Article
In a dynamic environment where context changes frequently, users’ privacy requirements can also change. To satisfy such changing requirements, there is a need for continuous analysis to discover new threats and possible mitigation actions. A frequently changing context can also blur the boundary between public and personal space, making it difficul...
Conference Paper
Full-text available
This paper presents SecuriTAS, a tool to engineer adaptive security. It allows software designers to model security concerns together with the requirements of a system. This model is then used at runtime to analyze changes in security concerns and select the best set of security controls necessary to protect the system.
Conference Paper
Full-text available
Pervasive environments are characterised by highly heterogeneous services and mobile devices with dynamic availability. Approaches such as that proposed by the Connect project provide means to enable such systems to be discovered and composed, through mediation where necessary. As services appear and disappear, the set of feasible compositions chan...
Article
Full-text available
Interoperability remains a fundamental challenge when connecting heterogeneous systems which encounter and spontaneously communicate with one another in pervasive computing environments. This challenge is exasperated by the highly heterogeneous technologies employed by each of the interacting parties, i.e., in terms of hardware, operating system, m...
Article
Full-text available
The CONNECT Integrated Project aims at enabling continuous composition of Networked Systems (NSs) to respond to the evolution of functionalities provided to and required from the networked environment. CONNECT aims at dropping the interoperability barrier by adopting a revolutionary approach to the seamless networking of digital systems, that is, s...
Chapter
Full-text available
This chapter summarises the results achieved by the ArtDeco project and presents the overall approach for developing the models that the large-scale middleware infrastructure designed during the project uses to drive the behaviours of the information systems of a sample networked enterprise operating in the domain of wine production. This domain is...
Conference Paper
Full-text available
An important problem that arises during the execution of service-based applications concerns the ability to determine whether a running service can be substituted with one with a different interface, for example if the former is no longer available. Standard Bounded Model Checking techniques can be used to perform this check, but they must be able...
Conference Paper
Full-text available
This paper presents a novel approach to the design of self-adaptive service-oriented applications based on a new model called service tiles. The approach allows designers to develop a service-oriented system by building an assembly of component services that accomplishes the given goal. The assembly is computed automatically starting from the speci...
Article
In a previous work we presented an approach to allow invocation of services whose interface and behavior differ from each other. Such approach requires the definition of scripts by some human being able to completely understand the mismatches and properly combine the mapping functions. Furthermore, such approach requires an intensive effort from a...
Conference Paper
Aspect-oriented programming (AOP) fosters the coding of tangled concerns in separated units that are then woven to- gether in the executable system. Unfortunately, the oblivi- ous nature of the weaving process makes dicult to gure out the augmented system behavior. It is dicult, for ex- ample, to understand the eect of a change just by reading the...
Conference Paper
Full-text available
In Service Oriented Architectures (SOAs) services invoked in a composition can be replaced by other services, which are possibly discovered and bound at runtime. Most of the research efforts supporting this replacement assume that the interface of the interchangeable services are the same and known at design time. Such assumption is not realistic s...
Article
Full-text available
Research about service oriented architectures produced, in the last years, some frameworks that enable the develop-ment of self-adaptive service compositions supporting dy-namic binding. A developer can specify, at design time, an abstract service. At run time a concrete implementation of the abstract service is dynamically selected. In this scenar...
Article
The capability of dividing a big problem in smaller, inde-pendent and more tractable units is crucial for the success of the project. Object oriented decomposition uses to work well to manage decomposition in a software project. Altough there are some concerns that overcome the object oriented software decomposition schema. These concerns are calle...
Conference Paper
Full-text available
AspectJ aims at managing tangled concerns in Java sys- tems. Crosscutting aspect definitions are woven into the Java bytecode at compile-time. Whether the better mod- ularization introduced by aspects is real or just apparent remains unclear. While aspect separation may be useful to focus the programmer's attention on a specific concern, the oblivi...
Conference Paper
Full-text available
The AspectJ programming language allows for the expres- sion, in a compact way, of computations that aect several points in a program (join points), even without knowing where these point exactly are. This is claimed to ease the separation of cross-cutting code. However, it is not clear how real the separation is. In fact it might be dicult to figu...
Article
Full-text available
We describe a flaw which we individuated in the Object-Independent Authorization Protocol (OIAP), an authorization protocol which represents one of the building blocks of the Trusted Platform Module (TPM), the core of the Trusted Computing Platform (TP) as devised by the Trusted Computing Group (TCG) standards. In particular we show that the protoc...
Article
Full-text available
Service-oriented applications are typically built out of existing web-services (WSs) possibly made available by third party ven-dors. This requires that the application has to be able to evolve when the composing WSs are not anymore available or when new, more useful ones, are published. In this setting, an important prob-lem is to understand how t...

Citations

... We propose a mechanism to discover these conflicts. 3. In addition, we propose the use of a mediator based process to anticipate and prevent, when possible, the problem of timed (and non timed) conflicts. ...
... Saadatmand et al. [64] propose an approach that automatically, based on a fuzzy logic extension of the TOPSIS decision-making method, analyzes UML class models annotated with non-functional requirements in order to evaluate different design alternatives and identify which one leads to better overall satisfaction of non-functional requirements. For the same purpose, Pasquale et al. [52] propose to use the KAOS goal-oriented approach to study interactions between security requirements such as confidentiality and other organizational and non-functional requirements such as cost budget and performance, respectively. The proposed approach uses a SMT solver to interpret the KAOS models and automate the execution of the trade-off analyses. ...
... In the latter case, the context instance corresponds to the current context of a running system. The latter case assumes a requirements model at runtime [36,37] that facilitates runtime adaptation, such as the goal-based service composition approach in [38]. The advances in sensor and context-aware technologies enable the capture of runtime context instances, and various methods for capturing this (implicit) context are considerably discussed in the literature. ...
... An insider threat generally caused by authorized users of the system [66]. The internal user regarded as the inside attacker. ...
... The validation considered admissibility of the evidence, plausibility of the evidence and corroboration among evidence; these consisted the basis for rebuttals. Pasquale et al. (2013) applied it in the context of forensic readiness for incident response. ...
... Omoronyia et al. [36] proposed an adaptive privacy framework to support the selective disclosure of personal information in mobile apps. The framework exploited privacy awareness requirements (PAR) to identify the runtime privacy properties that should be satisfied in order to manage the changing privacy concerns of users. ...
... A large number of existing studies have investigated methods to preserve and protect privacy in software development. Several studies have proposed approaches to derive privacy requirements from organisational goals (Kalloniatis et al., 2008), data protection and privacy regulations (Breaux and Antón, 2008;Mihaylov et al., 2016;Ayala-Rivera and Pasquale, 2018;Guo et al., 2020) or privacy policies (Omoronyia et al., 2012;Massey et al., 2013) to ensure that software systems comply with those restrictions and/or constraints. Tschersich et al. (2011) andYang et al. (2016) presented frameworks for designing privacypreserving architecture in software development. ...
... This approach requires however the software to be executed with the highest priority and with interrupts turned off. Successful attacks on TPM based software attestation solutions have been presented in [2,12,22]. Potential means to improve the security of this type of attestation have been introduced in [12,22]. ...
... Service selection and replacement at runtime is performed assuming that all implementations of an abstract service have different interfaces or adopt different communication protocols. These mismatches are solved exploiting the semantic annotations of service descriptions as described in [4]. The relation of inputParameter and outputParameter of an activity is specified by the Parameter element. ...
... There are several approaches available for slicing of AOPs [2,17,20], but there is a scarcity of slicing techniques for distributed AOPs. ...