The protection of sensitive information is typically addressed by employing access (and usage) control. Access control relies on policies specifying the actions that users can perform on data. Existing access control models and mechanisms, however, are not suited for the challenges introduced by modern IT systems and, in particular, by distributed and collaborative systems. This line of research addresses both foundational and practical challenges of access control with the aim of devising effective authorization mechanisms able to deal with the demands of modern IT systems and emerging technologies.
Data analytic for security
Access control and, in general, preventive security mechanisms are often too inflexible to be used in dynamic and open environments or can abused due to policy misconfiguration. The goal of this research line is to support organizations in the detection, prioritization and handling of security incidents. To this end, it is necessary to devise novel theories, methods and techniques for (i) analyzing user behavior and access patterns to determine whether the employed security policies have been infringed (ii) facilitating the analysis and assessment of detected security incidents and (iii) timely response to security incidents. In this respect, process mining, machine learning and quantitative security bear the potential of becoming important tools for the analysis of infringements and provide the foundations for the management of security risks.
Nowadays, many attacks start with some form of social engineering, which exploits individuals by manipulating them into disclosing sensitive information or introducing a threat into their organization. This research line aims at the understanding of an organization’s human attack surface and at devising mechanisms to mitigate the risks posed by social engineering attacks.