DCISSP 2021 Abstracts

Short Papers
Paper Nr: 1

Security Aspects about Internet of Things Networks, Devices and Protocols


Ivan Vaccari

Abstract: In the Internet of Things environment, simple objects gain the ability to manage, process and communicate data of the surrounding environment to other IoT devices or to more complex systems (nowadays we talk about almost any device connected to the network, from smartphones to cars). In the IoT world, people and objects can directly interact with each other, thanks to the spread of smartphones, tablets and other mobile devices that allow people to access on Internet from anywhere. Thanks to the rapid developments in the underlying technologies, the IoT offers enormous opportunities for a large number of new applications that promise to improve the quality of human life. In recent years, the IoT context attracted researchers and professionals around the world, due to the potential benefits that these technologies could bring. IoT networks and devices are widely adopted in different scenarios such as Home Automation, Industry 4.0, Healthcare, Critical Infrastructure, Robotics and Automotive: with IoT devices and networks, it is possible to remotely control physical quantities such as temperatures and humidity or to control more complex systems such as smart light bulbs, robots, health parameters, financial infrastructures and smart integrated systems. The IoT technology is mainly used to monitor and control extremely sensitive systems and information, due to the nature of the IoT devices and networks, some practical examples can be the monitoring of the health parameters of patients or the security cameras to control accesses. It is therefore easy to deduce that the cyber-security of IoT systems is a critical and trending topic to be explored since cyber-attacks on these systems can create huge damage in terms of confidentially, integrity and availability (the CIA Triad). It is important and crucial to identify vulnerabilities in communication protocols or devices to prevent malicious users from exploiting these vulnerabilities to their advantages. Moreover, IoT devices, for their nature, have limited hardware resources and, for this reason, sometimes security aspects could be not considered. Finally, IoT devices are exposed over the global Internet in order to communicate with other systems or devices and these devices could be a target from malicious users.

Paper Nr: 2

Data Processing in Context: an Uncertain Regulation for a Big Data Society


Emanuela Podda

Abstract: As the quantity and complexity of data keeps increasing, individuals need to be aware of the level of privacy and data protection recognised to their data. The number of techniques to violate data protection tools and exploit data has increased exponentially, spinning the development of de-anonymization attacks, and increasing the vulnerability of information systems handling microdata. For this reason, implementing appropriate data minimization techniques and disclosure practices is essential, implying - as a first step - understanding the legal context and the terminology of the main data protection tools of privacy by design provided by the General Data Protection Regulation, as anonymization and pseudonymization.