2026
Conference article
Metadata Only Access
Advancements in Artificial Intelligence and Computer Vision for Biomedical Applications @SI-Lab
Marco Cafiso, Andrea Carboni, Claudia Caudai, Sara Colantonio, Francesco Conti, Mario D’acunto, Said Daoudagh, Giulio Del Corso, Riccardo Del Gratta, Danila Germanese, Giacomo Ignesti, Gianmarco Lazzini, Giuseppe Riccardo Leone, Barbara Leporini, Massimo Magrini, Massimo Martinelli, Davide Moroni, Ali Reza Omrani, Francesca Pardini, Maria Antonietta Pascali, Paolo Paradisi, Laura Sebastiaini, Marco Tampucci, Valeria Tateo, Federico Volpini
This paper summarizes recent research at the Signals and Images Lab (ISTI-CNR) leveraging artificial intelligence, machine learning, and computer vision to address complex biomedical challenges. We highlight advancements in trustworthy, explainable algorithmic foundations alongside their practical clinical applications across diagnostic imaging, physiological signal analysis and neuromotor rehabilitation.
Marco Cafiso, Andrea Carboni, Claudia Caudai, Sara Colantonio, Francesco Conti, Mario D’acunto, Said Daoudagh, Giulio Del Corso, Riccardo Del Gratta, Danila Germanese, Giacomo Ignesti, Gianmarco Lazzini, Giuseppe Riccardo Leone, Barbara Leporini, Massimo Magrini, Massimo Martinelli, Davide Moroni, Ali Reza Omrani, Francesca Pardini, Maria Antonietta Pascali, Paolo Paradisi, Laura Sebastiaini, Marco Tampucci, Valeria Tateo, Federico Volpini
This paper summarizes recent research at the Signals and Images Lab (ISTI-CNR) leveraging artificial intelligence, machine learning, and computer vision to address complex biomedical challenges. We highlight advancements in trustworthy, explainable algorithmic foundations alongside their practical clinical applications across diagnostic imaging, physiological signal analysis and neuromotor rehabilitation.
See at:
CNR IRIS 
2025
Other
Open Access
SI-Lab Annual Research Report 2024
Awais Ch Muhammad, Baiamonte A., Benassi A., Berti A., Bertini G., Buongiorno R, Bulotta D., Cafiso M., Carboni A., Carloni G., Caudai C., Colantonio S., Conti F., Daoudagh S., Del Corso G., Fusco G., Galesi G., Germanese D., Gravili S., Ignesti G., Kuruoglu E. E., Lazzini G., Leone G. R., Leporini B., Magrini M., Martinelli M., Omrani Ali Reza, Pachetti E., Papini O., Paradisi P., Pardini F., Pascali M. A., Pieri G., Reggiannini M., Righi M., Salerno E., Salvetti O., Scozzari A., Sebastiani L., Straface S., Tampucci M., Tarabella L., Tonazzini A., Moroni D.
The Signal & Images Laboratory (SI-Lab) is an interdisciplinary research group in computer vision, signal analysis, intelligent vision systems and multimedia data understanding. It is part of the Institute of Information Science and Technologies (ISTI) of the National Research Council of Italy (CNR). This report accounts for the research activities of the Signal and Images Laboratory of the Institute of Information Science and Technologies during the year 2024.DOI: 10.32079/isti-ar-2025/002
Metrics:
Awais Ch Muhammad, Baiamonte A., Benassi A., Berti A., Bertini G., Buongiorno R, Bulotta D., Cafiso M., Carboni A., Carloni G., Caudai C., Colantonio S., Conti F., Daoudagh S., Del Corso G., Fusco G., Galesi G., Germanese D., Gravili S., Ignesti G., Kuruoglu E. E., Lazzini G., Leone G. R., Leporini B., Magrini M., Martinelli M., Omrani Ali Reza, Pachetti E., Papini O., Paradisi P., Pardini F., Pascali M. A., Pieri G., Reggiannini M., Righi M., Salerno E., Salvetti O., Scozzari A., Sebastiani L., Straface S., Tampucci M., Tarabella L., Tonazzini A., Moroni D.
The Signal & Images Laboratory (SI-Lab) is an interdisciplinary research group in computer vision, signal analysis, intelligent vision systems and multimedia data understanding. It is part of the Institute of Information Science and Technologies (ISTI) of the National Research Council of Italy (CNR). This report accounts for the research activities of the Signal and Images Laboratory of the Institute of Information Science and Technologies during the year 2024.DOI: 10.32079/isti-ar-2025/002
Metrics:
2025
Conference article
Open Access
Leveraging AI for Signal and Image Analysis in Medicine and Health
Marco Cafiso, Andrea Carboni, Claudia Caudai, Sara Colantonio, Francesco Conti, Mario D’acunto, Said Daoudagh, Giulio Del Corso, Danila Germanese, Giacomo Ignesti, Gianmarco Lazzini, Giuseppe Riccardo Leone, Massimo Magrini, Davide Moroni, Francesca Pardini, Maria Antonietta Pascali, Paolo Paradisi, Federico Volpini
The integration of artificial intelligence (AI) into the medical domain is driving innovation and progress in healthcare. This paper summarizes the research activities that a multidisciplinary research group within the Signals and Images Lab of the Institute of Information Science and Technologies of the National Research Council of Italy is carrying out to explore the great potential of AI in several applications, e.g., in the analysis of biomedical data, and in the development of tools for enhancing trustworthiness and reliability of AI based systems. From cancer diagnosis and grading, to the analysis of body physiological signals to improve the understanding of dance movement therapy as an approach to healthy aging, this work highlights the paradigm shift that AI has brought into medicine and healthcare.Source: CEUR WORKSHOP PROCEEDINGS, vol. 4121. Trieste, June 23-24, 2025
Marco Cafiso, Andrea Carboni, Claudia Caudai, Sara Colantonio, Francesco Conti, Mario D’acunto, Said Daoudagh, Giulio Del Corso, Danila Germanese, Giacomo Ignesti, Gianmarco Lazzini, Giuseppe Riccardo Leone, Massimo Magrini, Davide Moroni, Francesca Pardini, Maria Antonietta Pascali, Paolo Paradisi, Federico Volpini
The integration of artificial intelligence (AI) into the medical domain is driving innovation and progress in healthcare. This paper summarizes the research activities that a multidisciplinary research group within the Signals and Images Lab of the Institute of Information Science and Technologies of the National Research Council of Italy is carrying out to explore the great potential of AI in several applications, e.g., in the analysis of biomedical data, and in the development of tools for enhancing trustworthiness and reliability of AI based systems. From cancer diagnosis and grading, to the analysis of body physiological signals to improve the understanding of dance movement therapy as an approach to healthy aging, this work highlights the paradigm shift that AI has brought into medicine and healthcare.Source: CEUR WORKSHOP PROCEEDINGS, vol. 4121. Trieste, June 23-24, 2025
See at:
ceur-ws.org 
| CNR IRIS | CNR IRIS
2025
Journal article
Open Access
Gender-responsive research and innovation: issues and initiatives
Nikghadam-Hojjati S., Marchetti E., Gustavsson M., Ferrada F., Oliveira Ana I., Halvarsson Lundqvist A., Fogelberg Eriksson A., Matei O. Liviu, Barata J., Kalateh S., Božić N., Stojanova S., Daoudagh S., Andreica L.
The demands and preferences of men are often prioritized in societal challenges, despite women comprising half of the world’s population. Gender-Responsive Research and Innovation (GRRI) offers an approach to address this bias, promoting comprehensive and equitable solutions to better-understood real-world problems. The successful implementation of GRRI depends on recognizing obstacles, staying informed about relevant initiatives, and using this knowledge to develop effective strategies, ultimately contributing to a fairer and more responsive society. This research, using a mixed-methods approach, identified 10 critical GRRI concerns, measures, and strategies to address them, as well as 18 noteworthy initiatives across research, industrial, and regulatory contextual fields. It also enhances the understanding of GRRI, laying the groundwork for an ontology of GRRI that can benefit policymakers, organizations, and researchers seeking more inclusive strategies and practices.Source: SUSTAINABILITY, vol. 17 (issue 13)
DOI: 10.3390/su17136215
Metrics:
Nikghadam-Hojjati S., Marchetti E., Gustavsson M., Ferrada F., Oliveira Ana I., Halvarsson Lundqvist A., Fogelberg Eriksson A., Matei O. Liviu, Barata J., Kalateh S., Božić N., Stojanova S., Daoudagh S., Andreica L.
The demands and preferences of men are often prioritized in societal challenges, despite women comprising half of the world’s population. Gender-Responsive Research and Innovation (GRRI) offers an approach to address this bias, promoting comprehensive and equitable solutions to better-understood real-world problems. The successful implementation of GRRI depends on recognizing obstacles, staying informed about relevant initiatives, and using this knowledge to develop effective strategies, ultimately contributing to a fairer and more responsive society. This research, using a mixed-methods approach, identified 10 critical GRRI concerns, measures, and strategies to address them, as well as 18 noteworthy initiatives across research, industrial, and regulatory contextual fields. It also enhances the understanding of GRRI, laying the groundwork for an ontology of GRRI that can benefit policymakers, organizations, and researchers seeking more inclusive strategies and practices.Source: SUSTAINABILITY, vol. 17 (issue 13)
DOI: 10.3390/su17136215
Metrics:
See at:
CNR IRIS | www.mdpi.com | CNR IRIS
2025
Conference article
Open Access
Assessment of dance movement therapy outcomes: a preliminary proposal
Daoudagh S., Ignesti G., Moroni D., Sebastiani L., Paradisi P.
Context: Dance Movement Therapy (DMT) is a therapeutic modality that utilizes movement to promote holistic well-being. Current DMT assessment methods rely heavily on the subjective judgment of the DMT professional. Objective: Our research aims to develop a framework composed of different components with specific functionalities that can be integrated with the DMT modality to improve the objectivity and efficiency of DMT evaluations. Method: The DMT framework consists of an experimental protocol for data collection and a reference-supporting architecture that includes components for video analysis, physiological signal management, and evaluation tools. Artificial Intelligence (AI) based human pose estimation techniques are also employed to derive the DMT participants’ poses during the DMT sessions for more reliable movement analysis. Results: Our preliminary results consist of demonstrating the effectiveness of the AI-based pose estimation tool, YOLO-NAS-Pose, in accurately detecting participants’ poses. Conclusion: The proposed framework offers a promising approach to improving DMT practices by integrating and leveraging AI-based human pose estimation to evaluate participants’ movement in the DMT setting objectively. Future research will focus on refining the framework and developing user-friendly tools for widespread adoption in real DMT contexts.Source: COMMUNICATIONS IN COMPUTER AND INFORMATION SCIENCE, vol. 2371, pp. 382-395. Porto, Portogallo, 21-22/11/2024
DOI: 10.1007/978-3-031-83845-3_23
Project(s): Tuscany Health Ecosystem
Metrics:
Daoudagh S., Ignesti G., Moroni D., Sebastiani L., Paradisi P.
Context: Dance Movement Therapy (DMT) is a therapeutic modality that utilizes movement to promote holistic well-being. Current DMT assessment methods rely heavily on the subjective judgment of the DMT professional. Objective: Our research aims to develop a framework composed of different components with specific functionalities that can be integrated with the DMT modality to improve the objectivity and efficiency of DMT evaluations. Method: The DMT framework consists of an experimental protocol for data collection and a reference-supporting architecture that includes components for video analysis, physiological signal management, and evaluation tools. Artificial Intelligence (AI) based human pose estimation techniques are also employed to derive the DMT participants’ poses during the DMT sessions for more reliable movement analysis. Results: Our preliminary results consist of demonstrating the effectiveness of the AI-based pose estimation tool, YOLO-NAS-Pose, in accurately detecting participants’ poses. Conclusion: The proposed framework offers a promising approach to improving DMT practices by integrating and leveraging AI-based human pose estimation to evaluate participants’ movement in the DMT setting objectively. Future research will focus on refining the framework and developing user-friendly tools for widespread adoption in real DMT contexts.Source: COMMUNICATIONS IN COMPUTER AND INFORMATION SCIENCE, vol. 2371, pp. 382-395. Porto, Portogallo, 21-22/11/2024
DOI: 10.1007/978-3-031-83845-3_23
Project(s): Tuscany Health Ecosystem
Metrics:
See at:
CNR IRIS | link.springer.com | CNR IRIS | CNR IRIS
2024
Journal article
Open Access
Towards enhanced monitoring framework with smart predictions
Calabrò A., Daoudagh S., Marchetti E.
redicting security and trust vulnerabilities and issues is crucial for IoT interconnected systems and ecosystems, especially when integrating new, third-party or open-source components. Objective: One way to ensure timely predictions is by using a smart monitoring framework to continuously verify functional and non-functional property violations during the executions of the systems and their components. Method: This paper presents a set of guidelines for the Smart Monitoring Framework definition and its application process. Results and Conclusion: The paper provides the reference architecture of the Smart Monitoring Framework and its possible implementation to promptly detect suspicious behavior or property violations. The paper also illustrates how the provided implementation satisfies the defined guidelines by design.Source: LOGIC JOURNAL OF THE IGPL, vol. 32 (issue 2), pp. 321-333
DOI: 10.1093/jigpal/jzae010
Project(s): BIECO
, CyberSec4Europe
Metrics:
Calabrò A., Daoudagh S., Marchetti E.
redicting security and trust vulnerabilities and issues is crucial for IoT interconnected systems and ecosystems, especially when integrating new, third-party or open-source components. Objective: One way to ensure timely predictions is by using a smart monitoring framework to continuously verify functional and non-functional property violations during the executions of the systems and their components. Method: This paper presents a set of guidelines for the Smart Monitoring Framework definition and its application process. Results and Conclusion: The paper provides the reference architecture of the Smart Monitoring Framework and its possible implementation to promptly detect suspicious behavior or property violations. The paper also illustrates how the provided implementation satisfies the defined guidelines by design.Source: LOGIC JOURNAL OF THE IGPL, vol. 32 (issue 2), pp. 321-333
DOI: 10.1093/jigpal/jzae010
Project(s): BIECO
, CyberSec4Europe Metrics:
See at:
academic.oup.com | CNR IRIS | Logic Journal of IGPL | IRIS Cnr | CNR IRIS | CNR IRIS
2024
Conference article
Open Access
2HCDL: Holistic Human-Centered Development Lifecycle
Said Daoudagh, Eda Marchetti, Oum-El-Kheir Aktouf
The recent events affecting global society continuously highlight the need to change the development lifecycle of complex systems by promoting human-centered solutions that increase awareness and ensure critical properties such as security, safety, trust, transparency, and privacy. This fast abstract introduces the Holistic Human-Centered Development Lifecycle (2HCDL) methodology focused on: (i) the enforcement of human values and properties and (ii) the mitigation and prevention of critical issues for more secure, safe, trustworthy, transparent, and private development processes.DOI: 10.48550/arxiv.2405.01566
DOI: https://doi.org/10.48550/arxiv.2405.01566
Project(s): BIECO, Tuscany Health Ecosystem
Metrics:
Said Daoudagh, Eda Marchetti, Oum-El-Kheir Aktouf
The recent events affecting global society continuously highlight the need to change the development lifecycle of complex systems by promoting human-centered solutions that increase awareness and ensure critical properties such as security, safety, trust, transparency, and privacy. This fast abstract introduces the Holistic Human-Centered Development Lifecycle (2HCDL) methodology focused on: (i) the enforcement of human values and properties and (ii) the mitigation and prevention of critical issues for more secure, safe, trustworthy, transparent, and private development processes.DOI: 10.48550/arxiv.2405.01566
DOI: https://doi.org/10.48550/arxiv.2405.01566
Project(s): BIECO
, Tuscany Health EcosystemMetrics:
See at:
CNR IRIS | arXiv.org e-Print Archive | doi.org | CNR IRIS
2024
Other
Restricted
Sistema di dance movement analysis: tracking ed estrazione di features
Cerri Lorenzo, Cerri L., Carta A., Daoudagh S., Paradisi P.
Cerri Lorenzo, Cerri L., Carta A., Daoudagh S., Paradisi P.
2023
Conference article
Open Access
Breakthroughs in testing and certification in cybersecurity: research gaps and open problems
Daoudagh S, Marchetti E
Software and hardware systems are becoming increasingly complex and interconnected, making their testing and certification more challenging, considering cybersecurity aspects. The trustworthiness, security, and quality of these systems call for innovative approaches to testing and certifications. This paper provides an overview of some of the most promising research directions in software and hardware testing and certification in the cybersecurity area. It outlines some of the critical challenges and opportunities for future research. We discuss each approach's potential benefits and challenges, highlight some key research questions to be addressed in each area, and investigate how they can be used to promote "Full Quality - positive-sum, not zero-sum" in developing software and hardware systems.Source: CEUR Workshop Proceedings. Bari, Italy, 03-05/05/2023
Project(s): BIECO, CyberSec4Europe
Daoudagh S, Marchetti E
Software and hardware systems are becoming increasingly complex and interconnected, making their testing and certification more challenging, considering cybersecurity aspects. The trustworthiness, security, and quality of these systems call for innovative approaches to testing and certifications. This paper provides an overview of some of the most promising research directions in software and hardware testing and certification in the cybersecurity area. It outlines some of the critical challenges and opportunities for future research. We discuss each approach's potential benefits and challenges, highlight some key research questions to be addressed in each area, and investigate how they can be used to promote "Full Quality - positive-sum, not zero-sum" in developing software and hardware systems.Source: CEUR Workshop Proceedings. Bari, Italy, 03-05/05/2023
Project(s): BIECO
, CyberSec4Europe
See at:
ceur-ws.org | CNR IRIS | ISTI Repository | CNR IRIS
2023
Journal article
Open Access
DAEMON: a domain-based monitoring ontology for IoT systems
Daoudagh S., Marchetti E., Calabrò A., Ferrada F., Oliveira A. I., Barata J., Peres R., Marques F.
Context: Internet of Things (IoT) is an emerging technology used in several contexts and domains.Objective: The work aims to define a technological reference solution specifically conceived for monitoring and assessing the behavior of IoT systems from the cybersecurity perspective when a new device or component joins the system.Method: We leverage semantic web technologies, such as ontologies, for defining DAEMON, a domain-based ontology that formally models monitoring, IoT, and System of Systems (SoS) domains' knowledge. We also propose a supporting architecture and describe the proof-of-concept implementing different components.Results and Conclusion: We have validated and showcased our proposal by instantiating DAEMON into a multi-robot autonomous navigation scenario applied to the intralogistics domain.Source: SN COMPUTER SCIENCE, vol. 4 (issue 5)
DOI: 10.1007/s42979-023-01975-y
DOI: https://doi.org/10.1007/s42979-023-01975-y
Project(s): BIECO
Metrics:
Daoudagh S., Marchetti E., Calabrò A., Ferrada F., Oliveira A. I., Barata J., Peres R., Marques F.
Context: Internet of Things (IoT) is an emerging technology used in several contexts and domains.Objective: The work aims to define a technological reference solution specifically conceived for monitoring and assessing the behavior of IoT systems from the cybersecurity perspective when a new device or component joins the system.Method: We leverage semantic web technologies, such as ontologies, for defining DAEMON, a domain-based ontology that formally models monitoring, IoT, and System of Systems (SoS) domains' knowledge. We also propose a supporting architecture and describe the proof-of-concept implementing different components.Results and Conclusion: We have validated and showcased our proposal by instantiating DAEMON into a multi-robot autonomous navigation scenario applied to the intralogistics domain.Source: SN COMPUTER SCIENCE, vol. 4 (issue 5)
DOI: 10.1007/s42979-023-01975-y
DOI: https://doi.org/10.1007/s42979-023-01975-y
Project(s): BIECO
Metrics:
See at:
SN Computer Science | CNR IRIS | ISTI Repository | CNR IRIS | CNR IRIS
2022
Conference article
Open Access
GROOT: a GDPR-based combinatorial testing approach
Daoudagh S, Marchetti E
For replying to the strict exigencies and rules imposed by the GDPR, ICT systems are currently adopting different means for managing personal data. However, due to their critical and crucial role, effective and efficient validation methods should be applied, taking into account the peculiarity of the reference legal framework (i.e., the GDPR). In this paper, we present GROOT, a generic combinatorial testing methodology specifically conceived for assessing the GDPR compliance and its contextualization in the context of access control domain.DOI: 10.1007/978-3-031-04673-5_17
Project(s): BIECO, CyberSec4Europe
Metrics:
Daoudagh S, Marchetti E
For replying to the strict exigencies and rules imposed by the GDPR, ICT systems are currently adopting different means for managing personal data. However, due to their critical and crucial role, effective and efficient validation methods should be applied, taking into account the peculiarity of the reference legal framework (i.e., the GDPR). In this paper, we present GROOT, a generic combinatorial testing methodology specifically conceived for assessing the GDPR compliance and its contextualization in the context of access control domain.DOI: 10.1007/978-3-031-04673-5_17
Project(s): BIECO
, CyberSec4Europe Metrics:
See at:
CNR IRIS | link.springer.com | ISTI Repository | doi.org | CNR IRIS | CNR IRIS
2022
Conference article
Open Access
Predictive simulation for building trust within service-based ecosystems
Cioroaica E, Daoudagh S, Marchetti E
Modern vehicles extend their system components outside the typical physical body, relying on functionalities provided by off-board resources within complex digital ecosystems. Focusing on the service-based connection within automotive smart ecosystems, in this paper we present the method of predictive simulation, based on the synergistic combination of Digital Twin execution and interface-based testing approaches, used for building trust in the interactions between a safety critical system and third parties.DOI: 10.1109/percomworkshops53856.2022.9767457
Project(s): BIECO
Metrics:
Cioroaica E, Daoudagh S, Marchetti E
Modern vehicles extend their system components outside the typical physical body, relying on functionalities provided by off-board resources within complex digital ecosystems. Focusing on the service-based connection within automotive smart ecosystems, in this paper we present the method of predictive simulation, based on the synergistic combination of Digital Twin execution and interface-based testing approaches, used for building trust in the interactions between a safety critical system and third parties.DOI: 10.1109/percomworkshops53856.2022.9767457
Project(s): BIECO
Metrics:
See at:
CNR IRIS | ieeexplore.ieee.org | ISTI Repository | doi.org | CNR IRIS | CNR IRIS
2022
Conference article
Open Access
An ontology-based solution for monitoring IoT cybersecurity
Daoudagh S., Marchetti E., Calabrò A., Ferrada F., Oliveira A. I., Barata J., Peres R., Marques F.
Context: Systems of Systems (SoSs) are becoming an emerging architecture, and they are used in several daily life contexts. Objective: The aim is to define a reference environment conceived for monitoring and assessing the behavior from the cybersecurity point of view of SoS when a new IoT device is added. Method: In this paper, we propose the Domain bAsEd Monitoring ONtology (DAEMON), an ontology that formally models knowledge about monitoring and System of Systems (SoS) domains. We also conceived a reference supporting architecture, and we provided the first proof-of-concept by implementing different components. Results and Conclusion: For the feasibility purpose, we have validated our proof-of-concept in the context of the EU BIECO project by considering a Robot Navigation use-case scenario.Source: IFIP ADVANCES IN INFORMATION AND COMMUNICATION TECHNOLOGY, pp. 158-176. Amsterdam, Netherlands, 27-28/10/2022
DOI: 10.1007/978-3-031-18872-5_10
Project(s): BIECO, CyberSec4Europe
Metrics:
Daoudagh S., Marchetti E., Calabrò A., Ferrada F., Oliveira A. I., Barata J., Peres R., Marques F.
Context: Systems of Systems (SoSs) are becoming an emerging architecture, and they are used in several daily life contexts. Objective: The aim is to define a reference environment conceived for monitoring and assessing the behavior from the cybersecurity point of view of SoS when a new IoT device is added. Method: In this paper, we propose the Domain bAsEd Monitoring ONtology (DAEMON), an ontology that formally models knowledge about monitoring and System of Systems (SoS) domains. We also conceived a reference supporting architecture, and we provided the first proof-of-concept by implementing different components. Results and Conclusion: For the feasibility purpose, we have validated our proof-of-concept in the context of the EU BIECO project by considering a Robot Navigation use-case scenario.Source: IFIP ADVANCES IN INFORMATION AND COMMUNICATION TECHNOLOGY, pp. 158-176. Amsterdam, Netherlands, 27-28/10/2022
DOI: 10.1007/978-3-031-18872-5_10
Project(s): BIECO
, CyberSec4Europe Metrics:
See at:
CNR IRIS | link.springer.com | ISTI Repository | doi.org | CNR IRIS | CNR IRIS
2022
Conference article
Open Access
The GDPR compliance and access control systems: challenges and research opportunities
Daoudagh S, Marchetti E
The General Data Protection Regulation (GDPR) is changing how Personal Data should be processed. Using Access Control Systems (ACSs) and their specific policies as practical means for assuring a by-design lawfully compliance with the privacy-preserving rules and provision is currently an increasingly researched topic. As a result, this newly born research field raises several research questions and paves the way for different solutions. This position paper would like to provide an overview of research challenges and questions concerning activities for analyzing, designing, implementing, and testing Access Control mechanisms (systems and policies) to guarantee compliance with the GDPR. Some possible answers to the open issues and future research directions and topics are also provided.DOI: 10.5220/0010912300003120
Project(s): COVR, BIECO , CyberSec4Europe
Metrics:
Daoudagh S, Marchetti E
The General Data Protection Regulation (GDPR) is changing how Personal Data should be processed. Using Access Control Systems (ACSs) and their specific policies as practical means for assuring a by-design lawfully compliance with the privacy-preserving rules and provision is currently an increasingly researched topic. As a result, this newly born research field raises several research questions and paves the way for different solutions. This position paper would like to provide an overview of research challenges and questions concerning activities for analyzing, designing, implementing, and testing Access Control mechanisms (systems and policies) to guarantee compliance with the GDPR. Some possible answers to the open issues and future research directions and topics are also provided.DOI: 10.5220/0010912300003120
Project(s): COVR
, BIECO , CyberSec4Europe Metrics:
See at:
doi.org | CNR IRIS | ISTI Repository | ISTI Repository | www.scitepress.org | CNR IRIS | CNR IRIS
2021
Journal article
Open Access
COVID-19 & privacy: enhancing of indoor localization architectures towards effective social distancing
Barsocchi P., Calabrò A., Crivello A., Daoudagh S., Furfari F., Girolami M., Marchetti E.
The way people access services in indoor environments has dramatically changed in the last year. The countermeasures to the COVID-19 pandemic imposed a disruptive requirement, namely preserving social distance among people in indoor environments. We explore in this work the possibility of adopting the indoor localization technologies to measure the distance among users in indoor environments. We discuss how information about people's contacts collected can be exploited during three stages: before, during, and after people access a service. We present a reference architecture for an Indoor Localization System (ILS), and we illustrate three representative use-cases. We derive some architectural requirements, and we discuss some issues that concretely cope with the real installation of an ILS in real-world settings. In particular, we explore the privacy and trust reputation of an ILS, the discovery phase, and the deployment of the ILS in real-world settings. We finally present an evaluation framework for assessing the performance of the architecture proposed.Source: ARRAY, vol. 9
DOI: 10.1016/j.array.2020.100051
Project(s): CyberSec4Europe
Metrics:
Barsocchi P., Calabrò A., Crivello A., Daoudagh S., Furfari F., Girolami M., Marchetti E.
The way people access services in indoor environments has dramatically changed in the last year. The countermeasures to the COVID-19 pandemic imposed a disruptive requirement, namely preserving social distance among people in indoor environments. We explore in this work the possibility of adopting the indoor localization technologies to measure the distance among users in indoor environments. We discuss how information about people's contacts collected can be exploited during three stages: before, during, and after people access a service. We present a reference architecture for an Indoor Localization System (ILS), and we illustrate three representative use-cases. We derive some architectural requirements, and we discuss some issues that concretely cope with the real installation of an ILS in real-world settings. In particular, we explore the privacy and trust reputation of an ILS, the discovery phase, and the deployment of the ILS in real-world settings. We finally present an evaluation framework for assessing the performance of the architecture proposed.Source: ARRAY, vol. 9
DOI: 10.1016/j.array.2020.100051
Project(s): CyberSec4Europe
Metrics:
See at:
Array | CNR IRIS | ISTI Repository | Array | CNR IRIS | CNR IRIS
2021
Conference article
Restricted
GRADUATION: a GDPR-based mutation methodology
Daoudagh S, Marchetti E
The adoption of the General Data Protection Regulation (GDPR) is enhancing different business and research opportunities that evidence the necessity of appropriate solutions supporting specification, processing, testing, and assessing the overall (personal) data management. This paper proposes GRADUATION (GdpR-bAseD mUtATION) methodology, for mutation analysis of data protection policies test cases. The new methodology provides generic mutation operators in reference to the currently applicable EU Data Protection Regulation. The preliminary implementation of the steps involved in the GDPR-based mutants derivation is also described.Source: COMMUNICATIONS IN COMPUTER AND INFORMATION SCIENCE (PRINT), pp. 311-324. Online conference, 08-10/09/2021
DOI: 10.1007/978-3-030-85347-1_23
Project(s): CyberSec4Europe
Metrics:
Daoudagh S, Marchetti E
The adoption of the General Data Protection Regulation (GDPR) is enhancing different business and research opportunities that evidence the necessity of appropriate solutions supporting specification, processing, testing, and assessing the overall (personal) data management. This paper proposes GRADUATION (GdpR-bAseD mUtATION) methodology, for mutation analysis of data protection policies test cases. The new methodology provides generic mutation operators in reference to the currently applicable EU Data Protection Regulation. The preliminary implementation of the steps involved in the GDPR-based mutants derivation is also described.Source: COMMUNICATIONS IN COMPUTER AND INFORMATION SCIENCE (PRINT), pp. 311-324. Online conference, 08-10/09/2021
DOI: 10.1007/978-3-030-85347-1_23
Project(s): CyberSec4Europe
Metrics:
See at:
CNR IRIS | CNR IRIS | link.springer.com | link.springer.com
2021
Conference article
Open Access
How to improve the GDPR compliance through consent management and access control
Daoudagh S, Marchetti E, Savarino V, Di Bernardo R, Alessi M
This paper presents a privacy-by-design solution based on Consent Manager (CM) and Access Control (AC) to aid organizations to comply with the GDPR. The idea is to start from the GDPR's text, transform it into a machine-readable format through a given CM, and then convert the obtained outcome to a set of enforceable Access Control Policies (ACPs). As a result, we have defined a layered architecture that makes any given system privacy-aware, i.e., systems that are compliant by-design with the GDPR. Furthermore, we have provided a proof-of-concept by integrating a Consent Manager coming from an industrial context and an AC Manager coming from academia.DOI: 10.5220/0010260205340541
Project(s): CyberSec4Europe
Metrics:
Daoudagh S, Marchetti E, Savarino V, Di Bernardo R, Alessi M
This paper presents a privacy-by-design solution based on Consent Manager (CM) and Access Control (AC) to aid organizations to comply with the GDPR. The idea is to start from the GDPR's text, transform it into a machine-readable format through a given CM, and then convert the obtained outcome to a set of enforceable Access Control Policies (ACPs). As a result, we have defined a layered architecture that makes any given system privacy-aware, i.e., systems that are compliant by-design with the GDPR. Furthermore, we have provided a proof-of-concept by integrating a Consent Manager coming from an industrial context and an AC Manager coming from academia.DOI: 10.5220/0010260205340541
Project(s): CyberSec4Europe
Metrics:
See at:
doi.org | CNR IRIS | ISTI Repository | www.scitepress.org | CNR IRIS | www.scopus.com
2021
Other
Open Access
The GDPR compliance through access control systems
Daoudagh S
The GDPR is changing how Personal Data should be processed. It states, in Art. 5.1(f), that "[data] should be processed in a manner that ensures appropriate security of the personal data [...], using appropriate technical or organizational measures (integrity and confidentiality)". We identify in the Access Control (AC) systems such a measure. Indeed, AC is the mechanism used to restrict access to data or systems according to Access Control Policies (ACPs), i.e., a set of rules that specify who has access to which resources and under which circumstances. In our view, the ACPs, when suitably enriched with attributes, elements and rules extracted from the GDPR provisions, can suitably specify the regulations and the AC systems can assure a by-design lawfully compliance with the privacy preserving rules. Vulnerabilities, threats, inaccuracies and misinterpretations that occur during the process of ACPs specification and AC systems implementation may have serious consequences for the security of personal data (security perspective) and for the lawfulness of the data processing (legal perspective). For mitigating these risks, this thesis provides a systematic process for automatically deriving, testing and enforcing ACPs and AC systems in line with the GDPR. Its data protection by-design solution promotes the adoption of AC systems ruled by policies systematically designed for expressing the GDPR's provisions. Specifically, the main contributions of this thesis are: (1) the definition of an Access Control Development Life Cycle for analyzing, designing, implementing and testing AC mechanisms (systems and policies) able to guarantee the compliance with the GDPR; (2) the realization of a reference architecture allowing the automatic application of the proposed Life Cycle; and (3) the use of the thesis proposal within five application examples highlighting the flexibility and feasibility of the proposal.Project(s): COVR, BIECO , CyberSec4Europe
Daoudagh S
The GDPR is changing how Personal Data should be processed. It states, in Art. 5.1(f), that "[data] should be processed in a manner that ensures appropriate security of the personal data [...], using appropriate technical or organizational measures (integrity and confidentiality)". We identify in the Access Control (AC) systems such a measure. Indeed, AC is the mechanism used to restrict access to data or systems according to Access Control Policies (ACPs), i.e., a set of rules that specify who has access to which resources and under which circumstances. In our view, the ACPs, when suitably enriched with attributes, elements and rules extracted from the GDPR provisions, can suitably specify the regulations and the AC systems can assure a by-design lawfully compliance with the privacy preserving rules. Vulnerabilities, threats, inaccuracies and misinterpretations that occur during the process of ACPs specification and AC systems implementation may have serious consequences for the security of personal data (security perspective) and for the lawfulness of the data processing (legal perspective). For mitigating these risks, this thesis provides a systematic process for automatically deriving, testing and enforcing ACPs and AC systems in line with the GDPR. Its data protection by-design solution promotes the adoption of AC systems ruled by policies systematically designed for expressing the GDPR's provisions. Specifically, the main contributions of this thesis are: (1) the definition of an Access Control Development Life Cycle for analyzing, designing, implementing and testing AC mechanisms (systems and policies) able to guarantee the compliance with the GDPR; (2) the realization of a reference architecture allowing the automatic application of the proposed Life Cycle; and (3) the use of the thesis proposal within five application examples highlighting the flexibility and feasibility of the proposal.Project(s): COVR
, BIECO , CyberSec4Europe
See at:
etd.adm.unipi.it | CNR IRIS | CNR IRIS
2021
Journal article
Open Access
Data protection by design in the context of smart cities: a consent and access control proposal
Daoudagh S, Marchetti E, Savarino V, Bernal Bernabe J, Garcia Rodriguez J, Torres Moreno R, Martinez Ja, Skarmeta Af
The growing availability of mobile devices has lead to an arising development of smart cities services that share a huge amount of (personal) information and data. Without accurate and verified management, they could become severe back-doors for security and privacy. In this paper, we propose a smart city infrastructure able to integrate a distributed privacy-preserving identity management solution based on attribute-based credentials (p-ABC), a user-centric Consent Manager, and a GDPR-based Access Control mechanism so as to guarantee the enforcement of the GDPR's provisions. Thus, the infrastructure supports the definition of specific purpose, collection of data, regulation of access to personal data, and users' consents, while ensuring selective and minimal disclosure of personal information as well as user's unlinkability across service and identity providers. The proposal has been implemented, integrated, and evaluated in a fully-fledged environment consisting of MiMurcia, the Smart City project for the city of Murcia, CaPe, an industrial consent management system, and GENERAL_D, an academic GDPR-based access control system, showing the feasibility.Source: SENSORS (BASEL), vol. 21
DOI: 10.3390/s21217154
Project(s): CyberSec4Europe
Metrics:
Daoudagh S, Marchetti E, Savarino V, Bernal Bernabe J, Garcia Rodriguez J, Torres Moreno R, Martinez Ja, Skarmeta Af
The growing availability of mobile devices has lead to an arising development of smart cities services that share a huge amount of (personal) information and data. Without accurate and verified management, they could become severe back-doors for security and privacy. In this paper, we propose a smart city infrastructure able to integrate a distributed privacy-preserving identity management solution based on attribute-based credentials (p-ABC), a user-centric Consent Manager, and a GDPR-based Access Control mechanism so as to guarantee the enforcement of the GDPR's provisions. Thus, the infrastructure supports the definition of specific purpose, collection of data, regulation of access to personal data, and users' consents, while ensuring selective and minimal disclosure of personal information as well as user's unlinkability across service and identity providers. The proposal has been implemented, integrated, and evaluated in a fully-fledged environment consisting of MiMurcia, the Smart City project for the city of Murcia, CaPe, an industrial consent management system, and GENERAL_D, an academic GDPR-based access control system, showing the feasibility.Source: SENSORS (BASEL), vol. 21
DOI: 10.3390/s21217154
Project(s): CyberSec4Europe
Metrics:
See at:
Sensors | CNR IRIS | ISTI Repository | Sensors | Sensors | CNR IRIS
2021
Conference article
Restricted
BIECO runtime auditing framework
Calabrò A., Cioroaica E., Daoudagh S., Marchetti E.
Context: Within digital ecosystems avoiding the propagation of security and trust violations among interconnected parties is a mandatory requirement, especially when a new device, a software component, or a system component is integrated within the ecosystem. Objective: The aim is to define an auditing framework able to assess and evaluate the specific functional and non-functional properties of the ecosystems and their components. Method: In this paper, we present the concept of predictive simulation and runtime monitoring for detecting malicious behavior of ecosystem components. Results and Conclusion: We defined a reference architecture allowing the automation of the auditing process for the runtime behavior verification of ecosystems and their components. Validation of the proposal with real use-cases is part of the future BIECO's activities.Source: ADVANCES IN INTELLIGENT SYSTEMS AND COMPUTING, pp. 181-191. Bilbao, Spain, 22-24/09/2021
DOI: 10.1007/978-3-030-87872-6_18
Project(s): BIECO
Metrics:
Calabrò A., Cioroaica E., Daoudagh S., Marchetti E.
Context: Within digital ecosystems avoiding the propagation of security and trust violations among interconnected parties is a mandatory requirement, especially when a new device, a software component, or a system component is integrated within the ecosystem. Objective: The aim is to define an auditing framework able to assess and evaluate the specific functional and non-functional properties of the ecosystems and their components. Method: In this paper, we present the concept of predictive simulation and runtime monitoring for detecting malicious behavior of ecosystem components. Results and Conclusion: We defined a reference architecture allowing the automation of the auditing process for the runtime behavior verification of ecosystems and their components. Validation of the proposal with real use-cases is part of the future BIECO's activities.Source: ADVANCES IN INTELLIGENT SYSTEMS AND COMPUTING, pp. 181-191. Bilbao, Spain, 22-24/09/2021
DOI: 10.1007/978-3-030-87872-6_18
Project(s): BIECO
Metrics:
See at:
CNR IRIS | CNR IRIS | link.springer.com | link.springer.com