The Workshop & Tutorial day is organized in 7 parallel activities:

  • Stakeholder Space : 2nd Italian Workshop on CTF competitions (Capture.IT 2020)
  • 3rd Distributed Ledger Technology Workshop (DLT 2020)
  • Special Track 1 : Giornalismo e Cybersecurity
  • Special Track 2 : Framework Nazionale 2.0 & CyberReadiness.IT
  • Special Track 3: PID Marche @ ITASEC20PMI e Cybersecurity – PID Marche
  • Workshop: CRYPTANALYSIS: a key tool in securing and breaking ciphers
  • Tutorial : Deep learning-based analysis in Digital Forensics
  • Tutorial: Secure Cloud Application Development through Security Service Level Agreement

 


Stakeholder Space : 2nd Italian Workshop on CTF competitions (Capture.IT 2020)

sysma.imtlucca.it/capture-it

 

 

Presentation

The Second Italian Workshop on CTF competitions (Capture.IT 2020) aims at gathering practitioners and experts who want to share their experience about the organization of and the participation to Capture The Flag (CTF) competitions.

The purpose of the workshop is to provide a forum for exchanging opinions, presenting ideas, and lessons learned on CTF. In particular, Capture.IT aims at attracting the Italian CTF community, e.g., students, young researchers, and practitioners who are active CTF players or organizers.

Another goal is to foster the exchange of ideas and experiences in an interactive and informal atmosphere.

 

Program Chairs

Letterio Galletta (IMT Lucca)
Marina Ribaudo (Università di Genova)

 

Program Committee

Cataldo Basile (Politecnico di Torino)
Franco Callegati (Università di Bologna)
Costantina Caruso (Università di Bari)
Emilio Coppa (Università di Roma La Sapienza)
Gabriele Costa (IMT Lucca)
Gaspare Ferraro (CINI)
Emanuele Frontoni (Università Politecnica delle Marche)
Giuseppe Lettieri (Università di Pisa)
Eleonora Losiouk (Università di Padova)
Davide Maiorca (Università di Cagliari)
Mario Polino (Politecnico di Milano)
Lorenzo Veronese (Università Ca’ Foscari)

 

Location

Aula Magna

 

Schedule

8:30 – 17:00: Registration
9:30 – 11:00 : Capture.IT
11:00 – 11:30 : Coffee break
11:30 – 13:30 : Capture.IT
13:30 – 14:30 : Lunch

 

 


3rd Distributed Ledger Technology Workshop (DLT 2020)

www.dmi.unipg.it/DLTWorkshop/dlt2020.html

 

Presentation

This workshop is a forum for researchers, developers, and users to discuss issues related to Distributed Ledger Technology and its adoption in research and business scenarios. The primary goal is to foster discussion and cross-fertilisation of ideas among experts in different fields related to DLTs, and thus advance the national and international state-of-the-art. Research, applications, case studies, and experiences concerning DLT will be treated with a special focus on the privacy and security issues. The workshop will include an Invited Talk by Matteo Maffei (University of Vienna): “Security and Privacy for Payment Channel Networks”, and a Tutorial by Ivan Visconti (University of Salerno): “Data Privacy in Blockchains: Theory and Practice”.

 

Organizers

Franco Chiaraluce (Marche Polytechnic University)
Leonardo Mostarda (University of Camerino)

 

Location

Aula 155/5-7

 

Schedule

8:30 – 9:30: registration
9:30 – 11:00 : 1st session
11:00 – 11:30 : coffee break
11:30 – 13:30 : 2nd session
13:30 – 14:30 : Lunch
14:30 – 17:00 : 3rd session

 

 


 

Special Track 1: Giornalismo e Cybersecurity

 

La track include un tutorial  al mattino e un workshop nel pomeriggio.

 

Tutorial: il giornalismo e la protezione delle fonti nel mondo digitale

 

 

Sorveglianza di Stato, sicurezza delle telecomunicazioni, protezione delle fonti. Questo seminario affronterà in modo pragmatico i problemi con cui i giornalisti hanno a che fare ogni giorno nello svolgimento del loro mestiere. Dagli hacker agli strumenti d’intercettazione, la stampa nazionale è continuamente esposta ai rischi di una scarsa conoscenza di chi potrebbe volerci attaccare e di quali strumenti può disporre. Per questo, durante l’incontro si esamineranno alcuni metodi di prevenzione e di analisi delle minacce, con particolare attenzione sia alle nozioni teoriche di base sia agli strumenti pratici di protezione delle nostre attività. Più di ogni cosa, è necessaria una consapevolezza generale di quali errori umani è bene evitare per fare sì che dispositivi ritenuti sicuri non si trasformino in gravi falle, che possono mettere a repentaglio un’inchiesta o la stessa identità dei propri informatori.

 

Relatori:

 

Raffaele Angius: Giornalista freelance per Repubblica, La Stampa, Wired e Agi, Raffaele Angius è specializzato nell’impiego di strumenti informatici per la protezione delle fonti e delle telecomunicazioni. Nel 2018 ha creato ItaliaLeaks, la piattaforma di Agi per la raccolta di segnalazioni anonime su corruzione e criminalità organizzata. Oggi è curatore di RegeniFiles, l’iniziativa di Repubblica in collaborazione con la famiglia Regeni dedicata alla raccolta di informazioni sulle violazioni dei diritti umani in Egitto e sull’omicidio di Giulio Regeni. Come giornalista, scrive principalmente di crimini informatici, diritti umani digitali e sorveglianza di Stato, ed è membro dell’Hermes Center for Transparency and Digital Human Rights, con il quale collabora alla diffusione di strumenti per la protezione del lavoro giornalistico e delle fonti. Social: @faffa42

 

Fabio Pietrosanti: Presidente e co-fondatore del Centro Hermes per la Trasparenza e i Diritti Umani Digitali, è attivo in diversi progetti per la diffusione di consapevolezza, strumenti e tecnologie a supporto della libertà di espressione e della trasparenza. Membro di Transparency International Italia, gestore di nodi di anonimato Tor e di pubblicazione anonima Tor2web, è fra i fondatori del progetto di Whistleblowing GlobaLeaks, oggi in uso tanto nel mondo del giornalismo, dell’attivismo quanto nella pubblica amministrazione con finalità di contrasto della corruzione. Si occupa di innovazione tecnologica, progettazione software nell’ambito del whistleblowing, della tutela della riservatezza delle informazioni e dell’anonimato digitale. Veterano del mondo dell’hacking e del software libero, ha partecipato a progetti e community quali sikurezza.org, s0ftpj, Progetto Winston Smith, Metro Olografix. Professionalmente ha avuto esperienze come network security manager, senior security advisor, imprenditore e CTO di una startup impegnata nello sviluppo di sistemi di cifratura delle telefonate cellulari.

Workshop: Startup, intelligenza artificiale, cybersecurity, big data: le parole del giornalismo

 

 

Dalle rapine cibernetiche all’impresa altamente tecnologizzata, fare informazione richiede sempre più competenze e un dizionario consono a descriverne gli effetti. Quattro esperti si alterneranno sul palco per fornire le chiavi di lettura necessarie a raccontare altrettanti temi, sempre più centrali in televisione e sui giornali. Durante il workshop i giornalisti avranno l’opportunità di affrontare il significato di termini sempre più usati – e a volte abusati – e di approfondire le direttrici che definiscono il mondo delle startup, dell’intelligenza artificiale, della cybersecurity e dei big data.

 

Relatori

 

Big Data – Donato Malerba è direttore del Dipartimento di Informatica dell’Università degli studi di Bari Aldo Moro, dove insegna “Data Mining” nella laurea magistrale in Data Science. E’ direttore del Laboratorio Nazionale CINI su Big Data. È stato membro sia del consiglio dei direttori della Big Data Value Association e sia del consiglio della Public-Private Partnership Big Data Value dell?unione Europea. La sua attività scientifica riguarda principalmente la data science (machine learning, data mining e big data analytics) e sue molteplici applicazioni. Nel 2017 è stato promotore della scuola invernale su Big Data (BigDat 2017). Fa parte dello editorial board della rivista Machine Learning, ed è associate editor delle riviste Data Mining and Knowledge Discovery, e Knowledge and Information Systems.

 

Startup – Luca Zorloni è responsabile economia e internet per Wired Italia, segue con particolare interesse i campi relativi a telecomunicazioni, politiche digitali e privacy, Cina e aziende innovative. Cronista di formazione, sviluppa per Wired anche inchieste e approfondimenti data. In passato ha lavorato al Giorno, passando dalla cronaca locale all’economia, e ha collaborato con Forbes e Business Insider Italia.

 

Intelligenza Artificiale – Giorgio Giacinto è Professore Ordinario di Ingegneria Informatica presso l’Università degli Studi di Cagliari, e dal 1995 fa parte del gruppo di ricerca sul Pattern Recognition e le sue applicazioni (PRA Lab) del Dipartimento di Ingegneria Elettrica ed Elettronica (DIEE) dell’Università di Cagliari (http://pralab.diee.unica.it). E’ coordinatore del corso di Laurea Magistrale in Computer Engineering, Cybersecurity and Artificial Intelligence. La sua attività di ricerca si svolge principalmente nell’ambito del Pattern Recognition e Machine Learning per la Cybersecurity, sviluppando strumenti per l’analisi, rilevazione e classificazione di malware (sistemi Android, documenti in formato PDF e Office), strumenti per la protezione di applicazioni web, e strumenti per l’analisi di traffico DNS. Negli ultimi anni particolare attenzione è stata posta al tema dell’adversarial learning, che studia la sicurezza degli algoritmi di machine learning.

 

Cybersecurity – Raffaele Angius Giornalista freelance per Repubblica, La Stampa, Wired e Agi, Raffaele Angius è specializzato nell’impiego di strumenti informatici per la protezione delle fonti e delle telecomunicazioni. Nel 2018 ha creato ItaliaLeaks, la piattaforma di Agi per la raccolta di segnalazioni anonime su corruzione e criminalità organizzata. Oggi è curatore di RegeniFiles, l’iniziativa di Repubblica in collaborazione con la famiglia Regeni dedicata alla raccolta di informazioni sulle violazioni dei diritti umani in Egitto e sull’omicidio di Giulio Regeni. Come giornalista, scrive principalmente di crimini informatici, diritti umani digitali e sorveglianza di Stato, ed è membro dell’Hermes Center for Transparency and Digital Human Rights, con il quale collabora alla diffusione di strumenti per la protezione del lavoro giornalistico e delle fonti. Social: @faffa42

 


 

Special Track 2 : Framework Nazionale 2.0 & CyberReadiness.IT

 

The special track includes a tutorial in the morning and a workshop in the afternoon, according to the following schedule:

 

Tutorial: National Cybersecurity & Data Protection Framework v2.0: From the basics to the advanced use

 

Tutorial outline

In the “2015 Italian Cybersecurity Report” [2] CIS Sapienza and CINI Cybersecurity National Lab proposed the National Cybersecurity Framework (Framework Nazionale per la Cybersecurity, FNCS), based on the NIST Framework for Improving Critical Infrastructure Cybersecurity [3].

FNCS expands NIST’s Framework to better adapt to the Italian landscape, extending its applicability to a wider range of organizations, ranging from market leaders and large organization to small and medium-sized enterprises. It also introduces the concept of “contextualization”, which is the way to tailor the Framework to the context of a specific organization. In 2019 a new version of the National Cybersecurity Framework has been issued, the National Cybersecurity and Data Protection Framework v 2.0 (FNCSDP) [1]

Nonetheless important aspects like data protection and data privacy were not comprehensively considered, due to a not complete view on the intersection between cybersecurity & data protection/privacy. The raising in importance of these two themes and the new steam produced by recent international regulations led the effort of producing a new version of the FNCS.

The Framework has been updated, aligning it with the new version of the NIST Framework (version 1.1) [4] and the evolved EU and Italian regulatory landscape.

Moreover, as a result of a joint work with the Italian Data Protection Authority <https://www.garanteprivacy.it>, the Framework has been further extended, encompassing data protection elements in its core, thus becoming the National Cybersecurity and Data Protection Framework (FNCSDP). Finally, a “template” for the creation of contextualizations which incorporates the EU General Data Protection Regulation (GDPR) < Regulation (EU) 2016/679> (GDPR Contextualization Template) has been proposed.

 

The tutorial will have the following structure

  • Illustration of the characteristics and advantages of the new Framework for Cybersecurity and Data Protection, highlighting changes and improvements over the previous version, and introduction of its basic concepts.
  • Discussion of the process a cybersecurity and data protection assessment in a generic organization using the framework, providing guidelines and best practices for a beginner audience.
  • Introduction and discussion of the more advanced aspects of the framework, like the modeling of a regulation or technical standard through a “Contextualization Template”, a base for the creation of a contextualization that contains general and mandatory aspects to consider and must be expanded during the actual contextualization process considering the specificity of the organization on which is applied the FNCSDP, the strategies for combining different contextualization templates into a contextualization, and the metrics for evaluating the results of the assessment.

 

Intended audience

Expected attendants encompass people belonging to the following classes:

  • Regulators, possibly interested in how the existing regulations are mapped and reported in model for managing the security and data protection governance.
  • Security governance: interested in the evolution FNCS and the new concepts captured by the new core.
  • Data Protection governance interested in the data protection concepts and processes and how they can be integrated in the already existing cyber-security governance processes.

 

Speakers Bio

Marco ANGELINI is a post-doctoral researcher in Engineering in Computer Science at University of Rome “La Sapienza”, Italy, Department of Computer, Control and Management Sciences & Engineering. He is a researcher in the Centre for Cyber-Intelligence and Security (CIS) of University of Rome “La Sapienza”, where he successfully participated the EU FP-7 project “PANOPTESEC”, providing automatic detection, management and reaction to cyber-threats for Critical Infrastructures. His main research interests include Visual analytics (the process of combining visualization of information, interaction by user and analytical computation for solving heavy computational problems) and Cyber-Security (focused on designing visual analytics solutions for cyber-defense of critical infrastructures, open-source intelligence and malware analysis).Marco Angelini is a member and coordinates research projects of the A.WA.RE (Advanced Visualization & Visual Analytics REsearch) research group at University of Rome “La Sapienza”. Marco Angelini is member of CINI Cybersecurity National Laboratory, where he coordinates national projects with the goal of strengthening the Cyber- Security status of an organization, both in public and private sectors. He is the responsible of “CyberReadiness.IT”, a project of CINI Cybersecurity National Laboratory with the goal of assessing the cybersecurity readiness of the human substrate of an organization. As a result of his activities, Dr. Marco Angelini has published more than 40 papers, including 10 peer-reviewed journal papers and 30 peer-reviewed conference papers in international journals and conferences. More about him can be found at https://sites.google.com/dis.uniroma1.it/angelini.

Claudio CICCOTELLI is a post-doctoral researcher at Sapienza University of Rome, where he is a member of the Cyber Intelligence and Information Security research center. He got his PhD in 2017, at the same University, with a thesis on practical approaches for fault detection and diagnosis in data centers. His main research interests include critical infrastructure protection and cyber-physical security (IACS/SCADA security), mobile security and dependability of complex systems.

Leonardo QUERZONI is assistant professor at Sapienza University of Rome. He got his PhD in 2007 with a thesis on efficient solutions for publish/subscribe data dissemination. His research interests range from cyber security to distributed systems and focus, in particular, on topics that include binary similarity, distributed stream processing, dependability and security in distributed systems. He authored more than 80 paper published in international scientific journals and conferences. In 2016 he co- authored the Italian National Framework for Cyber Security as member of Cyber Intelligence and Information Security research center at Sapienza University of Rome. In 2017 he got the Test of Time Award from the ACM International Conference on Distributed Event-Based Systems for the paper “TERA: topic-based event routing for peer-to-peer architectures”, published in 2007. In 2014 he was general chair for the International Conference on Principles of Distributed Systems, and in 2019 he will be program co-chair for the ACM International Conference on Distributed Event-Based Systems.

 

References

[1] CIS Sapienza and CINI Cybersecurity National Laboratory, 2018 National Cybersecurity and Data Protection Framework (version 2.0), 2019.

[2] CIS Sabienza and CINI Cybersecurity National Laboratory, 2015 Italian Cybersecurity Report – Un Framework Nazionale per la Cyber Security, 2015.

[3] NIST, Framework for Improving Critical Infrastructure Cycbersecurity (Version 1.0), 2014.

[4] NIST, Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1), 2018.

 

CyberReadiness.IT: 1st workshop on readiness and awareness in cybersecurity

 

 

Workshop topics

 

  • Cybersecurity readiness
  • Cybersecurity awareness
  • Cybersecurity training
  • Cybersecurity assessment
  • Human factors in Cybersecurity

 

Structure of the workshop

 

  • Introduction
  • Presentation of CyberReadiness.IT project and its methodology
  • Interventions/Presentations of several stakeholders
  • Presentation of initial results from the project (by several stakeholders)
  • Q&A

 

Intended audience & duration

 

Expected attendants encompass people belonging to the following classes:

  • Public regulators, for obtaining a map of the cybersecurity readiness level of their area of competence.
  • Private organizations: for assessment and improvements of the cybersecurity readiness and awareness of the human strata of their organization.
  • Security governance: interested in ways to integrate the human vulnerabilities analysis into their cybersecurity assessment procedures.
  • Training & education: for proposing training activities focused on the human side of the problem, targeting specifically readiness, awareness and cybersecurity best practices.

Chairs Bio

 

Marco Angelini is a post-doctoral researcher in Engineering in Computer Science at University of Rome “La Sapienza”, Italy, Department of Computer, Control and Management Sciences & Engineering. He is a researcher in the Centre for Cyber-Intelligence and Security (CIS) of University of Rome “La Sapienza”, where he successfully participated the EU FP-7 project “PANOPTESEC”, providing automatic detection, management and reaction to cyber-threats for Critical Infrastructures. His main research interests include Visual analytics (the process of combining visualization of information, interaction by user and analytical computation for solving heavy computational problems) and Cyber-Security (focused on designing visual analytics solutions for cyber-defense of critical infrastructures, open-source intelligence and malware analysis).Marco Angelini is a member and coordinates research projects of the A.WA.RE (Advanced Visualization & Visual Analytics REsearch) research group at University of Rome “La Sapienza”. Marco Angelini is member of CINI Cybersecurity National Laboratory, where he coordinates national projects with the goal of strengthening the Cyber- Security status of an organization, both in public and private sectors. He is the responsible of “CyberReadiness.IT”, a project of CINI Cybersecurity National Laboratory with the goal of assessing the cybersecurity readiness of the human substrate of an organization. As a result of his activities, Dr. Marco Angelini has published more than 40 papers, including 10 peer-reviewed journal papers and 30 peer-reviewed conference papers in international journals and conferences. More about him can be found at https://sites.google.com/dis.uniroma1.it/angelini.

 

Claudio Ciccotelli is a post-doctoral researcher at Sapienza University of Rome, where he is a member of the Cyber Intelligence and Information Security research center. He got his PhD in 2017, at the same University, with a thesis on practical approaches for fault detection and diagnosis in data centers. His main research interests include critical infrastructure protection and cyber-physical security (IACS/SCADA security), mobile security and dependability of complex systems.

Luigi Martino is the coordinator of the Center for Cyber Security and International Relations Studies, a specialized observatory of the CSSII at the Department of Political Science (University of Florence); Currently, Luigi is Ph.D. Candidate in Human Rights and Global Politics, School of Advanced Studies Sant’Anna, Pisa with a Research Project on “Improving Cybersecurity for Critical Infrastructure in Italy: The Public-Private Partnership Model Against Cyber Attacks”. He holds the MA in IR with a focus on the Strategic Relevance of Cyberspace and the Risks of Cyber Warfare. He is a member of the Research Advisory Group of the Global Commission on the Stability of Cyberspace. Since 2017 he is member of the Forum for Cyber Expertise, representing the Center for Cyber Security and International Relations Studies and consultant on Cyber Security for BV-Tech. Author of many publications in Italian, English and Spanish on cyber security, cyber warfare, cyber intelligence and cyber diplomacy. Luigi is member of CINI Cybersecurity National Laboratory, where he is responsible of “CyberReadiness.IT”, a project of CINI Cybersecurity National Laboratory with the goal of assessing the cybersecurity readiness of the human substrate of an organization.

 


 

Special Track 3: PID Marche @ ITASEC20

 

Presentazione

 

Una giornata dedicata alle PMI delle Marche all’interno della più importante conferenza italiana dedicata alla sicurezza informatica con 2 momenti di approfondimento sui temi della Social Media Intelligence (il mattino) e degli attuali scenari della cybersecurity e della privacy nel mondo delle PMI italiane e della PA (il pomeriggio).

Esempi applicativi, casi di studio e nuovi scenari saranno presentati da un panel di relatori che uniscono le competenze delle università e degli enti del territorio a nomi di fama nazionale e internazionale.

Co-Organizers: PID Marche, Marche Chamber of Commerce, Marche Region, Marche Polytechnic University, University of Camerino, University of Chieti-Pescara

 

Relatori

 

Giovanni Libertini

Emilio Frezza

Vicenzo Camillacci

 

 

Programma

 

 

 


Workshop: CRYPTANALYSIS: a key tool in securing and breaking ciphers

 

Programma

 

  • Massimiliano Sala – Presentazione associazione De Cifris
  • Andrea Visconti e Sergio Polese – Survey: Attacchi alle funzioni Hash
  • Stefano Barbero – Methods for rotational cryptanalysis of ARX ciphers
  • Roberto La Scala – Survey: Cifrari ed equazioni alle differenze
  • Marco Cianfriglia – High Performance Computing nella crittoanalisi
  • Giordano Santilli – Survey su attacchi alle curve ellittiche
  • Domenica Sogiorno – Una famiglia di chiavi deboli nel Bitcoin
  • Michele Elia e Nadir Murru – RSA cryptanalysis and factoring: a survey

 

Organizers

 

  • Andrea Visconti (University of Milan)
  • Marco Pedicini (University of Roma Tre)
  • Roberto La Scala (University of Bari Aldo Moro)

 

Schedule

 

  • Tue 4th 14:30 17:00

 


 

Tutorial: Deep learning-based analysis in Digital Forensics

 

Nowadays, the volume of the multimedia heterogeneous evidence presented for digital forensic analysis has significantly increased, thus requiring the application of big data technologies, cloud-based forensics services, as well as Deep Learning techniques. In digital forensics domain, Deep Neural Networks (DNN) has been applied for cybercrime investigation such as child abuse investigations, malware classification, and image forensics. This tutorial covers topics at the frontier of research on DNN models in the context of digital forensics. The goal is to explain the principles behind solving forensic problems and give practical means for engineers and researchers (whose main competences may lie elsewhere), to apply the most powerful methods that have been developed in the last years. It will be presented and practically demonstrated how to formulate and solve image classification with freely available software that will be distributed to the participants of the tutorial.

Lecturers

  • Introduction and Overview – Prof. Luca Spalazzi
  • Deep Learning for Digital Forensics: Datasets, Representation, and Tasks – Prof. Emanuele Frontoni
  • Deep Learning with Python for Image Classification – Dr. Marina Paolanti

 

Target Audience

The intended audience is academicians, graduate students and industrial researchers who are interested in the state-of-the-art deep learning techniques for information extraction and summarization in large forensics datasets. Audience with mathematical and theoretical inclination will enjoy the course as much as the audience with practical tendency.

 

Schedule

Tue 4th 14:30 17:00

 


 

 

Tutorial: Secure Cloud Application Development through Security Service Level Agreement

 

 

 

Presenter

 

Prof. Massimiliano Rak associate professor at University of Campania Luigi Vanvitelli. His scientific activity is mainly focused on the analysis and design security and performance in System Architectures. He actively participate to international research groups and was member of several EU, National and Regional funded projects, moreover, he coordinated the SPECS FP7 European project. Massimiliano Rak has published more than 150 papers in conferences, books and international journals.

 

Short Description

 

Recent software development methodologies, as DevOps or Agile, are very popular and widely used, especially for the development of cloud services and applications, they can be hardly integrated with security design and risk management methodologies. Security techniques cannot easily automated and require big economic investments, due to the necessity of security experts in the development team and to the lack of automatic tools to evaluate risk and to assess security in the design and operation phases. This Tutorial aims at illustrating the techniques and tools developed in the context of SPECS and MUSA European projects that support the development of cloud application through a novel Security-by-Design methodology based on Security Service Level Agreements (SLAs). The technique illustrated in the tutorial will cover (semi-) automated risk analysis, Security assessment and security SLA evaluation. During the tutorial a simple and practical example of cloud application will be illustrated and developed. Participants will be invited to contribute to the development and check and use the tools.

 

Structure of the tutorial

 

The tutorial consists in 6 blocks of 30 minutes, 3 of them with oral speechs and 3 of them with hands on the tools.

  • Module 1 (speech): security SLA Model and Concepts
  • Module 2 (hands on): Security SLA Evaluation and security SLA of existing CSPs
  • Module 3 (speech): SLA-based Security-by-Design Development Process
  • Module 4 (hands on): Application Model and Automated Risk Analysis
  • Module 5 (speech): Security Assessment procedure
  • Module 6 (hands on): Security Assessment of a simple cloud application

 

Intended Audience

 

The target audience should have basic security competences. Competences on cloud technologies are welcome.

 

Schedule

Tue 4th 14:00 17:00 – Aula 155/4

X