Catalogo dei prodotti della ricerca

Federated data spaces allow organizations to share and control their own data across various domains, but their exposure to cyber attacks has increased due to a surge in newly discovered vulnerabilities. Existing solutions to secure them focus on messaging protocol protection (e.g., using cryptographic means), but this is not sufficient. Attackers may exploit additional vulnerabilities to cause significant issues (e.g., disrupting the availability of services). To this end, we propose SHIELD, a security-by-design approach for federated data spaces, which leverages attack graphs and trust computation to mitigate the risks of cyber attacks. Mitigation is accomplished by proactively assessing the data spaces' weaknesses and implementing security messaging measures to prevent detrimental attacks. A prototype implementation of SHIELD using publish/subscribe as a messaging mechanism is experimentally evaluated over a real architecture in a V2X (Vehicle-to-Everything) scenario.

SHIELD: Assessing Security-by-Design in Federated Data Spaces Using Attack Graphs / Palma, Alessandro; Papadakis, Nikolaos; Bouloukakis, Georgios; Garcia-Alfaro, Joaquin; Sospetti, Mattia; Magoutis, Kostas. - (2025), pp. 480-489. ( ACM/SIGAPP Symposium on Applied Computing Catania, Italy ) [10.1145/3672608.3707797].

SHIELD: Assessing Security-by-Design in Federated Data Spaces Using Attack Graphs

Alessandro Palma
Primo
;
2025

Abstract

Federated data spaces allow organizations to share and control their own data across various domains, but their exposure to cyber attacks has increased due to a surge in newly discovered vulnerabilities. Existing solutions to secure them focus on messaging protocol protection (e.g., using cryptographic means), but this is not sufficient. Attackers may exploit additional vulnerabilities to cause significant issues (e.g., disrupting the availability of services). To this end, we propose SHIELD, a security-by-design approach for federated data spaces, which leverages attack graphs and trust computation to mitigate the risks of cyber attacks. Mitigation is accomplished by proactively assessing the data spaces' weaknesses and implementing security messaging measures to prevent detrimental attacks. A prototype implementation of SHIELD using publish/subscribe as a messaging mechanism is experimentally evaluated over a real architecture in a V2X (Vehicle-to-Everything) scenario.
2025
ACM/SIGAPP Symposium on Applied Computing
Federated data spaces; Security by design; Attack Graph; Trust management
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
SHIELD: Assessing Security-by-Design in Federated Data Spaces Using Attack Graphs / Palma, Alessandro; Papadakis, Nikolaos; Bouloukakis, Georgios; Garcia-Alfaro, Joaquin; Sospetti, Mattia; Magoutis, Kostas. - (2025), pp. 480-489. ( ACM/SIGAPP Symposium on Applied Computing Catania, Italy ) [10.1145/3672608.3707797].
File allegati a questo prodotto
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1740426
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? 1
social impact