SSD INF/01 – Informatics
Research interest Anna Lisa’s research covers both theoretical and practical aspects of information security with particular emphasis on design, analysis, and enforcement of access control systems. In particular, Anna Lisa has extensively studied the problem of cryptographically enforcing multilevel access control policies. This line of research complements existing approaches and has led to the first key assignment scheme that is simultaneously practical, provably-secure and expressive enough to handle temporal constraints. Anna Lisa has also investigated how to employ attribute-based encryption and signature schemes to design cryptographic enforcement of role-based access control (RBAC) systems enforcing read/write accesses. This system is also proved to preserve privacy properties.

In another line of research Anna Lisa has led the development of state-of-the-art solutions for the security analysis of administrative RBAC systems. Such techniques can be effectively extended for reasoning about administrative models with extra constraints (e.g., temporal, spatial, attribute-based constraints).

Keywords

Access control, applied crypto, formal methods for security