Risorse
Aree/Progetti collegati
Membri
-
PROGETTI PRECEDENTI
- Automating FMECA for aircraft systems (AUTAS)
- Customer-Adaptive Web Interface for the Configuration of Products and Services (CAWICOMS)
- Digital TV: Ontologies and semantic proximity
- FOndazioni Logiche di LInguaggi Astratti di Programmazione (FOLLIA) --- PRIN2004
- I fondamenti cognitivi per la creazione del diritto [Cognitive basis in law] (PRIN05)
- INteractive TouRist Information GUidE (INTRIGUE)
- Knowledge-oriented technologies for enterprise aggregation in Internet (TOCAI.IT)
- Legal Taxonomy Syllabus
- Personalized Television Services
- Protecting Web Resources from Massive Automated Access
- Smart Tourist Agenda Recommender (STAR)
- Specifica e verifica di protocolli di interazione fra agenti
- User Adaptive Web-based Systems (SeTA )
- Wide-scalE, Broadband, Middleware for Network Distributed Services (WEB MINDS)
- SmartLab
- Diagnosis of complex Web Services (WS-DIAMOND)
- PeeR-to-peer beyOnd FILE Sharing (PROFILES)
- Critical UTility InfrastructurAL resilience (CRUTIAL )
- Performability-Aware Computing: Logics, Models, and Languages (PaCo)
- Intelligent Support to Retrieving Hydric Resources Data (Acqua)
- Recommendation and Discovery for Personal Video Recorder (RD-PVR)
- BioBITs: Developing white and green biotechnologies by converging platforms from biology and information technology towards metagenomics
- myMed
- Formal Verification of Object-Oriented Software (COST Action IC0701)
- DISCO (Distribution, Interaction, Specification, Composition for Object Systems)
- IPODS
- LCaTfOOPC: Language constructs and type systems for object oriented program components
- MeCTAFI: Constructive Methods in Topology, Algebra and Foundations of Computer Science
Ricerca: dettaglio
Protecting Web Resources from Massive Automated Access
Membri: Attivit?The goal of this project is to define effective solutions to prevent massive access to web contents from automated programs, which often represent a threat to security and data integrity of Web application and online services. The research activity was supported by the PRIN 2006 project and allowed to develop a novel system for content protection, which exploits the properties of picture-based CAPTCHAs. It has been applied with success to the context of Internet polls security and generic Web resources. Preventing massive automated access to Web resources Automated web tools are used to achieve a wide range of different tasks, some of which are legal activities, whilst others are considered attacks to the security and data integrity of online services. For this reason, effective solutions to counter the threat represented by such programs are required. We have studied the problem of massive automated access to web resources and we have developed MosaHIP, a Mosaic-based Human Interactive Proof (HIP, also known as CAPTCHA). Properties of the proposed solution grant an improved security over usual text-based and picture-based HIPs, whereas the user-friendliness of the system alleviates the user from the discomfort of typing any text before accessing to a web content. Avoiding massive automated voting in Internet polls We have investigated the security of Polls in an open Internet scenario, where (1) clients cannot be customized or initialized in any way, (2) remote networks have arbitrary architectures including possible proxies and NAT, and (3) it is practically impossible to distribute tokens or passwords. Another requirement is that IP locking cannot be used, because it prevents a large number of legal votes. We have developed a method that is not based on IP-locking and yet is secure against automated attacks, that could massively change the result of the poll. Aree/Progetti collegati: Appartiene a: |
Dipartimento di Informatica - C.So Svizzera, 185 - 10149 Torino
Università degli Studi di Torino - Via Verdi, 8 - 10124 Torino - Centralino +39 011 6706111
P.I. 02099550010 - C.F. 80088230018 - IBAN IT07N0306909217100000046985