Theo Tryfonas

Giovanni Rigazzi, Andrea Tassi, Robert J. Piechocki et al.

The successful deployment of safe and trustworthy Connected and Autonomous Vehicles (CAVs) will highly depend on the ability to devise robust and effective security solutions to resist sophisticated cyber attacks and patch up critical vulnerabilities. Pseudonym Public Key Infrastructure (PPKI) is a promising approach to secure vehicular networks as well as ensure data and location privacy, concealing the vehicles' real identities. Nevertheless, pseudonym distribution and management affect PPKI scalability due to the significant number of digital certificates required by a single vehicle. In this paper, we focus on the certificate revocation process and propose a versatile and low-complexity framework to facilitate the distribution of the Certificate Revocation Lists (CRL) issued by the Certification Authority (CA). CRL compression is achieved through optimized Bloom filters, which guarantee a considerable overhead reduction with a configurable rate of false positives. Our results show that the distribution of compressed CRLs can significantly enhance the system scalability without increasing the complexity of the revocation process.

Fatmah Bamashmoos, Ian Holyer, Theo Tryfonas et al.

The Semantic Web (SW) is a significant advancement in the field of Internet technologies and an uncharted territory as far as security is concerned. In this paper we investigate and assess the impact of known attacks of SPARQL/SPARUL injections on Semantic Web applications developed in PHP. We highlight future challenges of developing robust Semantic Web applications using PHP. Our results demonstrate and quantify impacts on Confidentiality, Integrity and Availability (CIA) breaches of data in Semantic Web applications. Our recommendations are targeted to PHP developers, to encourage them to integrate security as early in their design and coding practice as possible.