Damiano Di Francesco Maesa

Bio: Damiano Di Francesco Maesa is an academic researcher from University of Cambridge. The author has contributed to research in topics: Blockchain & Cryptocurrency. The author has an hindex of 10, co-authored 23 publications receiving 587 citations. Previous affiliations of Damiano Di Francesco Maesa include University of Pisa.

Blockchain Based Access Control

Abstract: Access Control systems are used in computer security to regulate the access to critical or valuable resources The rights of subjects to access such resources are typically expressed through access control policies, which are evaluated at access request time against the current access context This paper proposes a new approach based on blockchain technology to publish the policies expressing the right to access a resource and to allow the distributed transfer of such right among users In our proposed protocol the policies and the rights exchanges are publicly visible on the blockchain, consequently any user can know at any time the policy paired with a resource and the subjects who currently have the rights to access the resource This solution allows distributed auditability, preventing a party from fraudulently denying the rights granted by an enforceable policy We also show a possible working implementation based on XACML policies, deployed on the Bitcoin blockchain

Data-driven analysis of Bitcoin properties: exploiting the users graph

Abstract: Data analytic has recently enabled the uncovering of interesting properties of several complex networks. Among these, it is worth considering the bitcoin blockchain, because of its peculiar characteristic of reflecting a niche, but also a real economy whose transactions are publicly available. In this paper, we present the analyses we have performed on the users graph inferred from the bitcoin blockchain, dumped in December 2015, so after the occurrence of the exponential explosion in the number of transactions. We first present the analysis assessing classical graph properties like densification, distance analysis, degree distribution, clustering coefficient and several centrality measures. Then, we analyse properties strictly tied to the nature of bitcoin, like rich-get-richer property, which measures the concentration of richness in the network.

Uncovering the Bitcoin Blockchain: An Analysis of the Full Users Graph

Abstract: BITCOIN is a novel decentralized cryptocurrency system which has recently received a great attention from a wider audience. An interesting and unique feature of this system is that the complete list of all the transactions occurred from its inception is publicly available. This enables the investigation of funds movements to uncover interesting properties of the BITCOIN economy. In this paper we present a set of analyses of the user graph, i.e. the graph obtained by an heuristic clustering of the graph of BITCOIN transactions. Our analyses consider an up-to-date BITCOIN blockchain, as in December 2015, after the exponential explosion of the number of transactions occurred in the last two years. The set of analyses we defined includes, among others, the analysis of the time evolution of BITCOIN network, the verification of the "rich get richer" conjecture and the detection of the nodes which are critical for the network connectivity.

A Survey on Security and Privacy Issues of Bitcoin

Abstract: Bitcoin is a popular cryptocurrency that records all transactions in a distributed append-only public ledger called blockchain . The security of Bitcoin heavily relies on the incentive-compatible proof-of-work (PoW) based distributed consensus protocol, which is run by the network nodes called miners . In exchange for the incentive, the miners are expected to maintain the blockchain honestly. Since its launch in 2009, Bitcoin economy has grown at an enormous rate, and it is now worth about 150 billions of dollars. This exponential growth in the market value of bitcoins motivate adversaries to exploit weaknesses for profit, and researchers to discover new vulnerabilities in the system, propose countermeasures, and predict upcoming trends. In this paper, we present a systematic survey that covers the security and privacy aspects of Bitcoin. We start by giving an overview of the Bitcoin system and its major components along with their functionality and interactions within the system. We review the existing vulnerabilities in Bitcoin and its major underlying technologies such as blockchain and PoW-based consensus protocol. These vulnerabilities lead to the execution of various security threats to the standard functionality of Bitcoin. We then investigate the feasibility and robustness of the state-of-the-art security solutions. Additionally, we discuss the current anonymity considerations in Bitcoin and the privacy-related threats to Bitcoin users along with the analysis of the existing privacy-preserving solutions. Finally, we summarize the critical open challenges, and we suggest directions for future research towards provisioning stringent security and privacy solutions for Bitcoin.

A Blockchain Research Framework

Abstract: While blockchain technology is commonly considered potentially disruptive in various regards, there is a lack of understanding where and how blockchain technology is effectively applicable and where it has mentionable practical effects. This issue has given rise to critical voices that judge the technology as over-hyped. Against this backdrop, this study adapts an established research framework to structure the insights of the current body of research on blockchain technology, outline the present research scope as well as disregarded topics, and sketch out multidisciplinary research approaches. The framework differentiates three groups of activities (design and features, measurement and value, management and organization) at four levels of analysis (users and society, intermediaries, platforms, firms and industry). The review shows that research has predominantly focused on technological questions of design and features, while neglecting application, value creation, and governance. In order to foster substantial blockchain research that addresses meaningful questions, this study identifies several avenues for future studies. Given the breadth of open questions, it shows where research can benefit from multidisciplinary collaborations and presents data sources as starting points for empirical investigations.

Smart Contract-Based Access Control for the Internet of Things

Abstract: This paper investigates a critical access control issue in the Internet of Things (IoT). In particular, we propose a smart contract-based framework, which consists of multiple access control contracts (ACCs), one judge contract (JC), and one register contract (RC), to achieve distributed and trustworthy access control for IoT systems. Each ACC provides one access control method for a subject-object pair, and implements both static access right validation based on predefined policies and dynamic access right validation by checking the behavior of the subject. The JC implements a misbehavior-judging method to facilitate the dynamic validation of the ACCs by receiving misbehavior reports from the ACCs, judging the misbehavior and returning the corresponding penalty. The RC registers the information of the access control and misbehavior-judging methods as well as their smart contracts, and also provides functions (e.g., register, update, and delete) to manage these methods. To demonstrate the application of the framework, we provide a case study in an IoT system with one desktop computer, one laptop and two Raspberry Pi single-board computers, where the ACCs, JC, and RC are implemented based on the Ethereum smart contract platform to achieve the access control.