Daniel R. dos Santos, PhD | Email | LinkedIn


  1. A Matter of Life and Death: Analyzing the Security of Healthcare Networks [IFIP SEC 2020]
  2. Security and Privacy in Smart Grids: Challenges, Solutions and Opportunities [ICISSP 2020]
  3. Leveraging Operational Technology and the Internet of Things to Attack Smart Buildings [arXiv 2019]
  4. Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks [DIMVA 2019]
  5. Leveraging Semantics for Actionable Intrusion Detection in Building Automation Systems [CRITIS 2018]
  6. Solving Multi-Objective Workflow Satisfiability Problems with Optimization Modulo Theories Techniques [SACMAT 2018]
  7. From System Specification to Anomaly Detection (and back) [CPS-SPC 2017 (co-located with CCS)]
  8. TestREx: a Framework for Repeatable Exploits [STTT]
  9. A Survey on Workflow Satisfiability, Resiliency, and Related Problems [arXiv]
  10. On Run-time Enforcement of Authorization Constraints in Security-Sensitive Business Processes [SEFM 2017]
  11. Automatically Finding Execution Scenarios to Deploy Security-Sensitive Workflows [JCS]
  12. Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications [CODASPY 2017]
  13. A Framework and Risk Assessment Approaches for Risk-based Access Control in the Cloud [JNCA]
  14. Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem: Scalability and Reusability [SACMAT 2016]
  15. Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-sensitive Business Processes [TACAS 2016]
  16. Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios [DBSec 2015]
  17. Automated Synthesis of Run-time Monitors to Enforce Authorization Policies in Business Processes [ASIACCS 2015]
  18. TestRex: a Testbed for Repeatable Exploits [CSET 2014 (co-located with USENIX Security)]
  19. Current Issues in Cloud Computing Security and Management [SECURWARE 2014]
  20. A dynamic risk-based access control architecture for cloud computing [NOMS 2014]
  21. Operation, Management, Security and Sustainability for Cloud Computing [FSMA]
  22. A Cyclical Evaluation Model of Information Security Maturity [IMCS]
  23. An Architecture for Risk Analysis in Cloud [ICNS 2014]
  24. Privacy-preserving identity federations in the cloud: a proof of concept [IJSN]
  25. Risk-based Dynamic Access Control for a Highly Scalable Cloud Federation [SECURWARE 2013]
  26. Challenges of Operationalizing PACS on Cloud Over Wireless Networks [ICWMC 2013]
  27. A Review of PACS on Cloud for Archiving Secure Medical Images [IJPHIM]
  28. A Validation Model of Data Input for Web Services [ICN 2013]
  29. Multi-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth [ICN 2012]
  30. Uma aplicacao de privacidade no gerenciamento de identidades em nuvem com uApprove [WTICG 2011 (co-located with SBSEG)]


  1. Secure and Compliant Execution of Processes
  2. Multi-context Exploit Test Management