Research & Development – Security
The Research & Development unit, in the Security sector, is working on “Spidasec – SPID Advanced Security”, which won a “POR CALABRIA FESR-FSE 2014-2020” loan.
Spidasec is a system which aims to improve the security of SPID. SPID allows users and companies to login to the online services of public administration and companies undertakings with a unique digital identity using different devices. Besides, Spidasec aims to improve the “trust” between the parties involved.
In this adventure Consulthink is not alone, its partners are the University of Calabria, the companies Catenate and Coremuniti, the “Istituto di Calcolo e Reti ad Alte Prestazioni del Consiglio Nazionale delle Ricerche (ICAR-CNR)” and also Poste Italiane.
Then, the objective of Spidasec is to improve the security side of SPID, the public Italian system of digital identity. SPID wishes to simplify the relationship between citizens and services offered by the public administration. Thanks to SPID, every user has his own digital identity and he can login to the online services of public administration and companies that have joined SPID. The advantage of digital identity is that people will not remember and use many passwords and usernames to access the various services, they will just remember those of their digital identity.
To obtain the digital identity, the user must demand it to one of the 8 currently accredited providers, between them there is also Poste Italiane S.p.A. The provider verifies user’s identity and releases him his credentials.
SPID system has many advantages both for the user and for the service provider. In fact, the user can access numerous online services with unique identification credentials; the service provider, instead, will not have to conduct a census of the users, it will only get the user data which is strictly necessary to complete that specific transaction, it will not have any burden related to the conservation of personal data and will not have to worry about possible cyberattacks for the theft of credentials. In addition, Service Providers will have profiles with a sure identity, eliminating the so-called “false profiles”, and univocal, eliminating duplicates.
Which are Spidasec goals? SPID has some limits, especially on the security side and Spidasec desires overcome them. In SPID identity theft is simple due to the mechanism used to identify the user. In fact, by exhibiting a false document, a citizen can get all the information and services of other citizen. For this reason, Spidasec introduces “Social Trust” algorithms to deal with this vulnerability. These systems can use open sources, such as social channels. The collected data may contain information concerning the user to identify, such as images and position. By correlating this information, a level of trust can be obtained on the identity of the user. Using concepts of Trust and Reputation it is possible to define appropriate security policies based on increasing levels of risk.
Two other security problems concern the use of SAML (Security Assertion Markup Language) and the certificates of SSL protocol. Regarding the use of SAML, the protocol makes assertions and once these are verified, it does not repeat the control for some time. The problem is that if a browser is infected, improper requests could start from the browser and these requests would be equally satisfied. Regarding the use of certificates in the SSL protocol, instead, these may be outdated or badly configured, in this way the security of data transmission is not guarantee.
Another objective of Spidasec is promote the diffusion of the service: few public administrations use SPID and few private companies offer their services online. Currently the online services that public administrations offer are: payments of Tasi and car tax, health services, INPS file, redemption of the degree, application for family allowances, payment via web of regional taxes and of school canteen. However, this integration and communication in a single environment is not simple and can lead to a mediocre usability of the platform. Therefore, Spidasec is the solution to the limits of SPID!
For more information about the project, you can visit the Italian Spidasec website.
In the picture, Spidasec logo.
In the first quarter of 2018, SPID has more than 2 million digital identities released and over 4,000 active public administrations. Despite the obligation for public administrations to join SPID by the end of 2017, few of them have chosen it as the only way of identification and they are those that had not other identification systems, while the others public administrations prefer to continue to propose the “traditional” methods already used. Investing in SPID, however, is crucial: in the coming years, this identification system will become increasingly used thanks to the work that Consulthink is pursuing with Spidasec.
Technical components of the platform
– infrastructure for access to services through SPID in the University of Calabria;
– a component for the integration and management of different data sources (service access logs, open data, system monitoring data and others);
– analytical module that interfaces with the data management component and allows to apply algorithms for user profiling and scoring of actions and accesses;
– dashboards to evaluate the level of security of the platforms and services distributed by service providers and the warning, in case of the discovery of unknown threats and vulnerabilities, of the need to implement appropriate re-entry plans and countermeasures;
– near real-time module to identify and monitor anomalies in the use of SPID system;
– use of machine learning algorithms: these algorithms will allow to implement effective user protection strategies to detect new forms of attack in order to provide a reliable and secure system which responds to the different needs of the citizen towards the public administration.
Trust & Reputation
The different services with which the user interacts daily are considered as entities that grant him a certain degree of “trust”. Based on this value, it will be possible to calculate the reputation of the user who operats in the system and to adopt effective control and monitoring strategies. The reputation value calculated by machine learning algorithms integrated into the platform could be exploited from different points of view:
– to define appropriate security policies with different levels of risk;
– to update the trust value of the services integrated into the platform;
– for the calculation of indicators related to the correct use of the platform.
Recognition of individuals
To recognize an individual, there are various methods in literature:
– correspondence of name, surname, date and place of birth, tax code;
– fingerprint analysis;
– retinal scan;
– use of usernames and passwords;
– facial recognition;
– analysis of data and behavior of individuals.
The latter is the method that Spidasec wants to use because in this way it will be possible to recognize an individual based on the actions he performs daily. Naturally this solution is not free from problems such as data acquisition and storage, the variety and dispersion of data to analyze and the variation in user behavior over time.
The project is divided into 6 work packages (WP), 4 of industrial research and 2 of experimental development.
WP1 analyzes the level of criticality and security of the services based on digital identity (identification of cases of use and analysis of security issues). The purpose of WP1 is the collection of standards, national and international norms, policies, corporate guidelines applicable to digital identity services; the reorganization of them based on thematic groups (for example governance, procedures, technical controls); the creation of a “meta-standard” that uniforms the security/compliance requirements of the various regulations and company guidelines; the analysis of current digital identity services (AS-IS), both existing and experimental. Furthermore, by analyzing the problems of each single current scenario, it will be possible to devise what could be the characteristics and problems of future scenarios in which innovative solutions could be applied in the Identity Cooperation or Social Identity.
Logical-functional requirements are analyzed and modules for the collection, analysis and processing of data are designed. These modules are integrated into the SPID infrastructure.
Metrics, from a point of view of computational automatism, are collected and analyzed. Later, these metrics can be used to identify the technologies used for the development of the web application which is the object of the analysis. Successively, the collection activity will give a great benefit to the analysis of the known vulnerabilities with respect to the technology used. WP2 will also allow to design the most suitable technological architecture for the working framework. Furthermore, basic behaviors in the use of the web application will be analyzed in order to successively switch them to threshold elements for the identification of any anomalous uses of the web application. All this will raise the level of security of SPID.
Machine Learning and Data Analytics techniques are defined to analyze the risks of the entities involved in the SPID infrastructure and the improper uses of the infrastructure.
Information regarding the entities of the SPID platform are integrated, aggregated and combined. In the dataset that will be produced, there must be: behaviors not previously recognizable to the user, institutional open data or data collected from the web (such as social data, blogs and Google Analytics). Data Analytics techniques are defined to identify the main risk profiles of users and of all entities involved in the SPID platform. It will be possible to divide users into various profiles according to their characteristics and their behavior. The goal is to easily identify anomalous behaviors in the use of the platform to intervene promptly.
The research activity to identify the algorithms useful for user profiling is a very delicate task since the algorithms must be able to work even in the conditions in which the information about the users has missing data, a frequent situation.
Study of SPID integration models in university services and use case definition.
The information systems of the University of Calabria with reference to the current authentication and authorization mechanisms, become the experimentation environment for the techniques and algorithms of the workpackages activities.
Models of integrated credential management will be studied. These models will be added to the current procedures of user authentication of UNICAL systems with the respective public digital identities based on SPID.
Besides, it will be ascertained that what has been achieved during these activities is coherent with the previsions of the “Agenda Digitale AGID” (Digital Agenda).
Regarding the methodologies used, techniques to analyze the requirements (to understand the needs of end users), reverse engineering (for the functioning of legacy systems), methodologies of design, development and release based on the method of continuous development and delivery (DevOps) will be used.
For improper uses of digital identity, software for near real time detection will be designed.
This software will be available in “as a service” mode for an easier integration and usability of the service. The purpose is to ensure the correct use of the services distributed, identifying in time the possible anomalies to block or report them immediately to business analysts. WP5 also includes the creation of documentation material of the product, both illustrative and informative to be delivered to business analysts.
The software product will be developed with Agile methodology strongly oriented to Test Driven Development (TDD). This approach guarantees a continuous feedback of the actors involved and the limitation of regression bugs. A series of simple interrogable APIs will be produced to maximize the reusability of the code and minimize its duplication.
Creation of a software system for the automatic verification of potential vulnerabilities of the IT platforms involved in the distribution of SPID services.
The tests made by the software will be extended to different fields: web applications, web servers, applications and/or servers connected to this. The final aim of the product is the security of critical infrastructures, identifying in time the possible flaws of the system and ensuring data availability, integrity and confidentiality.
The product, developed following Agile methodology, follows the principles of the Test Driven Development model, the cornerstone of the eXtreme Programming methodology. United and integration tests will have a particular importance to reduce the effort related to bug fixing and to facilitate acceptance tests.
The software product will be created by dividing it into several application modules that can be installed separately on different virtual containers in order to maximize their scalability.
Consulthink partners for Spidasec: the University of Calabria
The University of Calabria will distribute Athens services to students and teachers using SPID.
The University of Calabria has always been a promoter of innovation thanks to the technological transfer of research results and collaboration with other public and private organizations, both national and international.
Consulthink partners for Spidasec: Catenate
Catenate focuses on the design and implementation of information technology solutions. It is specialized in middleware platforms, IT architectures such as Services Oriented Architecture (Soa) and analytical business solution. Its solutions can be used in many sectors: telecommunications, motoring, finance, energy and public administration. It is the largest partner of TIBCO Software Inc. In recent years, Catenate has specialized in machine learning and Big Data processing.
Consulthink partners for Spidasec: Coremuniti
The name of Coremuniti is linked with Mozaiko platform, a platform for sharing computing resources. It is simple to use, safe and fast and allows who works on 3D rendering sector to save money, time and energy if they need a large and low-cost computational resources. The goal is to create a peer-to-peer network where nodes can decide how much resources to share. Mozaiko finds its ideal habitat in the 3d scene rendering sector. In fact, in this sector, users’ computers are generally busy for several hours or days.
Consulthink partners for Spidasec: the “Istituto di Calcolo e Reti ad Alte Prestazioni del Consiglio Nazionale delle Ricerche (ICAR-CNR)”
The research activities of the ICAR-CNR are related to 5 macro-areas (Cognitive Systems, Distributed Systems, IoT, Knowledge and Data, Bioinformatics). The results of research activities carried out are the subject of scientific dissemination, through the publication in international journals and the participation in national and international conferences and workshops. The themes of innovative and complex research range from cognitive systems, to robotics, to human-computer interaction, to cloud computing, to parallel and distributed computing environments and to advanced Internet technologies. Besides, the “Istituto di Calcolo” is the promoter of many successful start-ups. For Spidasec, ICAR-CNR uses its Data Analytics solutions to ensure users’ safety and to prevent and detect threats to digital privacy and identity.
Just like 2017 when Consulthink won the award in the category: “Eccellenza dell’Anno – Innovazione – Servizi ICT & Big Data” (“Excellence of the Year – Innovation – ICT Services & Big Data”), we have once again been selected by Le Fonti Awards and have won the award as “Impresa dell’anno – Innovazione – Cybersecurity” […]... Continue Reading
On 28 September 2019 RomHack returns, the free event regarding IT security in Rome, at the Link Campus University (Via del Casale di San Pio V, 44). RomHack 2019 is organized, like the previous editions, by the association Cyber Sayan, whose goal is to raise awareness of and explore topics regarding cyber security and ethical […]... Continue Reading
What does an IT security expert do? This question is so general that it is like asking a specialist doctor what they do without knowing their specialization. The right answer is: it depends on the situations. If we talk about the doctor’s specializations, he or she will have more than one, but all doctors have travelled a common […]... Continue Reading
When we talk about computer networks, we need to focus on two fundamental aspects: architectures: peer-to-peer and client-server; extensions. Peer-to-peer networks and client-server networks The architecture of the network represents the structure with which the functions of the network are organized and positioned. The peer-to-peer architecture ( P2P) provides that the devices it contains do not have a specified hierarchy, but they are equivalent to each other and have all the same functionalities. This means that the […]... Continue Reading
The topic of antivirus for Android is particularly hot today. Android is an operating system derived from Linux, very stable and well organized. Let’s immediately destroy one of the most widespread myths on the internet: viruses for Android (at the root of Linux) exist, are as damaging as those written for Windows systems and therefore antivirus for Android is needed! For many years, Windows was the […]... Continue Reading
Last week we analyzed the typologies of computer networks, this week, we will look deeper their topologies. In fact, there are different ones. In addition to considering the definition of each topology, we will also look at the advantages and disadvantages of each one. The topology of a computer network is the geometric arrangement of […]... Continue Reading
Computer networks are, fundamentally, sets of interconnected electronic devices, which communicate with each other to exchange information for visualization, storage and processing. Types of computer networks: classifications The most representative computer network in the world is the internet. The Internet is characterized by a strong heterogeneity of communication protocols and user devices (for example […]... Continue Reading
Internet of Things (IoT) is a trend that continues to march on. For this reason, companies must invest in the Internet of Things, as reiterated by Nick Jones, Gartner’s vice president: “CEO’s who master innovative IoT trends have the opportunity to lead digital innovation in their business”. Naturally, to be able to master these IoT […]... Continue Reading
2019 is coming and Gartner has already drafted the top 10 strategic technology trends for 2019, we have already seen some of these trends in 2018. Let’s find out them immediately! Autonomous Things; Augmented Analytics; AI-Driven Development; Digital Twins; Empowered Edge; Immersive Experience; Blockchain; Smart Spaces; Digital Ethics and Privacy; Quantum Computing. The 10 strategic […]... Continue Reading
Last month the TGT network of companies met to share their latest news with the other companies of the network. TGT is the acronym of ToGetThere, a network of companies created in 2016 that brings together 20 SMEs of the ICT market. The goal of the network of companies is to escape the isolation that […]... Continue Reading
Elasticsearch: what it is and how it works Elasticsearch is a Lucene-based search engine. Lucene is a free and open source API for information retrieval and is widely used for creating search engines. Through HTTP web interfaces and JSON documents, Elasticsearch allows to interact in a simple way with its core and perform very effective […]... Continue Reading
Gartner begins his 2018 Magic Quadrant for WAF making a point about the situation regarding WAF technology. In fact, in recent years, WAF technology has been used less and less by companies, prefering Cloud technology which is evolving much faster. WAF can protect companies against web attacks such as SQLInjection and Cross-Site Scripting. This protection […]... Continue Reading
System and network security is essential in a modern world like ours which is strongly interconnected (in fact this historical period is called “information age”) and many of our daily activities rely on computer networks. For this reason, it is absolutely critical and essential to protect computer networks. It’s like building a beautiful house (Internet […]... Continue Reading
DevOps, GDPR, IT security, cloud: this is Consulthink The last few years have been very interesting for Consulthink. A new headquarters, new resources confirming the desire of excellence in a company that makes dynamism and expertise its strength, and a new institutional website which provides the opportunity to share and the best of corporate knowledge […]... Continue Reading
Last month we saw the best cloud platforms according to the 2017 Gartner Magic Quadrant. Today we will have a look at the 2018 Gartner Magic Quadrant, released few months ago. IaaS cloud services Like the 2017 Magic Quadrant, the 2018 Gartner Magic Quadrant also refers to IaaS Cloud Solutions. At the same time, […]... Continue Reading
DoS attacks: what are they A DoS (Denial of Service) is an attack that aims to impede the supply or use of a service, making it unavailable or unusable to legitimate users. There are various types of DoS attacks: Some hacker attacks exploit a known vulnerability of a system, to crash it and make it […]... Continue Reading
Gartner’s Magic Quadrant: What is it? Gartner is one of the most famous consultancy and research companies. It developed the Magic Quadrant, a scheme that provides an overview regarding technological suppliers on the market. The Magic Quadrant is presented as a Cartesian coordinate plane where on the X-axis there is the “Completeness of vision”, while […]... Continue Reading
Today we are increasingly talking about applied artificial intelligence both in reference to very complicated and rare engineering problems born in laboratories “lost” in some high-profile university campus as well as to real situations much closer to every-day life, comprised of simple things for everyone. There are many examples of AI and we have chosen […]... Continue Reading
Data warehouses, what are they The development of information systems and the web has created a vast amount of data assets. The use of these information assets of the company is done by using Data Warehouse technologies. Data Warehouse (DWH) is a database that stores all information regarding the company’s activities and it is used […]... Continue Reading
New month, new memories! Last month we inaugurated this monthly column about the history of technology, looking back at the birth of the PHP scripting language, the marketing of Apple II and Windows 98, the switch of Facebook, Yahoo and Google to IPv6 and the launch of the first iPhone. If you want to read […]... Continue Reading
The World Report has highlighted attacks on 65 countries: how can a country be safe? Unfortunately most people and organizations think that backups are enough as a countermeasure to ransomwares for the PC Backups are not the solution. The need for a precise plan emerges made up of policies, processes, procedures and integrated technologies (for […]... Continue Reading
Spain will win the FIFA World Cup 2018! That’s the word from the artificial intelligence that guesses the results of football matches! Not Paul the octopus, Achilles the cat or goats to “guess” which team will win the final of the FIFA World Cup 2018 to be played on July 15th. Artificial intelligence has guessed […]... Continue Reading
The term ransomware indicates a sophisticated category of malware that infects desktop and mobile systems, restricting access to the lawful owners. To regain access to files, the owner must pay a ransom (from this the word “ransomware”). There are mainly two types of ransomware: Locker ransomwares: the first distributed versions: they block the victim out […]... Continue Reading
In our blog, we spoke about Blockchain several times, the distributed database used for Bitcoin and that can be used in many sectors. Blockchain is a technology that is constantly expanding, and it is finding new sectors of application. Let’s look at some of the latest Blockchain news, the new areas of use in business from the […]... Continue Reading
Today we frequently hear talk about applications of artificial neural networks to the problems associated with artificial intelligence and machine learning. Let’s examine briefly, and simply what they are and how these technologies can actually help us to solve problems of an engineering nature. Artificial Neural Networks An artificial neural network is a mathematic […]... Continue Reading
If you follow us on social networks, we have, in recent weeks, looked back at the release of Microsoft Excel, the Apple Imac and the Windows 3.0 operating system posts. We thought it would be interesting to, very briefly trace the history of technology, examining important events that happened on certain days, using social media, […]... Continue Reading
Today the GDPR, the European new data and privacy law comes into force. Yesterday we saw how to conform to the GDPR for websites, today we will see how the principles of the European new privacy law apply in the field of e-mail marketing. E-mail marketing is a type of direct marketing that consists of sending […]... Continue Reading
The GDPR is the new European general data protection regulation applicable as of 25 May 2018. From this date on, all penalties anticipated if web sites do not conform to GDPR regulations will be applicable. Regarding the penalties, the new privacy law and changes for companies, we already talked about an initial detailed-study of the […]... Continue Reading
Il più noto motore di ricerca per immagini è sicuramente Google Immagini. Ne esistono, però, altri: Facebook, GazoPa, Yahoo Image Search, Istagram, Pinterest e Corbisimages. ... Continue Reading
How many times do you read a job advertisement that requires that the candidate have specific characteristics – years of experience, knowledge of a specific language or a software – and aware that you do not have these qualifications, you apply anyway, thinking that maybe you will be lucky and will obtain a job interview? […]... Continue Reading
The Forum PA 2018 comes back in May in Rome, to be exact from 22 to 24 of May. The Forum PA 2018 focuses on how to innovate and modernize the Italian public administration and takes place in the Roma Convention Center “La Nuvola”. The edition of the Forum PA 2018 resumes the discourse of […]... Continue Reading
Tomorrow the Hannover Messe will close its doors. As we have already told you, the Hannover Messe is the Hanover fair dedicated to Industry 4.0 and this year the Hannover Messe and the CEMAT are taking place together. Energy: essential topic on the Hannover Fair 2018 Energy is an important topic at the Hanover […]... Continue Reading
The e-CF standard is a reference system for professional and managerial skills in the ICT sector, recognized at the Italian and European level which allows systems which exist at international, national and individual corporate levels to “speak” to each other. The definition of the European e-CF standard is “e-Competence Framework (e-CF) – A common European […]... Continue Reading
Industry 4.0, a term that by now echoes: it will change the labor market, it will increase productivity to the detriment of jobs, through the Government Budget the government wants to promote the transition to what could be a fourth industrial revolution, there is a lack of skills to deal with this… Moreover, we also discussed […]... Continue Reading
The GDPR (General Data Protection Regulation) is the New General Regulation on Data Protection (better known as GDPR or EU Regulation 2016/679), issued by the EU. It became effective on 24 May 2016 and it will be enforceable starting from 25 May 2018 with a legislative decree that harmonizes national legislation with community regulation and […]... Continue Reading
Hannover Messe 2018 and CeMAT 2018 From 23 April to 27 April 2018 Hannover Messe comes back, the Hanover Fair which brings together commercial and energetic technologies and shows the whole value chain. Like every year, the fair takes place in Hanover, in the specific exhibition area of the German city. Mexico is the partner […]... Continue Reading
On 21 March, the Italian “Task Force sull’Intelligenza Artificiale” (“Task Force on Artificial Intelligence) published the “Libro Bianco sull’Intelligenza Artificiale al servizio del cittadino” (“White Paper on Artificial Intelligence serving the citizen”). The Task Force is responsible for studying and evaluating the impact of IA solutions to improve the relationship between citizens and public institutions. […]... Continue Reading
On 26 May, HackInBo returns, the IT security event now in its 10th edition and it takes place in the city of Bologna at Fico Eataly World. HackInBo was born in 2013 by the commitment of Mario Anglani who every year organizes two events, of which the spring edition has a workshop. HackInBo was born to […]... Continue Reading
Today more than ever, IT security and the protection of company data are indispensable for the survival of a company. An attack can have huge consequences for their business. For this reason, companies must have a security plan and must rely on expert professionals who are able to plan a data defense suitable for company […]... Continue Reading
There are various definitions of artificial intelligence, one of them which is recapitulatory states that AI is the ability of a computer to carry out activities and reasonings that are a prerogative of the human mind. AI is connected to the automatic learning, that is the discipline that allows objects that have AI to automatically […]... Continue Reading
Sanremo is the Italian Song Festival which takes place in February in the city of Sanremo, in northern Italy. If we told you that there is a relationship between Sanremo and Big Data, would you believe it? It seems strange, but it is true. In fact, the conversations on social networks, blogs news sites, and […]... Continue Reading
Penetration Test and Vulnerability Assessment: what are they, what are they for, how are they different?
Vulnerability Assessment (VA) is the process of identifying and classifying vulnerabilities in the target system. This process analyzes operating systems, application software, as well as hardware and networks to identify known and unknown vulnerabilities (Zero-day). These vulnerabilities occur because of improper software design, unsafe authentication, or even because of the many vulnerabilities due to programming […]... Continue Reading
Di solito i programmatori commettono errori (bug) nella scrittura del codice: questi errori sono la radice delle vulnerabilità software, perché è attraverso gli errori che si crea una porta d' accesso. Il software è così esposto a delle vulnerabilità.... Continue Reading
Hadoop, what is it and how it works Hadoop is a platform designed to handle and analyze large amounts of data in a business-oriented perspective. Hadoop is one of the first framework to work on Big Data and it is still one of the most reliable. Hadoop is an Open Source implementation of a platform […]... Continue Reading
On the last Monday of January Consulthink had a page dedicated to itself in “La Repubblica“, an important Italian newspaper, in the section “Special Consultancy”. La Repubblica describes us as: “A[n] [Italian] organization with strong technological and organizational skills that, in just over ten years, has become the protagonist of the sector and an important […]... Continue Reading
Big Data is large amounts of data which can be analyzed, worked on and used in order to better understand the events studied. Big Data is essential for Marketing activities in all sectors because Big Data allows information to be analyzed in a way which was not previously possible. To understand the extent of the […]... Continue Reading
The entrepreneurs of the TechMission2018, organized by the “Gruppo Giovani Imprenditori di Confindustria Lombardia” in collaboration with the American Consulate of Milan, visited the CES 2018, but also Amazon headquarters on 7th Avenue in Seattle and they were impressed for this place. It is, in fact, a place of work so large, well-kept, in one […]... Continue Reading
New achievements for Consulthink! Consulthink wins the funding “POR CALABRIA FESR-FSE 2014-2020”, for the “Asse I – Promozione della ricerca e dell’innovazione” whose goal is the “rafforzamento del sistema innovativo regionale e nazionale” with the objective being: “Supporto alla realizzazione di progetti complessi di attività di ricerca e sviluppo su poche aree tematiche di rilievo […]... Continue Reading
A decision tree is a model which allows to take a decision based on a classification system. What is a decision tree? Decision trees are a technique to resolve some types of classification problems. In classification problems generally we have a set of data, which are called “historic” because they are already in our possession […]... Continue Reading
In Las Vegas, the CES 2018 has closed its doors. On our blog, we have seen a lot of new gadgets in these recent days: home automation, robots, virtual assistants, electronics, and wearable devices have made a splash among the stands of CES2018. Now, while companies are thinking about developing new gadgets for next year, […]... Continue Reading
The magazine “World Excellence”, an Italian monthly magazine by Editrice Le Fonti, dedicated a page to Consulthink in its last issue. World Excellence is a magazine that has become a veritable reference point for companies of excellence in innovation and leadership and seeing our name while leafing through the pages fills us with pride and […]... Continue Reading
Durante il CES2018 sono state presentate le novità in ambito tecnologia. Scopriamo cosa potremo acquistare nei prossimi mesi!... Continue Reading
Techmission 2018 Innovation, it is the engine that develops technology and consequently our world and our daily life. Companies which operate in the IT environment know how important this word is, so, as in the past, Consulthink went to CES – Consumer Electronics Show – 2018 in Las Vegas, taking place in this period (9-12 […]... Continue Reading
In an earlier article we explained what Blockchain is and how it works. In this article, we will look at what the possible areas of use for the Blockchain paradigm are and what advantages can emerge using this paradigm that allows you to manage and track transactions that are carried out on the network. Blockchain […]... Continue Reading
Blockchain is a distributed database, structured in network nodes or “blocks” connected to each other – “chain”. Thanks to this chain it is possible to make, manage and keep track of the transactions that are carried out on the network. Blockchain is a paradigm that is taking more and more space in various sectors. Thanks […]... Continue Reading
Predictive Analytics is a mix of data analysis related to phenomena observed in the past integrated into predictive models and machine learning with the aim of predicting future trends. Modern Predictive Analysis is more than ever focused on data, Big Data, as well as large volumes of data segmentable by different variables. Today we have […]... Continue Reading
Celebrations are moments to be with your loved ones and with your family. For this reason on the 20th of December, the Consulthink family gathered to wish each other a Merry Christmas and a Happy New Year. These occasions are moments to be in a peaceful, relaxed and friendly environment; working together makes it easier […]... Continue Reading
Any company active in the market, regardless of sector, type of company and size, needs to have a secure and robust data storage system. In fact, data today is in effect, a company asset and, for this reason, companies must safeguard their data. Above all, in terms of protection, privacy and competition, corporate data is […]... Continue Reading
Bitcoins Bitcoins (BTC or XBT) is electronic currency based on peer-to-peer network. The history of bitcoins begins in 2008 when an author who writes under the pseudonym of Satoshi Nakamoto, in an article, explains the algorithmic theory behind this currency. In 2009 an open source software is released. It allows people’s computers to enter into […]... Continue Reading
The term DevOps stems from the contraction of “development” and “operations“, namely, the team which deals with aspects of software production and maintenance. However, DevOps does not refer only to an operative group, but it is a cultural and methodological change that includes a set of practices, automatic tools and processes of Development and Lean […]... Continue Reading
Presenting the new headquarters, giving its customers and partners a pleasant, immersive and interactive experience, toasting with them to the future, telling them about our daily commitment, our solutions and achievements, these were the watchwords of the event of November 16th “Future Start” organized by Consulthink. A charismatic and professional welcome, the engaging notes of […]... Continue Reading
The term Business Intelligence was used for the first time by an IBM employee, Hans Peter Luhn, to indicate the process of collecting data to turn it into information to be used to plan business decisions. Today, the relationship between Big Data and Business Intelligence is strictly interconnected and can bring significant benefits to the […]... Continue Reading
The theme of Big Data is very current today, we talk about it both at the company level and at the Public Administration one, but it is not always clear what Big Data is used for, how to store it and how to manage it. We have done a bit to define and clarify Big […]... Continue Reading
With the evolution of information systems and with the growing need to organize large amounts of data, we need experts who are able to analyze, manage and support companies in cataloging, analyzing and reading data. Moreover, the amount and types of data on the network grow exponentially as do the number of devices connected to […]... Continue Reading
Cloud computing can be imagined as a new way of thinking about applications, an opportunity to free oneself from the logic of managing systems in IT environments in order to focus only on business, a set of services (provided by third parties) ready to use to manage business processes without being forced to install applications […]... Continue Reading
Every company, whatever its size, must set up a strategy for corporate IT security, built considering its business, the reference market and the presence of databases of data to be managed. Although it is impossible to guarantee 100% security – because even the best computer system could be attacked and because, even if the company […]... Continue Reading
August was not a month of rest and vacation for the Movimento 5 Stelle which had to face 2 hacker attacks on its platform, Rousseau, in a few days. Two hacker attacks that prevent it would not be difficult.... Continue Reading
A cyberattack can be defined as a hostile activity towards systems, instruments, applications or elements that have an IT component. It is an activity that aims to obtain a benefit for the attacker to the detriment of the attacker. There are different types of cyberattacks, they depend on the objectives to be achieved and on […]... Continue Reading
2018 is going to arrive in a few months and Gartner draws up the ranking of the 10 trends for next year. Once again technologies like Blockchain, Artificial Intelligence, app and intelligent objects are excellent investments for the future.... Continue Reading
What are the main IT threats that a company or an individual can meet? We have already discussed some of these in the first part of our article. After examining important issues such as GDPR, the Internet of Things and new opportunities of attack for hackers in the world, we continue here the excursus dedicated […]... Continue Reading
In the contemporary technological landscape, while on the one hand there is a tendency to integrate codes, platforms and regulations, on the other, cyberattacks increase. Cybercriminals move in parallel with the evolution of technology, and defensive systems are not always able to face with these attacks. Let’s see together what are the main critical issues […]... Continue Reading
On 20 July 2017, due to the approach of the summer holidays, we gathered all the members of the large Consulthink family, to say goodbye each other with a toast in our headquarters.... Continue Reading
The quantity and formats of data on the network, especially gradually that more devices are connected to the Internet is growing exponentially.... Continue Reading
The Mobile Security Lab, the Business Unit of Consulthink specialized in mobile Security, participated in the latest Android Hacking Event 2017.... Continue Reading
Blockchain is the basis of the virtual currency of Bitcoin, a current topic; the cryptocurrency (or digital system of non-physical "tokens") has a certain value and is used for the negotiation of goods or services, in the same way as physical money.... Continue Reading
Le Fonti Awards: Consulthink wins the award “Eccellenza dell’Anno – Innovazione – Servizi ICT & Big Data”
Le Fonti Awards: Consulthink wins the award Eccellenza dell'Anno - Innovazione - Servizi ICT & Big Data, the last 22nd June in Palazzo Mezzanotte, headquarters of Milan Stock Exchange.... Continue Reading
"A good security system is one that predicts attacks" this is the new challenge that Consulthink's Research and Development Division has been responding to, and that Dr. Carotenuto discusses in the pages of The Sun 24 hours, together with the successes achieved by the company during the last 13 years.... Continue Reading
As happens every year, the ranking of the 10 technology trends created by Gartner have arrived and, of course, Consulthink, always oriented towards new challenges, could not fail to engage in such technological perspectives.... Continue Reading
The seventh edition of Le Fonti Awards happens in Milan at Palazzo Mezzanotte on 22 june. Le Fonti Awards is part of the international IAIR AWARDS and among the finalists figure Consulthink in the special category “Eccellenza dell’Anno/Innovazione – servizi ICT”, which is a perfect category for the company.... Continue Reading
"BS2R - Beyond Social Semantic Recommendation" This is the name of the project carried out by Consulthink. A platform combining a search engine with a corporate social network: "expert" and "trusted" users suggest potentially useful and interesting content for their contacts with whom they can share their opinions. All thanks, to the ability of that platform, which uses social and semantic technologies, to identify the business team's preferences and behaviors.... Continue Reading