You are here

Roberto Carbone

Researcher
  • Phone: 0461314185
  • FBK Povo
Short bio

Since November 2010, Roberto Carbone is a researcher of the Security and Trust Research Unit at the Center for Information Technologies of Bruno Kessler Foundation in Trento.

He received his Ph.D. in Electronic and Computer Engineering and Telecommunications from the University of Genova in 2009. His PhD Thesis, titled “LTL Model-Checking for Security Protocols”, has been awarded the CLUSIT prize 2010 by the Italian Association for Information Security. His research focuses on the formal analysis of security protocols and services. He has participated in the EU project AVANTSSAR. He has contributed to the development of some key extensions of the SATMC model checker and he is currently the main developer of the tool. He has contributed to the discovery of a serious vulnerability on the SAML-based Single Sign-On for Google Apps, an Authentication flaw in the most common use-case scenario of SAML 2.0 SSO Profile (Errata by OASIS Security Services Technical Committee), and Cross-Site Scripting vulnerabilities in SAML-based SSO for Google Apps and Novell Access Manager v3.1.

He has recently contributed to the detection of serious vulnerabilities in protocols for Strong Authentication.

Publications
  1. A. Armando; R. Carbone; L. Compagna; G. Pellegrino,
    Automatic Security Analysis of SAML-based Single Sign-On Protocols,
    Digital Identity and Access Management: Technologies and Frameworks,
    Hershey, Pennsylvania,
    IGI Global,
    2012
    , pp. 168 -
    187
  2. A. Armando; G. Pellegrino; R. Carbone; A. Merlo; D. Balzarotti,
    TESTS AND PROOFS,
    Springer,
    vol.7305,
    2012
    , pp. 3-
    18
    , (6th International Conference, TAP 2012,
    Prague, Czech Republic,
    da 05/31/2012 a 06/01/2012)
  3. A. Armando; W. Arsac; T. Avanesov; M. Barletta; A. Calvi; A. Cappai; R. Carbone; Y. Chevalier; L. Compagna; J. Cuéllar; G. Erzse; S. Frau; M. Minea; S. Mödersheim; D. von Oheimb; G. Pellegrino; S. E. Ponta; M. Rocchetto; M. Rusinowitch; M. Torabi Dashti; M. Turuani; L. Viganò,
    TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS,
    Springer,
    vol.7214,
    2012
    , pp. 267-
    282
    , (TACAS 2012,
    Talling, Estonia,
    da 03/24/2012 a 04/01/2012)
  4. A. Armando; R. Carbone; A. Merlo,
    Formal Analysis of a Privacy-Preserving Billing Protocol,
    2012
    , (1st EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec 2012),
    Berlin, Germnay,
    12/03/2012 a 12/03/2012)
  5. R. Carbone,
    LTL Model-Checking for Security Protocols,
    in «AI COMMUNICATIONS»,
    vol. 24,
    n. 3,
    2011
    , pp. 281 -
    283
  6. R. Carbone; M. Minea; S. A. Mödersheim; S. E. Ponta; M. Turuani; L. Viganò,
    The Future Internet,
    Berlin,
    Springer,
    2011
    , pp. 193 -
    207
  7. A. Armando; R. Carbone; L. Compagna; J. Cuellar; G. Pellegrino; A. Sorniotti,
    From Multiple Credentials to Browser-based Single Sign-On: Are We More Secure?,
    2011
    , (26th IFIP TC-11 International Information Security Conference (SEC 2011),
    Luzern, Switzerland,
    June 7-9, 2011)
  8. A. Armando; R. Carbone; S. Ranise,
    Automated Analysis of Semantic-Aware Access Control Policies: a Logic-based Approach,
    2011
    , (IEEE Int. Workshop on Semantics, Security, and Privacy (TCSEM + TCSP),
    Stanford Univ., Palo Alto, CA, USA,
    18/11/2011 a 21/11/2011)
  9. G. Gheorghe; B. Crispo; R. Carbone; L. Desmet; W. Joosen,
    Middleware 2011,
    Springer,
    vol.7049,
    2011
    , pp. 350-
    369
    , (ACM/IFIP/USENIX 12th International Middleware Conference,
    Lisboa, Portugal,
    da 12/12/2011 a 12/16/2011)
  10. A. Armando; R. Carbone; L. Compagna; L. Keqin; G. Pellegrino,
    Model-Checking Driven Security Testing of Web-Based Applications,
    Washington, D.C,
    IEEE Computer Society,
    2010
    , (Third International Conference on Software Testing, Verification, and Validation Workshops (ICSTW),
    Paris France,
    da 04/06/2010 a 04/10/2010)

Pages