You are here
- Phone: 0461314185
- FBK Povo
Since November 2010, Roberto Carbone is a researcher of the Security and Trust Research Unit at the Center for Information Technologies of Bruno Kessler Foundation in Trento.
He received his Ph.D. in Electronic and Computer Engineering and Telecommunications from the University of Genova in 2009. His PhD Thesis, titled “LTL Model-Checking for Security Protocols”, has been awarded the CLUSIT prize 2010 by the Italian Association for Information Security. His research focuses on the formal analysis of security protocols and services. He has participated in the EU project AVANTSSAR. He has contributed to the development of some key extensions of the SATMC model checker and he is currently the main developer of the tool. He has contributed to the discovery of a serious vulnerability on the SAML-based Single Sign-On for Google Apps, an Authentication flaw in the most common use-case scenario of SAML 2.0 SSO Profile (Errata by OASIS Security Services Technical Committee), and Cross-Site Scripting vulnerabilities in SAML-based SSO for Google Apps and Novell Access Manager v3.1.
He has recently contributed to the detection of serious vulnerabilities in protocols for Strong Authentication.
ARMANDO A.; CARBONE R.; COMPAGNA L.,LTL Model Checking for Security Protocols,in «JOURNAL OF APPLIED NON-CLASSICAL LOGICS»,2009
C. Rudolph; L. Compagna; R. Carbone; A. Muñoz; J. Repp,Security and Dependability for Ambient Intelligence,New York,Springer US,2009, pp. 143 -163
Armando A.; Carbone R.; Compagna L.; Cuellar J.; Tobarra L.,Formal Analysis of SAML 2.0 Web Browser Single Sign-On: Breaking the SAML-based Single Sign-On for Google Apps.,Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008),NEW YORK,ACM,2008, pp. 1-10, (6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008),Alexandria, Virginia, USA,27/10/2008)
Armando A.; Carbone R.; Compagna L.,proceedings of the 20th IEEE Computer Security Foundations Symposium (CSF20),WASHINGTON DC -- USA,IEEE Computer Society,2007, pp. 385-396, (20th IEEE Computer Security Foundations Symposium,S. Servolo island, Venice - Italy,6-8/7/2007)