You are here

Roberto Carbone

Researcher
  • Phone: 0461314185
  • FBK Povo
Short bio

Since November 2010, Roberto Carbone is a researcher of the Security and Trust Research Unit at the Center for Information Technologies of Bruno Kessler Foundation in Trento.

He received his Ph.D. in Electronic and Computer Engineering and Telecommunications from the University of Genova in 2009. His PhD Thesis, titled “LTL Model-Checking for Security Protocols”, has been awarded the CLUSIT prize 2010 by the Italian Association for Information Security. His research focuses on the formal analysis of security protocols and services. He has participated in the EU project AVANTSSAR. He has contributed to the development of some key extensions of the SATMC model checker and he is currently the main developer of the tool. He has contributed to the discovery of a serious vulnerability on the SAML-based Single Sign-On for Google Apps, an Authentication flaw in the most common use-case scenario of SAML 2.0 SSO Profile (Errata by OASIS Security Services Technical Committee), and Cross-Site Scripting vulnerabilities in SAML-based SSO for Google Apps and Novell Access Manager v3.1.

He has recently contributed to the detection of serious vulnerabilities in protocols for Strong Authentication.

Publications
  1. R. Carbone,
    LTL Model-Checking for Security Protocols,
    in «AI COMMUNICATIONS»,
    vol. 24,
    n. 3,
    2011
    , pp. 281 -
    283
  2. R. Carbone; M. Minea; S. A. Mödersheim; S. E. Ponta; M. Turuani; L. Viganò,
    The Future Internet,
    Berlin,
    Springer,
    2011
    , pp. 193 -
    207
  3. A. Armando; R. Carbone; L. Compagna; J. Cuellar; G. Pellegrino; A. Sorniotti,
    From Multiple Credentials to Browser-based Single Sign-On: Are We More Secure?,
    2011
    , (26th IFIP TC-11 International Information Security Conference (SEC 2011),
    Luzern, Switzerland,
    June 7-9, 2011)
  4. A. Armando; R. Carbone; S. Ranise,
    Automated Analysis of Semantic-Aware Access Control Policies: a Logic-based Approach,
    2011
    , (IEEE Int. Workshop on Semantics, Security, and Privacy (TCSEM + TCSP),
    Stanford Univ., Palo Alto, CA, USA,
    18/11/2011 a 21/11/2011)
  5. G. Gheorghe; B. Crispo; R. Carbone; L. Desmet; W. Joosen,
    Middleware 2011,
    Springer,
    vol.7049,
    2011
    , pp. 350-
    369
    , (ACM/IFIP/USENIX 12th International Middleware Conference,
    Lisboa, Portugal,
    da 12/12/2011 a 12/16/2011)
  6. A. Armando; R. Carbone; L. Compagna; L. Keqin; G. Pellegrino,
    Model-Checking Driven Security Testing of Web-Based Applications,
    Washington, D.C,
    IEEE Computer Society,
    2010
    , (Third International Conference on Software Testing, Verification, and Validation Workshops (ICSTW),
    Paris France,
    da 04/06/2010 a 04/10/2010)
  7. ARMANDO A.; CARBONE R.; COMPAGNA L.,
    LTL Model Checking for Security Protocols,
    in «JOURNAL OF APPLIED NON-CLASSICAL LOGICS»,
    2009
  8. C. Rudolph; L. Compagna; R. Carbone; A. Muñoz; J. Repp,
    Security and Dependability for Ambient Intelligence,
    New York,
    Springer US,
    2009
    , pp. 143 -
    163
  9. Armando A.; Carbone R.; Compagna L.; Cuellar J.; Tobarra L.,
    Proceedings of the 6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008),
    NEW YORK,
    ACM,
    2008
    , pp. 1-
    10
    , (6th ACM Workshop on Formal Methods in Security Engineering (FMSE 2008),
    Alexandria, Virginia, USA,
    27/10/2008)
  10. Armando A.; Carbone R.; Compagna L.,
    proceedings of the 20th IEEE Computer Security Foundations Symposium (CSF20),
    WASHINGTON DC -- USA,
    IEEE Computer Society,
    2007
    , pp. 385-
    396
    , (20th IEEE Computer Security Foundations Symposium,
    S. Servolo island, Venice - Italy,
    6-8/7/2007)

Pages