Security & Trust


Poligrafico e Zecca dello Stato Italiano (IPZS)


Created in June 2017, the Digimat joint lab between Poligrafico e Zecca dello Stato Italiano (IPZS) and FBK-ICT performs research and innovation activities in digital identity solutions. One of the main goals is to investigate how the new (NFC-enabled) identity card (Carta Identità Elettronica 3.0) may be integrated in authentication and authorization solutions for digital or integrated digital-physical services. The idea is, on the one hand, to augment the level of assurance and, on the other hand, to improve the user experience of the security solutions using the identity card.


Related Publications

  • Roberto Carbone, Silvio Ranise, Giada Sciarretta, Luca Viganò
    Formal Analysis of Mobile Multi-Factor Authentication with Single Sign-On Login
    In: ACM Transactions on Privacy and Security (TOPS) (DOI, complementary material, news)
  • Sergio Manuel Nóbrega Gonçalves, Alessandro Tomasi, Andrea Bisegna, Giulio Pellizzari, Silvio Ranise
    Verifiable Contracting: A Use Case for Onboarding and Contract Offering in Financial Services with eIDAS and Verifiable Credentials
    In: 25th European Symposium on Research in Computer Security (DETIPS2020) (DOI)
  • Marco Pernpruner, Roberto Carbone, Silvio Ranise, Giada Sciarretta
    The Good, the Bad and the (Not So) Ugly of Out-Of-Band Authentication with eID Cards and Push Notifications: Design, Formal and Risk Analysis
    In: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy (CODASPY 2020) (DOI, complementary material, news)
  • Silvio Ranise, Giada Sciarretta, Alessandro Tomasi
    Enroll, and authentication will follow: eID-based enrollment for a customized, secure, and frictionless authentication experience
    In: 12th International Symposium on Foundations & Practice of Security (FPS 2019) (DOI, news)
  • Salvatore Manfredi, Silvio Ranise, Giada Sciarretta
    Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations
    In: Proceedings of the 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2019), vol. 11559, pp. 201-220 (DOI, news)
  • Giada Sciarretta, Roberto Carbone, Silvio Ranise, Luca Viganò
    Design, Formal Specification and Analysis of Multi-Factor Authentication Solutions with a Single Sign-On Experience
    In: Principles of Security and Trust (POST 2018) (DOI, news)

Related Theses

  • Marco Pernpruner (Master's Thesis, University of Verona, 2019)
    A passwordless out-of-band authentication protocol based on eID cards and push notifications: Design and formal security analysis
    Supervisors: Massimo Merro | Co-supervisors: Giada Sciarretta, Roberto Carbone
  • Giada Sciarretta (PhD Thesis, University of Trento, 2018)
    A Methodology for the Design and Security Assessment of Mobile Identity Management: Applications to real-world scenarios (link)
    Supervisors: Silvio Ranise | Co-supervisors: Alessandro Armando, Roberto Carbone
  • Giovanni Ferronato (Bachelor's Thesis, University of Trento, 2018)
    Multi-factor Authentication Through Push Notification and NFC-enabled Identity Card: A solution for secure authentication in unsecure contexts
    Supervisors: Silvio Ranise | Co-supervisor: Giada Sciarretta
    Awards: 3rd place at thesis award "Innovare la sicurezza delle informazioni 2019", sponsored by CLUSIT