Andrea Bisegna Technologist

Andrea Bisegna is a technologist in the Security & Trust research unit at Fondazione Bruno Kessler.

He obtained his MSc in Telecommunication Engineering from the University of Trento in 2006 and completed his Ph.D. in Secure and Reliable Systems at the University of Genova in 2023.

He has actively contributed to numerous international and national research projects and has engaged in collaborations with industry. Recently, his focus has been on the security assessment of the OIDC profile for the CIE ID digital identity system.

His research primarily revolves around digital identity management, as well as the implementation and analysis of security protocols.

Publications

2024

Andrea Bisegna, Matteo Bitussi, Roberto Carbone, Luca Compagna, Silvio Ranise, Avinash Sudhodanan
CSRFing the SSO Waves: Security Testing of SSO-Based Account Linking Process
In: 9th IEEE European Symposium on Security and Privacy (EUROS&P 2024) (DOI, complementary material)
Andrea Bisegna, Matteo Bitussi, Roberto Carbone, Silvio Ranise
Enhancing Security Testing for Identity Management Implementations: Introducing Micro-Id-Gym Language and Micro-Id-Gym Testing Tool
In: IEEE Security & Privacy (DOI, news)

2021

Andrea Bisegna, Roberto Carbone, Silvio Ranise
Integrating a Pentesting Tool for IdM Protocols in a Continuous Delivery Pipeline
In: 4th International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2021) (DOI)

2020

Andrea Bisegna, Roberto Carbone, Mariano Ceccato, Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi, Emanuele Viglianisi
Automated Assistance to the Security Assessment of API for Financial Services in book Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures
In: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures (DOI)
Andrea Bisegna, Roberto Carbone, Giulio Pellizzari, Silvio Ranise
Micro-Id-Gym: a Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory
In: 3rd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2020) (DOI)
Sergio Manuel Nóbrega Gonçalves, Alessandro Tomasi, Andrea Bisegna, Giulio Pellizzari, Silvio Ranise
Verifiable Contracting: A Use Case for Onboarding and Contract Offering in Financial Services with eIDAS and Verifiable Credentials
In: 25th European Symposium on Research in Computer Security (DETIPS2020) (DOI)

2019

Andrea Bisegna, Roberto Carbone, Ivan Martini, Valentina Odorizzi, Giulio Pellizzari, Silvio Ranise
Micro-Id-Gym: Identity Management Workouts with Container-Based Microservices
In: International Journal of Information Security and Cybercrime (IJISP), Volume 8, Issue 1 (DOI)

Theses

Andrea Bisegna (PhD Thesis, University of Genoa, 2023)
Automated Security Testing for Identity Management of Large-scale Digital Infrastructures (link)
Supervisor: Silvio Ranise | Co-supervisor: Roberto Carbone

Projects

Former

FIDES 2016

Federated Identity Management System

STAnD

Security Tools for App Development

Dissemination

2021

March 11, 2021 • Specialized
Andrea Bisegna, Roberto Carbone, Marco Pernpruner, Silvio Ranise
Scenari, approcci, esperienze di strong authentication pre e post direttiva PSD2
Tech Talk (DedaGroup)

Supervised Theses

2024

Roberto Savi (Bachelor's Thesis, University of Trento, 2024)
Integrating Pentesting Tools for Identity Management Protocols into DevSecOps: The MIG-T Use Case
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone, Laura Cristiano, Pietro De Matteis
Pier Guido Seno (Bachelor's Thesis, University of Trento, 2024)
From Local to Remote: Enhancing MIG-T Pentesting Tool with SaaS for Securing Digital Identity
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone, Laura Cristiano

2023

Luigi Dell'Eva (Bachelor's Thesis, University of Trento, 2023)
Chatting is Healthy: How Better Cybersecurity Hygiene can be Obtained by Integrating Chatbots with Pentesting Tools
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone, Eleonora Marchesini
Alessandro Biasi (Bachelor's Thesis, University of Trento, 2023)
Syntax and Semantics of a Declarative Language for Security Testing of Browser-based Security Protocols
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2022

Matteo Bitussi (Bachelor's Thesis, University of Trento, 2022)
Declarative Specification of Pentesting Strategies for Browser-based Security Protocols: the Case Studies of SAML and OAuth/OIDC
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Eleonora Marchesini (Master's Thesis, University of Trento, 2022)
Design and Implementation of a Cybersecurity Chatbot for Identity Management Protocols: the SAML and Slack Use Case
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Sofia Zanrosso (Bachelor's Thesis, University of Trento, 2022)
Enlarging the Pen-Test Coverage of SAML Single Sign-On Solutions with Cyber Threat Intelligence
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Michele Zucchelli (Bachelor's Thesis, University of Trento, 2022)
Pimp My Micro-Id-Gym: Enhancing the Automation and Usability of a Security Testing Tool for Digital Identity Protocol
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Giuseppe Alessio Sciumè (Bachelor's Thesis, University of Trento, 2022)
A Comprehensive Analysis of the OAuth 2.0 Threat Model to Develop a Chatbot Providing Actionable Security Suggestions
Supervisor: Silvio Ranise | Co-supervisors: Roberto Carbone, Andrea Bisegna

2021

Wendy Barreto (Bachelor's Thesis, University of Trento, 2021)
Design and implementation of an attack pattern language for the automated pentesting of OAuth/OIDC deployments
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Luca Bazzanella (Bachelor's Thesis, University of Trento, 2021)
Analysis of the State of the Art of DevSecOps: The Gitlab case study
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Francesco Defilippo (Bachelor's Thesis, University of Trento, 2021)
Attack Patterns for Pentesting SAML 2.0 Web Browser Single Sign-On deployments
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2020

Stefano Facchini (Bachelor's Thesis, University of Trento, 2020)
Design and implementation of an automated tool for checking SAML SSO vulnerabilities and SPID compliance
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Giulio Pellizzari (Master's Thesis, University of Trento, 2020)
Micro-Id-Gym: A Tool to Support Sandboxing and Automated Pentesting of Identity Management Protocols
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Claudio Grisenti (Bachelor's Thesis, University of Trento, 2020)
A pentesting tool for OAuth and OIDC deployments
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2019

Lorenzo Tait (Bachelor's Thesis, University of Trento, 2019)
A Customized Threat Modeling for Secure Deployment And Pentesting of SAML SSO Solutions
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2018

Valentina Odorizzi (Bachelor's Thesis, University of Trento, 2018)
Progettazione e sviluppo di uno strumento per l'analisi automatica di vulnerabilità "Missing XML Validation" in SAML SSO
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Ivan Martini (Bachelor's Thesis, University of Trento, 2018)
An automated security testing framework for SAML SSO deployments
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
Giulio Pellizzari (Bachelor's Thesis, University of Trento, 2018)
Design and implementation of a tool to detect Login Cross-Site Request Forgery in SAML SSO: G Suite case study
Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

Contacts

Links