Andrea Bisegna, Roberto Carbone, Silvio Ranise Integrating a Pentesting Tool for IdM Protocols in a Continuous Delivery Pipeline
In: 4th International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2021) (DOI)
2020
Andrea Bisegna, Roberto Carbone, Mariano Ceccato, Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi, Emanuele Viglianisi Automated Assistance to the Security Assessment of API for Financial Services in book Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures
In: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures (DOI)
Andrea Bisegna, Roberto Carbone, Giulio Pellizzari, Silvio Ranise Micro-Id-Gym: a Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory
In: 3rd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2020) (DOI)
Sergio Manuel Nóbrega Gonçalves, Alessandro Tomasi, Andrea Bisegna, Giulio Pellizzari, Silvio Ranise Verifiable Contracting: A Use Case for Onboarding and Contract Offering in Financial Services with eIDAS and Verifiable Credentials
In: 25th European Symposium on Research in Computer Security (DETIPS2020) (DOI)
2019
Andrea Bisegna, Roberto Carbone, Ivan Martini, Valentina Odorizzi, Giulio Pellizzari, Silvio Ranise Micro-Id-Gym: Identity Management Workouts with Container-Based Microservices
In: International Journal of Information Security and Cybercrime (IJISP), Volume 8, Issue 1 (DOI)
March 11, 2021 •
Specialized
Andrea Bisegna, Roberto Carbone, Marco Pernpruner, Silvio Ranise Scenari, approcci, esperienze di strong authentication pre e post direttiva PSD2
Tech Talk (DedaGroup)
Supervised Theses
2023
Luigi Dell'Eva (Bachelor's Thesis, University of Trento, 2023) Chatting is Healthy: How Better Cybersecurity Hygiene can be Obtained by Integrating Chatbots with Pentesting Tools
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Alessandro Biasi (Bachelor's Thesis, University of Trento, 2023) Syntax and Semantics of a Declarative Language for Security Testing of Browser-based Security Protocols
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
2022
Matteo Bitussi (Bachelor's Thesis, University of Trento, 2022) Declarative Specification of Pentesting Strategies for Browser-based Security Protocols: the Case Studies of SAML and OAuth/OIDC
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Eleonora Marchesini (Master's Thesis, University of Trento, 2022) Design and Implementation of a Cybersecurity Chatbot for Identity Management Protocols: the SAML and Slack Use Case
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Sofia Zanrosso (Bachelor's Thesis, University of Trento, 2022) Enlarging the Pen-Test Coverage of SAML Single Sign-On Solutions with Cyber Threat Intelligence
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Michele Zucchelli (Bachelor's Thesis, University of Trento, 2022) Pimp My Micro-Id-Gym: Enhancing the Automation and Usability of a Security Testing Tool for Digital Identity Protocol
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Giuseppe Alessio Sciumè (Bachelor's Thesis, University of Trento, 2022) A Comprehensive Analysis of the OAuth 2.0 Threat Model to Develop a Chatbot Providing Actionable Security Suggestions
Supervisors: Silvio Ranise |
Co-supervisors: Roberto Carbone, Andrea Bisegna
2021
Wendy Barreto (Bachelor's Thesis, University of Trento, 2021) Design and implementation of an attack pattern language for the automated pentesting of OAuth/OIDC deployments
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Luca Bazzanella (Bachelor's Thesis, University of Trento, 2021) Analysis of the State of the Art of DevSecOps: The Gitlab case study
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Francesco Defilippo (Bachelor's Thesis, University of Trento, 2021) Attack Patterns for Pentesting SAML 2.0 Web Browser Single Sign-On deployments
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
2020
Stefano Facchini (Bachelor's Thesis, University of Trento, 2020) Design and implementation of an automated tool for checking SAML SSO vulnerabilities and SPID compliance
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Giulio Pellizzari (Master's Thesis, University of Trento, 2020) Micro-Id-Gym: A Tool to Support Sandboxing and Automated Pentesting of Identity Management Protocols
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Claudio Grisenti (Bachelor's Thesis, University of Trento, 2020) A pentesting tool for OAuth and OIDC deployments
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
2019
Lorenzo Tait (Bachelor's Thesis, University of Trento, 2019) A Customized Threat Modeling for Secure Deployment And Pentesting of SAML SSO Solutions
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
2018
Valentina Odorizzi (Bachelor's Thesis, University of Trento, 2018) Progettazione e sviluppo di uno strumento per l'analisi automatica di vulnerabilità "Missing XML Validation" in SAML SSO
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Ivan Martini (Bachelor's Thesis, University of Trento, 2018) An automated security testing framework for SAML SSO deployments
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone
Giulio Pellizzari (Bachelor's Thesis, University of Trento, 2018) Design and implementation of a tool to detect Login Cross-Site Request Forgery in SAML SSO: G Suite case study
Supervisors: Silvio Ranise |
Co-supervisors: Andrea Bisegna, Roberto Carbone