Security & Trust

Andrea Bisegna

Andrea Bisegna Technologist

Andrea Bisegna is a technologist in the Security & Trust research unit at Fondazione Bruno Kessler.

He obtained his MSc in Telecommunication Engineering from the University of Trento in 2006 and completed his Ph.D. in Secure and Reliable Systems at the University of Genova in 2023.

He has actively contributed to numerous international and national research projects and has engaged in collaborations with industry. Recently, his focus has been on the security assessment of the OIDC profile for the CIE ID digital identity system.

His research primarily revolves around digital identity management, as well as the implementation and analysis of security protocols.

Publications

2024

  • Andrea Bisegna, Matteo Bitussi, Roberto Carbone, Luca Compagna, Silvio Ranise, Avinash Sudhodanan
    CSRFing the SSO Waves: Security Testing of SSO-Based Account Linking Process
    In: 9th IEEE European Symposium on Security and Privacy (EUROS&P 2024) (DOI, complementary material)
  • Andrea Bisegna, Matteo Bitussi, Roberto Carbone, Silvio Ranise
    Enhancing Security Testing for Identity Management Implementations: Introducing Micro-Id-Gym Language and Micro-Id-Gym Testing Tool
    In: IEEE Security & Privacy (DOI, news)

2021

  • Andrea Bisegna, Roberto Carbone, Silvio Ranise
    Integrating a Pentesting Tool for IdM Protocols in a Continuous Delivery Pipeline
    In: 4th International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2021) (DOI)

2020

  • Andrea Bisegna, Roberto Carbone, Mariano Ceccato, Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi, Emanuele Viglianisi
    Automated Assistance to the Security Assessment of API for Financial Services in book Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures
    In: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures (DOI)
  • Andrea Bisegna, Roberto Carbone, Giulio Pellizzari, Silvio Ranise
    Micro-Id-Gym: a Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory
    In: 3rd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2020) (DOI)
  • Sergio Manuel Nóbrega Gonçalves, Alessandro Tomasi, Andrea Bisegna, Giulio Pellizzari, Silvio Ranise
    Verifiable Contracting: A Use Case for Onboarding and Contract Offering in Financial Services with eIDAS and Verifiable Credentials
    In: 25th European Symposium on Research in Computer Security (DETIPS2020) (DOI)

2019

  • Andrea Bisegna, Roberto Carbone, Ivan Martini, Valentina Odorizzi, Giulio Pellizzari, Silvio Ranise
    Micro-Id-Gym: Identity Management Workouts with Container-Based Microservices
    In: International Journal of Information Security and Cybercrime (IJISP), Volume 8, Issue 1 (DOI)

Theses

  • Andrea Bisegna (PhD Thesis, University of Genoa, 2023)
    Automated Security Testing for Identity Management of Large-scale Digital Infrastructures (link)
    Supervisor: Silvio Ranise | Co-supervisor: Roberto Carbone

Projects

Former

Dissemination

2021

  • March 11, 2021 • Specialized
    Andrea Bisegna, Roberto Carbone, Marco Pernpruner, Silvio Ranise
    Scenari, approcci, esperienze di strong authentication pre e post direttiva PSD2
    Tech Talk (DedaGroup)

Supervised Theses

2024

  • Roberto Savi (Bachelor's Thesis, University of Trento, 2024)
    Integrating Pentesting Tools for Identity Management Protocols into DevSecOps: The MIG-T Use Case
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone, Laura Cristiano, Pietro De Matteis
  • Pier Guido Seno (Bachelor's Thesis, University of Trento, 2024)
    From Local to Remote: Enhancing MIG-T Pentesting Tool with SaaS for Securing Digital Identity
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone, Laura Cristiano

2023

  • Luigi Dell'Eva (Bachelor's Thesis, University of Trento, 2023)
    Chatting is Healthy: How Better Cybersecurity Hygiene can be Obtained by Integrating Chatbots with Pentesting Tools
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone, Eleonora Marchesini
  • Alessandro Biasi (Bachelor's Thesis, University of Trento, 2023)
    Syntax and Semantics of a Declarative Language for Security Testing of Browser-based Security Protocols
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2022

  • Matteo Bitussi (Bachelor's Thesis, University of Trento, 2022)
    Declarative Specification of Pentesting Strategies for Browser-based Security Protocols: the Case Studies of SAML and OAuth/OIDC
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Eleonora Marchesini (Master's Thesis, University of Trento, 2022)
    Design and Implementation of a Cybersecurity Chatbot for Identity Management Protocols: the SAML and Slack Use Case
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Sofia Zanrosso (Bachelor's Thesis, University of Trento, 2022)
    Enlarging the Pen-Test Coverage of SAML Single Sign-On Solutions with Cyber Threat Intelligence
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Michele Zucchelli (Bachelor's Thesis, University of Trento, 2022)
    Pimp My Micro-Id-Gym: Enhancing the Automation and Usability of a Security Testing Tool for Digital Identity Protocol
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Giuseppe Alessio Sciumè (Bachelor's Thesis, University of Trento, 2022)
    A Comprehensive Analysis of the OAuth 2.0 Threat Model to Develop a Chatbot Providing Actionable Security Suggestions
    Supervisor: Silvio Ranise | Co-supervisors: Roberto Carbone, Andrea Bisegna

2021

  • Wendy Barreto (Bachelor's Thesis, University of Trento, 2021)
    Design and implementation of an attack pattern language for the automated pentesting of OAuth/OIDC deployments
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Luca Bazzanella (Bachelor's Thesis, University of Trento, 2021)
    Analysis of the State of the Art of DevSecOps: The Gitlab case study
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Francesco Defilippo (Bachelor's Thesis, University of Trento, 2021)
    Attack Patterns for Pentesting SAML 2.0 Web Browser Single Sign-On deployments
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2020

  • Stefano Facchini (Bachelor's Thesis, University of Trento, 2020)
    Design and implementation of an automated tool for checking SAML SSO vulnerabilities and SPID compliance
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Giulio Pellizzari (Master's Thesis, University of Trento, 2020)
    Micro-Id-Gym: A Tool to Support Sandboxing and Automated Pentesting of Identity Management Protocols
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Claudio Grisenti (Bachelor's Thesis, University of Trento, 2020)
    A pentesting tool for OAuth and OIDC deployments
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2019

  • Lorenzo Tait (Bachelor's Thesis, University of Trento, 2019)
    A Customized Threat Modeling for Secure Deployment And Pentesting of SAML SSO Solutions
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone

2018

  • Valentina Odorizzi (Bachelor's Thesis, University of Trento, 2018)
    Progettazione e sviluppo di uno strumento per l'analisi automatica di vulnerabilità "Missing XML Validation" in SAML SSO
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Ivan Martini (Bachelor's Thesis, University of Trento, 2018)
    An automated security testing framework for SAML SSO deployments
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Giulio Pellizzari (Bachelor's Thesis, University of Trento, 2018)
    Design and implementation of a tool to detect Login Cross-Site Request Forgery in SAML SSO: G Suite case study
    Supervisor: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone