Giada Sciarretta
Researcher
Publications
2022 (5)
-
Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
A Modular and Extensible Framework for Securing TLS
In: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy (CODASPY 2022) (DOI, news)
-
Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
Demo: TLSAssistant v2 - A Modular and Extensible Framework for Securing TLS
In: Proceedings of the 27th ACM Symposium on Access Control Models and Technologies (SACMAT 2022) (DOI, news)
-
Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
Empirical Validation on the Usability of Security Reports for Patching TLS Misconfigurations: User- and Case-Studies on Actionable Mitigations
In: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA) (DOI)
-
Amir Sharif, Matteo Ranzi, Roberto Carbone, Giada Sciarretta, Silvio Ranise
SoK: A Survey on Technological Trends for (pre)Notified eIDAS Electronic Identity Schemes
In: 17th International Workshop on Frontiers in Availability, Reliability and Security (FARES2022) (DOI, complementary material, news)
-
Amir Sharif, Matteo Ranzi, Roberto Carbone, Giada Sciarretta, Francesco Antonio Marino, Silvio Ranise
The eIDAS Regulation: A Survey of Technological Trends for European Electronic Identity Schemes
In: MDPI Journal of Applied Science (APPLSCI) (DOI, complementary material, news)
2021 (4)
-
Marco Pernpruner, Giada Sciarretta, Silvio Ranise
A Framework for Security and Risk Analysis of Enrollment Procedures: Application to Fully-Remote Solutions Based on eDocuments
In: 18th International Conference on Security and Cryptography (SECRYPT 2021) (DOI, complementary material)
-
Amir Sharif, Roberto Carbone, Giada Sciarretta, Silvio Ranise
Best Current Practices for OAuth/OIDC Native Apps: A Study of their Adoption in Popular Providers and Top-Ranked Android Clients
In: Journal of Information Security and Applications (JISA) (DOI, news)
-
Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
Do Security Reports Meet Usability? - Lessons Learned from Using Actionable Mitigations for Patching TLS Misconfigurations
In: The 16th International Conference on Availability, Reliability and Security (ARES 2021) (ETACS 2021) (DOI, complementary material, news)
-
Matteo Leonelli, Umberto Morelli, Silvio Ranise, Giada Sciarretta
Secure Pull Printing with QR Codes and National eID Cards: A Software-oriented Design and an Open-source Implementation
In: Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy (CODASPY 2021) (DOI, complementary material, news)
2020 (5)
-
Amir Sharif, Roberto Carbone, Giada Sciarretta, Silvio Ranise
Automated and Secure Integration of the OpenID Connect iGov Profile in Mobile Native Applications
In: 3rd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2020) (DOI, complementary material)
-
Andrea Bisegna, Roberto Carbone, Mariano Ceccato, Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi, Emanuele Viglianisi
Automated Assistance to the Security Assessment of API for Financial Services in book Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures
In: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures (DOI)
-
Roberto Carbone, Silvio Ranise, Giada Sciarretta, Luca ViganĂ²
Formal Analysis of Mobile Multi-Factor Authentication with Single Sign-On Login
In: ACM Transactions on Privacy and Security (TOPS) (DOI, complementary material, news)
-
Marco Pernpruner, Roberto Carbone, Silvio Ranise, Giada Sciarretta
The Good, the Bad and the (Not So) Ugly of Out-Of-Band Authentication with eID Cards and Push Notifications: Design, Formal and Risk Analysis
In: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy (CODASPY 2020) (DOI, complementary material, news)
-
Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi
TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
In: 1st International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP 2020)
2019 (5)
-
Amir Sharif, Roberto Carbone, Silvio Ranise, Giada Sciarretta
A Wizard-Based Approach for Secure Code Generation of Single Sign-On and Access Delegation Solutions for Mobile Native Apps
In: 16th International Conference on Security and Cryptography (SECRYPT 2019) (DOI, complementary material, news)
-
Umberto Morelli, Silvio Ranise, Damiano Sartori, Giada Sciarretta, Alessandro Tomasi
Audit-Based Access Control with a Distributed Ledger: Applications to Healthcare Organizations
In: 15th International Workshop on Security and Trust Management (STM 2019) (DOI, news)
-
Sergii Kushch, Silvio Ranise, Giada Sciarretta
Blockchain Tree for eHealth
In: 2019 IEEE Global Conference on Internet of Things (GCIoT 2019) (DOI)
-
Silvio Ranise, Giada Sciarretta, Alessandro Tomasi
Enroll, and authentication will follow: eID-based enrollment for a customized, secure, and frictionless authentication experience
In: 12th International Symposium on Foundations & Practice of Security (FPS 2019) (DOI, news)
-
Salvatore Manfredi, Silvio Ranise, Giada Sciarretta
Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations
In: Proceedings of the 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2019), vol. 11559, pp. 201-220 (DOI, news)
2018 (2)
-
Roberto Carbone, Silvio Ranise, Giada Sciarretta
Design and Security Assessment of Usable Multi-factor Authentication and Single Sign-On Solutions for Mobile Applications
In: Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data (DOI)
-
Giada Sciarretta, Roberto Carbone, Silvio Ranise, Luca ViganĂ²
Design, Formal Specification and Analysis of Multi-Factor Authentication Solutions with a Single Sign-On Experience
In: Principles of Security and Trust (POST 2018) (DOI, news)
2017 (1)
-
Giada Sciarretta, Roberto Carbone, Silvio Ranise, Alessandro Armando
Anatomy of the Facebook solution for mobile single sign-on: Security assessment and improvements
In: Computers & Security Journal (COSE), Volume 71, November 2017, Pages 71-86 (DOI)
2016 (2)
-
Giada Sciarretta, Roberto Carbone, Silvio Ranise
A delegated authorization solution for smart-city mobile applications
In: 2nd International Forum on Research and Technologies for Society and Industry (RTSI 2016) (DOI)
-
Giada Sciarretta, Alessandro Armando, Roberto Carbone, Silvio Ranise
Security of Mobile Single Sign-On: a Rational Reconstruction of Facebook Login Solution
In: 13th International Conference on Security and Cryptography (SECRYPT 2016) (DOI, news)