Security & Trust

Umberto Morelli

Umberto Morelli Technologist

Publications

2022

  • Tahir Ahmad, Umberto Morelli, Silvio Ranise
    Distributed Enforcement of Access Control policies in Intelligent Transportation System (ITS) for Situation Awareness
    In: 17th International Workshop on Frontiers in Availability, Reliability and Security (FARES2022) (DOI, news)
  • Stefano Berlato, Roberto Carbone, Umberto Morelli, Silvio Ranise
    End-to-End Protection of IoT Communications Through Cryptographic Enforcement of Access Control Policies
    In: Proceedings of the 36th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2022) (DOI, complementary material)

2021

  • Umberto Morelli, Ivan Vaccari, Silvio Ranise, Enrico Cambiaso
    DoS Attacks in Available MQTT Implementations: Investigating the Impact on Brokers and Devices, and supported Anti-DoS Protections.
    In: The 5th International Workshop on Security and Forensics of IoT (IoT-SECFOR 2021) (complementary material, news)
  • Tahir Ahmad, Umberto Morelli, Silvio Ranise, Nicola Zannone
    Extending access control in AWS IoT through event-driven functions: an experimental evaluation using a smart lock system
    In: International Journal of Information Security (DOI)
  • Matteo Leonelli, Umberto Morelli, Silvio Ranise, Giada Sciarretta
    Secure Pull Printing with QR Codes and National eID Cards: A Software-oriented Design and an Open-source Implementation
    In: Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy (CODASPY 2021) (DOI, complementary material, news)

2020

  • Tahir Ahmad, Umberto Morelli, Silvio Ranise
    Deploying Access Control Enforcement for IoT in the Cloud-Edge Continuum with the help of the CAP Theorem
    In: 25th ACM Symposium on Access Control Models And Technologies (SACMAT 2020) (news)

2019

  • Umberto Morelli, Silvio Ranise, Lorenzo Nicolodi
    An Open and Flexible CyberSecurity Training Laboratory in IT/OT Infrastructures
    In: 1st Model-driven Simulation and Training Environments for Cybersecurity Workshop (MSTEC 2019) (DOI, news)
  • Umberto Morelli, Silvio Ranise, Damiano Sartori, Giada Sciarretta, Alessandro Tomasi
    Audit-Based Access Control with a Distributed Ledger: Applications to Healthcare Organizations
    In: 15th International Workshop on Security and Trust Management (STM 2019) (DOI, news)
  • Andrea Palmieri, Paolo Prem, Silvio Ranise, Umberto Morelli, Tahir Ahmad
    MQTTSA: A Tool for Automatically Assisting the Secure Deployments of MQTT brokers
    In: IEEE SERVICES Workshop on Cyber Security & Resilience in the Internet of Things (IEEE SERVICES CSRIoT 2019) (DOI, news)

2018

  • Tahir Ahmad, Umberto Morelli, Silvio Ranise, Nicola Zannone
    A Lazy Approach to Access Control as a Service (ACaaS) for IoT: An AWS Case Study
    In: 23rd ACM Symposium on Access Control Models And Technologies (SACMAT 2018) (DOI, news)

2017

  • Umberto Morelli, Silvio Ranise
    Assisted Authoring, Analysis and Enforcement of Access Control Policies in the Cloud
    In: 32nd International Conference on ICT Systems Security and Privacy Protection (IFIPSEC 2017) (DOI, news)
  • Avinash Sudhodanan, Roberto Carbone, Luca Compagna, Nicolas Dolgin, Alessandro Armando, Umberto Morelli
    Large-scale Analysis & Detection of Authentication Cross-Site Request Forgeries
    In: 2nd IEEE European Symposium on Security and Privacy (EUROS&P 2017) (DOI, news)

Dissemination

2023

  • March 26, 2023 • Specialized
    Umberto Morelli
    Identity and ABAC in AWS and Azure
    Workshop for the "Fog and Cloud Computing" Master Course at UniTN

2021

  • September 24, 2021 • General
    Salvatore Manfredi, Umberto Morelli, Giada Sciarretta, Alessandro Tomasi
    Siamo al sicuro? Mettiamoci alla prova! Avvicinamento alla sicurezza informatica
    Notte dei Ricercatori 2021 (Event)

2019

  • October 5, 2019 • General
    Umberto Morelli
    Come comunicano gli oggetti smart? Lo fanno in maniera sicura?
    ISACA 2019
  • September 27, 2019 • General
    Salvatore Manfredi, Umberto Morelli, Alessandro Tomasi
    Ti senti al sicuro? Sicurezza online, identità digitale e uso della carta d'identità elettronica
    Notte dei Ricercatori 2019 (Event, Program)
  • March 21, 2019 • Specialized
    Umberto Morelli
    Blockchain and distributed ledger technologies: Risks and opportunities for healthcare
    LawTech IT seminars
  • February 18-22, 2019 • School
    Matteo Leonelli, Salvatore Manfredi, Umberto Morelli, Giada Sciarretta, Silvio Ranise
    Pro[M] Camp 2019
    Pro[M] Camp 2019 (Event)

2018

  • June 27, 2018 • School
    Umberto Morelli
    Blockchain and distributed ledger technologies: Risks and opportunities for healthcare
    Webvalley

Supervised Theses

2022

  • Stefano Da Roit (Bachelor's Thesis, University of Trento, 2022)
    Automated Detection of DoS Attacks in MQTT 5.0 Brokers
    Supervisors: Silvio Ranise | Co-supervisor: Umberto Morelli

2021

  • Matteo Leonelli (Bachelor's Thesis, University of Trento, 2021)
    Open and Cross-platform Ecosystem for Enterprise Services: Secure and Authenticated Access with the use of Italian Identity Cards and FIDO
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli
  • Lorenzo Bellesso (Postgraduate Thesis, University of Genoa, 2021)
    Implementazione di una soluzione di generazione e rilascio credenziali in ambito IoT fondata sull'uso della Carta d'Identità Elettronica (CIE)
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli

2019

  • Carlotta Tagliaro (Bachelor's Thesis, University of Trento, 2019)
    Security and Performance tradeoffs in the Internet of Things
    Supervisors: Silvio Ranise | Co-supervisor: Umberto Morelli
    Awards: 4th place at thesis award "Innovare la sicurezza delle informazioni 2020", sponsored by CLUSIT

2018

  • Mirko Schicchi (Bachelor's Thesis, 2018)
    IOTA and the Internet of Things: A possible solution for autonomous driving vehicles
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli, Alessandro Tomasi
  • Enrico Donatoni (Bachelor's Thesis, University of Trento, 2018)
    Blockchain in Finance: a comparison of Ripple, Quorum and Corda
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli, Alessandro Tomasi
  • Damiano Sartori (Bachelor's Thesis, University of Trento, 2018)
    Attribute Based Access Control over a Hyperledger Fabric Network: An application for Electronic Health Records
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli, Alessandro Tomasi