Security & Trust


F&C CIE Autenticazione con CIE


The Italian Electronic Identity Card (CIE 3.0) allows citizens to authenticate securely to online services of institutions and public administrations. The objective of this project is to update eIDAS-notified scenarios with security assessment of the newly implemented functionalities (e.g., analysis of the TLS configuration, OWASP analysis of the CIE Id app) and design of possible evolutions (e.g., multiple CIE support on the same device, PUK Recovery).


  • Period: from 01/04/2021 until 31/03/2022.

Related Tools

Related Publications

  • Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
    Empirical Validation on the Usability of Security Reports for Patching TLS Misconfigurations: User- and Case-Studies on Actionable Mitigations
    In: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA) (DOI)
  • Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
    Demo: TLSAssistant v2 - A Modular and Extensible Framework for Securing TLS
    In: Proceedings of the 27th ACM Symposium on Access Control Models and Technologies (SACMAT 2022) (DOI, news)
  • Andrea Bisegna, Roberto Carbone, Silvio Ranise
    Integrating a Pentesting Tool for IdM Protocols in a Continuous Delivery Pipeline
    In: 4th International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2021) (DOI)
  • Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
    Do Security Reports Meet Usability? - Lessons Learned from Using Actionable Mitigations for Patching TLS Misconfigurations
    In: The 16th International Conference on Availability, Reliability and Security (ARES 2021) (ETACS 2021) (DOI, complementary material, news)