Center for Cybersecurity

Silvio Ranise

Silvio Ranise Director of Center

Silvio Ranise is the director of the Center for Cybersecurity at Fondazione Bruno Kessler and a full professor of Computer Science at the University of Trento Department of Mathematics.

As part of a joint Italy-France program, in 2002 he obtained a doctorate in Computer Engineering from the University of Genoa (Italy) and the Henri Poincaré University (Nancy, France). He has been a researcher at the INRIA-National Institute for Research in Digital Science and Technology, visiting professor at the Computer Science Department of the University of Milan and senior researcher at Fondazione Bruno Kessler. For 10 years at FBK, in close collaboration with researchers, technologists and students, he has been involved in research and innovation for digital identity, cloud-edge computing security, applied cryptography and automation of security analysis, compliance, and risk assessment.

He has published more than 100 articles in international conferences and journals, and has been principal investigator for European projects and industrial collaborations.

Among his main projects and collaborations are:

  • Since 2017, the collaboration with IPZS-Istituto Poligrafico e Zecca dello Stato focuses on various issues including digital identity and in particular Electronic Identity Card-based digital identity (CIE 3.0);
  • Since 2021, the Cyber Threat Intelligence project with the Gruppo Cassa Centrale Banca (and the support of Allitude) aims to consolidate the Group’s cybersecurity protection thanks to the contextualization of attacks on services in such a way as to organize possible defense strategies quickly and effective;
  • Participation (both as a partner and as a coordinator) in EIT Digital projects and EU projects including the H2020 project “FINSEC: Integrated Framework for Predictive and Collaborative Security of Financial Infrastructures” for infrastructure and financial services security and the most recent ISFP-2020 PROTECTOR, in collaboration with other FBK centers, which aims to protect places of worship from acts of terrorism and hatred.

Publications

2024

  • Stefano Berlato, Silvio Cretti, Domenico Siracusa, Silvio Ranise
    Multi-Objective Microservice Orchestration: Balancing Security and Performance in CCAM
    In: 27th Conference on Innovation in Clouds, Internet and Networks (ICIN 2024) (DOI)
  • Stefano Berlato, Silvio Cretti, Domenico Siracusa, Silvio Ranise
    Multi-Objective Microservice Orchestration: Balancing Security and Performance in CCAM
    In: Proceedings of 27th Conference on Innovation in Clouds, Internet and Networks (ICIN) (DOI)
  • Andrea Flamini, Giada Sciarretta, Mario Scuro, Amir Sharif, Alessandro Tomasi, Silvio Ranise
    On Cryptographic Mechanisms for the Selective Disclosure of Verifiable Credentials
    In: Journal of Information Security and Applications (JISA) (DOI, news)

2023

  • Andrea Flamini, Silvio Ranise, Giada Sciarretta, Mario Scuro, Amir Sharif, Alessandro Tomasi
    A First Appraisal of Cryptographic Mechanisms for the Selective Disclosure of Verifiable Credentials
    In: 20th International Conference on Security and Cryptography (SECRYPT 2023) (DOI)
  • Marco Pernpruner, Roberto Carbone, Giada Sciarretta, Silvio Ranise
    An Automated Multi-Layered Methodology to Assist the Secure and Risk-Aware Design of Multi-Factor Authentication Protocols
    In: IEEE Transactions on Dependable and Secure Computing (TDSC) (DOI, complementary material, news)
  • Gianluca Sassetti, Amir Sharif, Giada Sciarretta, Roberto Carbone, Silvio Ranise
    Assurance, Consent and Access Control for Privacy-Aware OIDC Deployments
    In: Proceedings of the 37th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2023) (DOI, news)
  • Zahra Ebadi Ansaroudi, Roberto Carbone, Giada Sciarretta, Silvio Ranise
    Control is Nothing Without Trust a First Look into Digital Identity Wallet Trends
    In: Proceedings of the 37th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2023) (DOI)
  • Amir Sharif, Francesco Antonio Marino, Giada Sciarretta, Giuseppe De Marco, Roberto Carbone, Silvio Ranise
    Cross-Domain Sharing of User Claims: A Design Proposal for OpenID Connect Attribute Authorities
    In: 18th International Conference on Availability, Reliability and Security (ARES 2023) (DOI, news)
  • Majid Mollaeefar, Silvio Ranise
    Identifying and Quantifying Trade-offs in Multi-Stakeholder Risk Evaluation with Applications to the Data Protection Impact Assessment of the GDPR
    In: Computers & Security Journal (COSE) (DOI, news)
  • Cecilia Pasquini, Marco Pernpruner, Giada Sciarretta, Silvio Ranise
    Towards a Fine-Grained Threat Model for Video-Based Remote Identity Proofing
    In: ECML/PKDD 2023 Post-Workshops and Tutorials Proceedings (news)

2022

  • Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
    A Modular and Extensible Framework for Securing TLS
    In: Proceedings of the Twelfth ACM Conference on Data and Application Security and Privacy (CODASPY 2022) (DOI, news)
  • Matteo Rizzi, Salvatore Manfredi, Giada Sciarretta, Silvio Ranise
    Demo: TLSAssistant v2 - A Modular and Extensible Framework for Securing TLS
    In: Proceedings of the 27th ACM Symposium on Access Control Models and Technologies (SACMAT 2022) (DOI, news)
  • Tahir Ahmad, Umberto Morelli, Silvio Ranise
    Distributed Enforcement of Access Control policies in Intelligent Transportation System (ITS) for Situation Awareness
    In: 17th International Workshop on Frontiers in Availability, Reliability and Security (FARES2022) (DOI, news)
  • Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
    Empirical Validation on the Usability of Security Reports for Patching TLS Misconfigurations: User- and Case-Studies on Actionable Mitigations
    In: Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA) (DOI)
  • Stefano Berlato, Roberto Carbone, Umberto Morelli, Silvio Ranise
    End-to-End Protection of IoT Communications Through Cryptographic Enforcement of Access Control Policies
    In: Proceedings of the 36th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2022) (DOI)
  • Amir Sharif, Matteo Ranzi, Roberto Carbone, Giada Sciarretta, Silvio Ranise
    SoK: A Survey on Technological Trends for (pre)Notified eIDAS Electronic Identity Schemes
    In: 17th International Workshop on Frontiers in Availability, Reliability and Security (FARES2022) (DOI, complementary material, news)
  • Amir Sharif, Matteo Ranzi, Roberto Carbone, Giada Sciarretta, Francesco Antonio Marino, Silvio Ranise
    The eIDAS Regulation: A Survey of Technological Trends for European Electronic Identity Schemes
    In: MDPI Journal of Applied Science (APPLSCI) (DOI, complementary material, news)

2021

  • Marco Pernpruner, Giada Sciarretta, Silvio Ranise
    A Framework for Security and Risk Analysis of Enrollment Procedures: Application to Fully-Remote Solutions Based on eDocuments
    In: 18th International Conference on Security and Cryptography (SECRYPT 2021) (DOI, complementary material)
  • Biniam Fisseha Demissie, Silvio Ranise
    Assessing the Effectiveness of the Shared Responsibility Model for Cloud Databases: the Case of Google's Firebase
    In: IEEE International Conference on Smart Data Services (SMDS 2021) (news)
  • Salimeh Dashti, Amir Sharif, Roberto Carbone, Silvio Ranise
    Automated Risk Assessment and What-if Analysis of OpenID Connect and OAuth 2.0 Deployments
    In: Proceedings of the 35th Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2021) (news)
  • Amir Sharif, Roberto Carbone, Giada Sciarretta, Silvio Ranise
    Best Current Practices for OAuth/OIDC Native Apps: A Study of their Adoption in Popular Providers and Top-Ranked Android Clients
    In: Journal of Information Security and Applications (JISA) (DOI, news)
  • Andreas Heider-Aviet, Danny Roswin Ollik, Stefano Berlato, Silvio Ranise, Roberto Carbone, Van Thanh Le, Nabil El Ioini, Claus Pahl, Hamid R. Berzegar
    Blockchain Based RAN Data Sharing
    In: IEEE International Conference on Smart Data Services (SMDS 2021) (DOI)
  • Stefano Berlato, Roberto Carbone, Silvio Ranise
    Cryptographic Enforcement of Access Control Policies in the Cloud: Implementation and Experimental Assessment
    In: 18th International Conference on Security and Cryptography (SECRYPT 2021)
  • Salvatore Manfredi, Mariano Ceccato, Giada Sciarretta, Silvio Ranise
    Do Security Reports Meet Usability? - Lessons Learned from Using Actionable Mitigations for Patching TLS Misconfigurations
    In: The 16th International Conference on Availability, Reliability and Security (ARES 2021) (ETACS 2021) (DOI, complementary material, news)
  • Umberto Morelli, Ivan Vaccari, Silvio Ranise, Enrico Cambiaso
    DoS Attacks in Available MQTT Implementations: Investigating the Impact on Brokers and Devices, and supported Anti-DoS Protections.
    In: The 5th International Workshop on Security and Forensics of IoT (IoT-SECFOR 2021) (complementary material, news)
  • Tahir Ahmad, Umberto Morelli, Silvio Ranise, Nicola Zannone
    Extending access control in AWS IoT through event-driven functions: an experimental evaluation using a smart lock system
    In: International Journal of Information Security (DOI)
  • Andrea Bisegna, Roberto Carbone, Silvio Ranise
    Integrating a Pentesting Tool for IdM Protocols in a Continuous Delivery Pipeline
    In: 4th International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2021) (DOI)
  • Marco Centenaro, Stefano Berlato, Roberto Carbone, Gianfranco Burzio, Giuseppe Faranda Cordella, Roberto Riggio, Silvio Ranise
    Safety-Related Cooperative, Connected, and Automated Mobility Services: Interplay Between Functional and Security Requirements
    In: IEEE Vehicular Technology Magazine, Volume 16, Issue 4, December 2021, Pages 78-88 (DOI)
  • Matteo Leonelli, Umberto Morelli, Silvio Ranise, Giada Sciarretta
    Secure Pull Printing with QR Codes and National eID Cards: A Software-oriented Design and an Open-source Implementation
    In: Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy (CODASPY 2021) (DOI, complementary material, news)
  • Stefano Berlato, Marco Centenaro, Silvio Ranise
    Smart Card-Based Identity Management Protocols for V2V and V2I Communications in CCAM: a Systematic Literature Review
    In: IEEE Transactions on Intelligent Transportation Systems (T-ITS) (DOI, news)

2020

  • Mauro Conti, Pallavi Kaliyar, Md Masoom Rabbani, Silvio Ranise
    Attestation-enabled secure and scalable routing protocol for IoT networks
    In: Ad Hoc Networks (DOI)
  • Amir Sharif, Roberto Carbone, Giada Sciarretta, Silvio Ranise
    Automated and Secure Integration of the OpenID Connect iGov Profile in Mobile Native Applications
    In: 3rd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2020) (DOI, complementary material)
  • Andrea Bisegna, Roberto Carbone, Mariano Ceccato, Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi, Emanuele Viglianisi
    Automated Assistance to the Security Assessment of API for Financial Services in book Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures
    In: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures (DOI)
  • Tahir Ahmad, Umberto Morelli, Silvio Ranise
    Deploying Access Control Enforcement for IoT in the Cloud-Edge Continuum with the help of the CAP Theorem
    In: 25th ACM Symposium on Access Control Models And Technologies (SACMAT 2020) (news)
  • Stefano Berlato, Roberto Carbone, Adam J. Lee, Silvio Ranise
    Exploring Architectures for Cryptographic Access Control Enforcement in the Cloud for Fun and Optimization
    In: 15th ACM ASIA Conference on Computer and Communications Security (ASIACCS 2020) (DOI)
  • Roberto Carbone, Silvio Ranise, Giada Sciarretta, Luca Viganò
    Formal Analysis of Mobile Multi-Factor Authentication with Single Sign-On Login
    In: ACM Transactions on Privacy and Security (TOPS) (DOI, complementary material, news)
  • Stefano Berlato, Roberto Carbone, Adam J. Lee, Silvio Ranise
    Formal Modelling and Automated Trade-Off Analysis of Enforcement Architectures for Cryptographic Access Control in the Cloud
    In: ACM Transactions on Privacy and Security (TOPS)
  • Andrea Bisegna, Roberto Carbone, Giulio Pellizzari, Silvio Ranise
    Micro-Id-Gym: a Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory
    In: 3rd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA2020) (DOI)
  • Majid Mollaeefar, Alberto Siena, Silvio Ranise
    Multi-Stakeholder Cybersecurity Risk Assessment for Data Protection
    In: 17th International Conference on Security and Cryptography (SECRYPT 2020) (DOI)
  • Edlira Dushku, Md Masoom Rabbani, Mauro Conti, Luigi V. Mancini, Silvio Ranise
    SARA: Secure Asynchronous Remote Attestation for IoT Systems
    In: IEEE Transactions on Information Forensics and Security (TIFS) (DOI)
  • Marco Centenaro, Stefano Berlato, Roberto Carbone, Gianfranco Burzio, Giuseppe Faranda Cordella, Silvio Ranise, Roberto Riggio
    Security Considerations on 5G-Enabled Back-Situation Awareness for CCAM
    In: 3rd IEEE 5G World Forum (5GWF20) (news)
  • Marco Pernpruner, Roberto Carbone, Silvio Ranise, Giada Sciarretta
    The Good, the Bad and the (Not So) Ugly of Out-Of-Band Authentication with eID Cards and Push Notifications: Design, Formal and Risk Analysis
    In: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy (CODASPY 2020) (DOI, complementary material, news)
  • Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi
    TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
    In: 1st International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP 2020)
  • Sergio Manuel Nóbrega Gonçalves, Alessandro Tomasi, Andrea Bisegna, Giulio Pellizzari, Silvio Ranise
    Verifiable Contracting: A Use Case for Onboarding and Contract Offering in Financial Services with eIDAS and Verifiable Credentials
    In: 25th European Symposium on Research in Computer Security (DETIPS2020) (DOI)

2019

  • Salimeh Dashti, Silvio Ranise
    A Tool-assisted Methodology for the Data Protection Impact Assessment
    In: 16th International Conference on Security and Cryptography (SECRYPT 2019) (DOI, news)
  • Amir Sharif, Roberto Carbone, Silvio Ranise, Giada Sciarretta
    A Wizard-Based Approach for Secure Code Generation of Single Sign-On and Access Delegation Solutions for Mobile Native Apps
    In: 16th International Conference on Security and Cryptography (SECRYPT 2019) (DOI, complementary material, news)
  • Umberto Morelli, Silvio Ranise, Lorenzo Nicolodi
    An Open and Flexible CyberSecurity Training Laboratory in IT/OT Infrastructures
    In: 1st Model-driven Simulation and Training Environments for Cybersecurity Workshop (MSTEC 2019) (DOI, news)
  • Umberto Morelli, Silvio Ranise, Damiano Sartori, Giada Sciarretta, Alessandro Tomasi
    Audit-Based Access Control with a Distributed Ledger: Applications to Healthcare Organizations
    In: 15th International Workshop on Security and Trust Management (STM 2019) (DOI, news)
  • Sergii Kushch, Silvio Ranise, Giada Sciarretta
    Blockchain Tree for eHealth
    In: 2019 IEEE Global Conference on Internet of Things (GCIoT 2019) (DOI)
  • Silvio Ranise, Giada Sciarretta, Alessandro Tomasi
    Enroll, and authentication will follow: eID-based enrollment for a customized, secure, and frictionless authentication experience
    In: 12th International Symposium on Foundations & Practice of Security (FPS 2019) (DOI, news)
  • Giovanni Maria Abbiati, Silvio Ranise, Antonio Schizzerotto, Alberto Siena
    Learning from Others' Mistakes: An Analysis of Cyber-security Incidents
    In: 4th International Conference on Internet of Things, Big Data and Security (IoTBDS 2019) (DOI)
  • Salvatore Manfredi, Silvio Ranise, Giada Sciarretta
    Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations
    In: Proceedings of the 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy (DBSec 2019), vol. 11559, pp. 201-220 (DOI, news)
  • Andrea Bisegna, Roberto Carbone, Ivan Martini, Valentina Odorizzi, Giulio Pellizzari, Silvio Ranise
    Micro-Id-Gym: Identity Management Workouts with Container-Based Microservices
    In: International Journal of Information Security and Cybercrime (IJISP), Volume 8, Issue 1 (DOI)
  • Andrea Palmieri, Paolo Prem, Silvio Ranise, Umberto Morelli, Tahir Ahmad
    MQTTSA: A Tool for Automatically Assisting the Secure Deployments of MQTT brokers
    In: IEEE SERVICES Workshop on Cyber Security & Resilience in the Internet of Things (IEEE SERVICES CSRIoT 2019) (DOI, news)
  • Federico Sinigaglia, Roberto Carbone, Gabriele Costa, Silvio Ranise
    MuFASA: A Tool for High-level Specification and Analysis of Multi-factor Authentication Protocols
    In: Emerging Technologies for Authorization and Authentication (ETAA 2019) (DOI, complementary material, news)

2018

  • Tahir Ahmad, Umberto Morelli, Silvio Ranise, Nicola Zannone
    A Lazy Approach to Access Control as a Service (ACaaS) for IoT: An AWS Case Study
    In: 23rd ACM Symposium on Access Control Models And Technologies (SACMAT 2018) (DOI, news)
  • Silvio Ranise, Tuan Anh Truong, Luca Viganò
    Automated and efficient analysis of administrative temporal RBAC policies with role hierarchies
    In: Journal of Computer Security (JCS) (DOI)
  • Roberto Carbone, Silvio Ranise, Giada Sciarretta
    Design and Security Assessment of Usable Multi-factor Authentication and Single Sign-On Solutions for Mobile Applications
    In: Privacy and Identity Management. Fairness, Accountability, and Transparency in the Age of Big Data (DOI)
  • Giada Sciarretta, Roberto Carbone, Silvio Ranise, Luca Viganò
    Design, Formal Specification and Analysis of Multi-Factor Authentication Solutions with a Single Sign-On Experience
    In: Principles of Security and Trust (POST 2018) (DOI, news)
  • Md Masoom Rabbani, Silvio Ranise
    PADS: Practical Attestation for Highly Dynamic Swarm Topologies
    In: 7th International Workshop on Secure Internet of Things (SIoT 2018) (DOI)
  • Clara Bertolissi, Daniel Ricardo dos Santos, Silvio Ranise
    Solving Multi-Objective Workflow Satisfiability Problems with Optimization Modulo Theories Techniques
    In: 23rd ACM Symposium on Access Control Models And Technologies (SACMAT 2018) (DOI)
  • Mauro Conti, Pallavi Kaliyar, Md Masoom Rabbani, Silvio Ranise
    SPLIT: A Secure and Scalable RPL routing protocol for Internet of Things
    In: 7th International Workshop on Secure Internet of Things (SIoT 2018) (DOI)
  • Tahir Ahmad, Silvio Ranise
    Validating Requirements of Access Control for Cloud-Edge IoT Solutions
    In: 11th International Symposium on Foundations & Practice of Security (FPS 2018) (DOI, news)

2017

  • Luca Compagna, Daniel Ricardo dos Santos, Serena Elisa Ponta, Silvio Ranise
    Aegis: Automatic Enforcement of Security Policies in Workflow-driven Web Applications
    In: Proceedings of the Seventh ACM Conference on Data and Application Security and Privacy (CODASPY 2017) (DOI)
  • Giada Sciarretta, Roberto Carbone, Silvio Ranise, Alessandro Armando
    Anatomy of the Facebook solution for mobile single sign-on: Security assessment and improvements
    In: Computers & Security Journal (COSE), Volume 71, November 2017, Pages 71-86 (DOI)
  • Umberto Morelli, Silvio Ranise
    Assisted Authoring, Analysis and Enforcement of Access Control Policies in the Cloud
    In: 32nd International Conference on ICT Systems Security and Privacy Protection (IFIPSEC 2017) (DOI, news)
  • Silvio Ranise, Hari Siswantoro
    Automated Legal Compliance Checking by Security Policy Analysis
    In: International Conference on Computer Safety, Reliability, and Security (SAFECOMP 2017) (DOI)
  • Daniel Ricardo dos Santos, Silvio Ranise, Luca Compagna, Serena Elisa Ponta
    Automatically finding execution scenarios to deploy security-sensitive workflows
    In: Journal of Computer Security (JCS), Volume 25, no. 3, Pages 255-282 (DOI)
  • Fatih Turkmen, Jerry Den Hartog, Silvio Ranise, Nicola Zannone
    Formal analysis of XACML policies using SMT
    In: Computers & Security Journal (COSE), Volume 66, May 2017, Pages 185-203 (DOI)
  • Daniel Ricardo dos Santos, Silvio Ranise
    On Run-Time Enforcement of Authorization Constraints in Security-Sensitive Workflows
    In: 15th International Conference on Software Engineering and Formal Methods (SEFM 2017) (DOI)
  • Tuan Anh Truong, Silvio Ranise, Thanh-Tung Nguyen
    Scalable Automated Analysis of Access Control and Privacy Policies
    In: Transactions on Large-Scale Data- and Knowledge-Centered Systems (TLDKS), Volume XXXVI (DOI)
  • Paolo Guarda, Silvio Ranise, Hari Siswantoro
    Security Analysis and Legal Compliance Checking for the Design of Privacy-friendly Information Systems
    In: 22nd ACM Symposium on Access Control Models And Technologies (SACMAT 2017) (DOI)
  • Moreno Ambrosin, Mauro Conti, Riccardo Lazzaretti, Md Masoom Rabbani, Silvio Ranise
    Toward secure and efficient attestation for highly dynamic swarms
    In: 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks (WiSec 2017) (DOI)

2016

  • Giada Sciarretta, Roberto Carbone, Silvio Ranise
    A delegated authorization solution for smart-city mobile applications
    In: 2nd International Forum on Research and Technologies for Society and Industry (RTSI 2016) (DOI)
  • Tuan Anh Truong, Silvio Ranise
    ASASPXL: New Clother for Analysing ARBAC Policies
    In: 3rd International Conference on Future Data and Security Engineering (FDSE 2016) (DOI)
  • Luca Compagna, Daniel Ricardo dos Santos, Serena Elisa Ponta, Silvio Ranise
    Cerberus: Automated Synthesis of Enforcement Mechanisms for Security-Sensitive Business Processes
    In: 22nd International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS 2016) (DOI)
  • Daniel Ricardo dos Santos, Serena Elisa Ponta, Silvio Ranise
    Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem
    In: 21st ACM Symposium on Access Control Models And Technologies (SACMAT 2016) (DOI)
  • Silvio Ranise, Riccardo Traverso, Tuan Anh Truong
    Parameterized model checking for security policy analysis
    In: International Journal on Software Tools for Technology Transfer (STTT) (DOI)
  • Giada Sciarretta, Alessandro Armando, Roberto Carbone, Silvio Ranise
    Security of Mobile Single Sign-On: a Rational Reconstruction of Facebook Login Solution
    In: 13th International Conference on Security and Cryptography (SECRYPT 2016) (DOI, news)
  • Alessandro Armando, Silvio Ranise, Riccardo Traverso, Konrad Wrona
    SMT-based Enforcement and Analysis of NATO Content-based Protection and Release Policies
    In: 1st International Workshop on Attribute Based Access Control (ABAC 2016) (DOI, news)

2015

  • Riccardo De Masellis, Chiara Ghidini, Silvio Ranise
    A Declarative Framework for Specifying and Enforcing Purpose-Aware Policies
    In: 11th International Workshop on Security and Trust Management (STM 2015) (DOI)
  • Alessandro Armando, Silvio Ranise, Riccardo Traverso, Konrad Wrona
    A SMT-based Tool for the Analysis and Enforcement of NATO Content-based Protection and Release Policies
    In: Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (SACMAT 2015) (SACMAT 2015) (DOI)
  • Fatih Turkmen, Jerry Den Hartog, Silvio Ranise, Nicola Zannone
    Analysis of XACML Policies with SMT
    In: Principles of Security and Trust (POST 2015) (DOI)
  • Daniel Ricardo dos Santos, Silvio Ranise, Luca Compagna, Serena Elisa Ponta
    Assisting the Deployment of Security-Sensitive Workflows by Finding Execution Scenarios
    In: 29th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2015) (DOI, news)
  • Silvio Ranise, Tuan Anh Truong, Luca Viganò
    Automated analysis of RBAC policies with temporal constraints and static role hierarchies
    In: Proceedings of the 30th Annual ACM Symposium on Applied Computing (SAC 2015) (DOI)
  • Clara Bertolissi, Daniel Ricardo dos Santos, Silvio Ranise
    Automated Synthesis of Run-time Monitors to Enforce Authorization Policies in Business Processes
    In: 10th ACM Symposium on Information, Computer and Communications Security (ASIACCS2015) (DOI, news)
  • Alessandro Armando, Silvio Ranise, Riccardo Traverso, Konrad Wrona
    Compiling NATO authorization policies for enforcement in the cloud and SDNs
    In: 2015 IEEE Conference on Communications and Network Security (CNS) (DOI)
  • Alessandro Armando, Gianluca Bocci, Gabriele Costa, Rocco Mammoliti, Alessio Merlo, Silvio Ranise, Riccardo Traverso, Andrea Valenza
    Mobile App Security Assessment with the MAVeriC Dynamic Analysis Module
    In: 29th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2015) (DOI, news)
  • Worachet Uttha, Clara Bertolissi, Silvio Ranise
    Modeling Authorization Policies for Web Services in Presence of Transitive Dependencies
    In: Proceedings of the 12th International Conference on Security and Cryptography (SECRYPT 2015) (DOI)

2014

  • Silvio Ranise, Riccardo Traverso
    ALPS: An Action Language for Policy Specification and Automated Safety Analysis
    In: 10th International Workshop on Security and Trust Management (STM 2014) (DOI)
  • Francesco Alberti, Roberto Bruttomesso, Silvio Ghilardi, Silvio Ranise, Natasha Sharygina
    An extension of lazy abstraction with interpolation for programs with arrays
    In: Formal Methods in System Design (DOI)
  • Alessandro Armando, Roberto Carbone, Eyasu Getahun Chekole, Silvio Ranise
    Attribute Based Access Control for APIs in Spring Security
    In: 18th ACM Symposium on Access Control Models and Technologies (SACMAT 2014) (DOI, news)
  • Silvio Ranise, Tuan Anh Truong
    Incremental Analysis of Evolving Administrative Role Based Access Control Policies
    In: 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2014) (DOI)
  • , Silvio Ghilardi, Silvio Ranise
    Quantifier-free interpolation in combinations of equality interpolating theories
    In: ACM Transactions on Computational Logic (TOCL), Volume 15, Issue 1, No. 5 (DOI)
  • Silvio Ranise, Tuan Anh Truong, Alessandro Armando
    Scalable and Precise Automated Analysis of Administrative Temporal Role-Based Access Control
    In: 18th ACM Symposium on Access Control Models and Technologies (SACMAT 2014) (DOI, news)
  • Alessandro Armando, Roberto Carbone, Eyasu Getahun Chekole, Claudio Petrazzuolo, Andrea Ranalli, Silvio Ranise
    Selective Release of Smart Metering Data in Multi-domain Smart Grids
    In: Second Open EIT ICT Labs Workshop on Smart Grid Security (SmartGridSec14) (DOI, news)

2013

  • Clara Bertolissi, Silvio Ranise
    A methodology to build run-time monitors for security-aware workflows
    In: Proceedings of the 8th International Conference for Internet Technology and Secured Transactions (ICITST 2013) (DOI)
  • Alessandro Carioni, Silvio Ghilardi, Silvio Ranise
    Automated Termination in Model-Checking Modulo Theories
    In: International Journal of Foundations of Computer Science (DOI)
  • Alessandro Armando, Matteo Grasso, Sander Oudkerk, Silvio Ranise, Konrad Wrona
    Content-based information protection and release in NATO operations
    In: 18th ACM Symposium on Access Control Models and Technologies (SACMAT 2013) (DOI)
  • Alessandro Armando, Sander Oudkerk, Silvio Ranise, Konrad Wrona
    Formal Modelling of Content-Based Protection and Release for Access Control in NATO Operations
    In: International Symposium on Foundations and Practice of Security (FPS 2013) (DOI, news)
  • Silvio Ranise
    Symbolic backward reachability with effectively propositional logic
    In: Formal Methods in System Design (DOI)
  • Clara Bertolissi, Silvio Ranise
    Verification of Composed Array-based Systems with Applications to Security-Aware Workflows
    In: International Symposium on Frontiers of Combining Systems (FroCoS 2013) (DOI, news)

2012

  • Roberto Bruttomesso, Alessandro Carioni, Silvio Ghilardi, Silvio Ranise
    Automated Analysis of Parametric Timing-Based Mutual Exclusion Algorithms
    In: Proceedings of the 4th NASA Formal Methods Symposium (NFM 2012) (NFM 2012) (DOI)
  • Michele Barletta, Silvio Ranise, Luca Viganò
    Automated Analysis of Scenario-based Specifications of Distributed Access Control Policies with Non-Mechanizable Activities
    In: 8th International Workshop on Security and Trust Management (STM 2012) (DOI)
  • Alessandro Armando, Silvio Ranise
    Automated and Efficient Analysis of Role-Based Access Control with Attributes
    In: 26th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2012) (DOI)
  • Silvio Ranise, Tuan Anh Truong, Alessandro Armando
    Boosting Model Checking to Analyse Large ARBAC Policies
    In: 8th International Workshop on Security and Trust Management (STM 2012) (DOI)
  • Alessandro Armando, Silvio Ranise, Fatih Turkmen, Bruno Crispo
    Efficient run-time solving of RBAC user authorization queries: pushing the envelope
    In: Proceedings of the Second ACM Conference on Data and Application Security and Privacy (CODASPY 2012) (DOI)
  • Roberto Bruttomesso, Silvio Ghilardi, Silvio Ranise
    From Strong Amalgamability to Modularity of Quantifier-Free Interpolation
    In: Proceedings of the 6th International Joint Conference on Automated Reasoning (IJCAR 2012) (IJCAR 2012) (DOI)
  • Francesco Alberti, Roberto Bruttomesso, Silvio Ghilardi, Silvio Ranise, Natasha Sharygina
    Lazy Abstraction with Interpolants for Arrays
    In: (DOI)
  • Silvio Ranise, Alessandro Armando
    On the Automated Analysis of Safety in Usage Control: A New Decidability Result
    In: 6th International Conference on Network and System Security (NSS 2012) (DOI)
  • Silvio Ranise
    On the Verification of Security-Aware E-services
    In: Journal of Symbolic Computation, Volume 47, Issue 9 (DOI)
  • Roberto Bruttomesso, Silvio Ghilardi, Silvio Ranise
    Quantifier-Free Interpolation of a Theory of Arrays
    In: Logical Methods in Computer Science (LMCS), Volume 8, Issue 2 (DOI)
  • Francesco Alberti, Roberto Bruttomesso, Silvio Ghilardi, Silvio Ranise, Natasha Sharygina
    SAFARI: SMT-Based Abstraction for Arrays with Interpolants
    In: 24th International Conference on Computer Aided Verification (CAV 2012) (DOI)
  • Alessandro Armando, Silvio Ranise
    Scalable automated symbolic analysis of administrative role-based access control policies by SMT solving
    In: Journal of Computer Security (JCS), vol. 20, no. 4, pp. 309-352 (DOI)
  • Francesco Alberti, Silvio Ghilardi, Elena Pagani, Silvio Ranise, Gian Paolo Rossi
    Universal Guards, Relativization of Quantifiers, and Failure Models in Model Checking Modulo Theories
    In: Journal on Satisfiability, Boolean Modeling and Computation (JSAT) (DOI)

2011

  • Roberto Bruttomesso, Silvio Ghilardi, Silvio Ranise
    A Combination of Rewriting and Constraint Solving for the Quantifier-Free Interpolation of Arrays with Integer Difference Constraints
    In: 8th International Symposium on Frontiers of Combining Systems (FroCoS 2011) (DOI)
  • Michele Barletta, Silvio Ranise, Luca Viganò
    A declarative two-level framework to specify and verify workflow and authorization policies in service-oriented architectures
    In: Service Oriented Computing and Applications (DOI)
  • Francesco Alberti, Alessandro Armando, Silvio Ranise
    ASASP: Automated Symbolic Analysis of Security Policies
    In: 23rd International Conference on Automated Deduction (CADE 2011) (DOI)
  • Alessandro Armando, Silvio Ranise
    Automated Analysis of Infinite State Workflows with Access Control Policies
    In: 7th International Workshop on Security and Trust Management (STM 2011) (DOI)
  • Alessandro Armando, Roberto Carbone, Silvio Ranise
    Automated analysis of semantic-aware access control policies: a logic-based approach
    In: 2011 IEEE Fifth International Conference on Semantic Computing (ICSC 2011) (DOI)
  • Alessandro Carioni, Silvio Ghilardi, Silvio Ranise
    Automated Termination in Model Checking Modulo Theories
    In: 5th International Workshop on Reachability Problems (RP 2011) (DOI)
  • Christopher Lynch, Silvio Ranise, Christophe Ringeissen, Duc-Khahn Tran
    Automatic Decidability and Combinability
    In: Information and Computation, Volume 209, Issue 7, July 2011, Pages 1026-1047 (DOI)
  • Francesco Alberti, Alessandro Armando, Silvio Ranise
    Efficient Symbolic Automated Analysis of Administrative Attribute-based RBAC-Policies
    In: 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS '11) (DOI)
  • Roberto Bruttomesso, Silvio Ghilardi, Silvio Ranise
    Rewriting-based Quantifier-free Interpolation for a Theory of Arrays
    In: 22nd International Conference on Rewriting Techniques and Applications (RTA'11) (DOI)
  • Michele Barletta, Alberto Calvi, Silvio Ranise, Luca Viganò, Luca Zanetti
    Workflow and Access Control Reloaded: a Declarative Specification Framework for the Automated Analysis of Web Services
    In: Scalable Computing: Practice and Experience (SCPES) (DOI)

2010

  • Clark Barrett, Leonardo de Moura, Silvio Ranise, Aaron Stump, Cesare Tinelli
    Automated Symbolic Analysis of ARBAC Policies
    In: 6th International Haifa Verification Conference (HVC 2010) (DOI)
  • Alessandro Armando, Silvio Ranise
    Automated Symbolic Analysis of ARBAC Policies
    In: 6th International Workshop on Security and Trust Management (STM 2010) (DOI)
  • Alberto Calvi, Silvio Ranise, Luca Viganò
    Automated Validation of Security-sensitive Web Services specified in BPEL and RBAC
    In: 12th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC 2010) (DOI)
  • Silvio Ghilardi, Silvio Ranise
    Backward Reachability of Array-based Systems by SMT solving: Termination and Invariant Synthesis
    In: Logical Methods in Computer Science (LMCS) (DOI)
  • Francesco Alberti, Silvio Ghilardi, Elena Pagani, Silvio Ranise, Gian Paolo Rossi
    Brief Announcement: Automated Support for the Design and Validation of Fault Tolerant Parameterized Systems - A Case Study
    In: 24th International Symposium on Distributed Computing (DISC 2010) (DOI)
  • Silvio Ghilardi, Silvio Ranise
    MCMT: A Model Checker Modulo Theories
    In: Proceedings of the 4th International Joint Conference on Automated Reasoning (IJCAR 2010) (IJCAR 2010) (DOI)
  • Michele Barletta, Alberto Calvi, Silvio Ranise, Luca Viganò, Luca Zanetti
    WSSMT: Towards the Automated Analysis of Security-Sensitive Services and Applications
    In: 12th International Symposium on Symbolic and Numeric Algorithms for Scientific Computing (SYNASC 2010) (DOI)

Supervised Theses

2024

  • Riccardo Ziglio (Master's Thesis, University of Trento, 2024)
    Challenge-Based Liveness Detection vs Video Manipulation: Analysis of Face Swaps Attacks in Remote Identity Proofing Scenarios
    Supervisors: Silvio Ranise | Co-supervisor: Cecilia Pasquini
  • Mattia Bressan (Bachelor's Thesis, University of Trento, 2024)
    Towards Risk Assessment of Adversarial Machine Learning
    Supervisors: Silvio Ranise | Co-supervisor: Majid Mollaeefar
  • Mario Scuro (Master's Thesis, University of Trento, 2024)
    A Performance Analysis of the BBS Protocol
    Supervisors: Silvio Ranise | Co-supervisor: Alessandro Tomasi
  • Marco Pernpruner (PhD Thesis, University of Genoa, 2024)
    Integrating Security by Design and Automated Security Analysis for Digital Identity Management
    Supervisor: Silvio Ranise | Co-supervisor: Giada Sciarretta
  • Simone Brunello (Bachelor's Thesis, University of Trento, 2024)
    Hybrid Enforcement for Role-based Cryptographic Access Control
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Stefano Berlato

2023

  • Sara Sorrentino (Bachelor's Thesis, University of Trento, 2023)
    Use of Gamification for Effective Cybersecurity Awareness Programs: Study and Design of a Novel Framework
    Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Matteo Rizzi
  • Salvatore Manfredi (PhD Thesis, University of Genoa, 2023)
    Automated Assistance for Actionable Security: Security and Compliance of TLS Configurations
    Supervisor: Silvio Ranise | Co-supervisor: Giada Sciarretta
  • Roberta Peracchio (Master's Thesis, University of Trento, 2023)
    Exploring Digital Travel Credentials: A Comparative Study of Existing Solutions and Image Quality Assessment for Face Recognition
    Supervisors: Silvio Ranise | Co-supervisors: Tahir Ahmad, Cecilia Pasquini
  • Riccardo Germenia (Bachelor's Thesis, University of Trento, 2023)
    A Module to Evaluate the Security Compliance of TLS Deployments: Design and Implementation of a Mechanized Methodology
    Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Matteo Rizzi
  • Luigi Dell'Eva (Bachelor's Thesis, University of Trento, 2023)
    Chatting is Healthy: How Better Cybersecurity Hygiene can be Obtained by Integrating Chatbots with Pentesting Tools
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone, Eleonora Marchesini
  • Ion Andy Ditu (Bachelor's Thesis, University of Trento, 2023)
    Leveraging Trusted Execution Environment for Efficient Revocation and Security in Cryptographic Access Control
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Stefano Berlato
  • Gianluca Sassetti (Master's Thesis, University of Trento, 2023)
    Privacy Guidelines and Compliance Analysis for OpenID Connect Deployments
    Supervisors: Silvio Ranise | Co-supervisors: Amir Sharif, Giada Sciarretta, Roberto Carbone
  • Erica Elia (Master's Thesis, University of Trento, 2023)
    A Key Recovery Protocol based on Threshold Secret Sharing for Cryptographic Access Control in the Cloud: The CryptoAC use case
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Stefano Berlato
  • Andrea Bisegna (PhD Thesis, University of Genoa, 2023)
    Automated Security Testing for Identity Management of Large-scale Digital Infrastructures
    Supervisor: Silvio Ranise | Co-supervisor: Roberto Carbone
  • Alessandro Biasi (Bachelor's Thesis, University of Trento, 2023)
    Syntax and Semantics of a Declarative Language for Security Testing of Browser-based Security Protocols
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Ion Andy Ditu (Bachelor's Thesis, University of Trento, 2023)
    Leveraging Trusted Execution Environment for Efficient Revocation and Security in Cryptographic Access Control
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Stefano Berlato

2022

  • Majid Mollaeefar (PhD Thesis, University of Genoa, 2022)
    Automating the Quantification and Mitigation of Risks for Multiple Stakeholders
    Supervisor: Silvio Ranise
  • Matteo Bitussi (Bachelor's Thesis, University of Trento, 2022)
    Declarative Specification of Pentesting Strategies for Browser-based Security Protocols: the Case Studies of SAML and OAuth/OIDC
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Eleonora Marchesini (Master's Thesis, University of Trento, 2022)
    Design and Implementation of a Cybersecurity Chatbot for Identity Management Protocols: the SAML and Slack Use Case
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Sofia Zanrosso (Bachelor's Thesis, University of Trento, 2022)
    Enlarging the Pen-Test Coverage of SAML Single Sign-On Solutions with Cyber Threat Intelligence
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Mirco Bisoffi (Bachelor's Thesis, University of Trento, 2022)
    Lo Smishing e la Threat Intelligence Platform
    Supervisors: Silvio Ranise | Co-supervisor: Biniam Fisseha Demissie
  • Michele Zucchelli (Bachelor's Thesis, University of Trento, 2022)
    Pimp My Micro-Id-Gym: Enhancing the Automation and Usability of a Security Testing Tool for Digital Identity Protocol
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Giuseppe Alessio Sciumè (Bachelor's Thesis, University of Trento, 2022)
    A Comprehensive Analysis of the OAuth 2.0 Threat Model to Develop a Chatbot Providing Actionable Security Suggestions
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Andrea Bisegna
  • Enrico Marconi (Bachelor's Thesis, University of Trento, 2022)
    Combining Blockchain-as-a-Service and Cryptographic Access Control for Secure Data Sharing Across Multiple Organizations
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Stefano Berlato
  • Nicola Casagrande (Bachelor's Thesis, University of Trento, 2022)
    Dematerialized Documents: The Italian Driving License Use Case
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Tahir Ahmad
  • Federico Cucino (Bachelor's Thesis, University of Trento, 2022)
    Miglioramento delle capacità di analisi di TLSAssistant - Automatizzazione delle mitigazioni per NGINX
    Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Giada Sciarretta
  • Ivan Valentini (Bachelor's Thesis, University of Trento, 2022)
    Estensione delle capacità di analisi di TLSAssistant - Rilevazione e mitigazione di ALPACA, POODLE e Raccoon
    Supervisors: Silvio Ranise | Co-supervisors: Salvatore Manfredi, Giada Sciarretta
  • Stefano Da Roit (Bachelor's Thesis, University of Trento, 2022)
    Automated Detection of DoS Attacks in MQTT 5.0 Brokers
    Supervisors: Silvio Ranise | Co-supervisor: Umberto Morelli
  • Rupert Gobber (Master's Thesis, University of Trento, 2022)
    Design and implementation of a verifiable credentials service for a data marketplace
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Alessandro Tomasi
  • Martina Vecellio Reane (Bachelor's Thesis, University of Trento, 2022)
    Automated Security and Risk Analysis of Remote Identity Proofing Procedures
    Supervisors: Silvio Ranise | Co-supervisors: Marco Pernpruner, Giada Sciarretta
  • Alessandro Colombo (Bachelor's Thesis, University of Trento, 2022)
    Attribute Based Encryption for Advanced Data Protection in IoT with MQTT
    Supervisors: Silvio Ranise | Co-supervisors: Stefano Berlato, Roberto Carbone

2021

  • Wendy Barreto (Bachelor's Thesis, University of Trento, 2021)
    Design and implementation of an attack pattern language for the automated pentesting of OAuth/OIDC deployments
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Veronica Cristiano (Master's Thesis, University of Trento, 2021)
    Key Management for Cryptographic Enforcement of Access Control Policies in the Cloud: The CryptoAC use case
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Stefano Berlato
  • Salimeh Dashti (PhD Thesis, University of Genoa, 2021)
    An Assisted Methodology to Conduct Data Protection Impact Assessment
    Supervisor: Silvio Ranise
  • Matteo Rizzi (Bachelor's Thesis, University of Trento, 2021)
    TLS Analyzers for Android Apps: State-of-the-art Analysis and Integration in TLSAssistant
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Salvatore Manfredi
    Awards: 3rd place at thesis award "Innovare la sicurezza delle informazioni 2021", sponsored by CLUSIT
  • Matteo Longato (Bachelor's Thesis, University of Trento, 2021)
    Verifiable credentials applied to self reporting applications
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Alessandro Tomasi
  • Matteo Leonelli (Bachelor's Thesis, University of Trento, 2021)
    Open and Cross-platform Ecosystem for Enterprise Services: Secure and Authenticated Access with the use of Italian Identity Cards and FIDO
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli
  • Luca Bazzanella (Bachelor's Thesis, University of Trento, 2021)
    Analysis of the State of the Art of DevSecOps: The Gitlab case study
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Lorenzo Bellesso (Postgraduate Thesis, University of Genoa, 2021)
    Implementazione di una soluzione di generazione e rilascio credenziali in ambito IoT fondata sull'uso della Carta d'Identità Elettronica (CIE)
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli
  • Leonardo Xompero (Bachelor's Thesis, University of Trento, 2021)
    A Survey of Risk-Based Authentication: How features and security actions can be used to mitigate attackers
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Marco Pernpruner
  • Giuseppe Lamorgese (Bachelor's Thesis, University of Trento, 2021)
    Autenticazione password-less con FIDO2: Descrizione del flusso e considerazioni sulla sicurezza
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta
  • Giacomo Zanolli (Bachelor's Thesis, University of Trento, 2021)
    FIDO2 Passwordless Authentication: From the basics to an implementation in the context of an authorization system
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Marco Pernpruner
  • Francesco Defilippo (Bachelor's Thesis, University of Trento, 2021)
    Attack Patterns for Pentesting SAML 2.0 Web Browser Single Sign-On deployments
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Chaudhry Muhammad Suleman (Master's Thesis, University of Trento, 2021)
    Cyber-security Risk Assessment for Cooperative, Connected and Automated Mobility Application to Cooperative Lane Merging
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Stefano Berlato
  • Amir Sharif (PhD Thesis, University of Genoa, 2021)
    Analysis of Best Current Practices to Assist Native App Developers with Secure OAuth/OIDC Implementations
    Supervisor: Roberto Carbone | Co-supervisors: Silvio Ranise, Giada Sciarretta
  • Alessandro Pegoraro (Bachelor's Thesis, University of Trento, 2021)
    Payment Services Directive 2 in the Wild - A comparison between Open Banking UK and NextGenPSD2
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Salvatore Manfredi
  • Adrien Beaugendre (Master's Thesis, University of Rennes 1 and University of Trento, 2021)
    A Flexible Risk Analysis on MuFASA Tool
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Marco Pernpruner

2020

  • Tahir Ahmad (PhD Thesis, University of Genoa, 2020)
    Access Control for IoT: Problems and Solutions in the Smart Home
    Supervisors: Alessandro Armando, Silvio Ranise
  • Stefano Facchini (Bachelor's Thesis, University of Trento, 2020)
    Design and implementation of an automated tool for checking SAML SSO vulnerabilities and SPID compliance
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Giulio Pellizzari (Master's Thesis, University of Trento, 2020)
    Micro-Id-Gym: A Tool to Support Sandboxing and Automated Pentesting of Identity Management Protocols
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Claudio Grisenti (Bachelor's Thesis, University of Trento, 2020)
    A pentesting tool for OAuth and OIDC deployments
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Alessio Valenza (Bachelor's Thesis, University of Trento, 2020)
    Autenticazione bancaria post-PSD2: siamo al sicuro? Analisi automatica del rischio di protocolli di autenticazione
    Supervisors: Silvio Ranise | Co-supervisors: Giada Sciarretta, Marco Pernpruner

2019

  • Stefano Berlato (Master's Thesis, University of Trento, 2019)
    A Pragmatic Approach to Handle "Honest But Curious" Cloud Service Providers: Cryptographic Enforcement of Dynamic Access Control Policies
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone
    Awards: 3rd place at thesis award "Innovare la sicurezza delle informazioni 2020", sponsored by CLUSIT
  • Salvatore Manfredi (Master's Thesis, University of Trento, 2019)
    Assisting users in securing TLS configurations
    Supervisors: Silvio Ranise | Co-supervisor: Giada Sciarretta
  • Marta Toniolli (Bachelor's Thesis, University of Trento, 2019)
    Developing an Android client for user enrollment with CIE 3.0 and distributed ledger interaction: An application to electronic health record access control
    Supervisors: Silvio Ranise | Co-supervisors: Alessandro Tomasi
  • Luca Morgese (Bachelor's Thesis, University of Trento, 2019)
    Designing and Implementing a DLT Based Access Control Mechanism for Healthcare Data - A Proof of Concept
    Supervisors: Silvio Ranise | Co-supervisors: Alessandro Tomasi
  • Lorenzo Tait (Bachelor's Thesis, University of Trento, 2019)
    A Customized Threat Modeling for Secure Deployment And Pentesting of SAML SSO Solutions
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Davide Piva (Bachelor's Thesis, University of Trento, 2019)
    Assisting Developers in Securing OAuth 2.0 Deployment: Demystifying Threats and Protection Techniques for Bearer Credentials
    Supervisors: Silvio Ranise | Co-supervisor: Giada Sciarretta
  • Carlotta Tagliaro (Bachelor's Thesis, University of Trento, 2019)
    Security and Performance tradeoffs in the Internet of Things
    Supervisors: Silvio Ranise | Co-supervisor: Umberto Morelli
    Awards: 4th place at thesis award "Innovare la sicurezza delle informazioni 2020", sponsored by CLUSIT

2018

  • Valentina Odorizzi (Bachelor's Thesis, University of Trento, 2018)
    Progettazione e sviluppo di uno strumento per l'analisi automatica di vulnerabilità "Missing XML Validation" in SAML SSO
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Saverio Turetta (Bachelor's Thesis, University of Trento, 2018)
    Analysis of the State of the Art in Android Dynamic Analysis Tools
    Supervisors: Silvio Ranise | Co-supervisors: Roberto Carbone, Amir Sharif
  • Mirko Schicchi (Bachelor's Thesis, 2018)
    IOTA and the Internet of Things: A possible solution for autonomous driving vehicles
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli, Alessandro Tomasi
  • Ivan Martini (Bachelor's Thesis, University of Trento, 2018)
    An automated security testing framework for SAML SSO deployments
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Hari Siswantoro (PhD Thesis, 2018)
    Automated Analysis and Synthesis for the Compliance of Privacy and Other Legal Provisions
    Supervisors: Silvio Ranise | Co-supervisor: Alessandro Armando
  • Giulio Pellizzari (Bachelor's Thesis, University of Trento, 2018)
    Design and implementation of a tool to detect Login Cross-Site Request Forgery in SAML SSO: G Suite case study
    Supervisors: Silvio Ranise | Co-supervisors: Andrea Bisegna, Roberto Carbone
  • Giovanni Ferronato (Bachelor's Thesis, University of Trento, 2018)
    Multi-factor Authentication Through Push Notification and NFC-enabled Identity Card: A solution for secure authentication in unsecure contexts
    Supervisors: Silvio Ranise | Co-supervisor: Giada Sciarretta
    Awards: 3rd place at thesis award "Innovare la sicurezza delle informazioni 2019", sponsored by CLUSIT
  • Giada Sciarretta (PhD Thesis, University of Trento, 2018)
    A Methodology for the Design and Security Assessment of Mobile Identity Management: Applications to real-world scenarios
    Supervisors: Silvio Ranise | Co-supervisors: Alessandro Armando, Roberto Carbone
  • Enrico Donatoni (Bachelor's Thesis, University of Trento, 2018)
    Blockchain in Finance: a comparison of Ripple, Quorum and Corda
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli, Alessandro Tomasi
  • Daniele Del Sale (Bachelor's Thesis, University of Trento, 2018)
    Procedure di autenticazione multi-fattore basate su push notification: Analisi dello stato dell'arte e specifica delle best-practice per un'implementazione sicura
    Supervisors: Silvio Ranise | Co-supervisor: Giada Sciarretta
  • Damiano Sartori (Bachelor's Thesis, University of Trento, 2018)
    Attribute Based Access Control over a Hyperledger Fabric Network: An application for Electronic Health Records
    Supervisors: Silvio Ranise | Co-supervisors: Umberto Morelli, Alessandro Tomasi

2017

  • Daniel Ricardo dos Santos (PhD Thesis, University of Trento, 2017)
    Automatic Techniques for the Synthesis and Assisted Deployment of Security Policies in Workflow-based Applications
    Supervisors: Silvio Ranise | Co-supervisors: Luca Compagna, Serena Elisa Ponta

2015

  • Tuan Anh Truong (PhD Thesis, University of Trento, 2015)
    Efficient Automated Security Analysis of Complex Authorization Policies
    Supervisors: Alessandro Armando | Co-supervisors: Silvio Ranise