Zobrazeno 1 - 10
of 49
pro vyhledávání: '"Luca Compagna"'
Autor:
Luca Compagna, Giancarlo Pellegrino, Davide Balzarotti, Martin Johns, Angel Cuevas, Battista Biggio, Leyla Bilge, Fabian Yamaguchi, Matteo Meucci
—Modern web applications play a pivotal role in our digital society. Motivated by the many security vulnerabilities and data breaches routinely reported on those applications, we initiated the EU TESTABLE research project to address the main challe
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::6637c66d503adf60ca8181dd9a254cbe
Publikováno v:
Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security.
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::fdda0082a631e8759a153291c5ec44bd
https://doi.org/10.1145/3488932.3497764
https://doi.org/10.1145/3488932.3497764
Publikováno v:
Proceedings 2022 Network and Distributed System Security Symposium.
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::34f2f5be98da0b033f23d47c43338942
https://doi.org/10.14722/ndss.2022.24150
https://doi.org/10.14722/ndss.2022.24150
Publikováno v:
EuroS&P Workshops
Maffei, M. (ed.), EuroS&PW 2021: 2021 IEEE European Symposium on Security and Privacy Workshops, Virtual Conference, pp. 49-59
IEEE European Symposium on Security and Privacy Workshops: (EuroS&PW), 49-59
STARTPAGE=49;ENDPAGE=59;TITLE=IEEE European Symposium on Security and Privacy Workshops
Compagna, L, Jonker, H L, Krochewski, J, Krumnow, B & Sahin, M 2021, A preliminary study on the adoption and effectiveness of SameSite cookies as a CSRF defence . in IEEE European Symposium on Security and Privacy Workshops : (EuroS &PW) . IEEE, pp. 49-59, 2021 IEEE European Symposium on Security and Privacy Workshops, Vienna, Austria, 6/09/21 . https://doi.org/10.1109/eurospw54576.2021.00012
Maffei, M. (ed.), EuroS&PW 2021: 2021 IEEE European Symposium on Security and Privacy Workshops, Virtual Conference, pp. 49-59
IEEE European Symposium on Security and Privacy Workshops: (EuroS&PW), 49-59
STARTPAGE=49;ENDPAGE=59;TITLE=IEEE European Symposium on Security and Privacy Workshops
Compagna, L, Jonker, H L, Krochewski, J, Krumnow, B & Sahin, M 2021, A preliminary study on the adoption and effectiveness of SameSite cookies as a CSRF defence . in IEEE European Symposium on Security and Privacy Workshops : (EuroS &PW) . IEEE, pp. 49-59, 2021 IEEE European Symposium on Security and Privacy Workshops, Vienna, Austria, 6/09/21 . https://doi.org/10.1109/eurospw54576.2021.00012
The SameSite cookie attribute was introduced to prevent Cross-site Request Forgery (CSRF) attacks. Major browsers support SameSite functionality since 2016. Since 2020, browsers enforce it by default. These developments sometimes have been celebrated
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::6a7bb688e308538f404b9dcd5e06c4cc
https://doi.org/10.1109/eurospw54576.2021.00012
https://doi.org/10.1109/eurospw54576.2021.00012
Publikováno v:
Computer Security – ESORICS 2020 ISBN: 9783030589509
Computer Security – ESORICS 2020-25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part I
Lecture Notes in Computer Science
Lecture Notes in Computer Science-Computer Security – ESORICS 2020
Computer Security – ESORICS 2020-25th European Symposium on Research in Computer Security, ESORICS 2020, Guildford, UK, September 14–18, 2020, Proceedings, Part I
Lecture Notes in Computer Science
Lecture Notes in Computer Science-Computer Security – ESORICS 2020
Modern web applications often rely on third-party services to provide their functionality to users. The secure integration of these services is a non-trivial task, as shown by the large number of attacks against Single Sign On and Cashier-as-a-Servic
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::4f674577b566cdfcd06c8d009d798a5b
https://doi.org/10.1007/978-3-030-58951-6_2
https://doi.org/10.1007/978-3-030-58951-6_2
Publikováno v:
Journal of Computer Security. 25:255-282
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::12d6cc40843575b149663660dbd5a67a
https://doi.org/10.3233/jcs-16894
https://doi.org/10.3233/jcs-16894
Publikováno v:
International Journal on Software Tools for Technology Transfer. 18:187-204
We present SATMC 3.0, a SAT-based bounded model checker for security-critical systems that stems from a successful combination of encoding techniques originally developed for planning with techniques developed for the analysis of reactive systems. SA
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::1344115492e3c596b62175472817894c
https://doi.org/10.1007/s10009-015-0385-y
https://doi.org/10.1007/s10009-015-0385-y
Publikováno v:
CODASPY
Organizations often expose business processes and services as web applications. Improper enforcement of security policies in these applications leads to business logic vulnerabilities that are hard to find and may have dramatic security implications.
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_________::473c5b36bd818c54262addb51b4b3b22
https://doi.org/10.1145/3029806.3029813
https://doi.org/10.1145/3029806.3029813
Autor:
Alessandro Armando, Alessandro Sorniotti, Roberto Carbone, Jorge Cuellar, Luca Compagna, Giancarlo Pellegrino
Publikováno v:
Computers & Security
Browser-based Single Sign-On (SSO) protocols relieve the user from the burden of dealing with multiple credentials thereby improving the user experience and the security. In this paper we show that extreme care is required for specifying and implemen
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::24ef53ed2ac92b9f2e3a042ae7a2e5ec
https://doi.org/10.1016/j.cose.2012.08.007
https://doi.org/10.1016/j.cose.2012.08.007
Publikováno v:
NDSS
Externí odkaz:
https://explore.openaire.eu/search/publication?articleId=doi_dedup___::32eb1b5cb1980f3a95a00e0c8b378c39
https://doi.org/10.14722/ndss.2016.23286
https://doi.org/10.14722/ndss.2016.23286