Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps A Armando, R Carbone, L Compagna, J Cuellar, L Tobarra Proceedings of the 6th ACM workshop on Formal methods in security …, 2008 | 403 | 2008 |
The AVANTSSAR platform for the automated validation of trust and security of service-oriented architectures A Armando, W Arsac, T Avanesov, M Barletta, A Calvi, A Cappai, ... Tools and Algorithms for the Construction and Analysis of Systems: 18th …, 2012 | 144 | 2012 |
LTL Model Checking for Security Protocols A Armando, R Carbone, L Compagna 20th IEEE Computer Security Foundations Symposium (CSF'07), pp. 385-396, 2007 | 133 | 2007 |
An authentication flaw in browser-based single sign-on protocols: Impact and remediations A Armando, R Carbone, L Compagna, J Cuéllar, G Pellegrino, A Sorniotti Computers & Security 33, 41-58, 2013 | 99 | 2013 |
A survey on multi-factor authentication for online banking in the wild F Sinigaglia, R Carbone, G Costa, N Zannone Computers & Security 95, 101745, 2020 | 80 | 2020 |
Large-scale analysis & detection of authentication cross-site request forgeries A Sudhodanan, R Carbone, L Compagna, N Dolgin, A Armando, ... 2017 IEEE European symposium on security and privacy (EuroS&P), 350-365, 2017 | 64 | 2017 |
Attack Patterns for Black-Box Security Testing of Multi-Party Web Applications. A Sudhodanan, A Armando, R Carbone, L Compagna NDSS, 2016 | 55 | 2016 |
SATMC: a SAT-based Model Checker for Security-critical Systems A Armando, R Carbone, L Compagna Tools and Algorithms for the Construction and Analysis of Systems: 20th …, 2014 | 54 | 2014 |
From multiple credentials to browser-based single sign-on: Are we more secure? A Armando, R Carbone, L Compagna, J Cuellar, G Pellegrino, A Sorniotti IFIP International Information Security Conference, 68-79, 2011 | 45 | 2011 |
Model-checking driven security testing of web-based applications A Armando, R Carbone, L Compagna, K Li, G Pellegrino 2010 Third International Conference on Software Testing, Verification, and …, 2010 | 42 | 2010 |
From model-checking to automated testing of security protocols: Bridging the gap A Armando, G Pellegrino, R Carbone, A Merlo, D Balzarotti International Conference on Tests and Proofs, 3-18, 2012 | 40 | 2012 |
SATMC: a SAT-based model checker for security protocols, business processes, and security APIs A Armando, R Carbone, L Compagna International Journal on Software Tools for Technology Transfer 18, 187-204, 2016 | 29 | 2016 |
The eIDAS regulation: a survey of technological trends for European electronic identity schemes A Sharif, M Ranzi, R Carbone, G Sciarretta, FA Marino, S Ranise Applied Sciences 12 (24), 12679, 2022 | 28 | 2022 |
Android permissions unleashed A Armando, R Carbone, G Costa, A Merlo 2015 IEEE 28th Computer Security Foundations Symposium, 320-333, 2015 | 24 | 2015 |
Attribute based access control for apis in spring security A Armando, R Carbone, EG Chekole, S Ranise Proceedings of the 19th ACM symposium on Access control models and …, 2014 | 21 | 2014 |
Design, formal specification and analysis of multi-factor authentication solutions with a single sign-on experience G Sciarretta, R Carbone, S Ranise, L Viganò International Conference on Principles of Security and Trust, 188-213, 2018 | 17 | 2018 |
Exploring architectures for cryptographic access control enforcement in the cloud for fun and optimization S Berlato, R Carbone, AJ Lee, S Ranise Proceedings of the 15th ACM Asia Conference on Computer and Communications …, 2020 | 16 | 2020 |
Anatomy of the Facebook solution for mobile single sign-on: Security assessment and improvements G Sciarretta, R Carbone, S Ranise, A Armando Computers & Security 71, 71-86, 2017 | 15 | 2017 |
Formal analysis of mobile multi-factor authentication with single sign-on login G Sciarretta, R Carbone, S Ranise, L Viganò ACM Transactions on Privacy and Security (TOPS) 23 (3), 1-37, 2020 | 14 | 2020 |
LTL model-checking for security protocols R Carbone AI communications 24 (3), 281-283, 2011 | 14 | 2011 |