Federica Paci

Jacopo Pizzoli

Proceedings of the 18th International Conference on Availability, Reliability and Security, 2023

Mitigating Privilege Misuse in Access Control through Anomaly Detection.

[BibT_eX]

[DOI]

Proceedings of the 18th International Conference on Availability, Reliability and Security, 2023

HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems.

[BibT_eX]

[DOI]

Proceedings of the 18th International Conference on Availability, Reliability and Security, 2023

2021

Connecting Regulatory Requirements to Audit Outcomes: A Model-driven Approach to Auditable Compliance.

[BibT_eX]

[DOI]

Robert Thorburn

Vladimiro Sassone

Sophie Stalla-Bourdillon

Proceedings of the ACM/IEEE International Conference on Model Driven Engineering Languages and Systems Companion, 2021

Verifiable Hierarchical Key Assignment Schemes.

[BibT_eX]

[DOI]

Anna Lisa Ferrara

Chiara Ricciardi

Proceedings of the Data and Applications Security and Privacy XXXV, 2021

2020

Fuzzy-based approach to assess and prioritize privacy risks.

[BibT_eX]

[DOI]

Stephen Hart

Anna Lisa Ferrara

Soft Comput., 2020

Selecting a Secure Cloud Provider - An Empirical Study and Multi Criteria Approach.

[BibT_eX]

[DOI]

Inf., 2020

Riskio: A Serious Game for Cyber Security Awareness and Education.

[BibT_eX]

[DOI]

Comput. Secur., 2020

IFTTT Privacy Checker.

[BibT_eX]

[DOI]

Proceedings of the Emerging Technologies for Authorization and Authentication, 2020

A real world study on employees' susceptibility to phishing attacks.

[BibT_eX]

[DOI]

Marco De Bona

Proceedings of the ARES 2020: The 15th International Conference on Availability, 2020

2019

Access control in Internet-of-Things: A survey.

[BibT_eX]

[DOI]

J. Netw. Comput. Appl., 2019

2018

Survey on Access Control for Community-Centered Collaborative Systems.

[BibT_eX]

[DOI]

Flávio Moreira de Oliveira

ACM Comput. Surv., 2018

Towards Adaptive Access Control.

[BibT_eX]

[DOI]

Proceedings of the Data and Applications Security and Privacy XXXII, 2018

2017

Model comprehension for security risk assessment: an empirical comparison of tabular vs. graphical representations.

[BibT_eX]

[DOI]

Empir. Softw. Eng., 2017

On the Equivalence Between Graphical and Tabular Representations for Security Risk Assessment.

[BibT_eX]

[DOI]

Katsiaryna Labunets

Fabio Massacci

Proceedings of the Requirements Engineering: Foundation for Software Quality, 2017

Decentralised Runtime Monitoring for Access Control Systems in Cloud Federations.

[BibT_eX]

[DOI]

Proceedings of the 37th IEEE International Conference on Distributed Computing Systems, 2017

A Distributed Access Control System for Cloud Federations.

[BibT_eX]

[DOI]

Shorouq Alansari

Vladimiro Sassone

Proceedings of the 37th IEEE International Conference on Distributed Computing Systems, 2017

Privacy-Preserving Access Control in Cloud Federations.

[BibT_eX]

[DOI]

Proceedings of the 2017 IEEE 10th International Conference on Cloud Computing (CLOUD), 2017

2016

Formal Modelling of Data Integration Systems Security Policies.

[BibT_eX]

[DOI]

Fatimah Y. Akeel

Asieh Salehi Fathabadi

Andrew M. Gravell

Gary B. Wills

Data Sci. Eng., 2016

EEVi - framework for evaluating the effectiveness of visualization in cyber-security.

[BibT_eX]

[DOI]

Aneesha Sethi

Gary B. Wills

Proceedings of the 11th International Conference for Internet Technology and Secured Transactions, 2016

Towards Empirical Evaluation of Automated Risk Assessment Methods.

[BibT_eX]

[DOI]

Olga Gadyatskaya

Katsiaryna Labunets

Proceedings of the Risks and Security of Internet and Systems, 2016

2015

Preventing Information Inference in Access Control.

[BibT_eX]

[DOI]

Proceedings of the 20th ACM Symposium on Access Control Models and Technologies, 2015

The Role of Catalogues of Threats and Security Controls in Security Risk Assessment: An Empirical Study with ATM Professionals.

[BibT_eX]

[DOI]

Proceedings of the Requirements Engineering: Foundation for Software Quality, 2015

Which security catalogue is better for novices?

[BibT_eX]

[DOI]

Katsiaryna Labunets

Fabio Massacci

Proceedings of the 2015 IEEE Fifth International Workshop on Empirical Requirements Engineering, 2015

2014

Empirical Assessment of Security Requirements and Architecture: Lessons Learned.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Future Internet Services and Systems, 2014

Assessing a requirements evolution approach: Empirical studies in the air traffic management domain.

[BibT_eX]

[DOI]

J. Syst. Softw., 2014

Evolution of Security Engineering Artifacts: A State of the Art Survey.

[BibT_eX]

[DOI]

Int. J. Secur. Softw. Eng., 2014

PriMa: a comprehensive approach to privacy protection in social network sites.

[BibT_eX]

[DOI]

Smitha Sundareswaran

Ann. des Télécommunications, 2014

An experiment on comparing textual vs. visual industrial methods for security risk assessment.

[BibT_eX]

[DOI]

Proceedings of the 4th IEEE International Workshop on Empirical Requirements Engineering, 2014

Security triage: A report of a lean security requirements methodology for cost-effective security analysis.

[BibT_eX]

[DOI]

Proceedings of the 4th IEEE International Workshop on Empirical Requirements Engineering, 2014

Security triage: an industrial case study on the effectiveness of a lean methodology to identify security requirements.

[BibT_eX]

[DOI]

Proceedings of the 2014 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement, 2014

EMFASE - An Empirical Framework for Security Design and Economic Trade-off.

[BibT_eX]

[DOI]

Proceedings of the Ninth International Conference on Availability, 2014

2013

Privacy-Aware Web Service Composition and Ranking.

[BibT_eX]

[DOI]

Elisa Costante

Int. J. Web Serv. Res., 2013

PERSONA - A Personalized Data Protection Framework.

[BibT_eX]

[DOI]

Proceedings of the Trust Management VII - 7th IFIP WG 11.11 International Conference, 2013

An Experimental Comparison of Two Risk-Based Security Methods.

[BibT_eX]

[DOI]

Proceedings of the 2013 ACM / IEEE International Symposium on Empirical Software Engineering and Measurement, 2013

Detecting Insider Threats: A Trust-Aware Framework.

[BibT_eX]

[DOI]

M. Carmen Fernández Gago

Francisco Moyano

Proceedings of the 2013 International Conference on Availability, Reliability and Security, 2013

Combining Goal-Oriented and Problem-Oriented Requirements Engineering Methods.

[BibT_eX]

[DOI]

Proceedings of the Availability, Reliability, and Security in Information Systems and HCI, 2013

2012

Assessing a requirements evolution approach: Empirical studies in the Air Traffic Management domain.

[BibT_eX]

[DOI]

Proceedings of the Second IEEE International Workshop on Empirical Requirements Engineering, 2012

How to Select a Security Requirements Method? A Comparative Study with Students and Practitioners.

[BibT_eX]

[DOI]

Fabio Massacci

Proceedings of the Secure IT Systems - 17th Nordic Conference, 2012

Managing Evolution by Orchestrating Requirements and Testing Engineering Processes.

[BibT_eX]

[DOI]

Proceedings of the Fifth IEEE International Conference on Software Testing, 2012

2011

ACConv - An Access Control Model for Conversational Web Services.

[BibT_eX]

[DOI]

ACM Trans. Web, 2011

Trust establishment in the formation of Virtual Organizations.

[BibT_eX]

[DOI]

Comput. Stand. Interfaces, 2011

Computer Aided Threat Identification.

[BibT_eX]

[DOI]

Proceedings of the 13th IEEE Conference on Commerce and Enterprise Computing, 2011

Orchestrating Security and System Engineering for Evolving Systems - (Invited Paper).

[BibT_eX]

[DOI]

Proceedings of the Towards a Service-Based Internet - 4th European Conference, 2011

SeCMER: A Tool to Gain Control of Security Requirements Evolution.

[BibT_eX]

[DOI]

Proceedings of the Towards a Service-Based Internet - 4th European Conference, 2011

A Load Time Policy Checker for Open Multi-application Smart Cards.

[BibT_eX]

[DOI]

Proceedings of the POLICY 2011, 2011

Managing changes with legacy security engineering processes.

[BibT_eX]

[DOI]

Proceedings of the 2011 IEEE International Conference on Intelligence and Security Informatics, 2011

An Extended Ontology for Security Requirements.

[BibT_eX]

[DOI]

Proceedings of the Advanced Information Systems Engineering Workshops, 2011

A Tool for Managing Evolving Security Requirements.

[BibT_eX]

[DOI]

Proceedings of the IS Olympics: Information Systems in a Diverse World, 2011

2010

Group-Based Negotiations in P2P Systems.

[BibT_eX]

[DOI]

IEEE Trans. Parallel Distributed Syst., 2010

Java Card Architecture for Autonomous Yet Secure Evolution of Smart Cards Applications.

[BibT_eX]

[DOI]

Proceedings of the Information Security Technology for Applications, 2010

Efficient and privacy-preserving enforcement of attribute-based access control.

[BibT_eX]

[DOI]

Ning Shang

Proceedings of the 9th Symposium on Identity and Trust on the Internet, 2010

A privacy-preserving approach to policy-based content dissemination.

[BibT_eX]

[DOI]

Proceedings of the 26th International Conference on Data Engineering, 2010

PriMa: an effective privacy protection mechanism for social networks.

[BibT_eX]

[DOI]

Smitha Sundareswaran

Proceedings of the 5th ACM Symposium on Information, 2010

Security for Web Services and Service-Oriented Architectures.

[BibT_eX]

[DOI]

Lorenzo Martino

Springer, ISBN: 978-3-540-87741-7, 2010

2009

An Overview of VeryIDX - A Privacy-Preserving Digital Identity Management System for Mobile Devices.

[BibT_eX]

[DOI]

Sam Kerr

Jungha Woo

J. Softw., 2009

Privacy-preserving Digital Identity Management for Cloud Computing.

[BibT_eX]

[DOI]

IEEE Data Eng. Bull., 2009

An Interoperable Approach to Multifactor Identity Verification.

[BibT_eX]

[DOI]

Computer, 2009

Collective privacy management in social networks.

[BibT_eX]

[DOI]

Mohamed Shehab

Proceedings of the 18th International Conference on World Wide Web, 2009

VeryIDX - A Privacy Preserving Digital Identity Management System for Mobile Devices.

[BibT_eX]

[DOI]

Proceedings of the MDM 2009, 2009

Privacy-preserving management of transactions' receipts for mobile environments.

[BibT_eX]

[DOI]

Proceedings of the IDtrust 2009, 2009

Identity Attribute-Based Role Provisioning for Human WS-BPEL Processes.

[BibT_eX]

[DOI]

Rodolfo Ferrini

Proceedings of the IEEE International Conference on Web Services, 2009

2008

An Access-Control Framework for WS-BPEL.

[BibT_eX]

[DOI]

Jason Crampton

Int. J. Web Serv. Res., 2008

VeryIDX - A Digital Identity Management System for Pervasive Computing Environments.

[BibT_eX]

[DOI]

Jungha Woo

Proceedings of the Software Technologies for Embedded and Ubiquitous Systems, 2008

Authorization and User Failure Resiliency for WS-BPEL Business Processes.

[BibT_eX]

[DOI]

Proceedings of the Service-Oriented Computing, 2008

Minimal credential disclosure in trust negotiations.

[BibT_eX]

[DOI]

Proceedings of the 4th Workshop on Digital Identity Management, 2008

Monitoring Contract Enforcement within Virtual Organizations.

[BibT_eX]

[DOI]

Proceedings of the Collaborative Computing: Networking, 2008

A Federated Digital Identity Management Approach for Business Processes.

[BibT_eX]

[DOI]

Proceedings of the Collaborative Computing: Networking, 2008

Verification of Access Control Requirements in Web Services Choreography.

[BibT_eX]

[DOI]

Mourad Ouzzani

Massimo Mecella

Proceedings of the 2008 IEEE International Conference on Services Computing (SCC 2008), 2008

2007

PP-trust-X: A system for privacy preserving trust negotiations.

[BibT_eX]

[DOI]

Elena Ferrari

Bhavani Thuraisingham

ACM Trans. Inf. Syst. Secur., 2007

A system for securing push-based distribution of XML documents.

[BibT_eX]

[DOI]

Elena Ferrari

Loredana Parasiliti Provenza

Int. J. Inf. Sec., 2007

User Tasks and Access Control overWeb Services.

[BibT_eX]

[DOI]

Proceedings of the 2007 IEEE International Conference on Web Services (ICWS 2007), 2007

2006

An Adaptive Access Control Model for Web Services.

[BibT_eX]

[DOI]

Lorenzo Martino

Int. J. Web Serv. Res., 2006

A secure framework for publishing virtual community contracts.

[BibT_eX]

[DOI]

Int. J. Web Based Communities, 2006

Access control enforcement for conversation-based web services.

[BibT_eX]

[DOI]

Proceedings of the 15th international conference on World Wide Web, 2006

Access Control and Authorization Constraints for WS-BPEL.

[BibT_eX]

[DOI]

Jason Crampton