Alvise RABITTI

Qualifica
Tecnico Amministrativo
Telefono
041 234 7179
E-mail
alvise.rabitti@unive.it
Sito web
www.unive.it/persone/alvise.rabitti (scheda personale)
Struttura
ASIT - Settore Sicurezza e Infrastrutture (Referente di Settore)
Sede: Rio Nuovo
Sicurezza
Addetto Squadre di Emergenza
Chiave PGP/GPG
Chiave pubblica [4Kb]

Pubblicazioni

Anno Tipologia Pubblicazione
Anno Tipologia Pubblicazione
2023 Articolo su libro Michele Bugliesi; Stefano Calzavara; Alvise Rabitti Cryptographic Web Applications: from Security Engineering to Formal Analysis in Michele Bugliesi; Stefano Calzavara; Alvise Rabitti, Handbook of Formal Analysis and Verification in Cryptography, CRC Press (ISBN 9781003090052)
DOI - Scheda ARCA: 10278/5016383
2023 Articolo in Atti di convegno Hantke F.; Calzavara S.; Wilhelm M.; Rabitti A.; Stock B. You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements , CCS 2023 - Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, Association for Computing Machinery, Inc, pp. 3168-3182, Convegno: 30th ACM SIGSAC Conference on Computer and Communications Security, CCS 2023, 2023 (ISBN 9798400700507)
DOI - Scheda ARCA: 10278/5046161
2022 Articolo in Atti di convegno Roth S.; Calzavara S.; Wilhelm M.; Rabitti A.; Stock B. The Security Lottery: Measuring Client-Side Web Security Inconsistencies , Proceedings of the 31st USENIX Security Symposium, Security 2022, USENIX Association, pp. 2047-2064, Convegno: 31st USENIX Security Symposium, Security 2022, 2022 (ISBN 9781939133311)
- Scheda ARCA: 10278/5011440
2021 Articolo su rivista Calzavara S.; Jonker H.; Krumnow B.; Rabitti A. Measuring Web Session Security at Scale in COMPUTERS & SECURITY, vol. 111, pp. 102472 (ISSN 0167-4048)
DOI - Scheda ARCA: 10278/5004094
2020 Articolo su rivista Calzavara S.; Conti M.; Focardi R.; Rabitti A.; Tolomei G. Machine Learning for Web Vulnerability Detection: The Case of Cross-Site Request Forgery in IEEE SECURITY & PRIVACY, vol. 18, pp. 8-16 (ISSN 1540-7993)
DOI - Scheda ARCA: 10278/3729046
2020 Articolo in Atti di convegno Calzavara S.; Focardi R.; Rabitti A.; Soligo L. A hard lesson: Assessing the HTTPS deployment of Italian university websites , CEUR Workshop Proceedings, CEUR-WS, vol. 2597, pp. 93-104, Convegno: 4th Italian Conference on Cyber Security, ITASEC 2020, 2020 (ISSN 1613-0073)
- URL correlato - Scheda ARCA: 10278/3729045
2020 Articolo in Atti di convegno Calzavara S.; Roth S.; Rabitti A.; Backes M.; Stock B. A tale of two headers: A formal analysis of inconsistent click-jacking protection on the web , Proceedings of the 29th USENIX Security Symposium, USENIX Association, pp. 683-697, Convegno: 29th USENIX Security Symposium, 2020
- Scheda ARCA: 10278/3731395
2019 Articolo su rivista Calzavara, Stefano*; Rabitti, Alvise; Bugliesi, Michele Sub-session hijacking on the web: Root causes and prevention in JOURNAL OF COMPUTER SECURITY, vol. 27, pp. 233-257 (ISSN 0926-227X)
DOI - URL correlato - Scheda ARCA: 10278/3713216
2019 Articolo in Atti di convegno Stefano Calzavara; Mauro Conti; Riccardo Focardi; Alvise Rabitti; Gabriele Tolomei Mitch: A machine learning approach to the black-box detection of CSRF vulnerabilities , Proceedings - 2019 IEEE European Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers Inc., pp. 528-543, Convegno: 4th IEEE European Symposium on Security and Privacy
DOI - Scheda ARCA: 10278/3713410
2019 Articolo in Atti di convegno Stefano Calzavara; Riccardo Focardi; Matus Nemec; Alvise Rabitti; Marco Squarcina Postcards from the post-HTTP world: Amplification of HTTPS vulnerabilities in the web ecosystem , Proceedings - 2019 IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers Inc., vol. 1, pp. 948-965, Convegno: 40th IEEE Symposium on Security and Privacy
DOI - Scheda ARCA: 10278/3713409
2019 Articolo in Atti di convegno Calzavara S.; Rabitti A.; Bugliesi M. Semantically Sound Analysis of Content Security Policies , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, vol. 11535, pp. 293-297, Convegno: 39th IFIP WG 6.1 International Conference on Formal Techniques for Distributed Objects, Components, and Systems, FORTE 2019 held as part of the 14th International Federated Conference on Distributed Computing Techniques, DisCoTec 2019, 2019 (ISBN 978-3-030-21758-7; 978-3-030-21759-4)
DOI - URL correlato - Scheda ARCA: 10278/3716810
2019 Articolo in Atti di convegno Calzavara S.; Rabitti A.; Ragazzo A.; Bugliesi M. Testing for Integrity Flaws in Web Sessions , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer, vol. 11736, pp. 606-624, Convegno: 24th European Symposium on Research in Computer Security, ESORICS 2019, 2019 (ISBN 978-3-030-29961-3; 978-3-030-29962-0)
DOI - URL correlato - Scheda ARCA: 10278/3722895
2018 Articolo su rivista Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Semantics-based analysis of content security policy deployment in ACM TRANSACTIONS ON THE WEB, vol. 12, pp. 1-36 (ISSN 1559-1131)
DOI - URL correlato - Scheda ARCA: 10278/3698102
2018 Articolo in Atti di convegno Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Dr Cookie and Mr Token - Web session implementations and how to live with them in Calzavara, Stefano, CEUR Workshop Proceedings in CEUR WORKSHOP PROCEEDINGS, CEUR-WS, vol. 2058, Convegno: 2nd Italian Conference on Cyber Security, ITASEC 2018, 2018 (ISSN 1613-0073)
- URL correlato - Scheda ARCA: 10278/3698101
2017 Articolo in Atti di convegno Stefano Calzavara, Alvise Rabitti, Michele Bugliesi CCSP: Controlled relaxation of content security policies by runtime policy composition , Proceedings of the 26th USENIX Security Symposium, USENIX Association, pp. 695-712, Convegno: USENIX Security Symposium
- Scheda ARCA: 10278/3698103
2016 Articolo in Atti di convegno Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Content Security Problems? Evaluating the Effectiveness of Content Security Policy in the Wild , Proceedings of the ACM Conference on Computer and Communications Security, NEW YORK, ASSOC COMPUTING MACHINERY, vol. 24-28-, pp. 1365-1375, Convegno: 23rd ACM Conference on Computer and Communications Security, CCS 2016, 2016 (ISBN 9781450341394; 9781450341394)
DOI - Scheda ARCA: 10278/3685122
2016 Articolo in Atti di convegno Calzavara, Stefano; Rabitti, Alvise; Steffinlongo, Enrico; Bugliesi, Michele Static Detection of Collusion Attacks in ARBAC-based Workflow Systems , Proceedings - IEEE Computer Security Foundations Symposium, 345 E 47TH ST, NEW YORK, NY 10017 USA, IEEE, vol. 2016-, pp. 458-470, Convegno: 29th IEEE Computer Security Foundations Symposium, CSF 2016, 2016 (ISBN 9781509026074; 9781509026074)
DOI - Scheda ARCA: 10278/3685120
2015 Articolo in Atti di convegno Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Compositional Typed Analysis of ARBAC Policies , Proceedings of the Computer Security Foundations Workshop, 345 E 47TH ST, NEW YORK, NY 10017 USA, IEEE, vol. 2015-, pp. 33-45, Convegno: 28th IEEE Computer Security Foundations Symposium, CSF 2015, 2015 (ISBN 9781467375382; 9781467375382)
DOI - Scheda ARCA: 10278/3679811
2015 Articolo in Atti di convegno Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Formal verification of Liferay RBAC , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, vol. 8978, pp. 1-16, Convegno: 7th International Symposium on Engineering Secure Software and Systems, ESSoS 2015, 2015 (ISBN 9783319156170) (ISSN 0302-9743)
DOI - URL correlato - Scheda ARCA: 10278/3679815