CALZAVARA Stefano

Qualifica Ricercatore
Telefono 041 234 8463
E-mail stefano.calzavara@unive.it
Sito web www.unive.it/persone/stefano.calzavara (scheda personale)
Struttura Dipartimento di Scienze Ambientali, Informatica e Statistica
Sito web struttura: https://www.unive.it/dais
Sede: Campus scientifico via Torino
Research Institute Research Institute for Complexity

Pubblicazioni per anno

2019
  • Calzavara, Stefano*; Rabitti, Alvise; Bugliesi, Michele Sub-session hijacking on the web: Root causes and prevention in JOURNAL OF COMPUTER SECURITY, vol. 27, pp. 233-257 (ISSN 0926-227X) (Articolo su rivista)
    Link DOIURL correlato Link al documento: 10278/3713216
  • Stefano Calzavara; Mauro Conti; Riccardo Focardi; Alvise Rabitti; Gabriele Tolomei Mitch: A machine learning approach to the black-box detection of CSRF vulnerabilities , Proceedings - 2019 IEEE European Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers Inc., pp. 528-543, Convegno: 4th IEEE European Symposium on Security and Privacy (Articolo in Atti di convegno)
    Link al documento: 10278/3713410
  • Stefano Calzavara; Riccardo Focardi; Matus Nemec; Alvise Rabitti; Marco Squarcina Postcards from the post-HTTP world: Amplification of HTTPS vulnerabilities in the web ecosystem , Proceedings - 2019 IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers Inc., vol. 1, pp. 948-965, Convegno: 40th IEEE Symposium on Security and Privacy (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/3713409
  • Calzavara S.; Rabitti A.; Bugliesi M. Semantically Sound Analysis of Content Security Policies , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, vol. 11535, pp. 293-297, Convegno: 39th IFIP WG 6.1 International Conference on Formal Techniques for Distributed Objects, Components, and Systems, FORTE 2019 held as part of the 14th International Federated Conference on Distributed Computing Techniques, DisCoTec 2019, 2019 (ISBN 978-3-030-21758-7; 978-3-030-21759-4) (ISSN 0302-9743) (Articolo in Atti di convegno)
    Link DOIURL correlato Link al documento: 10278/3716810
2018
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Semantics-based analysis of content security policy deployment in ACM TRANSACTIONS ON THE WEB, vol. 12, pp. 1-36 (ISSN 1559-1131) (Articolo su rivista)
    Link DOIURL correlato Link al documento: 10278/3698102
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Dr Cookie and Mr Token - Web session implementations and how to live with them in Calzavara, Stefano, CEUR Workshop Proceedings in CEUR WORKSHOP PROCEEDINGS, CEUR-WS, vol. 2058, Convegno: 2nd Italian Conference on Cyber Security, ITASEC 2018, 2018 (ISSN 1613-0073) (Articolo in Atti di convegno)
    URL correlato Link al documento: 10278/3698101
  • Stefano Calzavara, Riccardo Focardi, Matteo Maffei, Clara Schneidewind, Marco Squarcina, Mauro Tempesta WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring , Proceedings of the 27th USENIX Security Symposium, USENIX Association, pp. 1493-1510, Convegno: USENIX Security (ISBN 978-1-931971-46-1) (Articolo in Atti di convegno)
    Link al documento: 10278/3704779
2017
  • Bugliesi, Michele; Calzavara, Stefano; Focardi, Riccardo Formal methods for web security in THE JOURNAL OF LOGICAL AND ALGEBRAIC METHODS IN PROGRAMMING, vol. 87, pp. 110-126 (ISSN 2352-2216) (Articolo su rivista)
    Link DOIURL correlato Link al documento: 10278/3685125
  • Calzavara, Stefano; Focardi, Riccardo; Squarcina, Marco; Tempesta, Mauro Surviving the Web: A Journey into Web Session Security in ACM COMPUTING SURVEYS, vol. 50 (ISSN 0360-0300) (Articolo su rivista)
    Link DOI Link al documento: 10278/3685081
  • Calzavara, Stefano; Grishchenko, Ilya; Koutsos, Adrien; Maffei, Matteo A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications , Proceedings - IEEE Computer Security Foundations Symposium in PROCEEDINGS IEEE COMPUTER SECURITY FOUNDATIONS SYMPOSIUM, IEEE Computer Society, pp. 22-36, Convegno: 30th IEEE Computer Security Foundations Symposium, CSF 2017, 2017 (ISBN 9781538632161) (ISSN 1940-1434) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/3697728
  • Stefano Calzavara, Alvise Rabitti, Michele Bugliesi CCSP: Controlled relaxation of content security policies by runtime policy composition , Proceedings of the 26th USENIX Security Symposium, USENIX Association, pp. 695-712, Convegno: USENIX Security Symposium (Articolo in Atti di convegno)
    Link al documento: 10278/3698103
2016
  • Bugliesi, Michele; Calzavara, Stefano; Mödersheim, Sebastian; Modesti, Paolo Security protocol specification and verification with AnBx in JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, vol. 30, pp. 46-63 (ISSN 2214-2134) (Articolo su rivista)
    Link DOIURL correlato Link al documento: 10278/3685123
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Content security problems?: Evaluating the effectiveness of content security policy in the wild , Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, vol. 24-28-, pp. 1365-1375, Convegno: 23rd ACM Conference on Computer and Communications Security, CCS 2016, 2016 (ISBN 9781450341394; 9781450341394) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/3685122
  • Calzavara, Stefano; Grishchenko, Ilya; Maffei, Matteo HornDroid: Practical and sound static analysis of android applications by SMT solving , Proceedings - 2016 IEEE European Symposium on Security and Privacy, EURO S and P 2016, Institute of Electrical and Electronics Engineers Inc., pp. 47-62, Convegno: 1st IEEE European Symposium on Security and Privacy, EURO S and P 2016, 2016 (ISBN 9781509017515; 9781509017515) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/3685117
  • Calzavara, Stefano; Focardi, Riccardo; Grimm, Niklas; Maffei, Matteo Micro-policies for Web Session Security , IEEE 29th Computer Security Foundations Symposium, CSF 2016, IEEE Computer Society, pp. 179-193, Convegno: IEEE 29th Computer Security Foundations Symposium (ISBN 978-1-5090-2607-4) (Articolo in Atti di convegno)
    Link DOIURL correlato Link al documento: 10278/3684380
  • Calzavara, Stefano; Rabitti, Alvise; Steffinlongo, Enrico; Bugliesi, Michele Static detection of collusion attacks in ARBAC-based workflow systems , Proceedings - IEEE Computer Security Foundations Symposium, IEEE Computer Society, vol. 2016-, pp. 458-470, Convegno: 29th IEEE Computer Security Foundations Symposium, CSF 2016, 2016 (ISBN 9781509026074; 9781509026074) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/3685120
2015
  • Calzavara, S.; Tolomei, G.; Casini, A.; Bugliesi, M.; Orlando, S. A supervised learning approach to protect client authentication on the web in ACM TRANSACTIONS ON THE WEB, Association for Computing Machinery, vol. 9, pp. 1-30 (ISSN 1559-1131) (Articolo su rivista)
    Link DOIURL correlato Link al documento: 10278/3661257
  • Bugliesi, Michele; Calzavara, Stefano; Eigner, Fabienne; Maffei, Matteo Affine Refinement Types for Secure Distributed Programming in ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, Association for Computing Machinery, vol. 37, pp. 1-66 (ISSN 0164-0925) (Articolo su rivista)
    Link DOIURL correlato Link al documento: 10278/3661939
  • Bugliesi, Michele; Calzavara, Stefano; Focardi, Riccardo; Khan, Wilayat CookiExt: Patching the browser against session hijacking attacks in JOURNAL OF COMPUTER SECURITY, vol. 23, pp. 509-537 (ISSN 0926-227X) (Articolo su rivista)
    Link DOIURL correlato Link al documento: 10278/3663357
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Compositional Typed Analysis of ARBAC Policies , Proceedings of the Computer Security Foundations Workshop, IEEE Computer Society, vol. 2015-, pp. 33-45, Convegno: 28th IEEE Computer Security Foundations Symposium, CSF 2015, 2015 (ISBN 9781467375382; 9781467375382) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/3679811
  • Calzavara, Stefano; Bugliesi, Michele; Crafa, S.; Steffinlongo, Enrico Fine-grained Detection of Privilege Escalation Attacks on Browser Extensions in Stefano Calzavara, Michele Bugliesi, Silvia Crafa, Enrico Steffinlongo, ESOP 2015, Germany: Springer Verlag Germany, vol. 8978, pp. 510-534, Convegno: European Symposium on Programming (ISBN 9783662466681) (ISSN 0302-9743) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/3655341
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele Formal verification of Liferay RBAC , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, vol. 8978, pp. 1-16, Convegno: 7th International Symposium on Engineering Secure Software and Systems, ESSoS 2015, 2015 (ISBN 9783319156170; 9783319156170) (ISSN 0302-9743) (Articolo in Atti di convegno)
    URL correlato Link al documento: 10278/3679815
2014
  • M. Bugliesi; S. Calzavara; R. Focardi; W. Khan Automatic and robust client-side protection for cookie-based sessions , Engineering Secure Software and Systems, Springer, Convegno: 6th International Symposium, ESSoS 2014 (ISBN 9783319048963) (ISSN 0302-9743) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/42442
  • Khan, Wilayat; Calzavara, Stefano; Bugliesi, Michele; DE GROEF, W.; Piessens, F. Client Side Web Session Integrity as a Non-Interference Property in KHAN W., CALZAVARA S., BUGLIESI M., DE GROEF W.,PIESSENS F., Information Systems Security - 10th International Conference, ICISS 2014,, Springer Verlag, vol. 8880, pp. 89-108, Convegno: Information Systems Security - 10th International Conference, ICISS 2014,, 2014 (ISBN 9783319138404; 9783319138411) (ISSN 1611-3349) (Articolo in Atti di convegno)
    Link DOIURL correlato Link al documento: 10278/44059
  • Michele Bugliesi; Stefano Calzavara; Riccardo Focardi; Wilayat Khan; Mauro Tempesta Provably Sound Browser-Based Enforcement of Web Session Integrity , Proceedings of the 27th Computer Security Foundations Symposium, IEEE, Convegno: Computer Security Foundations Symposium, 19-22 July 2014 (ISBN 9781479942909) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/42652
  • Stefano Calzavara;Gabriele Tolomei;Michele Bugliesi;Salvatore Orlando Quite a mess in my cookie jar! Leveraging machine learning to protect web authentication , Proceedings of the 23rd international conference on World wide web - WWW '14, ACM Press, pp. 189-200, Convegno: International Conference on World Wide Web (ISBN 9781450327442) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/42600
2013
  • Michele Bugliesi; Stefano Calzavara; Fabienne Eigner; Matteo Maffei Affine Refinement Types for Authentication and Authorization , 7th International Symposium on Trustworthy Global Computing, Berlin Heidelberg, Springer- Verlag, vol. 8191, pp. 19-33, Convegno: TGC 2012 (ISBN 9783642411564) (ISSN 0302-9743) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/37560
  • Michele Bugliesi; Stefano Calzavara; Alvise Spano Lintent: Towards Security Type-Checking of Android Applications , FMOODS/FORTE, Berlin Hidelberg, SPRINGER-VERLAG, vol. 7892, pp. 289-304, Convegno: Formal Techniques for Distributed Systems - Joint IFIP WG 6.1 International Conference, FMOODS/FORTE 2013, Held as Part of the 8th International Federated Conference on Distributed Computing Techniques, DisCoTec, June 3-5, 2013 (ISBN 9783642385919) (ISSN 0302-9743) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/39004
  • Michele Bugliesi; Stefano Calzavara; Fabienne Eigner; Matteo Maffei Logical Foundations of Secure Resource Management in Protocol Implementations , 2nd Conference on Principles of Security and Trust, SPRINGER-VERLAG, vol. 7796, pp. 105-125, Convegno: POST 2013 (ISBN 9783642368295) (ISSN 0302-9743) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/37534
2012
  • BUGLIESI M.; CALZAVARA S.; FOCARDI R.; SQUARCINA M; Gran: model checking grsecurity RBAC policies , Proceedings 2012 IEEE 25th Computer Security Foundations Symposium CSF 2012, IEEE Computer Society, pp. 126-138, Convegno: CSF 2012, 25-27 June 2012 (ISBN 9780769547183) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/39019
2011
  • BUGLIESI M.; CALZAVARA S.; MAFFEI M.; EIGNER F. Resource-Aware Authorization Policies for Statically Typed Cryptographic Protocols , Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF 2011, IEEE Computer Society, pp. 83-98, Convegno: CSF 2011, 26-29 June 2011 (ISBN 9781612846446) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/28120
2010
  • Bugliesi M.; Calzavara S.; Macedonio D. Secrecy and Authenticity Types for Secure Distributed Messaging , Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security - Joint Workshop, ARSPA-WITS 2010, Paphos, Cyprus, March 27-28, 2010. Revised Selected Papers, SPRINGER-VERLAG, vol. 6186, pp. 23-40, Convegno: ARSPA-WITS 2010 (ISBN 9783642160738) (ISSN 0302-9743) (Articolo in Atti di convegno)
    Link DOI Link al documento: 10278/24296