CALZAVARA Stefano

Qualifica Ricercatore
Telefono 041 234 8463
E-mail stefano.calzavara@unive.it
Sito web www.unive.it/persone/stefano.calzavara (scheda personale)
Struttura Dipartimento di Scienze Ambientali, Informatica e Statistica
Sito web struttura: https://www.unive.it/dais
Sede: Campus scientifico via Torino
Research Institute Research Institute for Complexity

Pubblicazioni per tipologia

Articolo su rivista
  • Calzavara, Stefano*; Rabitti, Alvise; Bugliesi, Michele (2019), Sub-session hijacking on the web: Root causes and prevention in JOURNAL OF COMPUTER SECURITY, vol. 27, pp. 233-257 (ISSN 0926-227X)
    Link DOIURL correlato Link al documento: 10278/3713216
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele (2018), Semantics-based analysis of content security policy deployment in ACM TRANSACTIONS ON THE WEB, vol. 12, pp. 1-36 (ISSN 1559-1131)
    Link DOIURL correlato Link al documento: 10278/3698102
  • Bugliesi, Michele; Calzavara, Stefano; Focardi, Riccardo (2017), Formal methods for web security in THE JOURNAL OF LOGICAL AND ALGEBRAIC METHODS IN PROGRAMMING, vol. 87, pp. 110-126 (ISSN 2352-2216)
    Link DOIURL correlato Link al documento: 10278/3685125
  • Calzavara, Stefano; Focardi, Riccardo; Squarcina, Marco; Tempesta, Mauro (2017), Surviving the Web: A Journey into Web Session Security in ACM COMPUTING SURVEYS, vol. 50 (ISSN 0360-0300)
    Link DOI Link al documento: 10278/3685081
  • Bugliesi, Michele; Calzavara, Stefano; Mödersheim, Sebastian; Modesti, Paolo (2016), Security protocol specification and verification with AnBx in JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, vol. 30, pp. 46-63 (ISSN 2214-2134)
    Link DOIURL correlato Link al documento: 10278/3685123
  • Calzavara, S.; Tolomei, G.; Casini, A.; Bugliesi, M.; Orlando, S. (2015), A supervised learning approach to protect client authentication on the web in ACM TRANSACTIONS ON THE WEB, Association for Computing Machinery, vol. 9, pp. 1-30 (ISSN 1559-1131)
    Link DOIURL correlato Link al documento: 10278/3661257
  • Bugliesi, Michele; Calzavara, Stefano; Eigner, Fabienne; Maffei, Matteo (2015), Affine Refinement Types for Secure Distributed Programming in ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, Association for Computing Machinery, vol. 37, pp. 1-66 (ISSN 0164-0925)
    Link DOIURL correlato Link al documento: 10278/3661939
  • Bugliesi, Michele; Calzavara, Stefano; Focardi, Riccardo; Khan, Wilayat (2015), CookiExt: Patching the browser against session hijacking attacks in JOURNAL OF COMPUTER SECURITY, vol. 23, pp. 509-537 (ISSN 0926-227X)
    Link DOIURL correlato Link al documento: 10278/3663357
Articolo in Atti di convegno
  • Stefano Calzavara; Mauro Conti; Riccardo Focardi; Alvise Rabitti; Gabriele Tolomei (2019), Mitch: A machine learning approach to the black-box detection of CSRF vulnerabilities , Proceedings - 2019 IEEE European Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers Inc., pp. 528-543, Convegno: 4th IEEE European Symposium on Security and Privacy
    Link al documento: 10278/3713410
  • Stefano Calzavara; Riccardo Focardi; Matus Nemec; Alvise Rabitti; Marco Squarcina (2019), Postcards from the post-HTTP world: Amplification of HTTPS vulnerabilities in the web ecosystem , Proceedings - 2019 IEEE Symposium on Security and Privacy, Institute of Electrical and Electronics Engineers Inc., vol. 1, pp. 948-965, Convegno: 40th IEEE Symposium on Security and Privacy
    Link DOI Link al documento: 10278/3713409
  • Calzavara S.; Rabitti A.; Bugliesi M. (2019), Semantically Sound Analysis of Content Security Policies , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, vol. 11535, pp. 293-297, Convegno: 39th IFIP WG 6.1 International Conference on Formal Techniques for Distributed Objects, Components, and Systems, FORTE 2019 held as part of the 14th International Federated Conference on Distributed Computing Techniques, DisCoTec 2019, 2019 (ISBN 978-3-030-21758-7; 978-3-030-21759-4) (ISSN 0302-9743)
    Link DOIURL correlato Link al documento: 10278/3716810
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele (2018), Dr Cookie and Mr Token - Web session implementations and how to live with them in Calzavara, Stefano, CEUR Workshop Proceedings in CEUR WORKSHOP PROCEEDINGS, CEUR-WS, vol. 2058, Convegno: 2nd Italian Conference on Cyber Security, ITASEC 2018, 2018 (ISSN 1613-0073)
    URL correlato Link al documento: 10278/3698101
  • Stefano Calzavara, Riccardo Focardi, Matteo Maffei, Clara Schneidewind, Marco Squarcina, Mauro Tempesta (2018), WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring , Proceedings of the 27th USENIX Security Symposium, USENIX Association, pp. 1493-1510, Convegno: USENIX Security (ISBN 978-1-931971-46-1)
    Link al documento: 10278/3704779
  • Calzavara, Stefano; Grishchenko, Ilya; Koutsos, Adrien; Maffei, Matteo (2017), A Sound Flow-Sensitive Heap Abstraction for the Static Analysis of Android Applications , Proceedings - IEEE Computer Security Foundations Symposium in PROCEEDINGS IEEE COMPUTER SECURITY FOUNDATIONS SYMPOSIUM, IEEE Computer Society, pp. 22-36, Convegno: 30th IEEE Computer Security Foundations Symposium, CSF 2017, 2017 (ISBN 9781538632161) (ISSN 1940-1434)
    Link DOI Link al documento: 10278/3697728
  • Stefano Calzavara, Alvise Rabitti, Michele Bugliesi (2017), CCSP: Controlled relaxation of content security policies by runtime policy composition , Proceedings of the 26th USENIX Security Symposium, USENIX Association, pp. 695-712, Convegno: USENIX Security Symposium
    Link al documento: 10278/3698103
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele (2016), Content security problems?: Evaluating the effectiveness of content security policy in the wild , Proceedings of the ACM Conference on Computer and Communications Security, Association for Computing Machinery, vol. 24-28-, pp. 1365-1375, Convegno: 23rd ACM Conference on Computer and Communications Security, CCS 2016, 2016 (ISBN 9781450341394; 9781450341394)
    Link DOI Link al documento: 10278/3685122
  • Calzavara, Stefano; Grishchenko, Ilya; Maffei, Matteo (2016), HornDroid: Practical and sound static analysis of android applications by SMT solving , Proceedings - 2016 IEEE European Symposium on Security and Privacy, EURO S and P 2016, Institute of Electrical and Electronics Engineers Inc., pp. 47-62, Convegno: 1st IEEE European Symposium on Security and Privacy, EURO S and P 2016, 2016 (ISBN 9781509017515; 9781509017515)
    Link DOI Link al documento: 10278/3685117
  • Calzavara, Stefano; Focardi, Riccardo; Grimm, Niklas; Maffei, Matteo (2016), Micro-policies for Web Session Security , IEEE 29th Computer Security Foundations Symposium, CSF 2016, IEEE Computer Society, pp. 179-193, Convegno: IEEE 29th Computer Security Foundations Symposium (ISBN 978-1-5090-2607-4)
    Link DOIURL correlato Link al documento: 10278/3684380
  • Calzavara, Stefano; Rabitti, Alvise; Steffinlongo, Enrico; Bugliesi, Michele (2016), Static detection of collusion attacks in ARBAC-based workflow systems , Proceedings - IEEE Computer Security Foundations Symposium, IEEE Computer Society, vol. 2016-, pp. 458-470, Convegno: 29th IEEE Computer Security Foundations Symposium, CSF 2016, 2016 (ISBN 9781509026074; 9781509026074)
    Link DOI Link al documento: 10278/3685120
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele (2015), Compositional Typed Analysis of ARBAC Policies , Proceedings of the Computer Security Foundations Workshop, IEEE Computer Society, vol. 2015-, pp. 33-45, Convegno: 28th IEEE Computer Security Foundations Symposium, CSF 2015, 2015 (ISBN 9781467375382; 9781467375382)
    Link DOI Link al documento: 10278/3679811
  • Calzavara, Stefano; Bugliesi, Michele; Crafa, S.; Steffinlongo, Enrico (2015), Fine-grained Detection of Privilege Escalation Attacks on Browser Extensions in Stefano Calzavara, Michele Bugliesi, Silvia Crafa, Enrico Steffinlongo, ESOP 2015, Germany: Springer Verlag Germany, vol. 8978, pp. 510-534, Convegno: European Symposium on Programming (ISBN 9783662466681) (ISSN 0302-9743)
    Link DOI Link al documento: 10278/3655341
  • Calzavara, Stefano; Rabitti, Alvise; Bugliesi, Michele (2015), Formal verification of Liferay RBAC , Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Springer Verlag, vol. 8978, pp. 1-16, Convegno: 7th International Symposium on Engineering Secure Software and Systems, ESSoS 2015, 2015 (ISBN 9783319156170; 9783319156170) (ISSN 0302-9743)
    URL correlato Link al documento: 10278/3679815
  • M. Bugliesi; S. Calzavara; R. Focardi; W. Khan (2014), Automatic and robust client-side protection for cookie-based sessions , Engineering Secure Software and Systems, Springer, Convegno: 6th International Symposium, ESSoS 2014 (ISBN 9783319048963) (ISSN 0302-9743)
    Link DOI Link al documento: 10278/42442
  • Khan, Wilayat; Calzavara, Stefano; Bugliesi, Michele; DE GROEF, W.; Piessens, F. (2014), Client Side Web Session Integrity as a Non-Interference Property in KHAN W., CALZAVARA S., BUGLIESI M., DE GROEF W.,PIESSENS F., Information Systems Security - 10th International Conference, ICISS 2014,, Springer Verlag, vol. 8880, pp. 89-108, Convegno: Information Systems Security - 10th International Conference, ICISS 2014,, 2014 (ISBN 9783319138404; 9783319138411) (ISSN 1611-3349)
    Link DOIURL correlato Link al documento: 10278/44059
  • Michele Bugliesi; Stefano Calzavara; Riccardo Focardi; Wilayat Khan; Mauro Tempesta (2014), Provably Sound Browser-Based Enforcement of Web Session Integrity , Proceedings of the 27th Computer Security Foundations Symposium, IEEE, Convegno: Computer Security Foundations Symposium, 19-22 July 2014 (ISBN 9781479942909)
    Link DOI Link al documento: 10278/42652
  • Stefano Calzavara;Gabriele Tolomei;Michele Bugliesi;Salvatore Orlando (2014), Quite a mess in my cookie jar! Leveraging machine learning to protect web authentication , Proceedings of the 23rd international conference on World wide web - WWW '14, ACM Press, pp. 189-200, Convegno: International Conference on World Wide Web (ISBN 9781450327442)
    Link DOI Link al documento: 10278/42600
  • Michele Bugliesi; Stefano Calzavara; Fabienne Eigner; Matteo Maffei (2013), Affine Refinement Types for Authentication and Authorization , 7th International Symposium on Trustworthy Global Computing, Berlin Heidelberg, Springer- Verlag, vol. 8191, pp. 19-33, Convegno: TGC 2012 (ISBN 9783642411564) (ISSN 0302-9743)
    Link DOI Link al documento: 10278/37560
  • Michele Bugliesi; Stefano Calzavara; Alvise Spano (2013), Lintent: Towards Security Type-Checking of Android Applications , FMOODS/FORTE, Berlin Hidelberg, SPRINGER-VERLAG, vol. 7892, pp. 289-304, Convegno: Formal Techniques for Distributed Systems - Joint IFIP WG 6.1 International Conference, FMOODS/FORTE 2013, Held as Part of the 8th International Federated Conference on Distributed Computing Techniques, DisCoTec, June 3-5, 2013 (ISBN 9783642385919) (ISSN 0302-9743)
    Link DOI Link al documento: 10278/39004
  • Michele Bugliesi; Stefano Calzavara; Fabienne Eigner; Matteo Maffei (2013), Logical Foundations of Secure Resource Management in Protocol Implementations , 2nd Conference on Principles of Security and Trust, SPRINGER-VERLAG, vol. 7796, pp. 105-125, Convegno: POST 2013 (ISBN 9783642368295) (ISSN 0302-9743)
    Link DOI Link al documento: 10278/37534
  • BUGLIESI M.; CALZAVARA S.; FOCARDI R.; SQUARCINA M; (2012), Gran: model checking grsecurity RBAC policies , Proceedings 2012 IEEE 25th Computer Security Foundations Symposium CSF 2012, IEEE Computer Society, pp. 126-138, Convegno: CSF 2012, 25-27 June 2012 (ISBN 9780769547183)
    Link DOI Link al documento: 10278/39019
  • BUGLIESI M.; CALZAVARA S.; MAFFEI M.; EIGNER F. (2011), Resource-Aware Authorization Policies for Statically Typed Cryptographic Protocols , Proceedings of the 24th IEEE Computer Security Foundations Symposium, CSF 2011, IEEE Computer Society, pp. 83-98, Convegno: CSF 2011, 26-29 June 2011 (ISBN 9781612846446)
    Link DOI Link al documento: 10278/28120
  • Bugliesi M.; Calzavara S.; Macedonio D. (2010), Secrecy and Authenticity Types for Secure Distributed Messaging , Automated Reasoning for Security Protocol Analysis and Issues in the Theory of Security - Joint Workshop, ARSPA-WITS 2010, Paphos, Cyprus, March 27-28, 2010. Revised Selected Papers, SPRINGER-VERLAG, vol. 6186, pp. 23-40, Convegno: ARSPA-WITS 2010 (ISBN 9783642160738) (ISSN 0302-9743)
    Link DOI Link al documento: 10278/24296