• Publications
  • Influence
Provably Sound Browser-Based Enforcement of Web Session Integrity
Enforcing protection at the browser side has recently become a popular approach for securing web authentication. Though interesting, existing attempts in the literature only address specific classesExpand
  • 21
  • 2
  • PDF
Surviving the Web
In this article, we survey the most common attacks against web sessions, that is, attacks that target honest web browser users establishing an authenticated session with a trusted web application. WeExpand
  • 22
  • 1
  • PDF
WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring
We present WPSE, a browser-side security monitor for web protocols designed to ensure compliance with the intended protocol flow, as well as confidentiality and integrity properties of messages. WeExpand
  • 8
  • 1
  • PDF
Language-Independent Synthesis of Firewall Policies
Configuring and maintaining a firewall configuration is notoriously hard. Policies are written in low-level, platform-specific languages where firewall rules are inspected and enforced along nonExpand
  • 9
  • PDF
Firewall Management With FireWall Synthesizer
Firewalls are notoriously hard to configure and maintain. Policies are written in lowlevel, system-specific languages where rules are inspected and enforced along non-trivial control flow paths.Expand
  • 2
  • PDF
Transcompiling Firewalls
Porting a policy from a firewall system to another is a difficult and error prone task. Indeed, network administrators have to know in detail the policy meaning, as well as the internals of theExpand
  • 5
  • PDF
Surviving the Web: A Journey into Web Session Security
We survey the most common attacks against web sessions, i.e., attacks which target honest web browser users establishing an authenticated session with a trusted web application. We then reviewExpand
  • 5
Securing the End-points of the Signal Protocol using Intel SGX based Containers
Information flow control (IFC) is a category of techniques for ensuring system security by enforcing information flow properties such as non-interference. Established IFC techniques range from fullyExpand
  • 6
  • PDF
From Firewalls to Functions and Back
Designing and maintaining firewall configurations is hard also for expert system administrators. Indeed, policies are made of a large number of rules and are written in low-level configurationExpand
  • 2
  • PDF
Mind Your Keys? A Security Evaluation of Java Keystores
Cryptography is complex and variegate and requires to combine different algorithms and mechanisms in nontrivial ways. This complexity is often source of vulnerabilities. Secure key management is oneExpand
  • 2
  • PDF