Search For:

Displaying 1-8 out of 8 total
Splitting the HTTPS Stream to Attack Secure Web Connections
Found in: IEEE Security and Privacy
By Marco Prandini, Marco Ramilli, Walter Cerroni, Franco Callegati
Issue Date:November 2010
pp. 80-84
The HTTPS protocol is commonly adopted to secure connections to websites, both to guarantee the server's authenticity and to protect the privacy of transmitted data. However, the computational load associated with the protocol's key exchange and encryption...
A Messaging-Based System for Remote Server Administration
Found in: Network and System Security, International Conference on
By Marco Ramilli, Marco Prandini
Issue Date:October 2009
pp. 262-269
The most common method of system administration is accessing the remote system through the network by means of some client-server protocol, giving access to a privileged service always listening on the target system. There are important security and flexib...
Return-Oriented Programming
Found in: IEEE Security & Privacy
By Marco Prandini,Marco Ramilli
Issue Date:November 2012
pp. 84-87
Attackers able to compromise the memory of a target machine can change its behavior and usually gain complete control over it. Despite the ingenious prevention and protection mechanisms that have been implemented in modern operating systems, memory corrupt...
Towards a practical and effective security testing methodology
Found in: Computers and Communications, IEEE Symposium on
By Marco Prandini, Marco Ramilli
Issue Date:June 2010
pp. 320-325
Security testing is an important step in the lifetime of both newly-designed and existing systems. Different methodologies exist to guide testers to the selection, design, and implementation of the most appropriate testing procedures for various contexts. ...
Always the Same, Never the Same
Found in: IEEE Security and Privacy
By Marco Ramilli, Marco Prandini
Issue Date:March 2010
pp. 73-75
The basic technique used by antimalware software for identifying malicious code is signature detection. Even after years of refining, attackers can still easily circumvent it, relying on several ways to manipulate signatures without changing the malware lo...
Taking the Best of Both Worlds: A Comparison and Integration of the U.S. and EU Approaches to E-Voting Systems Evaluation
Found in: Hawaii International Conference on System Sciences
By Marco Prandini, Marco Ramilli
Issue Date:January 2011
pp. 1-10
With regard to e-voting system certification, political bodies around the world show very different approaches, ranging from high-level recommendations on the electoral system, not providing the associated details, to procedures that describe specific cont...
Efficient Certificate Status Handling within PKIs: an Application to Public Administration Services
Found in: Computer Security Applications Conference, Annual
By Marco Prandini
Issue Date:December 1999
pp. 276
Public administrations show a strong interest in digital signature technology as a mean for secure and authenticated document exchange, hoping it will help reducing paper-based transactions with citizens. The main problem posed by this technology is with t...
Security considerations about the adoption of web 2.0 technologies in sensitive e-government processes
Found in: Proceedings of the 5th International Conference on Theory and Practice of Electronic Governance (ICEGOV '11)
By Marco Prandini, Marco Ramilli
Issue Date:September 2011
pp. 285-288
In the recent past, the so-called "Web 2.0" became a powerful tool to enable various eGovernment processes, especially as a link between political bodies and citizens. Politicians and managers, seeking to improve participation, embraced this technology as ...