Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/en/taxonomy/term/82' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Warning: pg_query(): Query failed: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 in /dati/webiit-old/includes/database.pgsql.inc on line 138 Warning: ERROR: missing chunk number 0 for toast value 29512337 in pg_toast_2619 query: SELECT data, created, headers, expire, serialized FROM cache_page WHERE cid = 'https://www-old.iit.cnr.it/en/taxonomy/term/82' in /dati/webiit-old/includes/database.pgsql.inc on line 159 Security | IIT - CNR - Istituto di Informatica e Telematica
IIT Home Page CNR Home Page


Research fields

The Future of Global Internet governance

CNR was involved in the Global Internet governance matters at international level since the ARPAnet times. Now, the IIT institute is the promoter, within CNR, of a new multi-disciplinary research project on Internet governance to study questions that are coming from the evolving needs of the global Internet and are connected to technical standardization, to resource allocation and assignment, to legal and regulatory matters, to public policy and societal issues, to technologies, practices and to the evolving needs of the global Internet. While we are coming from a technological background, we recognize that it is important to work with all stakeholders from all sectors to achieve the fullest benefits of the Internet for all participants in the global network.


Digital Signature

E-Government Security

Analysis and research regarding security components of network architecture and infrastructure, specifically concerning e-government (Public Administration networks).

Security for mobile devices

Within the Future Internet framework, this line of research addresses the privacy and security of mobile devices such as the so called smart phones, e.g., mobile phones with a significant communica

Wireless Network Security

This activity is aimed at understanding the security and privacy implications of the widespread diffusion of mobile social networking applications.


Sicurezza dell'informazione


Camera di Commercio Italiana negli Emirati Arabi Uniti (IICUAE)


Telecom Italia SPA - Future Center

Telecom Italia’s Future Centre hosts higher education services, as well as specialized laboratories, and  international cross-field project teams, mainly focused on digital rebuilding of


EU Project - Collaborative information, Acquisition, Processing, Exploitation and Reporting for the prevention of organised crime (CAPER)

Organised crime use information technology systems to communicate, work or expand their influence. Current tools for the fight against organised crime have shown their limits and reflect the need to develop a scalable tool to track them more efficiently.

CAPER ’s objective is to build a common collaborative and information sharing platform for the detection and prevention of organised crime exploiting Open Source Intelligence. State intelligence agencies are becoming more inclined to use Open Source Intelligence (OSI), and particularly tools typically associated with the Social or Semantic Web.

The analysis modules built in the CAPERproject will also give new value to existing intelligence through image, video, speech and biometric analysis.


Secure! is a research project funded by the Tuscany region that aims to create an innovative decision support system in terms of public safety, private and civil protection.

Publications and editorial products until 01/01/2016

1st International Workshop on TEchnical and LEgal aspects of data pRIvacy and Security (TELERISE 2015) - ICSE 2015

Applying generalized non deducibility on compositions (GNDC) approach in dependability

A proposal on enhancing XACML with continuous usage control features

A proposal on enhancing XACML with continuous usage control features

A Secure Communication Suite for Underwater Acoustic Sensor Networks

Assosecurity - La sicurezza nelle tecnologie per la mobilità

A Survey on Security for Mobile Devices

Comprehensive Approach to Increase Cyber Security and Resilience

Computer virus e posta elettronica: una guida per l'utente

Contract-based Approaches for Securing Web Services

Determining the Probability of Smart Grid Attacks by Combining Attack Tree and Attack Graph Analysis

Federation and security aspects for the management of the EHR in Italy

Flyer gruppo di ricerca "Trustworthy and Secure Future Internet"

Homeland and Global Security

How to Grant Less Permissions to Facebook Applications

Introducing new technology into italian certified electronic mail: a proposal

Introducing probabilities in contract-based approaches for mobile application security

Introduction to the Safecomp 2014 Workshop: Reliability and Security Aspects for Critical Infrastructure Protection (ReSA4CI 2014).

Italian Electronic Health Record: a proposal of a Federated Authentication and Authorization Infrastructure

Lazy Security Controllers

Multi-dimensional Secure Service Orchestration

On Usage Control for GRID Services

Preserving QoI in participatory sensing by tackling location-spoofing through mobile WiFi hotspots

Preserving Security Properties under Refinement

Programma del Workshop "Trustable Internet as the engine for the dissemination of culture and industrial innovation" - Dubai, Novembre 2014

Quantitative Analysis of Network Security with Abstract Argumentation

Risk Analysis of Android Applications: A Multi-Criteria and Usable Approach

Risparmiare in sicurezza non paga: prima o poi il conto arriverà

Secure Software Engineering for Connected Vehicles: A Research Agenda

Security and Trust

Security and Trust Management for Virtual Organisations: GridTrust Approach

Semiring-base Specification Approaches for Quantitative Security

There are Two Sides to Every Question - Controller Versus Attacker.

The role of communication systems in smart grids: Architectures, technical solutions and research challenges

Usage control in SIP-based multimedia delivery

Using Attack Graphs to Analyze Social Engineering Threats

Publications and editorial products from the 01/01/2016

A Joint Safety and Security Analysis of message protection for CAN bus protocol

Android Collusion: Detecting Malicious Applications Inter-Communication through SharedPreferences

A Survey on Privacy in Decentralized Online Social Networks

A Survey over Low-Level Security Issues in Heavy Duty Vehicles

Concurrent History-based Usage Control Policies

Data Sharing Agreements: How to Glue Definition, Analysis and Mapping Together.

Digital persona portrayal: Identifying pluridentity vulnerabilities in digital life

Dynamic Malware Detection and Phylogeny Analysis using Process Mining

Evaluating Model Checking for Cyber Threats Code Obfuscation Identification

Game Bot Detection in Online Role Player Game through Behavioural Features

How Distributed Ledgers Can Transform Healthcare Applications

Improving Vehicle Safety Through a Fog Collaborative Infrastructure.

Introduction to ReSA4CI 2016.

LEILA: formaL tool for idEntifying mobIle maLicious behAviour

LVS: A WiFi-based system to tackle Location Spoofing in location-based services

Machine Learning meets iOS Malware: Identifying Malicious Applications on Apple Environment

Model checking and machine learning techniques for HummingBad mobile malware detection and mitigation

Phylogenetic Analysis for Ransomware Detection and Classification into Families

Practical Location Validation in Participatory Sensing Through Mobile WiFi Hotspots

Practical Privacy Preserving Medical Diagnosis using Homomorphic Encryption

Privacy Preserving Distributed Attribute Computation for Usage Control in the Internet of Things

Privacy-Utility Feature Selection as a Privacy Mechanism in Collaborative Data Classification

Privacy-Utility Feature Selection as a tool in Private Data Classification

RESPOnSE—A Framework for Enforcing Risk-Aware Security Policies in Constrained Dynamic Environments

Security assessment of systems of systems

Security by insurance for services

Security by insurance for services

Towards the Insurance of Healthcare Systems

Trade-Off Analysis of Safety and Security in CAN bus communication

Visualizing the outcome of dynamic analysis of Android malware with VizMal