All Stories

  1. Towards Explainable Access Control [BlueSky Paper]

    Article • July 2025, ACM (Association for Computing Machinery)

    Gelareh Hasel Mehri, Nicola Zannone

  2. WiP: Enhancing the Comprehension of XACML Policies

    Article • June 2024, ACM (Association for Computing Machinery)

    Nicola Zannone, Gelareh Hasel Mehri

  3. A Bargaining-Game Framework for Multi-Party Access Control

    Article • June 2024, ACM (Association for Computing Machinery)

    Gelareh Hasel Mehri, Nicola Zannone

  4. Cognition in Social Engineering Empirical Research: a Systematic Literature Review

    Article • ACM Transactions on Computer-Human Interaction, November 2023, ACM (Association for Computing Machinery)

    Nicola Zannone

  5. A Comprehensive Study on Third-Party User Tracking in Mobile Applications

    Article • August 2023, ACM (Association for Computing Machinery)

    Nicola Zannone

  6. Towards Obfuscation of Programmable Logic Controllers

    Article • August 2023, ACM (Association for Computing Machinery)

    Marco Lucchese, Nicola Zannone, Vittoria Cozza

  7. Mitigating Privilege Misuse in Access Control through Anomaly Detection

    Article • August 2023, ACM (Association for Computing Machinery)

    Nicola Zannone, Gelareh Hasel Mehri

  8. HoneyICS: A High-interaction Physics-aware Honeynet for Industrial Control Systems

    Article • August 2023, ACM (Association for Computing Machinery)

    Marco Lucchese, Nicola Zannone

  9. Privacy-Preserving Multi-Party Access Control for Third-Party UAV Services

    Article • May 2023, ACM (Association for Computing Machinery)

    Nicola Zannone

  10. Data Sharing in Social Networks

    Article • May 2023, ACM (Association for Computing Machinery)

    Nicola Zannone

  11. The Influence of Human Factors on the Intention to Report Phishing Emails

    Article • April 2023, ACM (Association for Computing Machinery)

    Nicola Zannone

  12. Towards A High-interaction Physics-aware Honeynet for Industrial Control Systems

    Article • March 2023, ACM (Association for Computing Machinery)

    Nicola Zannone, Marco Lucchese

  13. Poster: A Flexible Relationship-Based Access Control Policy Generator

    Article • June 2022, ACM (Association for Computing Machinery)

    Nicola Zannone

  14. PICO

    Article • April 2022, ACM (Association for Computing Machinery)

    Nicola Zannone

  15. Privacy-preserving policy evaluation in multi-party access control

    Article • Journal of Computer Security, October 2021, IOS Press

    Nicola Zannone

  16. Combining Text and Visual Features to Improve the Identification of Cloned Webpages for Early Phishing Detection

    Article • August 2021, ACM (Association for Computing Machinery)

    Nicola Zannone

  17. Testing the effectiveness of tailored phishing techniques in industry and academia

    Article • July 2020, ACM (Association for Computing Machinery)

    Nicola Zannone

  18. Survey on Access Control for Community-Centered Collaborative Systems

    Article • ACM Computing Surveys, January 2019, ACM (Association for Computing Machinery)

    Nicola Zannone

  19. Behavior analysis in the medical sector

    Article • April 2018, ACM (Association for Computing Machinery)

    Nicola Zannone

  20. Formal analysis of XACML policies using SMT

    Article • Computers & Security, May 2017, Elsevier

    Nicola Zannone

  21. Role Mining with Missing Values

    Article • August 2016, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone, Dr Sokratis Vavilis

  22. A severity-based quantification of data leakages in database systems

    Article • Journal of Computer Security, June 2016, IOS Press

    Nicola Zannone, Dr Sokratis Vavilis

  23. A Hybrid Framework for Data Loss Prevention and Detection

    Article • May 2016, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  24. A Policy Framework for Data Fusion and Derived Data Control

    Article • January 2016, ACM (Association for Computing Machinery)

    Nicola Zannone

  25. Risk-based Analysis of Business Process Executions

    Article • January 2016, ACM (Association for Computing Machinery)

    Nicola Zannone

  26. An Authorization Service for Collaborative Situation Awareness

    Article • January 2016, ACM (Association for Computing Machinery)

    Nicola Zannone

  27. Collaborative Access Decisions: Why Has My Decision Not Been Enforced?

    Article • January 2016, Springer Science + Business Media

    Nicola Zannone

  28. Data Governance and Transparency for Collaborative Systems

    Article • January 2016, Springer Science + Business Media

    Nicola Zannone

  29. Constructing Probable Explanations of Nonconformity: A Data-Aware and History-Based Approach

    Article • December 2015, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  30. An anomaly analysis framework for database systems

    Article • Computers & Security, September 2015, Elsevier

    Dr Sokratis Vavilis, Nicola Zannone

  31. Flow-based reputation with uncertainty: evidence-based subjective logic

    Article • International Journal of Information Security, August 2015, Springer Science + Business Media

    Nicola Zannone

  32. Preventing Information Inference in Access Control

    Article • June 2015, ACM (Association for Computing Machinery)

    Nicola Zannone

  33. On Missing Attributes in Access Control

    Article • June 2015, ACM (Association for Computing Machinery)

    Nicola Zannone

  34. SAFAX – An Extensible Authorization Service for Cloud Environments

    Article • Frontiers in ICT, May 2015, Frontiers

    Nicola Zannone

  35. Pre-Distribution of Certificates for Pseudonymous Broadcast Authentication in VANET

    Article • May 2015, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  36. History-Based Construction of Alignments for Conformance Checking: Formalization and Implementation

    Article • January 2015, Springer Science + Business Media

    Nicola Zannone

  37. Analysis of XACML Policies with SMT

    Article • January 2015, Springer Science + Business Media

    Nicola Zannone

  38. Understanding Computer Security

    Article • Frontiers in ICT, October 2014, Frontiers

    Nicola Zannone

  39. A reference model for reputation systems

    Article • Decision Support Systems, May 2014, Elsevier

    Dr Sokratis Vavilis, Nicola Zannone

  40. CollAC: Collaborative access control

    Article • May 2014, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  41. Data minimisation in communication protocols: a formal analysis framework and application to identity management

    Article • International Journal of Information Security, April 2014, Springer Science + Business Media

    Nicola Zannone

  42. Conviviality-driven access control policy

    Article • Requirements Engineering, February 2014, Springer Science + Business Media

    Nicola Zannone

  43. Data Leakage Quantification

    Article • January 2014, Springer Science + Business Media

    Dr Sokratis Vavilis, Nicola Zannone

  44. Reduction of access control decisions

    Article • January 2014, ACM (Association for Computing Machinery)

    Nicola Zannone

  45. Are On-Line Personae Really Unlinkable?

    Article • January 2014, Springer Science + Business Media

    Nicola Zannone

  46. Privacy Implications of Privacy Settings and Tagging in Facebook

    Article • January 2014, Springer Science + Business Media

    Nicola Zannone

  47. POSTER

    Article • January 2014, ACM (Association for Computing Machinery)

    Nicola Zannone

  48. Controlling Break-the-Glass through Alignment

    Article • September 2013, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  49. Data reliability in home healthcare services

    Article • June 2013, Institute of Electrical & Electronics Engineers (IEEE)

    Dr Sokratis Vavilis, Nicola Zannone

  50. Privacy-Aware Web Service Composition and Ranking

    Article • June 2013, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  51. A SEMANTIC SECURITY FRAMEWORK FOR SYSTEMS OF SYSTEMS

    Article • International Journal of Cooperative Information Systems, March 2013, World Scientific Pub Co Pte Lt

    Nicola Zannone

  52. The POLIPO Security Framework

    Article • January 2013, Springer Science + Business Media

    Nicola Zannone

  53. PERSONA - A Personalized Data Protection Framework

    Article • January 2013, Springer Science + Business Media

    Nicola Zannone

  54. Symbolic Privacy Analysis through Linkability and Detectability

    Article • January 2013, Springer Science + Business Media

    Nicola Zannone

  55. Privacy Analysis of User Behavior Using Alignments

    Article • it - Information Technology, January 2013, De Gruyter

    Nicola Zannone

  56. Privacy-Aware Web Service Composition and Ranking

    Article • International Journal of Web Services Research, January 2013, IGI Global

    Nicola Zannone

  57. POSTER: TRIPLEX

    Article • January 2013, ACM (Association for Computing Machinery)

    Nicola Zannone

  58. Policy Administration in Tag-Based Authorization

    Article • January 2013, Springer Science + Business Media

    Nicola Zannone

  59. Formal Modelling of (De)Pseudonymisation: A Case Study in Health Care Privacy

    Article • January 2013, Springer Science + Business Media

    Nicola Zannone

  60. GEM: A distributed goal evaluation algorithm for trust management

    Article • Theory and Practice of Logic Programming, December 2012, Cambridge University Press

    Nicola Zannone

  61. Enforcing Access Control in Virtual Organizations Using Hierarchical Attribute-Based Encryption

    Article • August 2012, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  62. FLOW-BASED REPUTATION: MORE THAN JUST RANKING

    Article • International Journal of Information Technology & Decision Making, May 2012, World Scientific Pub Co Pte Lt

    Nicola Zannone

  63. Impact of ICT on Home Healthcare

    Article • January 2012, Springer Science + Business Media

    Dr Sokratis Vavilis, Nicola Zannone

  64. Measuring Privacy Compliance Using Fitness Metrics

    Article • January 2012, Springer Science + Business Media

    Nicola Zannone

  65. Requirements engineering within a large-scale security-oriented research project: lessons learned

    Article • Requirements Engineering, November 2011, Springer Science + Business Media

    Nicola Zannone

  66. Measuring Privacy Compliance with Process Specifications

    Article • September 2011, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  67. Security Risk Management by Qualitative Vulnerability Analysis

    Article • September 2011, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  68. A Security Framework for Systems of Systems

    Article • June 2011, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  69. Formal Privacy Analysis of Communication Protocols for Identity Management

    Article • January 2011, Springer Science + Business Media

    Nicola Zannone

  70. Engineering Secure Software and Systems

    Article • January 2011

    Nicola Zannone

  71. Purpose Control: Did You Process the Data for the Intended Purpose?

    Article • January 2011, Springer Science + Business Media

    Nicola Zannone

  72. Modeling Identity-Related Properties and Their Privacy Strength

    Article • January 2011, Springer Science + Business Media

    Nicola Zannone

  73. Organizational Patterns for Security and Dependability

    Article • International Journal of Secure Software Engineering, January 2011, IGI Global

    Nicola Zannone

  74. A Flexible Architecture for Privacy-Aware Trust Management

    Article • Journal of theoretical and applied electronic commerce research, August 2010, SciELO Comision Nacional de Investigacion Cientifica Y Tecnologica (CONICYT)

    Nicola Zannone

  75. Engineering and verifying agent-oriented requirements augmented by business constraints with $${\mathcal{B}}$$ -Tropos

    Article • Autonomous Agents and Multi-Agent Systems, May 2010, Springer Science + Business Media

    Nicola Zannone

  76. Engineering Secure Software and Systems

    Article • January 2010

    Nicola Zannone

  77. Security Requirements Engineering: The SI* Modeling Language and the Secure Tropos Methodology

    Article • January 2010, Springer Science + Business Media

    Nicola Zannone

  78. A vulnerability-centric requirements engineering framework: analyzing security attacks, countermeasures, and requirements based on vulnerabilities

    Article • Requirements Engineering, November 2009, Springer Science + Business Media

    Nicola Zannone

  79. THE SI* MODELING FRAMEWORK: METAMODEL AND APPLICATIONS

    Article • International Journal of Software Engineering and Knowledge Engineering, August 2009, World Scientific Pub Co Pte Lt

    Nicola Zannone

  80. S&D Pattern Deployment at Organizational Level: A Prototype for Remote Healthcare System

    Article • Electronic Notes in Theoretical Computer Science, August 2009, Elsevier

    Nicola Zannone

  81. POLIPO: Policies & OntoLogies for Interoperability, Portability, and autOnomy

    Article • July 2009, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  82. Towards the development of privacy-aware systems

    Article • Information and Software Technology, February 2009, Elsevier

    Nicola Zannone

  83. Engineering Secure Software and Systems

    Article • January 2009

    Nicola Zannone

  84. Goal-Equivalent Secure Business Process Re-engineering

    Article • January 2009, Springer Science + Business Media

    Nicola Zannone

  85. A Modeling Ontology for Integrating Vulnerabilities into Security Requirements Conceptual Foundations

    Article • January 2009, Springer Science + Business Media

    Nicola Zannone

  86. Reputation-Based Ontology Alignment for Autonomy and Interoperability in Distributed Access Control

    Article • January 2009, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  87. How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns

    Article • Artificial Intelligence and Law, November 2008, Springer Science + Business Media

    Nicola Zannone

  88. Why Eliciting and Managing Legal Requirements Is Hard

    Article • September 2008, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  89. Requirements model generation to support requirements elicitation: the Secure Tropos experience

    Article • Automated Software Engineering, May 2008, Springer Science + Business Media

    Nicola Zannone

  90. Risk as Dependability Metrics for the Evaluation of Business Solutions: A Model-driven Approach

    Article • March 2008, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  91. ${\cal B}$ -Tropos

    Article • January 2008, Springer Science + Business Media

    Nicola Zannone

  92. Perceived risk assessment

    Article • January 2008, ACM (Association for Computing Machinery)

    Nicola Zannone

  93. An evaluation of business solutions in manufacturing enterprises

    Article • International Journal of Business Intelligence and Data Mining, January 2008, Inderscience Publishers

    Nicola Zannone, dr. Paolo Ciancarini

  94. Computer-aided Support for Secure Tropos

    Article • Automated Software Engineering, August 2007, Springer Science + Business Media

    Nicola Zannone

  95. FROM HIPPOCRATIC DATABASES TO SECURE TROPOS: A COMPUTER-AIDED RE-ENGINEERING APPROACH

    Article • International Journal of Software Engineering and Knowledge Engineering, April 2007, World Scientific Pub Co Pte Lt

    Nicola Zannone

  96. From Trust to Dependability through Risk Analysis

    Article • January 2007, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  97. How to capture, model, and verify the knowledge of legal, security, and privacy experts

    Article • January 2007, ACM (Association for Computing Machinery)

    Nicola Zannone

  98. Detecting Conflicts of Interest

    Article • September 2006, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  99. Requirements engineering for trust management: model, methodology, and reasoning

    Article • International Journal of Information Security, August 2006, Springer Science + Business Media

    Nicola Zannone

  100. Hierarchical hippocratic databases with minimal disclosure for virtual organizations

    Article • The VLDB Journal, August 2006, Springer Science + Business Media

    Nicola Zannone

  101. Privacy Is Linking Permission to Purpose

    Article • January 2006, Springer Science + Business Media

    Nicola Zannone

  102. Creating Objects in the Flexible Authorization Framework

    Article • January 2006, Springer Science + Business Media

    Nicola Zannone

  103. Designing Security Requirements Models Through Planning

    Article • January 2006, Springer Science + Business Media

    Nicola Zannone

  104. Using a security requirements engineering methodology in practice: The compliance with the Italian data protection legislation

    Article • Computer Standards & Interfaces, June 2005, Elsevier

    Nicola Zannone

  105. Modeling Social and Individual Trust in Requirements Engineering Methodologies

    Article • January 2005, Springer Science + Business Media

    Nicola Zannone

  106. Minimal Disclosure in Hierarchical Hippocratic Databases with Delegation

    Article • January 2005, Springer Science + Business Media

    Nicola Zannone

  107. Security and Trust Requirements Engineering

    Article • January 2005, Springer Science + Business Media

    Nicola Zannone

  108. Maintaining privacy on derived objects

    Article • January 2005, ACM (Association for Computing Machinery)

    Nicola Zannone

  109. Modeling security requirements through ownership, permission and delegation

    Article • January 2005, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  110. ST-tool: a CASE tool for security requirements engineering

    Article • January 2005, Institute of Electrical & Electronics Engineers (IEEE)

    Nicola Zannone

  111. ST-Tool: A CASE Tool for Modeling and Analyzing Trust Requirements

    Article • January 2005, Springer Science + Business Media

    Nicola Zannone

  112. Requirements Engineering Meets Trust Management

    Article • January 2004, Springer Science + Business Media

    Nicola Zannone

  113. Filling the Gap between Requirements Engineering and Public Key/Trust Management Infrastructures

    Article • January 2004, Springer Science + Business Media

    Nicola Zannone

  114. An Ontology for Secure Socio-Technical Systems

    Article • IGI Global

    Nicola Zannone

  115. An Ontology for Secure Socio-Technical Systems

    Article • IGI Global

    Nicola Zannone

  116. Formal Analysis of BPMN Via a Translation into COWS

    Article • Springer Science + Business Media

    Nicola Zannone

  117. Reasoning About Risk in Agent’s Deliberation Process: A Jadex Implementation

    Article • Springer Science + Business Media

    Nicola Zannone

  118. Privacy-Aware Web Service Composition and Ranking

    Article • IGI Global

    Nicola Zannone

  119. Organizational Patterns for Security and Dependability

    Article • IGI Global

    Nicola Zannone

  120. A Model-Driven Approach for the Specification and Analysis of Access Control Policies

    Article • Springer Science + Business Media

    Nicola Zannone

  121. Modelling Security and Trust with Secure Tropos

    Article • IGI Global

    Nicola Zannone

  122. Modelling Security and Trust with Secure Tropos

    Article • IGI Global

    Nicola Zannone

  123. Modelling Security and Trust with Secure Tropos

    Article • IGI Global

    Nicola Zannone

  124. Modelling Security and Trust with Secure Tropos

    Article • IGI Global

    Nicola Zannone