Skip to content

Commit b1fe78a

Browse files
marcopernprunermarcopernpruner
committed
Add new publication
1 parent 21a3e56 commit b1fe78a

File tree

2 files changed

+25
-0
lines changed

2 files changed

+25
-0
lines changed

_data/destinations.yml

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1177,6 +1177,15 @@
11771177
startDate: "2023-06-23"
11781178
endDate: "2023-06-25"
11791179

1180+
- id: DevSecOpsRO2025
1181+
name: DevSecOps Research and Opportunities
1182+
acronym: DevSecOpsRO 2025
1183+
url: https://spritz.math.unipd.it/events/2025/devSecOpsRO/index.html
1184+
type: workshop
1185+
location: Venice, Italy
1186+
startDate: "2025-07-04"
1187+
endDate: "2025-07-04"
1188+
11801189
- id: ESORICS2025
11811190
name: European Symposium on Research in Computer Security
11821191
acronym: ESORICS 2025

_data/publications.yml

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2300,6 +2300,22 @@
23002300
doi: 10.1007/978-3-031-96590-6_15
23012301
urlNews: /news/2025/05/12/paper-accepted-at-dbsec-2025/
23022302

2303+
- id: DevSecOpsRO2025
2304+
id_iris: 361407
2305+
title: "Towards Continuous Risk Assessment and Conformance Checking of IdM Deployments"
2306+
authors:
2307+
- AndreaBisegna
2308+
- RobertoCarbone
2309+
- LauraCristiano
2310+
- PietroDeMatteis
2311+
- SilvioRanise
2312+
abstract: >
2313+
Ensuring effective threat intelligence sharing, assessing potential risks, and responding to threats remain significant challenges, particularly in complex systems and critical infrastructures.
2314+
Environmental, Social, and Governance platforms are emerging as comprehensive solutions that integrate cybersecurity with governance principles, enhancing transparency and proactive risk management. However, integrating security tools into platforms that enable conformance checking and continuous risk assessment poses challenges, including automating security workflows and prioritizing vulnerabilities based on severity and exploitability. This paper presents an extended version of Micro-Id-Gym (MIG), an open-source security testing tool for Identity Management (IdM) implementations. The goal of this enhancement is to make MIG easily integrable into platforms for continuous risk assessment and mitigation in complex software supply chains deploying IdM solutions critical to the Zero Trust paradigm. By supporting trustworthy deployments, MIG focuses on conformance testing as a key mechanism to ensure reliability and compliance in multi-entity deployments. The extended version of MIG is designed for seamless integration into Continuous Integration and Continuous Delivery pipelines and has been validated in Open Authorization 2.0 and OpenID Connect deployments.
2315+
destination: DevSecOpsRO2025
2316+
year: 2025
2317+
doi:
2318+
23032319
- id: ESORICS2025
23042320
id_iris:
23052321
title: "Multi-entity Control-based Risk Assessment: A European Digital Identity Wallet Use Case"

0 commit comments

Comments
 (0)