me

Giancarlo Pellegrino

PhD Student
SAP AG
Vincenz-Prießnitz-Straße 1
76131 Karlsruhe
Germany

Short bio

In April 2009 I got a MSc in Computer Science at Universita' degli Studi di Catania (Italy). In September 2009 I joined SAP Labs France for a 6 months internship contributing to the formal analysis of browser-based security protocols.

From March 2010 I am a PhD student at Institut Eurecom working as Researcher Associate at SAP Research under the supervision of the Assistant Professor Davide Balzarotti, contributing to the AVANTSSAR and SPaCIoS EU funded projects.

My interests include but are not limited to web security, security testing, browser-based security protocols, and formal analysis.

Journal papers
  • A. Armando, R. Carbone, L. Compagna, J. Cuéllar, G. Pellegrino, A. Sorniotti
    An Authentication Flaw in Browser-based Single Sign-On Protocols: Impact and Remediations
    Computers & Security, 2013
    [url]
Conference Papers
  • A. Armando, G. Pellegrino, R. Carbone, A. Merlo, D. Balzarotti
    From Model-checking to Automated Testing of Security Protocols: Bridging the Gap
    6th International Conference on Tests & Proofs (TAP 2012), Prague (Czech Republic), May 31 - June 1, 2012
    [pdf]
  • A. Armando, W. Arsac, T. Avanesov, M. Barletta, A. Calvi, A. Cappai, R. Carbone, Y. Chevalier, L. Compagna, J. Cuéllar, G. Erzse, S. Frau, M. Minea, S. Mödersheim, D. von Oheimb, G. Pellegrino, S. E. Ponta, M. Rocchetto, M. Rusinowitch, M. Torabi Dashti, M. Turuani, and L. Viganò.
    The AVANTSSAR Platform for the Automated Validation of Trust and Security of Service-Oriented Architectures
    18th International Conference on Tools and Algorihms for the Construction and Analysis of Systems (TACAS 2012), Talling, Estonia, March 24 - April 1, 2012
    [pdf]
  • A. Armando, R. Carbone, L. Compagna, J. Cuéllar, G. Pellegrino, A. Sorniotti
    From Multiple Credentials to Browser-based Single Sign-On: Are We More Secure?
    26th IFIP TC-11 International Information Security Conference (SEC 2011), Luzern (Switzerland), June 7-9, 2011
    [pdf]
  • W. Arsac, L. Compagna, G. Pellegrino, S. E. Ponta
    Security Validation of Business Processes via Model-Checking
    International Symposium on Engineering Secure Software and Systems (ESSoS 2011), Madrid (Spain), February 9-10, 2011
Book chapters
  • A. Armando, R. Carbone, L. Compagna, G. Pellegrino
    Automatic security analysis of SAML-based single sign-on protocols
    Chapter 10 in "Digital Identity and Access Management: Technologies and Framework", Business Science.
    Editors: Raj Sharman R., Das Smith S., Gupta M., December 2011
    [url]
Workshop papers
  • A. Armando, R. Carbone, L. Compagna, K. Li, G. Pellegrino
    Model-checking Driven Security Testing of Web-Based Applications
    International Workshop on Modeling and Detection of Vulnerabilities (MDV 2010), Paris (France), April 10, 2010
    [pdf]

Random links