Research Outputs Fabio Massacci


  • Labunets, K.; Massacci, F.; Paci, F.; Marczak, S.; Moreira de Oliveira, F., "Model Comprehension for Security Risk Assessment: An Empirical Comparison of Tabular vs. Graphical Representations" in EMPIRICAL SOFTWARE ENGINEERING, v. 2017, (2017), p. 1-40. - URL: https://ssrn.com/abstract=2906745 . - DOI: 10.2139/ssrn.2906745; 10.1007/s10664-017-9502-8
  • Elliott, Karen; Massacci, Fabio; Williams, Julian, "Action, Inaction, Trust, and Cybersecurity's Common Property Problem" in IEEE SECURITY & PRIVACY, v. 14, n. 1 (2016), p. 82-86. - URL: http://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=8013 . - DOI: 10.1109/MSP.2016.2
  • de Gramatica, Martina; Massacci, Fabio; Shim, Woohyun; Turhan, Uğur; Williams, Julian, "Agency Problems and Airport Security: Quantitative and Qualitative Evidence on the Impact of Security Training" in RISK ANALYSIS, v. 2016, (2016), p. n/a-n/a. - URL: www.blackwellpublishers.co.uk/asp/journal.asp?ref=0272-4332 . - DOI: 10.1111/risa.12607
  • Nguyen, Viet Hung; Dashevskyi, Stanislav; Massacci, Fabio, "An automatic method for assessing the versions affected by a vulnerability" in EMPIRICAL SOFTWARE ENGINEERING, v. 21, n. 6 (2016), p. 2268-2297. - URL: www.kluweronline.com/issn/1382-3256/ . - DOI: 10.1007/s10664-015-9408-2
  • Massacci F.; Ruprai R.; Collinson M.; Williams J., "Economic Impacts of Rules-versus Risk-Based Cybersecurity Regulations for Critical Infrastructure Providers" in IEEE SECURITY & PRIVACY, v. 14, n. 3 (2016), p. 52-60. - URL: http://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=8013 . - DOI: 10.1109/MSP.2016.48
  • Riaz, Maria; King, Jason; Slankas, John; Williams, Laurie; Massacci, Fabio; Quesada-López, Christian; Jenkins, Marcelo, "Identifying the implied: Findings from three differentiated replications on the use of security requirements templates" in EMPIRICAL SOFTWARE ENGINEERING, v. 2016, (2016), p. 1-52. - URL: www.kluweronline.com/issn/1382-3256/ . - DOI: 10.1007/s10664-016-9481-1
  • Dashevskyi, Stanislav; Brucker, Achim D.; Massacci, Fabio, "On the security cost of using a free and open source component in a proprietary product" in Engineering Secure Software and Systems, Svizzera: Springer International Publishing, 2016, p. 190-206. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 978-3-319-30805-0. Proceedings of: 8th International Symposium, ESSoS 2016, London, UK,, April 6–8, 2016.. - URL: http://springerlink.com/content/0302-9743/copyright/2005/ . - DOI: 10.1007/978-3-319-30806-7_12
  • De Gramatica, Martina; Massacci, Fabio; Shim, Woo hyun; Tedeschi , Alessandra; Williams, Julian, "IT Interdependence and the Economic Fairness of Cybersecurity Regulations for Civil Aviation" in IEEE SECURITY & PRIVACY, v. 13, n. 5 (2015), p. 52-61. - URL: http://www.computer.org/csdl/mags/sp/2015/05/msp2015050052-abs.html . - DOI: 10.1109/MSP.2015.98
  • Sabetta, Antonino; Compagna Luca; Ponta, Serena; Dashevskyi, Stanislav; Dos Santos, Daniel Ricardo; Massacci, Fabio;, "MULTI-CONTEXT EXPLOIT TEST MANAGEMENT", 20160314302. - Filing date: 2015. - URL: http://www.freepatentsonline.com/y2016/0314302.html
  • Minh Ngo; Fabio Massacci; Dimiter Milushev; Frank Piessens, "Runtime Enforcement of Security Policies on Black Box Reactive Programs" in Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, New York: ACM, 2015. Proceedings of: POPL2015, Mumbai, 12-18 January, 2015. - DOI: 10.1145/2676726.2676978
  • Zhauniarovich, Yury; Ahmad, Maqsood; Gadyatskaya, Olga; Crispo, Bruno; Massacci, Fabio, "StaDynA: Addressing the problem of dynamic code updates in the security analysis of android applications" in CODASPY 2015 - Proceedings of the 5th ACM Conference on Data and Application Security and Privacy, San Antonio, Texas, USA: Association for Computing Machinery, Inc, 2015, p. 37-48. - ISBN: 9781450331913. Proceedings of: 5th ACM Conference on Data and Application Security and Privacy, CODASPY 2015, usa, 2015. - DOI: 10.1145/2699026.2699105
  • De Gramatica, Martina; Labunets, Katsiaryna; Massacci, Fabio; Paci, Federica; Tedeschi, Alessandra, "The role of catalogues of threats and security controls in security risk assessment: An empirical study with ATM professionals" in Requirements Engineering: Foundation for Software Quality, REFSQ 2015, Essen, Germany: Springer Verlag, 2015, p. 98-114. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 9783319161006. Proceedings of: 21st International Working Conference on Requirements Engineering: Foundation for Software Quality, REFSQ 2015, Essen, Germany, 2015. - URL: http://springerlink.com/content/0302-9743/copyright/2005/ . - DOI: 10.1007/978-3-319-16101-3_7
  • Massacci, Fabio; Allodi, Luca, "The Work-Averse Attacker Model" in ECIS 2015 -Twenty-Third European Conference on Information Systems, Munster: AIS, 2015. Proceedings of: ECIS 2015, Munster, 26th May-29th May 2015. - DOI: 10.18151/7217264
  • Allodi, Luca; Corradin, Marco; Massacci, Fabio, "Then and now: on the maturity of the cybercrime markets (The lesson that black-hat marketeers learned)" in IEEE TRANSACTIONS ON EMERGING TOPICS IN COMPUTING, v. 2015, (2015), p. 1. - DOI: 10.1109/TETC.2015.2397395
  • Zhauniarovich, Yury; Philippov, Anton; Gadyatskaya, Olga; Crispo, Bruno; Massacci, Fabio, "Towards black box testing of android apps" in Proceedings - 10th International Conference on Availability, Reliability and Security, ARES 2015, New York: Institute of Electrical and Electronics Engineers Inc., 2015, p. 501-510. - ISBN: 9781467365901. Proceedings of: 10th International Conference on Availability, Reliability and Security, ARES 2015, Toulouse, 2015. - DOI: 10.1109/ARES.2015.70
  • Labunets, Katsiaryna; Paci, Federica; Massacci, Fabio, "Which Security Catalogue Is Better for Novices?" in Proceedings of EmpiRE 2015, Ottawa, Canada: IEEE, 2015, p. 25-32. - ISBN: 978-1-5090-0116-3. Proceedings of: IEEE 5th International Workshop on Empirical Requirements Engineering, Ottawa, Canada, 24th August 2015. - DOI: 10.1109/EmpiRE.2015.7431304
  • Labunets, Katsiaryna; Massacci, Fabio; Paci, Federica; Ragosta, Martina; Solhaug, Bjørnar; Stølen, Ketil; Tedeschi, Alessandra, "A first empirical evaluation framework for security risk assessment methods in the ATM domain" in 4th SESAR Innovation Days, Brussels, Belgium: EUROCONTROL, 2014. - ISBN: 978-2-87497-077-1. Proceedings of: SESAR Innovation Days, Madrid, Spain, 25th November - 27th November 2014
  • W. Shim; F. Massacci; A. Tedeschi; A. Pollini, "A relative cost-benefit approach for evaluating alternative airport security policies" in Proceedings - 9th International Conference on Availability, Reliability and Security, Washington: IEEE Computer Society, 2014, p. 514-522. - ISBN: 9781479942237. Proceedings of: 9th International Conference on Availability, Reliability and Security, ARES 2014, Fribourg, Switzerland, 8-12/09/2014. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84920564918&partnerID=40&md5=edc72130e39c56dfae808c53df07fb9a . - DOI: 10.1109/ARES.2014.76
  • L.M.S. Tran; F. Massacci, "An approach for decision support on the uncertainty in feature model evolution" in 2014 IEEE 22nd International Requirements Engineering Conference, RE 2014 - Proceedings, Washington: IEEE Computer Society, 2014, p. 93-102. - ISBN: 9781479930333. Proceedings of: RE 2014, Karlskrona, Sweden, 25-29/08/2014. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84909961337&partnerID=40&md5=2386028cb4ccbe084d23f30f1560c1e9 . - DOI: 10.1109/RE.2014.6912251
  • Massacci, F.; Nguyen, V.H., "An empirical methodology to evaluate vulnerability discovery models" in IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, v. 40, n. 12 (2014), p. 1147-1162. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84919719703&partnerID=40&md5=d3d0d38aa52c2810d6abc4ce5a874631 . - DOI: 10.1109/TSE.2014.2354037
  • M. De Gramatica; F. Massacci; O. Gadyatskaya, "An empirical study of the technology transfer potential of EU security and trust R&D projects" in Cyber Security and Privacy, Germany: Springer International Publishing, 2014, p. 159-170. - (COMMUNICATIONS IN COMPUTER AND INFORMATION SCIENCE; 470). Proceedings of: Third Cyber Security and Privacy EU Forum, CSP Forum 2014, Athens, Greece, May 21-22, 2014. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84919915235&partnerID=40&md5=22a7c0a79091fbf4635955381baa23bf . - DOI: 10.1007/978-3-319-12574-9_14
  • Labunets, Katsiaryna; Paci, Federica; Massacci, Fabio; Ruprai, Raminder, "An experiment on comparing textual vs. visual industrial methods for security risk assessment" in 2014 IEEE 4th International Workshop on Empirical Requirements Engineering, EmpiRE 2014 - Proceedings, Sweden: IEEE, 2014, p. 28-35. - ISBN: 9781479963379. Proceedings of: IEEE 4th International Workshop on Empirical Requirements Engineering, EmpiRE, Karlskrona, Sweden, 25th August 2014. - URL: http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=6890113&tag=1 . - DOI: 10.1109/EmpiRE.2014.6890113
  • L. Allodi; F. Massacci, "Comparing vulnerability severity and exploits using case-control studies" in ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, v. 17, n. 1 (2014). - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84906251599&partnerID=40&md5=560eca1d823178b3c4cb41ade4ce6481 . - DOI: 10.1145/2630069
  • F. Massacci; F. Paci; B. Solhaug; A. Tedeschi, "EMFASE - An empirical framework for security design and economic trade-off" in Proceedings - 9th International Conference on Availability, Reliability and Security, Washington: Institute of Electrical and Electronics Engineers Inc, 2014, p. 537-543. - ISBN: 9781479942237. Proceedings of: ARES 2014, Fribourg, Switzerland, 8-12/09/2014. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84920551508&partnerID=40&md5=2bfc5734b3a060e219854bbccce73f11 . - DOI: 10.1109/ARES.2014.79
  • Scandariato, Riccardo; Paci, Federica; Tran, Le Minh Sang; Labunets, Katsiaryna; Yskout, Koen; Massacci, Fabio; Joosen, Wouter, "Empirical Assessment of Security Requirements and Architecture: Lessons Learned" in Heisel, Maritta, Joosen, Wouter, Lopez, Javier, Martinelli, Fabio (edited by), Engineering Secure Future Internet Services and Systems, Switzerland: Springer International Publishing, 2014, p. 35-64. - ISBN: 978-3-319-07451-1. - URL: http://link.springer.com/chapter/10.1007/978-3-319-07452-8_2 . - DOI: 10.1007/978-3-319-07452-8_2
  • Ngo, Nguyen Nhat Minh; Massacci, Fabio, "Programmable enforcement framework of information flow policies" in Proceedings of the 15th Italian Conference on Theoretical Computer Science, Aachen: CEUR-WS, 2014, p. 197-211. - (CEUR WORKSHOP PROCEEDINGS). Proceedings of: ICTCS, Perugia, 17-19, September , 2014. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84908543890&partnerID=40&md5=bcd5164f5306a3f96e5d9e65e1a4c2ea
  • O. Gadyatskaya; F. Massacci; Y. Zhauniarovich, "Security in the Firefox OS and Tizen mobile platforms" in COMPUTER, v. 47, n. 6 (2014), p. 57-63. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84903171864&partnerID=40&md5=0ecf01e17ff3156e0e266b66980e5e61 . - DOI: 10.1109/MC.2014.165
  • M. Giacalone; F. Paci; R. Mammoliti; R. Perugino; F. Massacci; C. Selli, "Security triage: An industrial case study on the effectiveness of a lean methodology to identify security requirements" in International Symposium on Empirical Software Engineering and Measurement, New York, NY, USA: ACM, 2014. - ISBN: 9781450327749. Proceedings of: International Symposium on Empirical Software Engineering and Measurement ESEM 2014, Torino, 18/09/2014. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84907843002&partnerID=40&md5=aa5e67777d7a7d90466fa74f28be8496 . - DOI: 10.1145/2652524.2652585
  • Labunets, K.; Massacci, F.; Paci, F.; Tran, Le Minh Sang, "An Experimental Comparison of Two Risk-Based Security Methods" in International Symposium on Empirical Software Engineering and Measurement, Usa: IEEE, 2013, p. 163-172. - ISBN: 9780769550565. Proceedings of: ESEM, Baltimore, Maryland, USA, October 10-11, 2013. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84893299161&partnerID=40&md5=02cf85c6d2fdc1d8d7ff6b1ac45c678f . - DOI: 10.1109/ESEM.2013.29
  • L. Allodi; F. Massacci, "Analysis of exploits in the wild. Or: do Cybersecurity Standards Make Sense?" in IEEE Symposium on Security & Privacy 2013, 2013. Proceedings of: IEEE SS&P, San Francisco, California, 20 May 2013
  • V. Kotov, F. Massacci, "Anatomy of Exploit Kits: Preliminary Analysis of Exploit Kits as Software Artefacts" in ESSoS 2013: Engineering Secure Software and Systems, Berlin: Springer, 2013, p. 181-196. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 9783642365621. Proceedings of: ESSoS, Paris, France, February 27 - March 1, 2013. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84893098033&partnerID=40&md5=842ac53c26cc5c74a84479ddbeebb994 . - DOI: 10.1007/978-3-642-36563-8_13
  • Massacci, F.; Paci, F.; Tran, L.M.S.; Tedeschi, A., "Assessing a requirements evolution approach: Empirical studies in the air traffic management domain" in THE JOURNAL OF SYSTEMS AND SOFTWARE, v. 95, (2013), p. 70-88. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84905864021&partnerID=40&md5=f5e5f282bcb074f5edf5104f7225a7d6 . - DOI: 10.1016/j.jss.2013.11.1098
  • O. Gadyatskaya, F. Massacci, "Controlling application interactions on the novel smart cards with security-by-contract" in 11th International Symposium on Formal Methods for Components and Objects, Berlin: Berlin: Springer-Verlag, 2013, p. 197-215. - ISBN: 9783642406140. Proceedings of: FMCO 2012, Bertinoro; Italy, 24 September 2012 through 28 September 2012. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84883313230&partnerID=40&md5=f8f517bf861eba2e7ecd5b1b5e9ac103 . - DOI: 10.1007/978-3-642-40615-7_7
  • Shim W. , Allodi L. , Massacci F., "Crime pays if you are just an average hacker" in Proceedings of the 2012 ASE International Conference on Cyber Security, USA: IEEE, 2013, p. 62-68. - ISBN: 9780769550145. Proceedings of: 2012 ASE, Washington, D.C.; United States, 14 December 2012 through 16 December 2012. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84881038585&partnerID=40&md5=27c62f12d52b84ecf988d6700e37268e . - DOI: 10.1109/CyberSecurity.2012.15
  • W. Shim, F. Massacci, M. De Gramatica, A. Tedeschi, A. Pollini, "Evaluation of airport security training programs: Perspectives and issues" in Proceedings - 2013 International Conference on Availability, Reliability and Security, Usa: IEEE, 2013, p. 753-758. - ISBN: 9780769550084. Proceedings of: ARES 2013, Regensburg; Germany, 2 September 2013 through 6 September 2013. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84892414899&partnerID=40&md5=aa00fb632b63d4b35c3efe0f09d4cb15 . - DOI: 10.1109/ARES.2013.100
  • Li, T; Mylopoulos, J; Massacci, F, "Global Design for Secure Socio-Technical Systems" in Doctoral Symposium of ESSoS 2013, Aachen: CEUR Workshop Proceedings: CEUR-WS.org, 2013. Proceedings of: Doctoral Symposium of ESSoS 2013, Rocquencourt, Paris, France, February 27 - March 1, 2013
  • L. Allodi; F. Massacci, "How CVSS is DOSsing your patching policy (and wasting your money)", 2013
  • O. Gadyatskaya, F. Massacci, Q.H. Nguyen, B. Chetali, "Load time code validation for mobile phone Java Cards" in JOURNAL OF INFORMATION SECURITY AND APPLICATIONS, v. 18, n. 2-3 (2013), p. 108-129. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84906838208&partnerID=40&md5=89c944453f82585bf8f8e2e8a760aea9 . - DOI: 10.1016/j.jisa.2013.07.004
  • L. Allodi;V. Kotov;F. Massacci, "MalwareLab: Experimentation with Cybercrime attack tools" in Proceedings of the 2013 6th Workshop on Cybersecurity Experimentation and Test (CSET), USA: USENIX Association, 2013. Proceedings of: 6th USENIX Workshop on Cyber Security Experimentation and Test (CSET '13), Washington D.C., 12 agosto 2013
  • M. Ngo;F. Massacci;O. Gadyatskaya, "MAP-REDUCE Runtime Enforcement of Information Flow Policies", 2013
  • Allodi, L.; Shim, W.; Massacci, F., "Quantitative Assessment of Risk Reduction with Cybercrime Black Market Monitoring" in Proceedings of the 2013 IEEE SS&P International Workshop on Cyber Crime., USA: IEEE Security and Privacy Workshops, 2013, p. 165-172. - ISBN: 9780769550176. Proceedings of: IEEE SS&P IWCC, San Francisco, CA, 24 may 2013. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84882775407&partnerID=40&md5=4fe23da1f5e4b7e72c259b9b1b1c073b . - DOI: 10.1109/SPW.2013.16
  • V. H. Nguyen, F. Massacci, "The (un)reliability of NVD vulnerable versions data: an empirical experiment on Google Chrome vulnerabilities" in ASIACCS, USA: ACM, 2013, p. 493-498. - ISBN: 9781450317672. Proceedings of: ASIACCS, Hangzhou, China, May 08 - 10, 2013. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84877953694&partnerID=40&md5=1f6a0ea98da5b14e3e678ce1e671b88d . - DOI: 10.1145/2484313.2484377
  • L. M. Sang Tran, F. Massacci, "UNICORN: A Tool for Modeling and Reasoning on the Uncertainty of Requirements Evolution" in CAiSE Forum, Aachen: CEUR, 2013, p. 161-168. Proceedings of: CAISE 2013, Valencia, 17-21 July
  • L. Allodi, F. Massacci, "A Preliminary Analysis of Vulnerability Scores for Attacks in Wild" in Proceedings of the 2012 ACM Workshop on Building analysis datasets and gathering experience returns for security, NY: ACM, 2012, p. 17-24. - ISBN: 9781450316613. Proceedings of: BADGERS 2012, RALEIGHT (USA), 16-18 OCTOBER. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84869482911&partnerID=40&md5=b1fd7b6a1400fb15695d01fa0673b54c . - DOI: 10.1145/2382416.2382427
  • G. Bergmann; F. Massacci; F. Paci; T.T. Tun; D. Varro; Y.Yu, "A Tool for Managing Evolving Security Requirements" in Nurcan, Selmin (edited by), IS Olympics: Information Systems in a Diverse World IS Olympics: Information Systems in a Diverse World, Berlin: Springer Verlag, 2012, p. 110-125. - (Lecture Notes in Business Information Processing). - ISBN: 9783642297489. - URL: http://www.springer.com/business+%26+management/business+information+systems/book/978-3-642-29748-9 . - DOI: 10.1007/978-3-642-29749-6
  • V. Nguyen; F. Massacci, "An Idea of an Independent Validation of Vulnerability Discovery Models" in Engineering Secure Software and Systems, Berlin: Berlin: Springer Verlag Germany; Darmstadt: Steinkopff., 2012, p. 89-96. - ISBN: 9783642281662. Proceedings of: ESSOS 2012, 4th International Symposium, ESSoS 2012, Eindhoven, The Netherlands, February, 16-17, 2012. - DOI: 10.1007/978-3-642-28166-2_9
  • V. Nguyen,F. Massacci, "An Independent Validation of Vulnerability Discovery Models" in ASIACCS, USA: ACM, 2012, p. 6-7. - ISBN: 9781450316484. Proceedings of: ASIACCS '12, Seoul, Korea, May 2-4, 2012. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84871952666&partnerID=40&md5=bea08bb007fca31158a71a71df2dcfd6 . - DOI: 10.1145/2414456.2414459
  • J. Baik;F. Massacci;M. Zulkernine, "Guest Editorial: Special Section on Software Reliability and Security" in INFORMATION AND SOFTWARE TECHNOLOGY, v. 54, (2012), p. 1297-1454. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84865748053&partnerID=40&md5=481a68d173d0749fc1ba39e4ed93b7ab . - DOI: 10.1016/j.infsof.2012.07.015
  • N. Dragoni, O. Gadyatskaya, F. Massacci, A. Philippov, "High-level algorithms and data structures requirements for security-by-contract on Java cards" in INTERNATIONAL JOURNAL OF CRITICAL COMPUTER-BASED SYSTEMS, v. 3, n. 4 (2012), p. 284-304. - DOI: 10.1504/IJCCBS.2012.053207
  • F. Massacci, F. Paci, "How to Select a Security Requirements Method? A Comparative Study with Students and Practitioners" in Secure IT Systems, Berlin: Springer Berlin/Heidelberg, 2012, p. 89-104. - ISBN: 9783642342103. Proceedings of: 17th Nordic Conference, NordSec 2012, Karlskrona, Sweden, 2012. - DOI: 10.1007/978-3-642-34210-3_7
  • N. Bielova, F. Massacci, "Iterative enforcement by suppression: Towards practical enforcement theories" in JOURNAL OF COMPUTER SECURITY, v. 20, n. 1 (2012), p. 51-79. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84860496875&partnerID=40&md5=9f3f52ee993f430b7b64d584727ba2ff . - DOI: 10.3233/JCS-2011-0431
  • O. Gadyatskaya, F. Massacci, F. Paci, S. Stankevich, "Java Card Architecture for Autonomous Yet Secure Evolution of Smart Cards Applications" in Information Security Technology for Applications, Berlin: Springer Berlin/Heidelberg, 2012, p. 187-192. - ISBN: 9783642279362. Proceedings of: 15th Nordic Conference on Secure IT Systems, NordSec 2010, Espo, October 27-29, 2010. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84861649376&partnerID=40&md5=7d41335f47856e24f02ff920446ece98 . - DOI: 10.1007/978-3-642-27937-9_13
  • F. Paci; F. Massacci; F. Bouquet; S. Debricon, "Managing Evolution by Orchestrating Requirements and Testing Engineering Processes" in Software Testing, Verification and Validation (ICST), 2012 IEEE Fifth International Conference on, NY: ACM/IEEE, 2012, p. 834-841. - ISBN: 9780769546704. Proceedings of: Software Testing, Verification and Validation (ICST), 2012 IEEE Fifth International Conference on, MONTREAL, 17-21 April 2012. - DOI: 10.1109/ICST.2012.184
  • A. Philippov; O. Gadyatskaya; F. Massacci, "Security of the OSGi platform" in CEUR Workshop Proceedings, Aachen: CEUR-WS.org, 2012, p. 11-16. - (CEUR WORKSHOP PROCEEDINGS). Proceedings of: ESSoS-DS 2012, Eindhoven, Netherlands, 15/02/2012. - URL: http://www.scopus.com/record/display.url?eid=2-s2.0-84891932671&origin=inward&txGid=2B8AF6BF6E1491A95C77AE2AE16F9EF5.N5T5nM1aaTEF8rE6yKCR3A%3a192
  • O. Gadyatskaya; F. Massacci; A. Philippov, "Security-by-Contract for the OSGi platform" in Information Security and Privacy Research - 27th IFIP TC 11 Information Security and Privacy Conference, Boston: Springer Boston, 2012, p. 364-375. - ISBN: 9783642304354. Proceedings of: SEC 2012, Heraklion, Crete, Greece, June 4-6, 2012. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84891932671&partnerID=40&md5=3a9d7fceaa09d268022af6dfebb77bdd . - DOI: 10.1007/978-3-642-30436-1_30
  • Allodi, L.; Massacci, F., "The dark side of vulnerability exploitation: a research proposal" in Proceedings of the 2012 Engineering Secure Software and Systems Conference Doctoral Symposium, Netherlands: CEUR, 2012, p. 71-76. - (CEUR WORKSHOP PROCEEDINGS). Proceedings of: ESSoS Doctoral Symposium 2012, Eindhoven, 15 febbraio 2012. - URL: http://ceur-ws.org/Vol-834/proceedings.pdf#page=71
  • N. Dragoni, E. Lostal, O. Gadyatskaya, F. Massacci, F. Paci, "A Load Time Policy Checker for Open Multi-application Smart Cards" in POLICY, New York: IEEE, 2011, p. 153-156. - ISBN: 9780769543307. Proceedings of: POLICY, Pisa, 6-8 June. - URL: http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=5976786 . - DOI: 10.1109/POLICY.2011.40
  • Y. Asnar; F. Massacci, "A method for security governance, risk, and compliance (GRC): A goal-process approach" in Aldini, Alessandro, Gorrieri, Roberto (edited by), Foundations of security analysis and design VI, Berlin: Springer Verlag, 2011, p. 152-184. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 978-3-642-23081-3. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84857744199&partnerID=40&md5=11ad688963bfb4722e2a04b121b49dd4 . - DOI: 10.1007/978-3-642-23082-0_6
  • G. Bergmann, F. Massacci, F. Paci, T.T. Tun, D. Varro, Y.Yu, "A Tool for Managing Evolving Security Requirements" in CAiSE Forum 2011, Berlin: CEUR-WS.org, 2011, p. 49-56. - (CEUR Workshop Proceedings). Proceedings of: CAiSE Forum, London, June 22-24
  • F. Massacci; S. Neuhaus; V. Hung Nguyen, "After-Life Vulnerabilities: A Study on Firefox Evolution, Its Vulnerabilities, and Fixes" in ESSoS, Berlin: Springer, 2011, p. 195-208. - (LNCS). - ISBN: 9783642191244. Proceedings of: ESSoS, MADRID, February 9-10, 2011. - URL: http://dx.doi.org/10.1007/978-3-642-19125-1_15 . - DOI: 10.1007/978-3-642-19125-1_15
  • F. Massacci; J. Mylopoulos; F. Paci; T. T. Tun; Yijun Yu, "An Extended Ontology for Security Requirements" in CAiSE Workshops, Berlin: Springer, 2011, p. 622-636. - (LNCS). - ISBN: 9783642220555. Proceedings of: CAiSE Workshops, London, June 20-24, 2011. - URL: http://dx.doi.org/10.1007/978-3-642-22056-2_64 . - DOI: 10.1007/978-3-642-22056-2_64
  • Y. Asnar; T. Li; F. Massacci; F. Paci, "Computer Aided Threat Identification" in CEC, New York: IEEE, 2011, p. 145-152. - ISBN: 9780769545356. Proceedings of: CEC 2011, Luxembourg-Kirchberg, September 5-7. - URL: http://doi.ieeecomputersociety.org/10.1109/CEC.2011.13 . - DOI: 10.1109/CEC.2011.13
  • N. Bielova, F. Massacci, "Computer-Aided Generation of Enforcement Mechanisms for Error-Tolerant Policies" in POLICY, New York: IEEE, 2011, p. 89-96. - ISBN: 9780769543307. Proceedings of: POLICY 2011, Pisa, 6-8 June 2011. - URL: http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=5976786 . - DOI: 10.1109/POLICY.2011.41
  • Tran, L.M.S.; Massacci, F., "Dealing with Known Unknowns: Towards a Game-Theoretic Foundation for Software Requirement Evolution" in CAiSE, Berlin: Springer, 2011, p. 62-76. - (6LNCS). - ISBN: 9783642216398. Proceedings of: CAiSE, London, June 20-24, 2011. - URL: http://dx.doi.org/10.1007/978-3-642-21640-4_7 . - DOI: 10.1007/978-3-642-21640-4_7
  • F. Massacci; N. Zannone, "Detecting Conflicts between Functional and Security Requirements with Secure Tropos: John Rusnak and the Allied Irish Bank" in E. Yu, P. Giorgini, N. Maiden, J. Mylopoulos (edited by), Social Modeling for Requirements Engineering, Chicago: MIT Press, 2011, p. 337-362
  • Bielova, N.; Massacci, F., "Do you really mean what you actually enforced? - Edited automata revisited" in INTERNATIONAL JOURNAL OF INFORMATION SECURITY, v. volume 10, n. number 4 (2011), p. 239-254. - DOI: 10.1007/s10207-011-0137-2
  • Joosen, W.; Lopez, Javier; Martinelli, F.; Massacci, F., "Engineering Secure Future Internet Services" in The Future Internet: Future Internet Assembly 2011: Achievements and Technological Promises, Berlin; Heidelberg: Springer Verlag, 2011, p. 177-191. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 9783642208973. Proceedings of: FIA, Budapest, 2011. - URL: http://dx.doi.org/10.1007/978-3-642-20898-0_13 . - DOI: 10.1007/978-3-642-20898-0_13
  • O. Gadyatskaya, E. Lostal, F. Massacci, "Load Time Security Verification" in ICISS, Berlin: Springer, 2011, p. 250-264. - (LNCS). - ISBN: 9783642255595. Proceedings of: ICISS 2011, Kolkata, India, December 15-19, 2011. - URL: http://dx.doi.org/10.1007/978-3-642-25560-1_17 . - DOI: 10.1007/978-3-642-25560-1_17
  • E. Felix; O. Delande; F. Massacci; F. Paci, "Managing changes with legacy security engineering processes" in 2011 IEEE International Conference on Intelligence and Security Informatics, ISI 2011, Usa: IEEE, 2011, p. 137-142. - ISBN: 9781457700828. Proceedings of: IEEE International Conference on Intelligence and Security Informatics, ISI 2011, Beijing; China, 10-12/07/2011. - DOI: 10.1109/ISI.2011.5984064
  • J. Baik; F. Massacci; M. Zulkernine (edited by), "Message from program chairs", by -., Corea del Sud: Elsevier B.V., 2011, 1 p. - ISBN: 9780769544533. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-80052938737&partnerID=40&md5=5284b9fb730cd115c859cc9d01ce67be . - DOI: 10.1109/SSIRI.2011.6
  • J. Baik; F. Massacci; M. Zulkernine (edited by), "Message from program chairs: SSIRI-C 2011", by -., Corea del Sud: Elsevier B.V., 2011. - ISBN: 9780769544540. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-80053023850&partnerID=40&md5=674b0991a183fdb4a16781d46fbecf0c . - DOI: 10.1109/SSIRI-C.2011.6
  • F. Massacci, F. Bouquet, E. Fourneret, J. Jurjens, M. S. Lund, S. Madelénat, J. T. Muehlberg, F. Paci, S. Paul, F. Piessens, Solhaug B., Wenzel S., "Orchestrating Security and System Engineering for Evolving Systems" in ServiceWave, Berlin: Springer, 2011, p. 134-143. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 978-364224754-5. Proceedings of: ServiceWave 2011, Poznan, October 26-28, 2011. - DOI: 10.1007/978-3-642-24755-2_12
  • Y. Asnar, F. Massacci, A. Saidane, C. Riccucci, M. Felici, A. Tedeschi, P. El Khoury, K. Li, M. Seguran, N. Zannone, "Organizational Patterns for Security and Dependability: From Design to Application." in INTERNATIONAL JOURNAL OF SECURE SOFTWARE ENGINEERING, v. vol. 2, n. no. 3 (2011), p. 1-22. - URL: http://dx.doi.org/10.4018/jsse.2011070101 . - DOI: 10.4018/jsse.2011070101
  • N. Bielova, F. Massacci, "Predictability of Enforcement" in ESSoS, Berlin: Springer, 2011, p. 73-86. - (LNCS). - ISBN: 9783642191244. Proceedings of: ESSoS 2011, Madrid, February 9-10, 2011. - URL: http://dx.doi.org/10.1007/978-3-642-19125-1_6 . - DOI: 10.1007/978-3-642-19125-1_6
  • Bielova, N.; Devriese, D.; Massacci, F.; Piessens, F., "Reactive non-interference for a browser model" in NSS 2011 : 2011 5th International Conference on Network and System Security : proceedings, Piscataway, NJ: IEEE, 2011, p. 97-104. - ISBN: 9781457704581. Proceedings of: NSS-11, Milano, 6 September 2011 through 8 September 2011. - URL: http://dx.doi.org/10.1109/ICNSS.2011.6059965 . - DOI: 10.1109/ICNSS.2011.6059965
  • L.M.S. Tran; F. Massacci; J. Mylopoulos, "Requirement evolution: Towards a methodology and framework?" in CEUR Workshop Proceedings, Germania: CEUR Workshop Proceedings: CEUR-WS.org, 2011. - (CEUR WORKSHOP PROCEEDINGS). - ISBN: 9783642230813. Proceedings of: CAiSE Doctoral Consortium, London, 21/06/2011. - URL: http://www.scopus.com/record/display.url?eid=2-s2.0-84857744199&origin=inward&txGid=2B8AF6BF6E1491A95C77AE2AE16F9EF5.N5T5nM1aaTEF8rE6yKCR3A%3a21 . - DOI: 10.1007/978-3-642-23082-0_6
  • G. Bergmann, F. Massacci, F. Paci, T. T. Tun, D. Varro, Y. Yu, "SeCMER: A Tool to Gain Control of Security Requirements Evolution" in ServiceWave, Berlin: Springer, 2011, p. 321-322. - (LNCS). - ISBN: 9783642247545. Proceedings of: ServiceWave 2011, Poznan, October 26-28, 2011. - URL: http://dx.doi.org/10.1007/978-3-642-24755-2 . - DOI: 10.1007/978-3-642-24755-2
  • N. Dragoni; O. Gadyatskya; F. Massacci, "Supporting software evolution for open smart cards by security-by-contract" in L. Petre, K. Sere, E. Troubitsyna (edited by), Dependability and Computer Engineering: Concepts for Software-Intensive Systems, Hershey, Pennsylvania (USA): IGI Global, 2011, p. 285-305. - ISBN: 9781609607470. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-84878718540&partnerID=40&md5=2860dd5881883df5f6b043bce2f323fe . - DOI: 10.4018/978-1-60960-747-0.ch013
  • L. Compagna; P. El Khoury; F. Massacci; A. Saidane, "A Dynamic Security Framework for Ambient Intelligent Systems: A smart-Home Based eHealth Application" in LECTURE NOTES IN COMPUTER SCIENCE, v. 6340, (2010), p. 1-24. - DOI: 10.1007/978-3-642-17499-5_1
  • N. Dragoni; O. Gadyatskaya; F. Massacci, "Can we support applications' evolution in multi-application smart cards by security-by-contract?" in LECTURE NOTES IN COMPUTER SCIENCE, v. 6033, (2010), p. 221-228. - DOI: 10.1007/978-3-642-12368-9_16
  • F. Massacci; D. Wallach; N. Zannone (edited by), "Engineering Secure Software and Systems: Second International Symposium, ESSoS 2010, Pisa, Italy, February 3-4, 2010: Proceedings", Berlin: Springer-Verlag, 2010. - (LNCS). - ISBN: 9783642117466. - DOI: 10.1007/978-3-642-11747-3
  • F. Massacci; D. Wallach; F. Martinelli, "Engineering Secure Software and Systems: Second International Symposium, ESSoS 2010: Proceedings: Preface" in "Engineering Secure Software and Systems: Second International Symposium, ESSoS 2010: Proceedings", Berlin-Heidelberg, NY: Springer- Verlag, 2010, p. 5-6. - (LNCS). - ISBN: 9783642117466. - DOI: 10.1007/978-3-642-11747-3
  • G. Karsai; F. Massacci; L.J. Osterweil; I. Schieferdecker, "Evolving Embedded Systems" in COMPUTER, v. Vol. 43, n. no. 5 (2010), p. 34-40. - DOI: 10.1109/MC.2010.135
  • G. Costa; N. Dragoni; A. Lazouski; F. Martinelli; F. Massacci; I. Matteucci, "Extending Security-by-Contract with Quantitative Trust on Mobile Devices" in 2010 International Conference on Complex, Intelligent and Software Intensive Systems: CISIS 2010, Piscataway, NJ: IEEE, 2010, p. 872-877. - ISBN: 9780769539676. Proceedings of: CISIS 2010, Krakow, 15th-18th February 2010. - DOI: 10.1109/CISIS.2010.33
  • J. Camenisch; J. Lopez; F. Massacci; M. Ciscato; T. Skordas, "JCS special issue on EU-funded ICT research on Trust and Security" in JOURNAL OF COMPUTER SECURITY, v. vol. 18, n. no. 1 (2010), p. 1-5. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0-71749106354&partnerID=40&md5=9371caab7d8966f02bf72269cb20d9d0 . - DOI: 10.3233/JCS-2010-0375
  • R. Scandariato; F. Massacci, "SecureChange: Security engineering for lifelong evolvable systems" in Leveraging Applications of Formal Methods, Verification, and Validation, Berlin; Heidelberg: Springer, 2010, p. 9-12. - (LECTURE NOTES IN COMPUTER SCIENCE). Proceedings of: International Symposium On Leveraging Applications of Formal Methods, Verification and Validation, Heraklion, Crete, Greece, October 18-21, 2010. - DOI: 10.1007/978-3-642-16561-0_3
  • F. Massacci; J. Mylopoulos; N. Zannone, "Security requirements engineering: The si*modeling language and the Secure Tropos methodology" in Advances in Intelligent Information Systems, Berlin ; Heidelberg: Springer, 2010, p. 147-174. - (Studies in Computational Intelligence). - DOI: 10.1007/978-3-642-05183-8_6
  • F. Massacci; V.N. Nguyen, "Which is the right source for vulnerability studies?: An empirical analysis on Mozilla Firefox" in MetriSec '10: Proceedings of the 6th International Workshop on Security Measurements and Metrics, New York, NY: ACM, 2010, p. [1-8]. - ISBN: 9781450303408. Proceedings of: METRISEC 2010, Bolzano, 16th-17th September 2010. - DOI: 10.1145/1853919.1853925
  • DRAGONI N; F. MASSACCI; SAÏDANE A, "A self-protecting and self-healing framework for negotiating services and trust in autonomic communication systems." in COMPUTER NETWORKS, v. 28, n. 28 (2009), p. 1628-1648. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 67349208148&partnerID=40&md5=4421864707a4c8fdb65e19065cae3083 . - DOI: DOI: 10.1016/j.comnet.2008.07.016
  • N. Bielova; F. Massacci, "Do you really mean what you actually enforced? EDIT AUTOMATA REVISITED" in Formal Aspects in Security and Trust, Berlin: Springer 2009, 2009, p. 287-301. - (LNCS). Proceedings of: FAST’08, SAN JOSE, February 2009. - DOI: 10.1007/978-3-642-01465-9_19
  • F. Massacci; S. Redwine; N. Zannone (edited by), "Engineering Secure Software and Systems: First International Symposium ESSoS 2009, Leuven, Belgium, February 4-6, 2009: Proceedings", Berlin: Springer Verlag, 2009
  • G.M. Kuper; F. Massacci; N. Rasadka, "Generalized XML Security Views" in INTERNATIONAL JOURNAL OF INFORMATION SECURITY, v. 8, n. 3 (2009), p. 173-203. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 67349181381&partnerID=40&md5=c5cc1c4bdb9da7bbc0aa9003cd3039b7 . - DOI: 10.1007/s10207-008-0074-x
  • H.A. López; F. Massacci; N. Zannone, "Goal-equivalent secure business process re-engineering" in Service-oriented Computing ICSOC 2007 International Workshops, Berlin, Heidelberg, NY.: Springer-Verlag, 2009, p. 212-223. - (LNCS; Vol. 4907). - ISBN: 9783540938507. Proceedings of: ICSOC 2007, Vienna, 17th september 2007. - DOI: 10.1007/978-3-540-93851-4_21
  • G. Gheorghe; F. Massacci; S. Neuhaus; A. Pretschner, "GoCoMM: A governance and compliance maturity model" in Proceedings of the ACM Conference on Computer and Communications Security, New York: ACM, 2009, p. 33-37. - ISBN: 9781605587875. Proceedings of: CCS, CHICAGO, November 9-13. - DOI: 10.1145/1655168.1655175
  • A. Krausova; F. Massacci; A. Saidane, "How to capture and use legal patterns in IT" in Proceedings of the 12th International Conference on Artificial Intelligence and Law, Boston: ACM Press, 2009, p. 228-229. Proceedings of: ICAIL 09, Barcelona, JUNE 2009. - DOI: 10.1145/1568234.1568267
  • L. Compagna; P. El Khoury; A. Krausová; F. Massacci; N. Zannone, "How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns" in ARTIFICIAL INTELLIGENCE AND LAW, v. 17.1, n. 1 (2009), p. 1-30. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 58849148475&partnerID=40&md5=a963e843e71f411b7fd99d5755f793df
  • A. Krausova; F. Massacci; A. Saidane, "Legal patterns implement trust in IT requirements: When legal means are the "best" implementation of IT technical goals" in 2nd International Workshop on Requirements Engineering and Law, New York: IEEE, 2009, p. 33-38. - ISBN: 9781424476961. Proceedings of: RELAW 2009, ATLANTA, September 2009. - DOI: 10.1109/RELAW.2009.7
  • F. Massacci; G. Tsudik; A. Yautsiukhin, "Logging key assurance indicators in business processes." in Proc. of ASIACCS’09, New York: ACM, 2009, p. 364-367. - ISBN: 978-1-60558-394-5. Proceedings of: ASIACC 09, Sydney, 10th-12th March 2009. - DOI: 10.1145/1533057.1533105
  • N. Bielova; N. Dragoni; F. Massacci; K. Naliukaa; I. Siahaana, "Matching in security-by-contract for mobile code" in JOURNAL OF LOGIC AND ALGEBRAIC PROGRAMMING, v. 78, n. 5 (2009), p. 340-358. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 67349233081&partnerID=40&md5=34c2226a336c7a02f08bb945eaebcf4c . - DOI: 10.1016/j.jlap.2009.02.013
  • F. Massacci; V.H. Nguyen; A. Saidane, "No purpose, no data: Goal-oriented access control forambient assisted living" in Proceedings of the ACM Conference on Computer and Communications Security, New York: ACM, 2009, p. 53-57. - ISBN: 9781605587905. Proceedings of: CCS 2009, CHICAGO, November 09 - 13, 2009. - DOI: 10.1145/1655084.1655093
  • Y. Asnar; M. Felici; F. Massacci; A. Tedeschi; A. Yautsiukhin, "Quantitative assessment for organisational security & dependability" in Proc. of DEPEND 2009, Chicago: International Journal on Advanced Security, 2009, p. 40-45. Proceedings of: DEPEND 2009, Athens, 18th-23th June. - DOI: 10.1109/DEPEND.2009.12
  • D.Marino; F. Massacci; A. Micheletti; N. Rassadko; S. Neuhaus, "Satisfaction of control objectives by control processes" in Service-Oriented Computing: 7th International Joint Conference, ICSOC-ServiceWave 2009: proceedings, Berlin; Heidelberg: Springer, 2009, p. 531-545. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 3642103820. Proceedings of: ICSOC-ServiceWave 2009, Stockholm, Sweden, 24th-27th November 2009. - DOI: 10.1007/978-3-642-10383-4_39
  • Massacci, F.; Piessens, F.; Siahaan, I, "Security-by-contract for the future internet" in LECTURE NOTES IN COMPUTER SCIENCE, v. 2009, (2009), p. 29-43. - DOI: 10.1007/978-3-642-00985-3_3
  • F. Massacci; F. Piessens; I Siahaan, "Security-by-contract for the future internet" in Proc. of FIS’09, Berlin: Springer 2009, 2009, p. 29-34. Proceedings of: FIS’09, Berlin, September 2009
  • L. Desmet; W. Joosen; F. Massacci; K. Naliuka; P. Philippaerts; F. Piessens; D. Vanoverberghe, "The S3MS.NET Run Time Monitor: Tool Demonstration" in ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, v. 253, n. 5 (2009), p. 153-159. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 71649111935&partnerID=40&md5=1b11dd08214f939e41e219dfaac8e452 . - DOI: 10.1016/j.entcs.2009.11.021
  • N. Bielova; F. Massacci; A. Micheletti, "Towards Practical Enforcement Theories" in Identity and Privacy in the Internet Age, Berlin: Springer, 2009, p. 239-254. - ISBN: 978-3-642-04765-7. Proceedings of: NORDSEC09, Oslo, October 2009. - DOI: 10.1007/978-3-642-04766-4_17
  • DRAGONI N; F. MASSACCI; WALTER T; SCHAEFER C, "What the Heck is this application doing? - A securityby- contract architecture for pervasive services" in COMPUTERS & SECURITY, v. 53, n. 28.7 (2009), p. 566-577. - DOI: 10.1016/j.cose.2009.06.005
  • F. Massacci ; N. Zannone, "A Model-Driven Approach for the Specification and Analysis of Access Control Policies" in OTM Conferences (2) 2008, Berlin: Springer Verlag, 2008, p. 1087-1103. - (LNCS; 5332). - ISBN: 9783540888727. Proceedings of: Springer, Monterrey, 11-14 November 2008. - URL: http://www.springerlink.com/content/g5385n2558l5355p/ . - DOI: 10.1007/978-3-540-88873-4_11
  • N. Dragoni; F. Massacci; K. Naliuka, "An inline monitoring system for .NET mobile devices." in Trust Management II, Berlin: Springer, 2008, p. 363-366. - ISBN: 9780387094274. Proceedings of: IFPTM 08, Trondheim, 18th-20th June. - DOI: 10.1007/978-0-387-09428-1_24
  • H. A. Lopez Acosta ; F. Massacci ; N. Zannone, "Goal-Equivalent Business Process Re-engineering" in In Proc. of the Workshops of the Fifth International Conference of Service Oriented Computing (ICSOC), Berlin: Springer Berlin / Heidelberg, 2008. Proceedings of: 2nd International SeMSoC Workshop – Business Oriented Aspects concerning Semantics and Methodologies in Service-oriented Computing (SeMSoC), Vienna, Austria, 17/09/2007. - URL: http://sysedv.tu-berlin.de/Homepage/SYSEDV.nsf?Open&ID=8219EAD9175B5E7EC12573010034F9EF&Key=&Sel=&La
  • F. Massacci ; H. Koshutanski, "Interactive access control for autonomic systems: From theory to implementation" in ACM TRANSACTIONS ON AUTONOMOUS AND ADAPTIVE SYSTEMS, v. 3, n. 3 (2008), p. 1-31. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 49549085763&partnerID=40&md5=38f8576ef60c93e7ddb6aa446402cbd7 . - DOI: 10.1145/1380422.1380424
  • A. Aggarwal; M. Badra; F. Massacci (edited by), "New Technologies, Mobility and Security: 2008 NTMS'08", Chicago: IEEE Press, 2008. - ISBN: 9782953244304. - DOI: 10.1109/NTMS.2008.ECP.3
  • F. Massacci; F. Piessens; S. Mauw, "Preface" in SCIENCE OF COMPUTER PROGRAMMING, v. 74, n. 1-2 (2008), p. 1-1. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 56349125203&partnerID=40&md5=4b396300d9dfb277ab4b1462b6950d1c . - DOI: 10.1016/j.scico.2008.09.002
  • F. Massacci ; F. Piessens, "Preface" in "Proceedings of the First International Workshop on Run Time Enforcement for Mobile and Distributed Systems (REM 2007): Dresden, Germany 27 September 2007", Amsterdam: Elsevier, 2008, p. 1-2. - (Electronic Notes Theoretical Computer Science). - DOI: 10.1016/j.entcs.2007.11.007
  • L. Compagna ; V. Lotz ; F. Massacci, "Preface" in "Proceedings of the 3rd International Workshop on Security and Trust Management (STM 2007): Dresden, Germany 27 September 2007", Amsterdam: Elsevier, 2008, p. 1-2. - (Electronic Notes Theoretical Computer Science). - DOI: 10.1016/j.entcs.2008.01.001
  • F. Massacci ; A. Benameur ; N. Rasadka, "Security views for outsourced business processes" in Proceedings of the 5th ACM Workshop On Secure Web Services, SWS 2008, Chicago: ACM PRESS, 2008, p. 45-52. - ISBN: 978-1-60558-292-4. Proceedings of: SWS 2008, Alexandria, Va, 2008. - DOI: 10.1145/1456492.1456500
  • N. Dragoni; F. Martinelli; F. Massacci; P. Mori; C. Schaefer; T. Walter; E. Vetillard, "Security-by- Contract (SxC) for Software and Services of Mobile Systems" in At Your Service – Selected Papers on EU research on Software and Services, Chicago: MIT Press, 2008, p. 49-54. - ISBN: 9780769528632. Proceedings of: SecPerU 2007, Instambul, 19th July. - DOI: 10.1109/SECPERU.2007.2
  • L. Desmet; W. Joosen; F. Massacci; P. Philippserts; F. Piessens; I. Siahaan; D. Vanoverberghe, "Securityby- contract on the .NET platform." in INFORMATION SECURITY TECHNICAL REPORT, v. 13, n. 13.1 (2008), p. 25-32. - DOI: 10.1016/j.istr.2008.02.001
  • F. Massacci ; I. S. R. Siahaan, "Simulating midlet's security claims with automata modulo theory" in Proceedings of the 2008 Workshop on Programming Languages and Analysis for Security, PLAS 2008, New York, N.Y.: ACM, 2008, p. 1-9. - ISBN: 978-1-59593-936-4. Proceedings of: PLAS 2008, Tucson, Az., 8th June 2008. - DOI: 10.1145/1375696.1375698
  • F. Massacci ; K. Naliuka, "Towards Practical Security Monitors of UML Policies for Mobile Applications" in 3rd International Conference on Availability, Security, and Reliability, Proceedings, CHICAGO: IEEE, 2008, p. 1112-1119. - ISBN: 978-0-7695-3102-1. Proceedings of: ARES 2008, Barcelona, 4th-7th March 2008. - DOI: 10.1109/ARES.2008.191
  • L. Desmet; W. Joosen; F. Massacci; K. Naliuka; P. Philippaerts; F. Piessens; D. Vanoverberghe, "A Flexible Security Architecture to Support Third-party Applications on Mobile Devices." in Proceedings of the 2007 ACM workshop on Computer Security Architecture, Chicago: ACM, 2007, p. 19-28. Proceedings of: CSAW '07, Fairfax, VA, 2nd November 2007. - DOI: 10.1145/1314466.1314470
  • H. Koshutanski ; F. Massacci, "A negotiation scheme for access rights establishment in autonomic communication" in JOURNAL OF NETWORK AND SYSTEMS MANAGEMENT, v. 15, n. 1 (2007), p. 117-136. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 33947544647&partnerID=40&md5=ea2c619a6004cd2bdbf859ced0975604 . - DOI: 10.1007/s10922-006-9057-2
  • N. Dragoni; F. Massacci; C. Schaefer; T. Walter; E. Vetillar, "A Security-by-Contracts Architecture for Pervasive Services" in Third International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing: SecPerU 2007: Proceedings, Piscataway, NJ: IEEE, 2007, p. 49-54. Proceedings of: SECPerU’07, Istanbul, 19th July 2007. - DOI: 10.1109/SECPERU.2007.2
  • A. Yautsiukhin ; F. Massacci, "An Algorithm for the Appraisal of Assurance Indicators for Complex Business Processes" in Proceedings of the The Third Workshop on Quality of Protection, New York: ACM PRESS, 2007, p. 22-27. - ISBN: 9781595938855. Proceedings of: QoP 2007, Alexandria (VA), 29th October 2007. - URL: http://dit.unitn.it/~qop/; http://dl.acm.org/citation.cfm?doid=1314257.1314265 . - DOI: 10.1145/1314257.1314265
  • F. Massacci; N. Zannone; J. Mylopoulos, "An Ontology for Secure Socio-Technical Systems" in Handbook of Ontologies for Business Interaction, Pennsylvania: IGI Global, 2007, p. 188-206. - DOI: 10.4018/978-1-59904-660-0.ch011
  • F. Massacci; J. Mylopoulos; N. Zannone, "An Ontology for Secure Socio-Technical Systems" in Handbook of Ontologies for Business Interaction, USA: Idea Group Inc., 2007, p. 188-206
  • F. Massacci; J. Mylopoulos; N. Zannone, "Computer-aided Support for Secure Tropos" in AUTOMATED SOFTWARE ENGINEERING, v. 14, n. 14.3 (2007), p. 341-364
  • P. Guarda ; F. Massacci ; N. Zannone, "E-Government and On-line Services: Security and Legal Patterns" in Proceedings of the 1st International Conference on Methodologies, Technologies and Tools enabling e-Government, Camerino: Halley Informatica S.r.l., 2007, p. 29. - ISBN: 9788875893002. Proceedings of: MeTTeG07, Camerino, 27-28 September 2007
  • G. Frankova; F. Massacci; M. Seguran, "From Early Requirements Analysis towards Secure Workflows" in Trust Management: Proceedings of IFIPTM 2007: Joint iTrust and PST Conferences on Privacy, Trust Management and Security, July 30-August 2, 2007, New Brunswick, Canada, New York: Springer, 2007, p. 407-410. - (IFIP International Federation for Information Processing; 238). - ISBN: 9780387736549. Proceedings of: Joint iTrust and PST Conferences on Privacy, Trust Management and Security, Moncton, New Brunswick, 30th July-2 August 2007. - URL: http://www.springerlink.com/content/e26kv4rkn463l605/ . - DOI: 10.1007/978-0-387-73655-6 28
  • F. Massacci; J. Mylopoulos; N. Zannone, "From Hippocratic Databases to Secure Tropos: A Computer-Aided Re-engineering Approach" in INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, v. 2007, (2007), p. 265-284. - DOI: 10.1142/S0218194007003239
  • Y. D. W. Asnar; P. Giorgini; F. Massacci; N. Zannone, "From Trust to Dependability through Risk Analysis" in the Second International Conference on Availability, Reliability and Security: ares 2007: Proceedings, Piscataway, NJ: IEEE, 2007, p. 19-26. - ISBN: 9780769527758. Proceedings of: ARES 2007, Vienna, 10th-13th April 2007. - DOI: 10.1109/ARES.2007.93
  • L. Compagna; P. El Khoury; F. Massacci; R. Thomas; N. Zannone, "How to capture, model, and verify the knowledge of legal, security, and privacy experts: A pattern-based approach" in 11th International Conference on Artificial Intelligence and Law: ICAIL 2007, New York, NY: ACM Press, 2007, p. 149-154. - ISBN: 9781595936806. Proceedings of: ICAIL 2007, Stanford University, Palo Alto (CA), 4th-8th June 2007. - DOI: 10.1145/1276318.1276346
  • K. Koshutanski; F. Massacci, "Interactive Access Control with Trust Negotiation for Autonomic Communication" in Advances in Enterprise Information Technology Security, Pennsylvania: IGI Global, 2007, p. 120-148. - DOI: 10.1145/1380422.1380424
  • F. Massacci ; I. S. R. Siahaan, "Matching Midlet's Security Claims with a Platform Security Policy Using Automata Modulo Theory" in Proceedings of the 12th Nordic Workshop on Secure IT Systems, [S.l.: s.n.], 2007, p. [n.d.]-[n.d.]. Proceedings of: NordSec 2007, Reykjavík, 11th-12th October 2007. - URL: http://www.ru.is/nordsec2007/
  • A. Yautsiukhin; F. Massacci, "Modelling of quality of protection in outsourced business processes" in Proceedings of the Third International Symposium on Information Assurance and Security, Washington, DC, USA: IEEE Computer Society Press, 2007, p. 247-252. Proceedings of: IAS 2007, Manchester, 29th-31st August 2007. - URL: http://ieeexplore.ieee.org/iel5/4299731/4299732/04299782.pdf . - DOI: 10.1109/ISIAS.2007.4299782
  • L. Compagna; V. Lotz; F. Massacci (edited by), "Proc. of the ERCIM Security and Trust Management Workshop.(STM’07)", Amsterdam: Elsevier, 2007
  • Y. D. W. Asnar ; P. Giorgini ; F. Massacci ; A. Saidane ; R. Bonato ; V. Meduri ; C. Riccucci, "Secure and Dependable Patterns in Organizations: An Empirical Approach" in Requirements Engineering Conference, 2007. RE '07. 15th IEEE International, NJ, USA: IEEE Press, 2007, p. 287-292. - ISBN: 9780769529356. Proceedings of: Requirements Engineering Conference, 2007. RE '07. 15th IEEE International, New Delhi, India, 15th-19th October 2007. - DOI: 10.1109/RE.2007.19
  • Y. Karabulut ; F. Massacci ; A. Yautsiukhin ; F. Kerschbaum ; P. Robinson, "Security and Trust in IT Business Outsourcing: a Manifesto" in ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, v. 179, n. 179 (2007), p. 47-58. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 34250776507&partnerID=40&md5=18a10ad1eb25ee0745df4513749af06d . - DOI: 10.1016/j.entcs.2006.08.030
  • A. Mana ; C. Rudolph ; G. Spanoudakis ; V. Lotz ; F. Massacci ; M. Melideo ; J. M. Lopez-cobo, "Security Engineering for Ambient Intelligence: A Manifesto" in H. Mouratidis, P. Giorgini (edited by), Integrating Security and Software Engineering: advances and future visions, Hershey, Pa.: Idea group, 2007, p. 3676-3690. - ISBN: 1599049376. - URL: http://www.igi-global.com/chapter/security-engineering-ambient-intelligence/23320 . - DOI: 10.4018/978-1-59904-937-3.ch249
  • N. Dragoni; F. Massacci; K. Naliuka; I. Siahaan, "Security-by-Contract: Toward a Semantics for Digital Signatures on Mobile Code" in Public Key Infrastructure: 4th European PKI Workshop: Theory and Practice, EuroPKI 2007: Proceedings, Berlin ; Heidelberg: Springer, 2007, p. 297-312. - (Lecture Notes in Computer Science). - ISBN: 9783540734079. Proceedings of: EuroPKI 2007, Mallorca, 28th-30th June 2007. - DOI: 10.1007/978-3-540-73408-6_21
  • S. Etalle ; F. Massacci ; A. Yautsiukhin, "The meaning of logs" in Trust, Privacy and Security in Digital Business: 4th International Conference, TrustBus 2007: Proceedings, Berlin ; Heidelberg: Springer, 2007, p. 145-154. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 9783540744085. Proceedings of: TrustBus 2007, Regensburg, 3rd-7th September 2007. - URL: http://www.icsd.aegean.gr/trustbus07/ . - DOI: 10.1007/978-3-540-74409-2_17
  • F. Massacci ; K. Naliuka, "Towards Practical Security Monitors of UML Policies for Mobile Applications." in Eighth IEEE International Workshop on Policies for Distributed Systems and Networks: Policy 2007: Proceedings, Los Alamitos, CA: IEEE, 2007, p. 278-278. - ISBN: 9780769527673. Proceedings of: Policy 2007, Bologna, 13th-15th June 2007. - DOI: 10.1109/POLICY.2007.46
  • A. Pretschner ; F. Massacci ; M. Hilty, "Usage Control in Service-Oriented Architectures" in Trust, Privacy and Security in Digital Business4th International Conference, TrustBus 2007, Regensburg, Germany, September 3-7, 2007, Proceedings, Berlin: Springer Berlin / Heidelberg, 2007, p. 83-93. - (Lecture Notes in Computer Science). - ISBN: 9783540744085
  • F. Massacci ; J. Mylopoulos ; N. Zannone, "A Privacy Model to Support Minimal Disclosure in Virtual Organizations" in Proceedings of the W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement, [S.l.: s.n.], 2006, p. [n.d.]-[n.d.]. Proceedings of: W3C-06, Ispra, VA, 17-18 October 2006. - URL: http://www.w3.org/2006/07/privacy-ws/
  • G. Bella; S. Bistarelli; F. Massacci, "A Protocol’s Life After Attacks" in Security Protocols: 11th International Workshop: Revised Selected Papers, Berlin: Springer, 2006, p. 3-10. - (Lecture Notes in Computer Science). - ISBN: 9783540283898. Proceedings of: 11th International Workshop on Security Protocols, Cambridge, 2nd-4th April 2003. - URL: http://www.springerlink.com/content/94674kp6j68p4tfn/fulltext.pdf . - DOI: 10.1007/11542322_2
  • S. Dobson ; S. Denazis ; A. Fernandez ; D. Gaiti ; E. Gelenbe ; F. Massacci ; P. Nixon ; F. Saffre ; N. Schmidt ; F. Zambonelli, "A survey of autonomic communications" in ACM TRANSACTIONS ON AUTONOMOUS AND ADAPTIVE SYSTEMS, v. 1, n. 2 (2006), p. 223-259. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 33845547636&partnerID=40&md5=025d69b149806e9c7d38ceba663dbe6e . - DOI: 10.1145/1186778.1186782
  • V. Bryl; F. Massacci; J. Mylopoulos; N. Zannone, "Designing Security Requirements Models through Planning" in 18th Conference on Advanced Information Systems Engineering, Berlin, Heidelberg: Springer, 2006, p. 33-47. - (LNCS). - ISBN: 9783540346524. Proceedings of: (CAiSE'06), Luxembourg, 5th-9th June 2006
  • F. Massacci ; N. Zannone, "Detecting Conflicts between Functional and Security Requirements with Secure Tropos: John Rusnak and the Allied Irish Bank" in P. Giorgini, N. Maiden, J. Mylopoulos, E. Yu (edited by), Social Modeling for Requirements Engineering, Cambridge, Mass. ; London: MIT press, 2006, p. 341-364
  • P. Giorgini ; F. Massacci ; J. Mylopoulos ; N. Zannone, "Detecting Conflicts of Interest" in 14th IEEE International Requirements Engineering Conference: RE'06: proceedings, USA: IEEE Computer Society Press, 2006, p. 308-311. - ISBN: 9780769525556. Proceedings of: 14th IEEE International Requirements Engineering Conference, Minneapolis/St. Paul, MN, 11th-15th, September 2006. - URL: http://ieeexplore.ieee.org/iel5/11170/35962/01704085.pdf?isnumber=35962&prod=CNF&arnumber=1704085&arSt=+308&ared=+311&arAuthor= . - DOI: 10.1109/RE.2006.16
  • F. Massacci ; J. Mylopoulos ; N. Zannone, "From Hippocratic Databases to Secure Tropos: a Computer-Aided Re-Engineering Approach" in INTERNATIONAL JOURNAL OF SOFTWARE ENGINEERING AND KNOWLEDGE ENGINEERING, n. 17.2 (2006), p. 265-284. - DOI: 10.1142/S0218194007003239
  • F. Massacci ; J. Mylopoulos ; N. Zannone, "Hierarchical Hippocratic Databases with Minimal Disclosure for Virtual Organizations" in VLDB JOURNAL, v. 15, n. 4 (2006), p. 370-387. - URL: http://www.springerlink.com/content/6885442330n7874m/ . - DOI: 10.1007/s00778-006-0009-y
  • F. Massacci; J. Mylopoulos; N. Zannone, "Minimal disclosure in hierarchical hippocratic databases for virtual organizations" in Proceedings of the 10th European Symposium on Research in Computer Security, Berlin: Springer, 2006, p. 370-387. Proceedings of: ESORICS 2005, Milan (Italy), 12th-14th September 2005
  • F. Massacci ; N. Zannone, "Privacy is linking permission to purpose" in Security Protocols: 12th International Workshop, Cambridge: Revised Selected Papers, BERLIN: Springer, 2006, p. 179-194. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 978-3-540-40925-0. Proceedings of: 12th International Workshop on Security Protocols, Cambridge, 26th-28th April 2004. - URL: http://www.springerlink.com/content/l7776lv37385rm34/fulltext.pdf
  • G. Karjoth ; F. Massacci (edited by), "Proceedings of the 2nd ACM workshop on Quality of protection", New York, N.Y.: ACM press, 2006, 64 p. - ISBN: 9781595935533
  • D. Gollmann ; F. Massacci ; A. Yautsiukhin (edited by), "Quality of protection: security measurements and metrics", by -., Berlin: Springer, 2006, 197 p. - (ADVANCES IN INFORMATION SECURITY). - ISBN: 9780387290164
  • P. Giorgini; F. Massacci; J. Mylopoulos; N. Zannone, "Requirements Engineering for Trust Management: Model, Methodology, and Reasoning" in INTERNATIONAL JOURNAL OF INFORMATION SECURITY, v. 5, n. 4 (2006), p. 257-274. - DOI: 10.1007/s10207-006-0005-7
  • G. Bella; S. Bistarelli; F. Massacci, "Retaliation: Can We Live with Flaws?" in Proceedings of the NATO Adavnced Research Workshop on Information Assurance and Computer Security 2005, Amsterdam: IOS Press, 2006, p. 3-14. Proceedings of: NATO ARW Information Security Assurance and Security 2005, Tetuan, Morocco, 3rd-4th June 2005
  • Popescu, B.C.; Crispo, B.; Tanenbaum, A.S.; Blaze, M.; Christianson, B.; Stajano, F.; Anderson, R.; Mitchell, C.; Roe, M.; Mayo, B.; Massacci, F.; Ozment, A.; Bond, M.; Danezis, G.; Crispo, B.; Murdoch, S., "Safe and Private Data Sharing with Turtle: Friends Team-Up and Beat the System" in Security Protocols - 12th International Workshop, Revised Selected Papers;, Berlin; Heidelberg: Springer, 2006, p. 213-220. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 978-354040925-0. Proceedings of: SPW 2004, Cambridge, 26th-28th April 2004. - DOI: 10.1007/11861386_24
  • K. Stølen; W. H. Winsborough; F.Martinelli; F. Massacci (edited by), "Trust Management, Proceedings of the4th International Conference, iTrust 2006", BERLIN: SPRINGER, 2006
  • K. Stoelen ; W. H. Winsborough ; F. Martinelli ; F. Massacci (edited by), "Trust Management: 4th International Conference: iTrust 2006", by -., Berlin; Germany: Springer, 2006, 474 p. - (Lecture Notes in Computer Science). - ISBN: 9783540342953. - URL: http://www.springerlink.com/content/978-3-540-34295-3/#section=497698&page=1 . - DOI: 10.1007/11755593
  • G. Bella ; F. Massacci ; L. C. Paulson, "Verifying the SET Purchase Protocols" in JOURNAL OF AUTOMATED REASONING, v. 36, n. 1-2 (2006), p. 5-37. - DOI: 10.1007/s10817-005-9018-6
  • G. Bella ; S. Bistarelli ; F. Massacci, "A Protocol's Life after Attacks" in Security Protocols: 11th International Workshop, Berlin; Heidelberg: Springer, 2005, p. 3-10. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 978-3-540-28389-8. Proceedings of: Proceedings of the 11th International Workshop on Security Protocols, Cambridge, UK, 2nd-4th April 2003. - DOI: 10.1007/11542322_2
  • H. Koshutanski ; F. Massacci, "An Interactive Trust Management and Negotiation Scheme" in Formal Aspects in Security and Trust: IFIP TC1 WG1.7 Workshop on Formal Aspects in Security and Trust (FAST), World Computer Congress, August 22-27, 2004, Toulouse, France, Berlin: Springer, 2005, p. 139-152. - (IFIP International Federation for Information Processing; 173). - ISBN: 0387240500. Proceedings of: Formal Aspects of Security and Trust (FAST 2004), Toulouse, 22nd-27th August 2004. - URL: http://www.iit.cnr.it/FAST2004/ . - DOI: 10.1007/0-387-24098-5_9
  • G. Bella ; F. Massacci ; L. C. Paulson, "An overview of the verification of SET" in INTERNATIONAL JOURNAL OF INFORMATION SECURITY, v. 4, n. 1-2 (2005), p. 17-28. - URL: http://www.scopus.com/inward/record.url?eid=2-s2.0- 14844323149&partnerID=40&md5=8336a228480e0585f4e2dae57659dadd . - DOI: 10.1007/s10207-004-0047-7
  • H. Koshutanski ; F. Massacci, "E Pluribus Unum: Deduction, Abduction and Induction, the Reasoning Services for Access Control in Autonomic Communication" in Autonomic Communication First International IFIP Workshop, WAC 2004, Berlin: Springer Verlag, 2005, p. 238-261. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 3540274170. Proceedings of: 1st IFIP TC6 WG6.6 International Workshop on Autonomic Communication (WAC 2004), Berlin, Germany, 18-19 October 2004. - URL: http://www.autonomic-communication.org/wac/ . - DOI: 10.1007/11520184_14
  • G. Kuper ; F. Massacci ; N. Rasadka, "Generalized XML Security Views" in SACMAT 2005: proceedings of Tenth ACM Symposium on Access Control Models and Technologies, CHICAGO: ACM Press, 2005, p. 77-84. - ISBN: 1-595-93045-0.. Proceedings of: SACMAT '05, Stockholm, 1st–3rd June 2005. - URL: www.sacmat.org . - DOI: 10.1145/1063979.1063994
  • H. Koshutanski ; F. Massacci, "Interactive Access Control and Trust Negotiation for Autonomic Communication" in ERCIM NEWS, v. 2005, n. 63 (2005), p. 36-37
  • H. Koshutanski ; F. Massacci, "Interactive credential negotiation for stateful business processes" in Trust Management, BERLIN: SPRINGER, 2005, p. 256-272. - (LECTURE NOTES IN COMPUTER SCIENCE). Proceedings of: (iTrust-05), Rocquencourt, France, May 2005
  • N. Zannone ; S. Jajodia ; F. Massacci ; D. Wijesekera, "Maintaining Privacy on Derived Objects" in Workshop on Privacy in the Electronic Society (WPES'05), New York: ACM Press, 2005, p. 10-19. - ISBN: 1595932283. Proceedings of: Workshop on Privacy in the Electronic Society (WPES'05), Alexandria (VA), 7th November 2005. - URL: http://dl.acm.org/citation.cfm?doid=1102199.1102202 . - DOI: 10.1145/1102199.1102202
  • F. Massacci ; J. Mylopoulos ; N. Zannone, "Minimal Disclosure in Hierarchical Hippocratic Databases with Delegation" in Computer Security: ESORICS 2005, Berlin: Springer, 2005, p. 438-454. - (Lecture Notes in Computer Science). - ISBN: 978-3-540-28963-0. Proceedings of: 10th European Symposium on Research in Computer Security, Milano, 12th-14th September 2005. - DOI: 10.1007/11555827_25
  • P. Giorgini; F. Massacci; J. Mylopoulos; N. Zannone, "Modeling Security Requirements Models through Planning" in Proceedings. 13th IEEE International Conference on Requirements Engineering, CHICAGO: IEEE, 2005, p. 167-176. Proceedings of: RE'05, PARIS, 29 AUGUST- 2 SEPTEMBER
  • P. Giorgini ; F. Massacci ; J. Mylopoulos ; N. Zannone, "Modeling security requirements through ownership, permission and delegation" in Proceedings of the 13th IEEE International Comference on Requirements Engineering, USA: IEEE, 2005, p. 167-176. - ISBN: 0-7695-2425-7. Proceedings of: IEEE Computer Society, Paris, 29 Aug-2 Sep 2005. - DOI: 10.1109/RE.2005.43
  • P. Giorgini ; F. Massacci ; J. Mylopoulos ; N. Zannone, "Modeling Social and Individual Trust in Requirements Engineering Methodologies" in Third International Conference on Trust Management: iTrust 2005, Berlin: Springer, 2005, p. 161-176. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 3-540-26042-0. Proceedings of: 3rd international conference on trust management (iTrust 2005), Rocquencourt, Paris, France, 23-26 May 2005
  • P. Giorgini; F. Massacci; J. Mylopoulos; N. Zannone, "Modelling Security Requirements Through Ownership, Permissions and Delegations" in 13th IEEE International Requirements Engineering Conference, USA: IEEE, 2005, p. 167-176. Proceedings of: RE’05, PARIS, AUGUST-SEPTEMBER
  • P. Giorgini; F. Massacci; N. Zannone, "Security and Trust Requirements Engineering" in A. Aldini, R. Gorrieri, F. Martinelli (edited by), Foundations of Security Analysis and Design III: Tutorial Lectures, Berlin: Springer, 2005, p. 237-272. - ISBN: 9783540289555
  • P. Giorgini ; F. Massacci ; J. Mylopoulos ; A. Siena ; N. Zannone, "ST-Tool: a case tool for modeling and analyzing trust requirements" in 3rd international conference on trust management (iTrust 2005), Germania: Springer, 2005, p. 415-419. - ISBN: 3-540-26042-0. Proceedings of: iTrust 2005, Rocquencourt, 23rd-26th May 2005. - DOI: 10.1007/11429760_33
  • P. Giorgini ; F. Massacci ; J. Mylopoulos ; N. Zannone, "ST-Tool: A CASE Tool for Security Requirements Engineering" in Proceedings of the 13th IEEE International Conference on Requirements Engineering: Paris, France, 29 August - 2 September 2005, California: IEEE Press, 2005, p. 451-452. - ISBN: 0769524257. Proceedings of: IEEE Computer Society, Paris, 29th August-2nd September 2005. - URL: http://doi.ieeecomputersociety.org/10.1109/RE.2005.67 . - DOI: 10.1109/RE.2005.67
  • F. Massacci ; M. Pistore ; A. Gotsman, "Towards an Independent Semantics and Verification Technology for the HLPSL Specification Language" in Proceedings of the Second Workshop on Automated Reasoning for Security Protocol Analysis (ARSPA 2005), Amsterdam: Elsevier, 2005, p. 59-77. - (Electronic Notes in Theoretical Computer Science). Proceedings of: ARSPA 2005, Lisbon, 16th July 2005. - DOI: 10.1016/j.entcs.2005.06.004
  • F. Massacci; M. Prest ; N. Zannone, "Using a Security Requirements Engineering Methodology in Practice: the compliance with the Italian Data Protection Legislation" in COMPUTER STANDARDS & INTERFACES, v. 27, n. 5 (2005), p. 445-455. - DOI: 10.1016/j.csi.2005.01.003
  • H. Koshutanski ; F. Massacci, "A System for Interactive Authorization for Business Processes for Web Services" in 4th International Conference on Web Engineering (ICWE), Berlin: Springer Verlag, 2004, p. 521-525. - (LNCS; 3140). - ISBN: 3540225110. Proceedings of: Springer, Munich, 28th-30th July 2004. - URL: http://www.springerlink.com/content/4x52talrpl0rx1jq/ . - DOI: 10.1007/978-3-540-27834-4_63
  • P. Giorgini ; F. Massacci ; J. Mylopoulos ; N. Zannone, "Filling the Gap between Requirements Engineering and Public Key/Trust Management Infrastructures" in Public Key Infrastructure - EuroPKI 2004, Heidelberg: Springer, 2004, p. 98-111. - (Lecture Notes in Computer Science; 3093). - ISBN: 3540222162. Proceedings of: 1st European PKI Workshop Research and Applications (1st EuroPKI), Samos Island (Greece), 25th-26th June 2004. - URL: http://www.springerlink.com/content/ykjf3dr5tuc0quaw/ . - DOI: 10.1007/978-3-540-25980-0_8
  • H. Koshutanski ; F. Massacci, "Interactive Access Control for Web Services" in Security and protection in information processing systems: IFIP 18th world computer congress: TC11 19th International Information Security Conference, Boston: Kluwer Academic Publishers, 2004, p. 150-166. - (IFIP INTERNATIONAL FEDERATION FOR INFORMATION PROCESSING; 147). - ISBN: 1402081421. Proceedings of: 19th IFIP International Information Security Conference (SEC 2004), Toulouse, 22nd-27th August 2004. - URL: http://www.laas.fr/sec2004/
  • P. Giorgini ; F. Massacci ; J. Mylopoulos ; N. Zannone, "Requirements engineering meets trust management: model, methodology, and reasoning" in Proceedings of the 2nd International Conference on Trust Management (iTrust 2004), Heidelberg: Springer, 2004, p. 176-190. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 3540213120. Proceedings of: 2nd International Conference on Trust Management, Oxford, 29 March - 1 April 2004. - URL: http://www.springerlink.com/content/k9gpgmbgf6hh0x21/ . - DOI: 10.1007/978-3-540-24747-0_14
  • N. Chetcuti-Sperandio; F. Massacci, "Semantique et raisonnement automatique pour une infrastructures publiques" in RFIA 2004: actes: 14ème congrès francophone AFRIF-AFIA Reconnaissance des formes et intelligence artificielle, Toulouse: LAAS, 2004, p. 1165-1174. Proceedings of: RFIA 2004, Toulouse, 28-30 Janvier 2004. - URL: http://spiderman-2.laas.fr/rfia2004/actes/ARTICLES/165.pdf
  • H. Koshutanski ; F. Massacci, "A Logical Model for Security of Web Services" in Formal Aspects of Security and Trust: CNR, 2003, p. 1-8. - (Technical report; 01/10/2003). Proceedings of: 1st International Workshop on Formal Aspects of Security and Trust (FAST 2003), Instituto di Informatica e Telematica, Pisa, Italy, 8-9 September 2003. - URL: http://www.iit.cnr.it/FAST2003/
  • N. Chetcuti-sperandio ; F. Massacci, "A semantics and a calculi for reasoning about credential-based systems", 2003, p. 61-76. Proceedings of: Proceedings of the International Workshop Methods for Modalities (M4M'03), Nancy, France, September 2003
  • H. Koshutanski ; F. Massacci, "An Access Control Framework for Business Processes for Web Services" in XML security (XMLSEC-2003), USA: ACM Press, 2003, p. 15-24. Proceedings of: ACM workshop on XML security (XMLSEC-2003), Fairfax, Va., 31 October 2003. - URL: http://www.acm.org/sigs/sigsac/ccs/CCS2003/XMLSec2003.html
  • H. Koshutanski ; F. Massacci, "An Access Control System for Business Processes for Web Services" in NORDSEC 2003: proceedings of the Seventh [i.e. Eighth] Nordic Workshop on Secure IT Systems - Encouraging Cooperation: 15th-17th October 2003, Gjøvik, Norway: [Norwegian University of Science and Technology], Department of Telematics, 2003, p. 143-150. Proceedings of: NORDSEC 2003, Gjøvik University College, 15th-17th October 2003. - URL: http://www2.hig.no/esorics2003/nordsec2003/
  • CARLUCCI AIELLO L.; F. MASSACCI, "Attacking Fair-Exchange Protocols: Parallel Models vs. Trace Models" in ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, v. 55(1), (2003), p. 51-68. - DOI: 10.1016/S1571-0661(04)00244-0
  • C. Fiorini ; F. Massacci ; E. Martinelli, "How to fake an RSA signature by encoding modular root finding as a SAT problem" in DISCRETE APPLIED MATHEMATICS, v. 130, n. 2 (2003), p. 101-127. - DOI: 10.1016/S0166-218X(02)00400-6
  • N. Chetcuti-sperandio ; F. Massacci, "Reasoning about Credential-based Systems" in Proceedings 1st International Workshop on Formal Aspects in Security and Trust (FAST'03), Pisa, September 2003: Istituto di Informatica e Telematica, 2003, p. 23-38. Proceedings of: Proceedings of the 1st International Workshop on Formal Aspects in Security and Trust (FAST’03), Pisa, 8-9 September 2003
  • P. Giorgini ; F. Massacci ; J. Mylopoulos, "Requirement Engineering Meets Security: A Case Study on Modelling Secure Electronic Transactions by VISA and Mastercard" in Conceptual modeling - ER 2003: 22nd International Conference on Conceptual Modeling, Chicago, IL, USA, October 13-16, 2003: proceedings, Berlin: Springer, 2003, p. 263-276. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 3-540-20299-4. Proceedings of: 22nd international conference on conceptual modeling (ER 2003), Chicago (IL), 13th-16th October 2003. - URL: http://www.er.byu.edu/er2003/
  • G. Bella ; F. Massacci ; L. C. Paulson, "Verifying the SET registration protocols" in IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, v. 21, n. 1 (2003), p. 77-87. - DOI: 10.1109/JSAC.2002.806133
  • F. Massacci, "Formal Verification of SET by VISA and MasterCard: Lessons for Formal Methods in Security" in Second Verification WorkshopVERIFY’02: affiliated with the 18th Conferenceon Automated Deduction (CADE) at FLoC’02, Copenhagen: [s.n.], 2002, p. 2-4. Proceedings of: Second verification workshop VERiFY 2002 affiliated with the 18 Conference on Automated deduction (CADE) at FLOC '02, Copenhagen, July, 25-26 2002. - URL: http://diku.dk/publikationer/tekniske.rapporter/2002/02-07.pdf
  • L. Carlucci Aiello ; F. Massacci, "Planning attacks to security protocols: case studies in logic programming" in A. Kakas, F. Sadri (edited by), Computational logic: logic programming and beyond : essays in honor of Robert A. Kowalski, Berlin: Springer, 2002, p. 533-560. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 9783540439592
  • F. M. Donini ; P. Liberatore ; F. Massacci ; M. Schaerf, "Solving QBF with SMV" in Proceedings of the 2002 Intl. Workshop on Description Logics (DL2002), Toulouse, France, April 19-21, 2002.: CEUR, 2002, p. 578-589. - (CEUR-WS; 56). Proceedings of: Proceedings of the 8th International Conference on Principles of Knowledge Representation and Reasoning (KR’02), Toulouse, France, 19-21 April 2002. - URL: http://CEUR-WS.org/Vol-53
  • G. Bella ; L. C. Paulson ; F. Massacci, "The verification of an industrial payment protocol: the SET purchase phase" in Proceedings of the 9th ACM conference on Computer and communications security, New York, NY: ACM Press, 2002, p. 12-20. - ISBN: 1581136129. Proceedings of: 9th ACM conference on computer and communications security ACM CCS-2002, Washington, DC, 18-22 November 2002. - URL: http://www.acm.org/sigs/sigsac/ccs/CCS2002/
  • L. Carlucci Aiello ; F. Massacci, "Attacking fair-exchange protocols: parallel models vs trace models" in International Workshop on Logical Aspects of Cryptographic Protocols Verification: Elsevier, 2001. - (Electronic Notes in Theoretical Computer Science; 55). Proceedings of: International Workshop on Logical Aspects of Cryptographic Protocols Verification, Paris, 2001
  • CALVANESE D.; LIBERATORE P.; F. MASSACCI; ROSATI R., Complementi ed esercizi di programmazione in PASCAL, BOLOGNA: Esculapio Editore, 2001. - ISBN: 9788886524230
  • F. Massacci, "Decision Procedures for Expressive Description Logics with Intersection, Composition, Converse of Roles and Role Identity" in IJCAI-01 : proceedings of the seventeenth International Joint Conference on Artificial Intelligence, Seattle, Washington August 4-10, 2001, USA: Kaufmann, 2001, p. 193-198. - (ISBN 1-55860-777-3; 1). Proceedings of: Proceedings of the 17th International Joint Conference on Artificial Intelligence (IJCAI’01), Seattle, Washington, 2001
  • A. Fioravanti ; F. Massacci, "How to model (and simplify) the SET payment phase for automated verification" in Proceedings of IJCAR-2001 Verification Workshop - VERIFY'01: Università di Siena, 2001, p. 34-44. - (Technical Report; 01/08/2001). Proceedings of: Proceedings of IJCAR-2001 Verification Workshop - VERIFY'01, Siena, June, 18-23 2001
  • L. Farinas Del Cerro ; D. Fauthoux ; O. Gasquet ; A. Herzig ; D. Longin ; F. Massacci, "Lotrec: The Generic Tableau Prover for Modal and Description Logics" in International Joint Conference on Automated Reasoning IJCAR 2001: Automated Reasoning, Berlin; Heidelberg: Springer, 2001, p. 453-458. - (LECTURE NOTES IN COMPUTER SCIENCE; 2083). - ISBN: 3-540-42254-4. Proceedings of: Proceedings of International Joint Conference on Automated Reasoning, Siena, June 18–22, 2001
  • CALVANESE D.; LIBERATORE P.; F. MASSACCI; ROSATI R., Programmazione con Strutture Dati in C, BOLOGNA: Esculapio Editore, 2001. - ISBN: 9788886524520
  • D. Calvanese ; P. Liberatore ; F. Massacci ; R. Rosati, Programmazione con strutture dati in C, Bologna: Esculapio, 2001, 340 p. - (Progetto Leonardo). - ISBN: 9788886524520
  • L. Carlucci Aiello; F. Massacci, "Verifying security protocols as planning in logic programming" in ACM TRANSACTIONS ON COMPUTATIONAL LOGIC, v. 2, n. 4 (2001), p. 542-580
  • CARLUCCI AIELLO L.; F. MASSACCI, "An Executable Specification Language for Planning Attacks to Security Protocols" in Proc. of the 13th IEEE Computer Security Foundations Workshop (CSFW'00), USA: IEEE, 2000, p. 88-102. Proceedings of: Proc. of the 13th IEEE Computer Security Foundations Workshop (CSFW'00), cambridge, 3/5-7.2010
  • G. De Giacomo ; F. Massacci, "Combining deduction and model checking into tableaux and algorithms for Converse-PDL." in INFORMATION AND COMPUTATION, v. 162, (2000), p. 117-137. - DOI: 10.1006/inco.1999.2852
  • F. M. Donini ; F. Massacci, "EXPTIME Tableaux for ALC" in ARTIFICIAL INTELLIGENCE, v. 124(1), (2000), p. 87-138. - DOI: 10.1016/S0004-3702(00)00070-9
  • G. Bella ; F. Massacci ; L. C. Paulson ; P. Tramontano, "Formal verification of cardholder registration in SET" in ...., Berlin, Heidelberg, NewYork: Springer Verlag, 2000, p. 159-174. - (LNCS; 1895). Proceedings of: 6th European symposium on research in computer security (ESORICS-2000), Toulouse, 2000
  • F. Massacci ; L. Marraro, "Logical Cryptanalysis as a SAT-Problem: Encoding and Analysis of the U.S. Data Encryption Standard" in JOURNAL OF AUTOMATED REASONING, v. 24, n. 1-2 (2000), p. 165-203. - DOI: 10.1023/A:1006326723002
  • F. MASSACCI; MARRARO L., "Logical cryptanalysis as a SAT-problem: Encoding and analysis of the U.S. Data Encryption Standard" in J. Gent, H. Van Maaren, T. Walsh (edited by), SAT-2000: Highlights of Satisfiability Research at the Year 2000, AMSTERDAM-NEW YORK: IOS Press, 2000. - ISBN: 9781586030612
  • F. MASSACCI, "Reduction Rules and Universal Variables for First Order Tableaux and DPLL" in Proc. of the 7th Int. Conf. on Principles of Knowledge Repr. and Reasoning (KR), 2000, p. 186-197
  • F. Massacci ; L. Marraro, "Single Step Tableaux for Modal Logics" in JOURNAL OF AUTOMATED REASONING, v. 24, n. 3 (2000), p. 319-364. - DOI: 10.1023/A:1006155811656
  • F. Massacci, "The proof complexity of analytic and clausal tableaux" in THEORETICAL COMPUTER SCIENCE, v. 243, n. 1-2 (2000), p. 477-487. - DOI: https://doi.org/10.1016/S0304-3975(00)00148-1
  • BAUMGARTNER P.; F. MASSACCI, "The Taming of the XOR" in Computational Logic -- CL 2000, First International Conference, Berlin; Heidelberg: Springer, 2000, p. 508-522. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 3-540-67797-6. Proceedings of: CL 2000, London, UK, 24th–28th July, 2000. - DOI: 10.1007/3-540-44957-4_34
  • F. MASSACCI, "Using Walk-SAT and Rel-SAT for Cryptographic Key Search" in Proc. of the 16th Internat. Joint Conf. on Artificial Intelligence (IJCAI-99), [S.l]: IJCAI Organization, 1999, p. 290-295. Proceedings of: IJCAI-99, Stockholm, Sweden, July 31 - August 6, 1999
  • F. MASSACCI, "Anytime Approximate Modal Reasoning" in Proc. of 15th National (U.S.) Conference on Artificial Intelligence (AAAI-98), Madison, Wisconsin: AAAI-98, 1998, p. 274-279. - ISBN: 978-1-57735-418-5. Proceedings of: THE FIFTEENTH NATIONAL CONFERENCE ON ARTIFICIAL INTELLIGENCE-(AAAI-98), Wisconsin-USA, July 26–30, 1998
  • F. MASSACCI, "Breaking security protocols as an AI planning problem" in Proc. of the 4th European Conference on Planning (ECP-97), Germania: Springer Verlag, 1998, p. 286-298. Proceedings of: 4th European Conference on Planning (ECP-97), Toulouse, France, 24/25/26 September 1997
  • F. Massacci, "Tableaux Methods for Formal Verification in Multi-agent Distributed Systems" in JOURNAL OF LOGIC AND COMPUTATION, v. 8, (1998), p. 373-400. - DOI: 10.1093/logcom/8.3.373
  • F. MASSACCI, "Reasoning about security: a logic and a decision methods for role-based access control" in Proc. of ECSQARU-FAPR'97, Berlin; Heidelberg: Springer, 1997, p. 421-435. - (LECTURE NOTES IN COMPUTER SCIENCE). - ISBN: 978-354063095-1. Proceedings of: ECSQARU-FAPR 1997, Bad Honnef; Germany, 9th-12th June 1997
  • DONINI F. M.; F. MASSACCI; NARDI D.; ROSATI R., "A uniform tableaux method for nonmonotonic modal logics" in 6th European Workshop on Logics in Artificial Intelligence (JELIA-96), Berlin; Heidelberg: Springer, 1996, p. 87-103. - (LECTURE NOTES IN COMPUTER SCIENCE). Proceedings of: JELIA 1996, Evora; Portugal, 30 September - 3 October 1996. - DOI: 10.1007/3-540-61630-6
  • DE GIACOMO G.; F. MASSACCI, "Tableaux and Algorithms for Propositional Dynamic Logic with Converse" in Proc. of the 13th International Conference on Automated Deduction (CADE-97), Berlin; Heidelber: Springer, 1996, p. 613-628. - (LECTURE NOTES IN COMPUTER SCIENCE). Proceedings of: CADE: International Conference on Automated Deduction, New Brunswick, NJ, USA, July 30 – August 3, 1996. - DOI: 10.1007/3-540-61511-3_117
  • F. MASSACCI, "Strongly Analytic Tableaux for Normal Modal Logics" in Proc. of the 12th Int. Conf. on Automated Deduction, 1994, p. 723-737