Rosario Giustolisi @ ITU

Publications [authors are normally listed in alphabetical order]

Book

ISC Rosario Giustolisi. Modelling and Verification of Secure Exams. Information Security and Cryptography. Springer, 2018.

Journal

JCS Rosario Giustolisi, Giampaolo Bella, Carsten Schürmann. Modelling Human Threats in Security Ceremonies. Journal of Computer Security, 2022.
JCS Rosario Giustolisi, Giampaolo Bella, Gabriele Lenzini. Invalid Certificates in Modern Browsers: A Socio-Technical Analysis. Journal of Computer Security, 2018.
C&S Giampaolo Bella, Rosario Giustolisi, Gabriele Lenzini, and Peter Y. A. Ryan. Trustworthy exams without trusted parties. Computers & Security, 67:291-307, 2017.
C&S Giampaolo Bella, Rosario Giustolisi, and Salvatore Riccobene. Enforcing privacy in e-commerce by balancing anonymity and trust. Computers & Security, 30(8):705-718, 2011.

Conference and Workshop with proceedings

2024

IEEE S&P Rosario Giustolisi, Maryam Sheikhi Garjan, Carsten Schuermann. Thwarting Last-Minute Voter Coercion. In 45th IEEE Symposium on Security and Privacy S&P 2024. Springer
E-VOTE ID Rosario Giustolisi and Maryam Sheikhi Garjan. Efficient Cleansing in Coercion-Resistant Voting. In 9th International Joint Conference on Electronic Voting. Springer.

2023

SECRYPT Maryam Sheikhi Garjan, Rosario Giustolisi, Carsten Schuermann Receipt-Free Electronic Voting from zk-SNARK. In 20th International Conference on Security and Cryptography. SciTePress.
ITASEC Bernardo David, Rosario Giustolisi, Victor Mortensen, Morten Pedersen Local Differential Privacy in Voting. ITASEC 2023: The Italian Conference on CyberSecurity. CEUR-WS

2022

DPM Mohammadamin Rakeei, Rosario Giustolisi, Gabriele Lenzini. Secure Internet Exams Despite Coercion. In 17th DPM International Workshop on Data Privacy Management. Springer
ACNS Rosario Giustolisi, Carsten Schuermann. POSTER: Enabling User-Accountable Mechanisms in Decision Systems. In 20th International Conference on Applied Cryptography and Network Security - Workshops. Springer

2021

PSL Alessandro Bruni, Marco Carbone, Rosario Giustolisi, Sebastian Moedersheim, Carsten Schuermann. Security Protocols as Choreographies. In Protocols, Strands, and Logic - Essays Dedicated to Joshua Guttman on the Occasion of his 66.66th Birthday. Springer

2020

NSS Willard Rafnsson, Rosario Giustolisi, Mark Kragerup, Mathias Høyrup. Fixing Vulnerabilities Automatically with Linters. In 14th International Conference on Network and System Security. Springer
E-VOTE ID Rosario Giustolisi and Alessandro Bruni. Privacy-preserving Dispute Resolution in the Improved Bingo Voting. In 5th International Joint Conference on Electronic Voting. Springer.

2019

STAST Ivan Garbacz, Kasper Moeller Nielsen, Rosario Giustolisi, and Carsten Schürmann. A Security Analysis of the Danish Deposit Return System. In 9th Workshop on Socio-Technical Aspects in Security and Trust. Springer.
SECRYPT Diego Sempreboni, Giampaolo Bella, Rosario Giustolisi, Luca Vigano. What Are The Threats? (Charting The Threat Models Of Security Ceremonies). In 16th International Conference on Security and Cryptography. SciTePress.

2017

NordSec Rosario Giustolisi. Free Rides in Denmark: Lessons from Improperly Generated Mobile Transport Tickets. In 22nd Nordic Conference on Secure IT System, pages 159-174. Springer. Best Paper Award
ISC Alessandro Bruni, Rosario Giustolisi, and Carsten Schürmann. Automated analysis of accountability. In 20th Information Security Conference (ISC), pages 417-434. Springer.
ESSoS Giampaolo Bella and Rosario Giustolisi. Idea: A unifying theory for evaluation systems. In International Symposium on Engineering Secure Software and Systems, pages 231-239. Springer.
SECRYPT Rosario Giustolisi, Vincenzo Iovino, and Gabriele Lenzini. Privacy-preserving verifiability - A case for an electronic exam protocol. In 14th International Conference on Security and Cryptography, pages 139-150. SciTePress.

2016

Voting Rosario Giustolisi, Vincenzo Iovino, and Peter B. Rønne. On the possibility of non-interactive e-voting in the public-key setting. In Financial Cryptography Workshops, pages 193-208. Springer.
ICISC Rosario Giustolisi, Christian Gehrmann, Markus Ahlström, and Simon Holmberg. A secure group-based AKA protocol for machine-type communications. In International Conference on Information Security and Cryptology (ICISC), pages 3-27.
SECRYPT Rosario Giustolisi and Christian Gehrmann. Threats to 5g group-based authentication. In 13th International Conference on Security and Cryptography, pages 360-367. SciTePress.

2015

IFIP SEC Giampaolo Bella, Rosario Giustolisi, Gabriele Lenzini, and Peter Y. A. Ryan. A secure exam protocol without trusted parties. In 30th IFIP SEC, pages 495-509. Springer.
ISPEC Jannik Dreier, Rosario Giustolisi, Ali Kassem, Pascal Lafourcade, and Gabriele Lenzini. A framework for analyzing verifiability in traditional and electronic exams. In 11th Information Security Practice and Experience Conference (ISPEC), pages 514-529. Springer.
ICETE Jannik Dreier, Rosario Giustolisi, Ali Kassem, Pascal Lafourcade, Gabriele Lenzini, and Peter Y. A. Ryan. Formal security analysis of traditional and electronic exams. In International Joint Conference in E-Business and Telecommunications (ICETE) (Selected Papers), pages 294-318. Springer.

2014

PST Giampaolo Bella, Rosario Giustolisi, and Gabriele Lenzini. Secure exams despite malicious management. In 12th Privacy Security and Trust (PST), pages 274-281. IEEE Computer Society.
SECRYPT Jannik Dreier, Rosario Giustolisi, Ali Kassem, Pascal Lafourcade, Gabriele Lenzini, and Peter Y. A. Ryan. Formal analysis of electronic exams. In 11th International Conference on Security and Cryptography, pages 101-112. SciTePress. Best Paper Award
CSPW Rosario Giustolisi, Gabriele Lenzini, and Peter Y. A. Ryan. Remark!: A secure protocol for remote exams. In 22nd Cambridge Security Protocols Workshop, pages 38-48. Springer.
COMPSACW Giampaolo Bella, Paul Curzon, Rosario Giustolisi, and Gabriele Lenzini. A socio-technical methodology for the security and privacy analysis of services. In Computer Software and Applications Conference (COMPSAC) Workshops, pages 401-406. IEEE Computer Society.

2013

CRiSIS Rosario Giustolisi, Gabriele Lenzini, and Giampaolo Bella. What security for electronic exams? In CRiSIS, pages 1-5. IEEE.
PST Giampaolo Bella, Rosario Giustolisi, and Gabriele Lenzini. Socio-technical formal analysis of TLS certificate validation in modern browsers. In 11th Privacy, Security and Trust (PST), pages 309-316. IEEE Computer Society.
IFIPTM Giampaolo Bella, Rosario Giustolisi, and Gabriele Lenzini. A socio-technical understanding of TLS certificate validation. In 7th IFIPTM, pages 281-288. Springer.
IUCC Ana Ferreira, Rosario Giustolisi, Jean-Louis Huynen, Vincent Koenig, and Gabriele Lenzini. Studies in socio-technical security analysis: Authentication of identities with TLS certificates. In TrustCom/ISPA/IUCC, pages 1553-1558. IEEE Computer Society.

Professional Service

Conference Committees

ACM SAC (Security track): 2021 (co-chair), 2020 (co-chair), 2019 (co-chair), 2018, 2017, 2016
Workshop on Socio-Technical Aspects in Security and Trust (STAST): 2024, 2022, 2021, 2020, 2019, 2018

International Joint Conference on Electronic Voting (E-VOTE ID):

2024

2023

2022

2021

2020

Invited reviews

Journal referee: Elsevier's Computers & Security (2016-2024); Journal of Logical and Algebraic Methods in Programming ( 2019); IEEE Transactions on Learning Technologies (2016); Springer's Formal Aspect of Computing (2016); IEEE Security & Privacy (2016); Springer's International Journal of Information Security (2014); IEEE Transactions on Parallel and Distributed Systems (2013).
Conference sub-reviewer: ESORICS (2013-2017); NordSec (2018, 2017); ISCC (2016); SAC (2012-2015); MFCS (2014).

I conceived the Øresund Security Day , a workshop that aims at increasing collaboration among research groups that focus on security in the Øresund area (i.e., Copenhagen + South of Sweden). The second edition of the event was held in Lund, Sweden. The third edition was held in Lyngby, Denmark

I organise the cybersecurity breakfast talk series at ITU. Feel free to drop me an email if you are (or plan to be) in Copenhagen and would like to give a talk.