Micro-Id-Gym: A Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory

IRIS

Identity Management (IdM) solutions are increasingly important for digital infrastructures of both enterprises and public administrations. Their security is a mandatory pre-requisite for building trust in current and future digital ecosystems. Unfortunately, not only their secure deployment but even their usage are non-trivial activities that require a good level of security awareness. In order to test whether known exploits can be reproduced in different environments, better understand their effects and facilitate the discovery of new vulnerabilities, we need to have a reliable testbed. For this, we present Micro-Id-Gym which abstractly supports two main activities: the creation of sandboxes with an IdM protocol deployment and the pentesting of IdM protocol deployments in the wild or in the laboratory (on the created sandboxes).

Micro-Id-Gym: A Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory / Bisegna, A.; Carbone, R.; Pellizzari, G.; Ranise, S.. - 12515:(2020), pp. 71-89. (Intervento presentato al convegno 3rd International Workshop on Emerging Technologies for Authorization and Authentication, ETAA 2020 tenutosi a gbr nel 2020) [10.1007/978-3-030-64455-0_5].

Micro-Id-Gym: A Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory

Bisegna A.;Carbone R.;Pellizzari G.;Ranise S.

2020-01-01

Abstract

Identity Management (IdM) solutions are increasingly important for digital infrastructures of both enterprises and public administrations. Their security is a mandatory pre-requisite for building trust in current and future digital ecosystems. Unfortunately, not only their secure deployment but even their usage are non-trivial activities that require a good level of security awareness. In order to test whether known exploits can be reproduced in different environments, better understand their effects and facilitate the discovery of new vulnerabilities, we need to have a reliable testbed. For this, we present Micro-Id-Gym which abstractly supports two main activities: the creation of sandboxes with an IdM protocol deployment and the pentesting of IdM protocol deployments in the wild or in the laboratory (on the created sandboxes).

Scheda breve

Scheda completa

Scheda completa (DC)

	Anno di pubblicazione (Date of publication)
	
			2020
		
	Titolo del volume (Proceedings title)
	
			Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
		
	Luogo di edizione (Place of publication)
	
			Germany
		
	Casa editrice (Publisher)
	
			Springer Science and Business Media Deutschland GmbH
		
	ISBN
	
			978-3-030-64454-3
978-3-030-64455-0
		
	Codice Scopus (Scopus Identifier)
	
			2-s2.0-85097847200
		
	Tutti gli autori
	
			Bisegna, A.; Carbone, R.; Pellizzari, G.; Ranise, S.
		
	Citazione
	
			Micro-Id-Gym: A Flexible Tool for Pentesting Identity Management Protocols in the Wild and in the Laboratory / Bisegna, A.; Carbone, R.; Pellizzari, G.; Ranise, S.. - 12515:(2020), pp. 71-89. (Intervento presentato al  convegno 3rd International Workshop on Emerging Technologies for Authorization and Authentication, ETAA 2020 tenutosi a gbr nel 2020) [10.1007/978-3-030-64455-0_5].
		
	Appare nelle tipologie:
	
			04.1 Saggio in atti di convegno (Paper in Proceedings)

File in questo prodotto:

Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11572/333290

Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni

ND

2

ND

social impact