Publications

Books

• Nicola Zannone. Security Agent-Oriented Requirements Engineering: the SI* Modeling Language and the Secure Tropos Methodology. VDM. 2009.

Edited Books

• Ulfar Erlingsson, Roel Wieringa, and Nicola Zannone, editors. Engineering Secure Software and Systems. Third International Symposium, ESSoS 2011, Madrid, Spain, February 9-10, 2011, Proceedings, LNCS 6542. Springer, 2011.
• Fabio Massacci, Dan Wallach, and Nicola Zannone, editors. Engineering Secure Software and Systems. Second International Symposium, ESSoS 2010, Pisa, Italy, February 2010, Proceedings, LNCS 5965. Springer, 2010.
• Fabio Massacci, Samuel Redwine, and Nicola Zannone, editors. Engineering Secure Software and Systems, First International Symposium, ESSoS 2009, Leuven, Belgium, February 4-6, 2009, Proceedings, LNCS 5429, Springer. 2009.

Book Chapters

• Laura Genga, Domenico Potena, Andrea Chiorrini, Claudia Diamantini, and Nicola Zannone. A Latitudinal Study on the Use of Sequential and Concurrency Patterns in Deviance Mining. In: Complex Pattern Mining - New Challenges, Methods and Applications. Vol. 880. Studies in Computational Intelligence. Springer International Publishing, 2020, pp. 103-119. [Pdf]
• D. Trivellato, S. Etalle, E. Luit, and N. Zannone. The POLIPO Security Framework. In Situation Awareness with Systems of Systems. Springer, 2013. [Abstract] [Pdf]
• F. Massacci and N. Zannone. Detecting Conflicts between Functional and Security Requirements with Secure Tropos: John Rusnak and the Allied Irish Bank. In Social Modeling for Requirements Engineering. MIT Press, 2010. [Abstract] [Pdf]
• F. Massacci, J. Mylopoulos, and N. Zannone. Security Requirements Engineering: the SI* Modeling Language and the Secure Tropos Methodology In Advances in Information and Intelligent Systems, SCI 265, pages 147-174. Springer-Verlag GmbH, 2010. [Abstract] [Pdf]
• F. Massacci, J. Mylopoulos, and N. Zannone. An Ontology for Secure Socio-Technical Systems. In Handbook of Ontologies for Business Interaction, pages 188-207. Idea Group, 2007. [Abstract] [Pdf]
• P. Giorgini, H. Mouratidis, and N. Zannone. Modelling Security and Trust with Secure Tropos. In Integrating Security and Software Engineering: Advances and Future Vision, pages 160-189. Idea Group, 2006. [Abstract] [Pdf]
• P. Giorgini, F. Massacci, and N. Zannone. Security and Trust Requirements Engineering. In Foundations of Security Analysis and Design III - Tutorial Lectures, LNCS 3655, pages 237-272. Springer-Verlag GmbH, 2005. [Abstract] [Pdf]

International Journals

• Luca Allodi, Tzouliano Chotza, Ekaterina Panina, and Nicola Zannone. On the Need for New Anti-phishing Measures Against Spear Phishing Attacks. IEEE Security Privacy 18.2 (2020), pp. 23-34. [Pdf]
• Federico Sinigaglia, Roberto Carbone, Gabriele Costa, and Nicola Zannone. A Survey on Multi-Factor Authentication for Online Banking in the Wild. Computers & Security 95 (2020), p. 101745. [Pdf]
• Sowmya Ravidas, Alexios Lekidis, Federica Paci, Nicola Zannone. Access control in Internet-of-Things: A survey. Journal of Network and Computer Applications, 144:79-101, 2019. [Pdf]
• Laura Genga, Anna Squicciarini, Nicola Zannone. Discovering Reliable Evidence of Data Misuse by Exploiting Rule Redundancy. Computers & Security, 2:6, 2019. [Pdf]
• Charles Morisset, Tim A. C. Willemse, and Nicola Zannone. A framework for the extended evaluation of ABAC policies. Cybersecurity, 2:6, 2019. [Pdf]
• Van Huynh Le and Jerry den Hartog and Nicola Zannone. Security and privacy for innovative automotive applications: A survey. Computer Communications, 132:17-41, 2018. [Pdf]
• L. Genga and M. Alizadeh and D. Potena and C. Diamantini and N. Zannone. Discovering anomalous frequent patterns from partially ordered event logs. Journal of Intelligent Information Systems, 73:172-193, 2018. [Pdf]
• Mahdi Alizadeh, Xixi Lu, Dirk Fahland, Nicola Zannone, Wil M.P. van der Aalst. Linking data and process perspectives for conformance analysis. Computers & Security, 73:172-193, 2018. [Pdf]
• Federica Paci, Anna Squicciarini, and Nicola Zannone. Survey on Access Control for Community-Centered Collaborative Systems. ACM Computing Surveys, 2017. [Pdf]
• F. Turkmen, J. den Hartog, S. Ranise, N. Zannone. Formal analysis of XACML policies using SMT. Computers & Security, 2017. [Pdf]
• S. Vavilis, M. Petkovic, N. Zannone. A Severity-based Quantification of Data Leakages in Database Systems. Journal of Computer Security, 2016. [Pdf]
• B. Skoric, S. de Hoogh, N. Zannone. Flow-based Reputation with Uncertainty: Evidence-Based Subjective Logic. International Journal of Information Security, 2015. [Pdf]
• S. Vavilis, A. Egner, M. Petkovic, N. Zannone. An anomaly analysis framework for database systems. Computers & Security, 53: 156-173, 2015. [Pdf]
• S. P. Kaluvuri and A. I. Egner and J. den Hartog, N. Zannone. SAFAX -- an extensible authorization service for cloud environments. Frontiers in ICT, 2(9), 2015. [Pdf]
• S. Etalle and N. Zannone. Understanding computer security. Frontiers in ICT, 1(3), 2014. [Pdf]
• M. Veeningen, B. de Weger, and N. Zannone. Data minimisation in communication protocols: a formal analysis framework and application to identity management. International Journal of Information Security, 2014. [Pdf]
• D. El Kateb, N. Zannone, A. Moawad, P. Caire, G. Nain, T. Mouelhi, and Y. Le Traon. Conviviality-driven access control policy. Requirements Engineering, 2014. [Pdf]
• S. Vavilis, M. Petkovic, and N. Zannone. A reference model for reputation systems. Decision Support Systems, 61:147-154, 2014. [Pdf]
• D. Trivellato, N. Zannone, and S. Etalle. GEM: a Distributed Goal Evaluation Algorithm for Trust Management. Theory and Practice of Logic Programming, 2014. [Abstract] [Pdf]
• E. Costante, F. Paci, and N. Zannone. Privacy-Aware Web Service Composition and Ranking. International Journal of Web Services Research, 2013. [Pdf]
• A. Adriansyah, B. van Dongen, and N. Zannone. Privacy Analysis of User Behavior Using Alignments. Information Technology, 55(6): 255-2602, 2013. [Pdf]
• D. Trivellato, N. Zannone, M. Glaundrup, J. Skowronek, S. Etalle. A Semantic Security Framework for Systems of Systems. Int. J. Cooperative Inf. Syst. 22(1), 2013. [Pdf]
• S. Gurses, M. Segurun, and N. Zannone. Requirements engineering within a large-scale security-oriented research project: lessons learned. Requirements Engineering, 2013. [Abstract] [Pdf]
• A. Simone, B. Skoric, amd N. Zannone. Flow-based reputation: more than just ranking. International Journal of Information Technology & Decision Making, 11(3):551-578, 2012. [Abstract] [Pdf]
• Y. Asnar, F. Massacci, A. Saidane, C. Riccucci, M. Felici, A. Tedeschi, P. El Khoury, K. Li, M. Segurun, and N. Zannone. Organizational Patterns for Security and Dependability: from design to application. International Journal of Secure Software Engineering, 2011. [Abstract] [Pdf]
• K. Bohm, S. Etalle, J. den Hartog, C. Hutter, S. Trabelsi, D. Trivellato, and N. Zannone. A Flexible Architecture for Privacy-Aware Trust Management. Journal of Theoretical and Applied Electronic Commerce Research, 2010. [Abstract] [Pdf]
• M. Montali, P. Torroni, N. Zannone, P. Mello, and V. Bryl. Engineering and Verifying Agent-Oriented Requirements augmented by Business Constraints with B-Tropos. Autonomous Agents and Multi-Agent Systems, 2010. [Abstract] [Pdf]
• G. Elahi, E. Yu, and N. Zannone. A Vulnerability-Centric Requirements Engineering Framework: Analyzing Security Attacks, Countermeasures, and Requirements Based on Vulnerabilities. Requirements Engineering, 15(1):41-62, 2010. [Abstract] [Pdf]
• L. Compagna, P. El Khoury, A. Krausova, F. Massacci, and N. Zannone. How to Integrate Legal Requirements into A Requirements Engineering Methodology for the Development of Security and Privacy Patterns. Artificial Intelligence and Law, 17(1):1-30. 2009. [Abstract] [Pdf]
• P. Guarda and N. Zannone. Towards the Development of Privacy-Aware Systems. Information and Software Technology. 51(2):337-350. 2009. [Abstract] [Pdf]
• Y. Asnar, P. Giorgini, P. Ciancarini, R. Moretti, M. Sebastianis, and N. Zannone. An Evaluation of Business Solutions in Manufacturing Enterprises. International Journal of Business Intelligence and Data Mining, 3(3):305-329. 2008. [Abstract] [Pdf]
• N. Kiyavitskaya and N. Zannone. Requirements Model Generation to Support Requirements Elicitation: The Secure Tropos Experience. Automated Software Engineering, 15(2):149-173. 2008. [Abstract] [Pdf]
• N. Zannone. The SI* Modeling Framework: Metamodel and Applications. International Journal of Software Engineering and Knowledge Engineering. 2008. [Abstract] [Pdf]
• F. Massacci, J. Mylopoulos, and N. Zannone. Computer-Aided Support for Secure Tropos. Automated Software Engineering, 14(3):341-364. 2007. [Abstract] [Pdf]
• F. Massacci, J. Mylopoulos, and N. Zannone. From Hippocratic Databases to Secure Tropos: a Computer-Aided Re-Engineering Approach. International Journal of Software Engineering and Knowledge Engineering, 17(2):265-284. 2007. [Abstract] [Pdf]
• P. Giorgini, F. Massacci, J. Mylopoulos, and N. Zannone. Requirements Engineering for Trust Management: Model, Methodology, and Reasoning. International Journal of Information Security, 5(4):257-274, 2006. [Abstract] [Pdf]
• F. Massacci, J. Mylopoulos, and N. Zannone. Hierarchical Hippocratic Databases with Minimal Disclosure for Virtual Organizations. The VLDB Journal, 15(4):370-387, 2006. [Abstract] [Pdf]
• F. Massacci, M. Prest, and N. Zannone. Using a Security Requirements Engineering Methodology in Practice: the compliance with the Italian Data Protection Legislation. Computer Standards & Interfaces, 27(5):445-455, 2005. [Abstract] [Pdf]

International Conferences and Workshops

• Mina Sheikhalishahi, Gamze Tillem, Zekeriya Erkin, Nicola Zannone. Privacy-Preserving Multi-Party Access Control. In Proceedings of 18th Workshop on Privacy in the Electronic Society (WPES 2019). 2019. [Pdf]
• Sowmya Ravidas, Priyanka Karkhanis, Yanja Dajsuren, Nicola Zannone. An Authorization Framework for Cooperative Intelligent Transport Systems. In Proceedings of 2nd International Workshop on Emerging Technologies for Authorization and Authentication (ETAA 2019). 2019. [Pdf]
• Laura Genga, Luca Allodi, Nicola Zannone. Unveiling Systematic Biases in Decisional Processes: An Application to Discrimination Discovery. In Proceedings of 14th ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2019). ACM, 2019. [Pdf]
• Laura Genga, Chiara Di Francescomarino, Chiara Ghidini, Nicola Zannone. Predicting critical behaviors in business process executions: when evidence counts. In Business Process Management Forum - {BPM} Forum 2019. Springer, 2019. [Pdf]
• Neda Nasiriani, Anna Squicciarini, Zara Saldanha, Sanchit Goel, Nicola Zannone. Hierarchical Clustering for Discrimination Discovery: A Top-Down Approach. In Proceedings of IEEE International Conference on Artificial Intelligence and Knowledge Engineering (IEEE AIKE 2019). IEEE, 2019. [Pdf]
• Clara Bertolissi, Jerry den Hartog, Nicola Zannone. Using Provenance for Secure Data Fusion in Cooperative Systems. In Proceedings of the 24th ACM Symposium on Access Control Models and Technologies (SACMAT 2019). ACM, 2019. [Pdf]
• Laura Genga, Niek Tax, Nicola Zannone. Mining Local Process Models and Their Correlations. In Data-Driven Process Discovery and Analysis. Springer, 2019. [Pdf]
• Laura Genga and Nicola Zannone. Towards a Systematic Process-aware Behavioral Analysis for Security. In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications (ICETE 2018). SciTePress, 2018. [Pdf]
• Van Huynh Le and Jerry den Hartog and Nicola Zannone. Feature Selection for Anomaly Detection in Vehicular Ad Hoc Networks. In Proceedings of the 15th International Joint Conference on e-Business and Telecommunications (ICETE 2018). SciTePress, 2018. [Pdf]
• Luciano Argento, Andrea Margheri, Federica Paci, Vladimiro Sassone and Nicola Zannone. Towards Adaptive Access Control. In Proceedings of the 30th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2018). Springer, 2018. [Pdf]
• Anna Cinzia Squicciarini and Sarah Michele Rajtmajer and Nicola Zannone. Multi-Party Access Control: Requirements, State of the Art and Open Challenges. In Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018). ACM, 2018. [Pdf]
• Charles Morisset, Tim A. C. Willemse, and Nicola Zannone. Efficient Extended ABAC Evaluation. In Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018). ACM, 2018. [Pdf]
• Tahir Ahmad and Umberto Morelli and Silvio Ranise and Nicola Zannone. A Lazy Approach to Access Control as a Service (ACaaS) for IoT: An AWS Case Study. In Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies (SACMAT 2018). ACM, 2018. [Pdf]
• Mattia Salnitri and Mahdi Alizadeh and Daniele Giovanella and Nicola Zannone and Paolo Giorgini. From Security-by-Design to the Identification of Security-Critical Deviations in Process Executions. In Information Systems in the Big Data Era - CAiSE Forum 2018, Proceedings. Springer, 2018. [Pdf]
• Mahdi Alizadeh and Sander Peters and Sandro Etalle and Nicola Zannone. Behavior Analysis in the Medical Sector: Theory and Practice. In Proceedings of the 33rd ACM/SIGAPP Symposium on Applied Computing (SAC 2018). ACM, 2018. [Pdf]
• Tho Le and Roland van Rijswijk-Deij and Luca Allodi and Nicola Zannone. Economic Incentives on DNSSEC Deployment: Time to Move from Quantity to Quality. In Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS 2018). IEEE, 2018. [Pdf]
• Niek Tax, Laura Genga, and Nicola Zannone. On the Use of Hierarchical Subtrace Mining for Efficient Local Process Model Mining. In Proceedings of the 7th International Symposium on Data-driven Process Discovery and Analysis (SIMPDA 2017), CEURWorkshop Proceedings. CEUR-WS.org, 2017. [Pdf]
• L. Genga, M. Alizadeh, D. Potena, C. Diamantini, N. Zannone. APD tool: Mining Anomalous Patterns from Event Logs. In Proceedings of the BPM Demo Session. CEUR-WS.org, 2017. [Pdf]
• J. den Hartog and N. Zannone. Collaborative Access Decisions: Why has my decision not been enforced? In Proceedings of the 12th International Conference on Information Systems Security (ICISS 2016), 2016. [Pdf]
• L. Genga, D. Potena, O. Martino, M. Alizadeh, C. Diamantini, N. Zannone. Subgraph Mining for Anomalous Pattern Discovery in Event Logs. In Proceedings of the 5th International Workshop on New Frontiers in Mining Complex Patterns (NFmcp 2016), 2016. [Pdf]
• S. Vavilis, A. Egner, M. Petkovic and N. Zannone. Role Mining with Missing Values. In Proceedings of International Conference on Availability, Reliability and Security(ARES 2016), 2016. [Pdf]
• R. Mahmudlu, J. den Hartog and N. Zannone. Data Governance & Transparency for Collaborative Systems. In Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2016), 2016. Springer. [Pdf]
• E. Costante, D. Fauri, S. Etalle, J. den Hartog, and N. Zannone. A Hybrid Framework for Data Loss Prevention and Detection. In Proceedings of the Workshop on Research for Insider Threats (WRIT 2016), 2016. IEEE. [Pdf]
• J. den Hartog and N. Zannone. A Policy Framework for Data Fusion and Derived Data Control. In Proceedings of the 1st ACM International Workshop on Attribute Based Access Control, 2016. ACM. [Pdf]
• A. I. Egner, D. Luu, J. den Hartog, and N. Zannone. An Authorization Service for Collaborative Situation Awareness. In Proceedings of the 6th ACM Conferenceon Data and Application Security and Privacy (CODASPY 2016), 2016. ACM Press. [Pdf]
• Mahdi Alizadeh and Nicola Zannone. Risk-based Analysis of Business Process Executions. In Proceedings of the 6th ACM Conference on Data and Application Security and Privacy (CODASPY 2016), 2016. ACM Press. [Pdf]
• M. Alizadeh, M. de Leoni, N. Zannone. Constructing Probable Explanations of Nonconformity: A Data-aware and History-based Approach. In Proceedings of the IEEE Symposium on Computational Intelligence and Data Mining (IEEE CIDM'15), 2015. IEEE Computer Society Press. [Pdf]
• M. Alizadeh, M. de Leoni, N. Zannone. History-based Construction of Alignments for Conformance Checking: Formalization and Implementation. In Proceedings of the 4th International Symposium on Data-driven Process Discovery and Analysis (SIMPDA 2014), Revised Selected Papers, Lecture Notes in Business Information Processing. 2014. Springer-Verlag GmbH. [Pdf]
• J. Crampton, C. Morisset, N. Zannone. On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval. In Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (SACMAT 2015), 2015. ACM. [Pdf]
• F. Paci, N. Zannone. Preventing Information Inference in Access Control. In Proceedings of the 20th ACM Symposium on Access Control Models and Technologies (SACMAT 2015), 2015. ACM. [Pdf]
• B. Skoric, S. de Hoogh, N. Zannone. Evidence-based discounting rule in Subjective Logic (extended abstract) In Proceedings of 36th WIC Symposium on Information Theory in the Benelux, 2015. [Pdf]
• M. Feiri, R. Pielage, J. Petit, N. Zannone, F. Kargl. Pre-distribution of certificates for pseudonymous broadcast authentication in VANET. In Proceedings of the IEEE 81st Vehicular Technology Conference (VTC2015-Spring), 2015. [Pdf]
• J. Crampton, C. Morisset, N. Zannone Access Control with Non-deterministic and Probabilistic Attribute Retrieval. In Proceedings of the 3rd Hot Issues in Security Principles and Trust (HotSpot 2015), 2015. [Pdf]
• U. S. Mian, J. den Hartog, S. Etalle, N. Zannone Auditing with incomplete logs. In Proceedings of the 3rd Hot Issues in Security Principles and Trust (HotSpot 2015), 2015. [Pdf]
• F. Turkmen, J. den Hartog, S. Ranise, N. Zannone Analysis of XACML Policies with SMT. In Proceedings of the 4th Conference on Principles of Security and Trust (POST 2015), 2015. [Pdf]
• M. Alizadeh, M. de Leoni, and N. Zannone. History-based Construction of Log-Process Alignments for Conformance Checking: Discovering What Really Went Wrong. In Proceedings of the 4th International Symposium on Data-driven Process Discovery and Analysis (SIMPDA 2014), 2014. [Pdf]
• C. Morisset and N. Zannone. Reduction of Access Control Decisions. In Proceedings of the 19th ACM Symposium on Access Control Models and Technologies (SACMAT 2014), 2014. ACM Press. [Pdf]
• S. Vavilis, M. Petkovic, and N. Zannone. Data Leakage Quantification. In Proceedings of the 28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2014), 2014. Springer. [Pdf]
• S. Damen, J. den Hartog, and N. Zannone. CollAC: Collaborative Access Control. In Proceedings of the 2014 International Conference on Collaboration Technologies and Systems (CTS 2014), 2014. IEEE. [Pdf]
• F. Turkmen, J. den Hartog, and N. Zannone. POSTER: Analyzing Access Control Policies with SMT. In Proceedings of the 21st ACM Conference on Computer and Communications Security (CCS 2014), 2014. ACM. [Pdf]
• A. Adriansyah, B. van Dongen, and N. Zannone. Controlling Break-The-Glass Through Alignment. In Proceedings of the 5th ASE/IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT 2013), 2013. [Pdf]
• M. Veeningen, M. Bruso J. den Hartog, and N. Zannone. TRIPLEX: Verifying Data Minimisation in Communication Systems. In Proceedings of the 20th ACM Conference on Computer and Communications Security (CCS 2013), ACM Press. 2013. [Pdf]
• M. Veeningen, A. Piepoli, and N. Zannone. Are On-Line Personae Really Unlinkable? In Proceedings of the 8th DPM International Workshop on Data Privacy Management (DPM 2013), 2013. [Pdf]
• S. Damen and N. Zannone. Privacy Implications of Privacy Settings and Tagging in Facebook. In Proceedings of the 10th VLDB Workshop on Secure Data Management (SDM 2013), 2013. [Pdf]
• E. Costante, S. Vavilis, S. Etalle, M. Petkovic and N. Zannone. Database Anomalous Activities: Detection and Quantification. In Proceedings of the 10th International Conference on Security and Cryptography (SECRYPT 2013), SciTePress. 2013. [Abstract] [Pdf]
• E. Costante, F. Paci, and N. Zannone. Privacy-Aware Web Service Composition and Ranking. In Proceedings of the 20th International Conference on Web Services (ICWS 2013), IEEE. 2013. [Abstract] [Pdf]
• S. Vavilis, M. Petkovic, and N. Zannone. Data Reliability in Home Healthcare Services. In Proceedings of the 26th International Symposium on Computer-Based Medical Systems (CBMS'13), IEEE. 2013. [Abstract] [Pdf]
• M. Veeningen, B. de Weger, and N. Zannone. Symbolic Privacy Analysis through Linkability and Detectability. In Proceedings of the 7th International IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2013), Springer. 2012. [Abstract] [Pdf]
• M. Egea, F. Paci, M. Petrocchi, and N. Zannone. PERSONA: A Personalized Data Protection Framework. In Proceedings of the 7th International IFIP WG 11.11 International Conference on Trust Management (IFIPTM 2013), Springer. 2012. [Abstract] [Pdf]
• S. Etalle, T. L. Hinrichs, A. J. Lee, D. Trivellato, and N. Zannone. Policy Administration in Tag-Based Authorization. In Proceedings of the 5th International Symposium on Foundations & Practice of Security (FPS 2012), 2012. [Abstract] [Pdf]
• M. Veeningen, B. de Weger, and N. Zannone. Formal Modelling of (De)Pseudonymisation: A Case Study in Health Care Privacy. In Proceedings of the 8th International Workshop on Security and Trust Management (STM'12), Springer. 2012. [Abstract] [Pdf]
• S. Banescu, M. Petkovic, and N. Zannone. Measuring Privacy Compliance using Fitness Metrics. In Proceedings of the 10th International Conference on Business Process Management (BPM'12), 2012. [Abstract] [Pdf]
• M. Asim, T. Ignatenko, M. Petkovic, D. Trivellato and N. Zannone. Enforcing Access Control in Virtual Organizations Using Hierarchical Attribute-Based Encryption. In Proceedings of the 7th International Conference on Availability, Reliability and Security (ARES'12), 2012. [Abstract] [Pdf]
• S. Vavilis, M. Petkovic, and N. Zannone. Impact of ICT on Home Healthcare. In Proceedings of the 10th IFIP Human Choice and Computers International Conference (HCC 2012), Springer. 2012. [Abstract] [Pdf]
• M. Veeningen, B. de Weger, and N. Zannone. Privacy Analysis of Communication Protocols for Identity Management. In Proceedings of the 7th International Conference on Information Systems Security (ICISS 2011), Springer. 2011. [Abstract] [Pdf]
• S. Banescu and N. Zannone. Measuring Privacy Compliance with Process Specifications. In Proceedings of the 7th International Workshop on Security Measurements and Metrics (MetriSec'11), IEEE Computer Society Press. 2011. [Abstract] [Pdf]
• G. Elahi, E. Yu, and N. Zannone. Security Risk Management by Qualitative Vulnerability Analysis. In Proceedings of the 7th International Workshop on Security Measurements and Metrics (MetriSec'11), IEEE Computer Society Press. 2011. [Abstract] [Pdf]
• M. Petkovic, D. Prandi, and N. Zannone. Purpose Control: did you process the data for the intended purpose? In Proceedings of the 8th VLDB Workshop on Secure Data Management (SDM'11), Springer. 2011. [Abstract] [Pdf]
• D. Trivellato, N. Zannone, and S. Etalle. A Security Framework for Systems of Systems. In Proceedings of the IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY'11), IEEE Computer Society Press. 2011. [Pdf]
• M. Veeningen, B. de Weger, and N. Zannone. Modeling identity-related properties and their privacy strength. In Proceedings of the 7th International Workshop on Formal Aspects of Security & Trust (FAST'10), 2010. [Abstract] [Pdf]
• N. Zannone, M. Petkovic, and S. Etalle. Towards data protection compliance. In Proceedings of the International Conference on Security and Cryptography (SECRYPT'10), 2010. [Abstract] [Pdf]
• G. Elahi, E. Yu, and N. Zannone. A Modeling Ontology for Integrating Vulnerabilities into Security Requirements Conceptual Foundations. In Proceedings of the 28th International Conference on Conceptual Modeling (ER 2009), LNCS 5829, pages 99-114. Springer, 2009. [Abstract] [Pdf]
• D. Trivellato, F. Spiessens, N. Zannone, and S. Etalle. Reputation-Based Ontology Alignment for Autonomy and Interoperability in Distributed Access Control. In Proceedings of the 12th IEEE International Conference on Computational Science and Engineering (CSE'09), pages 252-258. IEEE Computer Society Press, 2009. [Abstract] [Pdf]
• D. Trivellato, F. Spiessens, N. Zannone, and S. Etalle. POLIPO: Policies & OntoLogies for Interoperability, Portability, and autOnomy. In Proceedings of the IEEE International Symposium on Policies for Distributed Systems and Networks (POLICY'09), pages 110-113. IEEE Computer Society Press, 2009. [Abstract] [Pdf]
• J. Cabot and N. Zannone. Towards an Integrated Framework for Model-driven Security Engineering. In Proceedings of the 1st Modeling Security Workshop (MODSEC'08), 2008. [Abstract] [Pdf]
• F. Massacci and N. Zannone. A Model-Driven Approach for the Specification and Analysis of Access Control Policies. In Proceedings of the 3rd International Symposium on Information Security (IS'08), LNCS 5332, pages 1087-1103. Springer, 2008. [Abstract] [Pdf]
• Y. Asnar and N. Zannone. Perceived Risk Assessment. In Proceedings of the 4th Workshop on Quality of Protection (QoP'08), pages 59-64. ACM Press, 2008. [Abstract] [Pdf]
• N. Kiyavitskaya, A. Krausova, and N. Zannone. Why Eliciting and Managing Legal Requirements Is Hard. In Proceedings of the 1st International Workshop on Requirements Engineering and Law (RELAW'08), pages 26-30. IEEE Computer Society Press, 2008. [Abstract] [Pdf]
• P. Busnel, P. El Khoury, K. Li, A. Saidane, and N. Zannone. S&D Pattern Deployment at Organizational Level: A Prototype for Remote Healthcare System. In Proceedings of the 4th International Workshop on Security and Trust Management (STM'08), 2008. [Abstract] [Pdf]
• D. Prandi, P. Quaglia, and N. Zannone. Formal analysis of BPMN via a translation into COWS. In Proceedings of the 10th International Conference on Coordination Models and Languages (Coordination'08), LNCS 5052, pages 249-263. Springer, 2008. [Abstract] [Pdf]
• Y. Asnar, R. Moretti, M. Sebastianis, and N. Zannone. Risk as Dependability Metrics for the Evaluation of Business Solutions: A Model-driven Approach. In Proceedings of the 3rd International Workshop on Dependability Aspects on Data WArehousing and Mining applications (DAWAM'08), pages 1240-1248. IEEE Computer Society Press, 2008. [Abstract] [Pdf]
• H. A. Lopez, F. Massacci, and N. Zannone. Goal-Equivalent Secure Business Process Re-engineering for E-Health. In Proceedings of the 1st International Workshop on Model-Based Trustworthy Health Information Systems (MOTHIS'07), 2007. [Abstract] [Pdf]
• H. A. Lopez, F. Massacci, and N. Zannone. Goal-Equivalent Secure Business Process Re-engineering. In Proceedings of the 2nd International Workshop on Business Oriented Aspects concerning Semantics and Methodologies in Service-oriented Computing (SeMSoC'07), 2007. [Abstract] [Pdf]
• V. Bryl, P. Mello, M. Montali, P. Torroni, and N. Zannone. B-Tropos: Agent-oriented requirements engineering meets computational logic for declarative business process modeling and verification. In Proceedings of the 8th Workshop on Computational Logic in Multi-Agent Systems (CLIMA-VIII), 2007. [Abstract] [Pdf]
• P. Guarda, F. Massacci, and N. Zannone. E-Government and On-line Services: Security and Legal Patterns. In Proceedings of the 1st International Conference on Methodologies, Technologies and Tools enabling e-Government (MeTTeG07), 2007. [Abstract] [Pdf]
• L. Compagna, P. El Khoury, F. Massacci, R. Thomas, and N. Zannone. How to capture, model, and verify the knowledge of legal, security, and privacy experts: a pattern-based approach. In Proceedings of the 11th International Conference on Artificial Intelligence and Law (ICAIL 2007), pages 149-154. ACM Press. 2007. [Abstract] [Pdf] [Slides]
• Y. Asnar, P. Giorgini, and N. Zannone. Reasoning about Risk in Agent's Deliberation Process: a Jadex Implementation. In Proceedings of the 8th International Workshop on Agent Oriented Software Engineering (AOSE'07), 2007. [Abstract] [Pdf]
• Y. Asnar, P. Giorgini, F. Massacci, and N. Zannone. From Trust to Dependability through Risk Analysis. In Proceedings of the Second International Conference on Availability, Reliability and Security (ARES'07), pages 19-26. IEEE Computer Society Press, 2007. [Abstract] [Pdf]
• F. Massacci, J. Mylopoulos and N. Zannone. A Privacy Model to Support Minimal Disclosure in Virtual Organizations. In Proceedings of the W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement, 2006. [Abstract] [Pdf]
• P. Giorgini, F. Massacci, J. Mylopoulos and N. Zannone. Detecting Conflicts of Interest. In Proceedings of the 14th IEEE International Requirements Engineering Conference (RE'06), pages 315-318. IEEE Computer Society Press, 2006. [Abstract] [Pdf] [Slides]
• V. Bryl, F. Massacci, J. Mylopoulos and N. Zannone. Designing Security Requirements Models through Planning. In Proceedings of the 4th International Workshop on AI for Service Composition, pages 28-35, 2006. [Abstract] [Pdf]
• N. Zannone, S. Jajodia, and D. Wijesekera. Creating Objects in the Flexible Authorization Framework. In Proceedings of the 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2006), LNCS 4127, pages 1-14, Springer-Verlag GmbH, 2006. [Abstract] [Pdf] [Slides]
• V. Bryl, F. Massacci, J. Mylopoulos and N. Zannone. Designing Security Requirements Models through Planning. In Proceedings of the 18th Conference on Advanced Information Systems Engineering (CAiSE'06), LNCS 4001, pages 33-47, Springer-Verlag GmbH, 2006. [Abstract] [Pdf] [Slides]
• N. Zannone, S. Jajodia, F. Massacci and D. Wijesekera. Maintaining Privacy on Derived Objects. In Proceedings of Workshop on Privacy in the Electronic Society (WPES'05), pages 10-19. ACM Press, 2005. [Abstract] [Pdf] [Slides]
• F. Massacci, J. Mylopoulos and N. Zannone. Minimal Disclosure in Hierarchical Hippocratic Databases with Delegation. In Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS 2005), LNCS 3679, pages 438-454, Springer-Verlag GmbH, 2005. [Abstract] [Pdf] [Slides]
• P. Giorgini, F. Massacci, J. Mylopoulos and N. Zannone. Modeling Security Requirements Through Ownership, Permission and Delegation. In Proceedings of the 13th IEEE International Requirements Engineering Conference (RE'05), pages 167-176. IEEE Computer Society Press, 2005. [Abstract] [Pdf]
• P. Giorgini, F. Massacci, J. Mylopoulos and N. Zannone. ST-Tool: A CASE Tool for Security Requirements Engineering. In Proceedings of the 13th IEEE International Requirements Engineering Conference (RE'05), pages 451-452. IEEE Computer Society Press, 2005. [Abstract] [Pdf] [Slides] [Poster] [DemoL,DemoM,DemoS]
• P. Giorgini, F. Massacci, J. Mylopoulos and N. Zannone. Modeling Social and Individual Trust in Requirements Engineering Methodologies. In Proceedings of the Third International Conference on Trust Management (iTrust 2005), LNCS 3477, pages 161-176. Springer-Verlag GmbH, 2005. [Abstract] [Pdf]
• P. Giorgini, F. Massacci, J. Mylopoulos, A. Siena and N. Zannone. ST-Tool: A CASE Tool for Modeling and Analyzing Trust Requirements. In Proceedings of the Third International Conference on Trust Management (iTrust 2005), LNCS 3477, pages 415-419. Springer-Verlag GmbH, 2005. [Abstract] [Pdf]
• P. Giorgini, F. Massacci, J. Mylopoulos and N. Zannone. Filling the gap between Requirements Engineering and Public Key/Trust Management Infrastructures. In Proceedings of the 1st European PKI Workshop: Research and Applications (1st EuroPKI), LNCS 3093, pages 98-111. Springer-Verlag GmbH, 2004. [Abstract] [Pdf] [Slides]
• F. Massacci and N. Zannone. Privacy is Linking Permission to Purpose. In Proceedings of the Twelfth International Workshop on Security Protocols, LNCS 3957, pages 179-191. Springer-Verlag GmbH, 2004. [Abstract] [Pdf] [Slides]
• P. Giorgini, F. Massacci, J. Mylopoulos and N. Zannone. Requirements Engineering meets Trust Management: Model, Methodology, and Reasoning. In Proceedings of the Second International Conference on Trust Management (iTrust 2004), LNCS 2995, pages 176-190. Springer-Verlag GmbH, 2004. [Abstract] [Pdf] [Slides]
• C. Bodei, P. Degano, C. Priami and N. Zannone. An Enhanced CFA for Security Policies. In Proceedings of the Workshop on Issues on the Theory of Security (WITS'03), pages 131-145, 2003. [Abstract] [PostScript]

National Conferences and Workshops

• V. Bryl, P. Mello, M. Montali, P. Torroni and N. Zannone. Extending Agent-oriented Requirements with Declarative Business Processes: a Computational Logic-based Approach. In Proceedings of the 22nd Convegno Italiano di Logica Computazionale (CILC'07), 2007. [Abstract] [Pdf]

Poster

• N. Zannone. A Methodology for Security Requirements Engineering. In Proceedings of 2K* symposium - 2005 edition, 2005. [Poster]

Others

• N. Zannone. A Requirements Engineering Methodology for Trust, Security, and Privacy. PhD Thesis. Department of Information and Communication Technology, University of Trento, March 2007. [Abstract]
• N. Zannone. Un'Analisi Simbolica per la Verifica di Protocolli di Autenticazione a Stati Infiniti. Master Thesis. Dipartimento di Informatica, Università di Verona, Marzo 2003. [Pdf]