forked from stfbk/stfbk.github.io
-
Notifications
You must be signed in to change notification settings - Fork 0
/
tools.yml
74 lines (61 loc) · 4.44 KB
/
tools.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
- id: ALCC
name: Automated Legal Compliance Checking
description: A tool for automated analysis of security policies in IT designs against the EU DPD regulation.
urlDocumentation: https://sites.google.com/view/eu-dpd-gdpr-compliance/home
- id: ASASP
name: "ASASP: Automated Symbolic Analysis of Security Policies"
description: A tool for the automated safety analysis of administrative access control policies in (extensions of) the Role-Based Access Control (RBAC) model.
urlDocumentation: /tools/ASASP
- id: CPR
name: "CPR: Content-based Information Protection and Release"
description: A tool for the analysis and enforcement of access control policies in NATO operations.
urlDocumentation: /tools/CPR
- id: CryptoAC
name: CryptoAC
description: To facilitate the adoption of cloud by organizations, cryptographic access control is the obvious solution to control data sharing among users while preventing partially trusted cloud service providers to access sensitive data. In this context, CryptoAC implements a state of the art role-based cryptographic access control scheme; CryptoAC comes with an easy deployment process, it supports 81 different architectures and it is cloud-independent, i.e., it can be seamlessly deployed in all major cloud service providers.
urlCode: https://github.com/stfbk/CryptoAC
urlDocumentation: /tools/CryptoAC
- id: Micro-Id-Gym
name: Micro-Id-Gym
description: A framework where users can develop hands-on experiences on how IdM solutions work and increase their awareness related to the underlying security issues.
urlCode: https://github.com/stfbk/micro-id-gym/
urlDocumentation: /tools/Micro-Id-Gym
- id: mIDAssistant
name: mIDAssistant
description: An Android Studio plugin that guides native mobile app developers with secure integration of Single Sign-On and Access Delegation solutions within their apps.
urlDocumentation: https://sites.google.com/fbk.eu/midassistant/home
urlCode: https://github.com/stfbk/mIDAssistant
- id: mIDAssistant_iGov
name: mIDAssistant_iGov
description: An Android Studio plugin that guides native mobile app developers with secure integration of OpenID Connect iGov profile (OpenID Connect iGov) solutions within their apps.
urlCode: https://github.com/stfbk/mIDAssistant_iGov
- id: MQTTSA
name: MQTT Security Assistant (MQTTSA)
description: A tool designed to increase the security awareness of IoT developers by automatically assessing misconfigurations in MQTT-based environments and by providing a report of potential vulnerabilities and mitigation measures at a different level of details - from natural language descriptions to code snippets that can be cut-and-paste in actual deployments.
urlCode: https://github.com/stfbk/mqttsa
urlDocumentation: https://sites.google.com/fbk.eu/mqttsa
- id: MuFASA
name: MuFASA
description: A tool for high-level specification and analysis of MFA protocols, which aims at supporting normal users and security experts (in the design phase of an MFA protocol), providing a high level report regarding possible risks associated to the specified MFA protocol, its resistance to a set of attacker models (defined by NIST), its ease-of-use and its compliance with a set of security requirements derived from European laws.
urlDocumentation: /tools/MuFASA
- id: SATMC
name: SATMC
description: SAT-based Model-Checker for Security Protocols and Security-sensitive Applications.
urlDocumentation: /tools/SATMC
- id: SecSES
name: SecSES
description: A tool providing a flexible access control mechanism for APIs.
urlDocumentation: /tools/SecSES
- id: SecurePG
name: SecurePG
description: "A Java-based tool that allows policy administrators to generate, verify and enforce abstract Access Control (AC) policies in two of the most widely used Cloud Service Providers: Amazon AWS and OpenStack."
urlDocumentation: https://sites.google.com/view/securepg/home
- id: STIATE
name: STIATE Toolkit
description: Supports development teams toward security assessment of their under-development applications focusing on subtle security logic flaws that may go undetected by using current industrial technology.
urlDocumentation: /tools/STIATE
- id: TLSAssistant
name: TLSAssistant
description: A fully-featured tool that combines state-of-the-art TLS analyzers with a report system that suggests appropriate mitigations and shows the full set of viable attacks.
urlCode: https://github.com/stfbk/tlsassistant
urlDocumentation: /tools/TLSAssistant