{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,28]],"date-time":"2026-01-28T00:23:14Z","timestamp":1769559794839,"version":"3.49.0"},"publisher-location":"Cham","reference-count":29,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030697808","type":"print"},{"value":"9783030697815","type":"electronic"}],"license":[{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2021,1,1]],"date-time":"2021-01-01T00:00:00Z","timestamp":1609459200000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021]]},"DOI":"10.1007\/978-3-030-69781-5_2","type":"book-chapter","created":{"date-parts":[[2021,2,19]],"date-time":"2021-02-19T11:12:22Z","timestamp":1613733142000},"page":"16-30","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":2,"title":["TLSAssistant\u00a0Goes FINSEC A Security Platform Integration Extending Threat Intelligence Language"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-9645-6034","authenticated-orcid":false,"given":"Salvatore","family":"Manfredi","sequence":"first","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7269-9285","authenticated-orcid":false,"given":"Silvio","family":"Ranise","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0001-7567-4526","authenticated-orcid":false,"given":"Giada","family":"Sciarretta","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-3518-9400","authenticated-orcid":false,"given":"Alessandro","family":"Tomasi","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2021,2,18]]},"reference":[{"key":"2_CR1","unstructured":"Berlin Group: NextGenPSD2 Access to Account Interoperability Framework - Implementation Guidelines V1.3.4. https:\/\/www.berlin-group.org\/nextgenpsd2-downloads"},{"key":"2_CR2","unstructured":"B\u00f6ck, H., Somorovsky, J., Young, C.: Return of Bleichenbacher\u2019s oracle threat (ROBOT). In: 27th USENIX Security Symposium (USENIX Security 18), pp. 817\u2013849 (2018)"},{"key":"2_CR3","unstructured":"European Parliament: Directive (EU) 2015\/2366 of the European Parliament and of the Council on payment services in the internal market, amending Directives 2002\/65\/EC, 2009\/110\/EC and 2013\/36\/EU and Regulation (EU) No 1093\/2010, and repealing Directive 2007\/64\/EC. https:\/\/eur-lex.europa.eu\/legal-content\/EN\/TXT\/PDF\/?uri=CELEX:32015L2366&from=EN"},{"key":"2_CR4","doi-asserted-by":"publisher","unstructured":"Fahl, S., Harbach, M., Muders, T., Baumg\u00e4rtner, L., Freisleben, B., Smith, M.: Why eve and mallory love android: an analysis of android SSL (in)security. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 50\u201361 (2012). https:\/\/doi.org\/10.1145\/2382196.2382205","DOI":"10.1145\/2382196.2382205"},{"key":"2_CR5","unstructured":"FINSEC: Integrated Framework for Predictive and Collaborative Security of Financial Infrastructures. https:\/\/www.finsec-project.eu\/"},{"key":"2_CR6","unstructured":"FINSEC D2.5: FINSEC Reference Architecture II (October 2019). https:\/\/ec.europa.eu\/research\/participants\/documents\/downloadPublic?documentIds=080166e5ce3a941d&appId=PPGMS"},{"key":"2_CR7","unstructured":"FINSEC D3.9: Finance Sector Security Knowledge Base I (October 2019), https:\/\/ec.europa.eu\/research\/participants\/documents\/downloadPublic?documentIds=080166e5c8e14437&appId=PPGMS, due to be updated in Deliverable D3.10 in 2021"},{"key":"2_CR8","unstructured":"FINSEC D4.5: Risk Assessment Engine for Critical Infrastructures in the Financial Sector II (March 2020). https:\/\/ec.europa.eu\/research\/participants\/documents\/downloadPublic?documentIds=080166e5ccabbc21&appId=PPGMS, due to be updated in Deliverable D4.6 in 2021"},{"key":"2_CR9","unstructured":"IETF: The Transport Layer Security (TLS) Protocol: Version 1.3. https:\/\/tools.ietf.org\/pdf\/rfc8446.pdf"},{"key":"2_CR10","unstructured":"IMPERVA: Attacking SSL when using RC4. https:\/\/www.imperva.com\/docs\/HII_Attacking_SSL_when_using_RC4.pdf"},{"key":"2_CR11","unstructured":"Kario, H.: tlsfuzzer: SSL and TLS protocol test suite and fuzzer. https:\/\/github.com\/tomato42\/tlsfuzzer"},{"key":"2_CR12","unstructured":"Maddison, J.: Defining the security platform. https:\/\/www.csoonline.com\/article\/3527843\/defining-the-security-platform.html"},{"key":"2_CR13","doi-asserted-by":"publisher","unstructured":"Manfredi, S., Ranise, S., Sciarretta, G.: Lost in TLS? no more! assisted deployment of secure TLS configurations. In: 33th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec), pp. 201\u2013220 (2019). https:\/\/doi.org\/10.1007\/978-3-030-22479-0_11","DOI":"10.1007\/978-3-030-22479-0_11"},{"key":"2_CR14","unstructured":"MITRE: Common Vulnerabilities and Exposures. https:\/\/cve.mitre.org\/"},{"key":"2_CR15","unstructured":"Network Working Group: The TLS Protocol: Version 1.0. https:\/\/tools.ietf.org\/pdf\/rfc2246.pdf"},{"key":"2_CR16","unstructured":"Network Working Group: The Transport Layer Security (TLS) Protocol: Version 1.1. https:\/\/tools.ietf.org\/pdf\/rfc4346.pdf"},{"key":"2_CR17","unstructured":"Network Working Group: The Transport Layer Security (TLS) Protocol: Version 1.2. https:\/\/tools.ietf.org\/pdf\/rfc5246.pdf"},{"key":"2_CR18","unstructured":"OASIS Open: STIX - A structured language for cyber threat intelligence. https:\/\/oasis-open.github.io\/cti-documentation\/stix\/intro"},{"key":"2_CR19","unstructured":"OpenID Foundation: Financial-grade API (FAPI). https:\/\/fapi.openid.net\/"},{"key":"2_CR20","unstructured":"PCI Security Standards Council: Requirements and security assessment procedures v3-2-1. https:\/\/www.pcisecuritystandards.org\/document_library (2018)"},{"key":"2_CR21","unstructured":"PRETA Open Banking Europe: Security and Identification Standards for APIs & Communications. https:\/\/www.openbankingeurope.eu\/media\/1398\/oasis-obe-api-identification-and-security-standards-for-apis-and-communications.pdf"},{"key":"2_CR22","unstructured":"Qualys: SSL Pulse. https:\/\/www.ssllabs.com\/ssl-pulse\/"},{"key":"2_CR23","doi-asserted-by":"publisher","first-page":"435","DOI":"10.1109\/SP.2019.00062","volume":"2019","author":"E Ronen","year":"2019","unstructured":"Ronen, E., Gillham, R., Genkin, D., Shamir, A., Wong, D., Yarom, Y.: The 9 lives of Bleichenbacher\u2019s CAT: new cache ATtacks on TLS implementations. IEEE Symposium on Security and Privacy, SP 2019, 435\u2013452 (2019). https:\/\/doi.org\/10.1109\/SP.2019.00062","journal-title":"IEEE Symposium on Security and Privacy, SP"},{"key":"2_CR24","doi-asserted-by":"publisher","unstructured":"Samarasinghe, N., Mannan, M.: Short paper: TLS ecosystems in networked devices vs. web servers. In: Financial Cryptography and Data Security - 21st International Conference, FC 2017, pp. 533\u2013541 (2017). https:\/\/doi.org\/10.1007\/978-3-319-70972-7_30","DOI":"10.1007\/978-3-319-70972-7_30"},{"key":"2_CR25","unstructured":"Security & Trust Research Unit: TLSAssistant. https:\/\/github.com\/stfbk\/tlsassistant"},{"key":"2_CR26","unstructured":"Sheffer, Y., Holz, R., Saint-Andre, P.: Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS). https:\/\/tools.ietf.org\/html\/rfc7457.pdf"},{"key":"2_CR27","doi-asserted-by":"publisher","unstructured":"C\u0306ernivec, A., Erdogan, G., Gonzalez, A., Refsdal, A., Alvarez Romero, A.: Employing graphical risk models to facilitate cyber-risk monitoring - the WISER approach. In: Graphical Models for Security (GraMSec) 2017. LNCS, vol. 10744, pp. 127\u2013146 (2018). https:\/\/doi.org\/10.1007\/978-3-319-74860-3_10","DOI":"10.1007\/978-3-319-74860-3_10"},{"key":"2_CR28","unstructured":"Waked, L., Mannan, M., Youssef, A.M.: The sorry state of TLS security in enterprise interception appliances. CoRR abs\/1809.08729 (2018). http:\/\/arxiv.org\/abs\/1809.08729"},{"key":"2_CR29","unstructured":"Wetter, D.: \/bin\/bash based SSL\/TLS tester: testssl.sh. https:\/\/testssl.sh"}],"container-title":["Lecture Notes in Computer Science","Cyber-Physical Security for Critical Infrastructures Protection"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-69781-5_2","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,23]],"date-time":"2021-04-23T16:38:40Z","timestamp":1619195920000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-69781-5_2"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021]]},"ISBN":["9783030697808","9783030697815"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-69781-5_2","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021]]},"assertion":[{"value":"18 February 2021","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CPS4CIP","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Workshop on Cyber-Physical Security for Critical Infrastructures Protection","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Guildford","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"United Kingdom","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 September 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"18 September 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"1","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"cps4cip2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/sites.google.com\/fbk.eu\/cps4cip20","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"23","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"52% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held online due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}