2004
Journal article
Unknown
La firma digitale
Gennai F.
L'utilizzo della rete Internet nell'ambito delle attivita' di Document Delivery svolte dalle biblioteche, ha portato notevoli benefici: la diminuizione dei tempi di evasione delle richieste, il miglioramento della qualità del servizio, e al tempo stesso la diminuzione dei costi di trasmissione, rispetto all'utilizzo di strumenti classici come il fax e la posta di superficie. Data la natura delicata delle operazioni di fornitura elettronica che spesso coinvolgono documenti soggetti a copyright un aspetto fondamentale è legato alla certificazione delle transazioni elettroniche in termini di: . certificazione dei corrispondenti (mittente, destinatario); . certificazione della azione (trasmissione); . garanzia della correttezza dei dati trasmessi (che non siano stati modificati durante il transito); . confidenzialità dei dati (solo il destinatario deve avere accesso al contenuto). Le tecnologie di firma elettronica e di cifratura possono essere applicate a tutte quelle operazioni di trattamento dei dati per le quali sono richieste una o più delle suddette garanzie.Source: Bibliotime (Bologna) VII (2004).
Gennai F.
L'utilizzo della rete Internet nell'ambito delle attivita' di Document Delivery svolte dalle biblioteche, ha portato notevoli benefici: la diminuizione dei tempi di evasione delle richieste, il miglioramento della qualità del servizio, e al tempo stesso la diminuzione dei costi di trasmissione, rispetto all'utilizzo di strumenti classici come il fax e la posta di superficie. Data la natura delicata delle operazioni di fornitura elettronica che spesso coinvolgono documenti soggetti a copyright un aspetto fondamentale è legato alla certificazione delle transazioni elettroniche in termini di: . certificazione dei corrispondenti (mittente, destinatario); . certificazione della azione (trasmissione); . garanzia della correttezza dei dati trasmessi (che non siano stati modificati durante il transito); . confidenzialità dei dati (solo il destinatario deve avere accesso al contenuto). Le tecnologie di firma elettronica e di cifratura possono essere applicate a tutte quelle operazioni di trattamento dei dati per le quali sono richieste una o più delle suddette garanzie.Source: Bibliotime (Bologna) VII (2004).
See at: CNR ExploRA
2005
Other
Unknown
Note sullo sviluppo del sistema ISTI di Posta Elettronica Certificata (ISTI - PEC)
Gennai F.
non disponibile
Gennai F.
non disponibile
See at: CNR ExploRA
2003
Report
Open Access
DnsManager
Gennai F.
DnsManager è un software per la gestione via web di un name server (Domain Name System), basato sul modello Centralizzato con Delega Amministrativa.Source: ISTI Technical reports, 2003
Gennai F.
DnsManager è un software per la gestione via web di un name server (Domain Name System), basato sul modello Centralizzato con Delega Amministrativa.Source: ISTI Technical reports, 2003
See at:
ISTI Repository 
| CNR ExploRA
2004
Report
Open Access
DnsManager - Nota tecnica
Gennai F.
DnsManager e' un modulo software per la gestione via web di un name server (Domain Name System), basato sul modello Centralizzato con Delega Amministrativa.Source: ISTI Technical reports, 2004
Gennai F.
DnsManager e' un modulo software per la gestione via web di un name server (Domain Name System), basato sul modello Centralizzato con Delega Amministrativa.Source: ISTI Technical reports, 2004
See at:
ISTI Repository | CNR ExploRA
1992
Other
Unknown
Analizzatore di protocollo INTERVIEW 7200 guida rapida all'utilizzo
Gennai F., Lazzari P.
Abstract non disponibile
Gennai F., Lazzari P.
Abstract non disponibile
See at: CNR ExploRA
2013
Software
Unknown
StreamTrap - SMTP filter
Gennai F.
StreamTrap is a software to control SMTP traffics from local users. It acts as an anti-abuse system by controlling the number of SMTP sessions and/or the number of recipient addressed by an authenticated user during a predefined short period StreamTrap tries to recognize two different type of SMTP streams: connection stream and recipient-to stream. StreamTrap identifies two user status: - Normal user status - Stream-source user status. A stream is a flow of events associated to an user that has done the SMTP authentication. A stream is identified by the following 3 parameters: 1 - the username sending messages. 2 - a "stream interval": maximum interval between 2 consecutive events of the same stream type (session or recipient-to). 3 - a stream threshold: the number of events that should happen (with interval <= of "stream interval" between them) to declare the existence of the stream. StreamTrap permits a fine control, by a configuration file, of the action to apply to users that are recognized as Stream source user. It can simply notify the system administrator about users that have been switched to Stream-source user status or it can block the SMTP sessions from such users. The duration of any action can be configured. StreamTrap can be configured accordingly to a site needs and policy.
Gennai F.
StreamTrap is a software to control SMTP traffics from local users. It acts as an anti-abuse system by controlling the number of SMTP sessions and/or the number of recipient addressed by an authenticated user during a predefined short period StreamTrap tries to recognize two different type of SMTP streams: connection stream and recipient-to stream. StreamTrap identifies two user status: - Normal user status - Stream-source user status. A stream is a flow of events associated to an user that has done the SMTP authentication. A stream is identified by the following 3 parameters: 1 - the username sending messages. 2 - a "stream interval": maximum interval between 2 consecutive events of the same stream type (session or recipient-to). 3 - a stream threshold: the number of events that should happen (with interval <= of "stream interval" between them) to declare the existence of the stream. StreamTrap permits a fine control, by a configuration file, of the action to apply to users that are recognized as Stream source user. It can simply notify the system administrator about users that have been switched to Stream-source user status or it can block the SMTP sessions from such users. The duration of any action can be configured. StreamTrap can be configured accordingly to a site needs and policy.
See at: CNR ExploRA
2016
Software
Open Access
PADDYsms
Gennai F.
PADDYsms è un gateway tra email e sms che permette l'invio e la ricezione di messaggi sms. PADDYsms è dotato di una interfaccia web di gestione e controllo. Gestisce un pool di modem GSM. Permette la creazione di liste di numeri di cell per l'invio massivo di SMS. Utile per esempio per la gestione di annunci di emergenza. L'invio avviene tramite una normale email, iviata ad una particolare destinatario corrispondente al gateway Email<->SMS (PADDYsms) . L'email viene elaborata per estrarre i testo da inviare come SMS. Permette l'assegnazione di priorità di invio ai messaggi in uscita. Per ogni destinatario riporta lo stato dell'SMS: non-ricevuto, ricevuto, letto e il relativo orario. Per ogni invio genera un dettagliato report, in formato PDF, che può essere stampato come attestato del risultato delle operazioni di invio.
Gennai F.
PADDYsms è un gateway tra email e sms che permette l'invio e la ricezione di messaggi sms. PADDYsms è dotato di una interfaccia web di gestione e controllo. Gestisce un pool di modem GSM. Permette la creazione di liste di numeri di cell per l'invio massivo di SMS. Utile per esempio per la gestione di annunci di emergenza. L'invio avviene tramite una normale email, iviata ad una particolare destinatario corrispondente al gateway Email<->SMS (PADDYsms) . L'email viene elaborata per estrarre i testo da inviare come SMS. Permette l'assegnazione di priorità di invio ai messaggi in uscita. Per ogni destinatario riporta lo stato dell'SMS: non-ricevuto, ricevuto, letto e il relativo orario. Per ogni invio genera un dettagliato report, in formato PDF, che può essere stampato come attestato del risultato delle operazioni di invio.
See at:
ISTI Repository | CNR ExploRA
2017
Software
Unknown
Copyself & Backup
Gennai F.
Copyself & Backup is a software that enanches the PMDF mailer. It offers two main functionalities: CopySelf permits a user to get a copy of each email sent stored into the user mailbox . Backup offers an instant backup of each email sent or received by the user. The email are saved to a backup user mailbox (also on remote systems) that the user can access to retrieve losted email.
Gennai F.
Copyself & Backup is a software that enanches the PMDF mailer. It offers two main functionalities: CopySelf permits a user to get a copy of each email sent stored into the user mailbox . Backup offers an instant backup of each email sent or received by the user. The email are saved to a backup user mailbox (also on remote systems) that the user can access to retrieve losted email.
See at: fg.gposta.it | CNR ExploRA
2018
Software
Unknown
RemoveDisplay
Gennai F.
RemoveDisplay is a software that implements a PMDF channel to remove the "display name" from the header of an email. It is a powerful anti phishing solution that permits to display the true From field of an email in the user email client. The "display name" is the component of the email header From field that is typically displayed by the email clients. The phishing emails are composed by inserting a fake display name (for example the name of known delivery companies). When the recipient opens the email it will see such a "display name", but not the email from address. RemoveDisplay forces the client to display the from address instead of the display name that has been removed.
Gennai F.
RemoveDisplay is a software that implements a PMDF channel to remove the "display name" from the header of an email. It is a powerful anti phishing solution that permits to display the true From field of an email in the user email client. The "display name" is the component of the email header From field that is typically displayed by the email clients. The phishing emails are composed by inserting a fake display name (for example the name of known delivery companies). When the recipient opens the email it will see such a "display name", but not the email from address. RemoveDisplay forces the client to display the from address instead of the display name that has been removed.
See at: CNR ExploRA
2024
Other
Open Access
SMTP smuggling
Gennai F.
Descrizione tecnica della vulnerabilità del sistema email Internet, denominata SMTP smuggling e resa pubblica in data 18 dicembre 2023 dalla società SEC Consult di Vienna.
Gennai F.
Descrizione tecnica della vulnerabilità del sistema email Internet, denominata SMTP smuggling e resa pubblica in data 18 dicembre 2023 dalla società SEC Consult di Vienna.
See at:
ISTI Repository | CNR ExploRA
2005
Report
Open Access
Installazione e configurazione di un server Lightweight Directory Access Protocol
Martusciello L., Gennai F.
Un semplice esempio di installazione e configurazione di un server Lightweight Directory Access ProtocolSource: ISTI Technical reports, 2005
Martusciello L., Gennai F.
Un semplice esempio di installazione e configurazione di un server Lightweight Directory Access ProtocolSource: ISTI Technical reports, 2005
See at:
ISTI Repository | CNR ExploRA
2007
Report
Open Access
Guida all'installazione di Java e JBoss in ambiente OpenVMS
Ermini D., Gennai F.
This document is a step by step guide explaining all it is necessary to do to install Java and JBoss Application Server on OpenVMS I64 systems. It also exposes the tests we utilized to verify the Java Virtual Machine's behaviour on OpenVMS I64 environment. The aim of this guide is that to obtain a suitable OpenVMS environment, where to be able to running Java and J2EE compliant applications.Source: ISTI Technical reports, 2007
Ermini D., Gennai F.
This document is a step by step guide explaining all it is necessary to do to install Java and JBoss Application Server on OpenVMS I64 systems. It also exposes the tests we utilized to verify the Java Virtual Machine's behaviour on OpenVMS I64 environment. The aim of this guide is that to obtain a suitable OpenVMS environment, where to be able to running Java and J2EE compliant applications.Source: ISTI Technical reports, 2007
See at:
ISTI Repository | CNR ExploRA
2017
Report
Unknown
Introduzione alla gestione di un cluster OpenVMS
Martusciello L., Gennai F.
Introduzione alla gestione di un cluster OpenVMS.Source: ISTI Technical reports, 2017
Martusciello L., Gennai F.
Introduzione alla gestione di un cluster OpenVMS.Source: ISTI Technical reports, 2017
See at: CNR ExploRA
2012
Conference article
Unknown
E-government services: Quality Assurance of the Italian Certified Electronic Mail
Buzzi M., Gennai F., Petrucci C., Vinciarelli A.
The Internet has revolutionized our society profoundly. Efficiency, reliability, transparency and simplification of processes are keywords of the new eSociety. In particular, eGovernment services have simplified the interaction of citizens with local and central Government. Of these Internet services, email-based communications are central due their simplicity of use. Since 2005 Italy has acknowledged the legal validity of Certified Electronic Mail (PEC) systems. The solution adopted by the Italian Government enhances usability while assuring server-to-server security and interoperability. In this paper we focus on the quality of PEC service. First, motivation for the introduction of certified email is briefly discussed. Next, we present the interoperability test, carried out cyclically for verifying and ensuring the high quality of PEC service. Last, future steps are proposed for sharing, enhancing and reshaping PEC together with the international scientific community, to assure worldwide interoperability and enhance its diffusionSource: HCITOCH 2012, pp. 1–12, Venezia, Italy, 2012
Buzzi M., Gennai F., Petrucci C., Vinciarelli A.
The Internet has revolutionized our society profoundly. Efficiency, reliability, transparency and simplification of processes are keywords of the new eSociety. In particular, eGovernment services have simplified the interaction of citizens with local and central Government. Of these Internet services, email-based communications are central due their simplicity of use. Since 2005 Italy has acknowledged the legal validity of Certified Electronic Mail (PEC) systems. The solution adopted by the Italian Government enhances usability while assuring server-to-server security and interoperability. In this paper we focus on the quality of PEC service. First, motivation for the introduction of certified email is briefly discussed. Next, we present the interoperability test, carried out cyclically for verifying and ensuring the high quality of PEC service. Last, future steps are proposed for sharing, enhancing and reshaping PEC together with the international scientific community, to assure worldwide interoperability and enhance its diffusionSource: HCITOCH 2012, pp. 1–12, Venezia, Italy, 2012
See at: CNR ExploRA
2014
Conference article
Restricted
E-Government services: Italian certified electronic mail
Buzzi M., Gennai F., Petrucci C., Vinciarelli A.
Efficiency, reliability, transparency and simplification of processes are key elements for enhancing progress in our society. In particular, e-Government services are improving our everyday life and email is frequently used by citizens to communicate with local and central Government. To provide legal validity for these communications, security mechanisms can be associated with exchanged messages. Since 2005 Italy has acknowledged the legal validity of certified electronic mail systems. The solution adopted by the Italian Government favors usability while ensuring server-to-server security and interoperability. In this paper certified email is briefly discussed, highlighting pros and limitations and discussing future steps, aimed at sharing, enhancing and reshaping certified electronic mail along with the international scientific community, to ensure worldwide interoperability and favor its diffusion.Source: 13th International Conference WWW/INTERNET, Porto, Portugal, 25 - 27 October 2014
Buzzi M., Gennai F., Petrucci C., Vinciarelli A.
Efficiency, reliability, transparency and simplification of processes are key elements for enhancing progress in our society. In particular, e-Government services are improving our everyday life and email is frequently used by citizens to communicate with local and central Government. To provide legal validity for these communications, security mechanisms can be associated with exchanged messages. Since 2005 Italy has acknowledged the legal validity of certified electronic mail systems. The solution adopted by the Italian Government favors usability while ensuring server-to-server security and interoperability. In this paper certified email is briefly discussed, highlighting pros and limitations and discussing future steps, aimed at sharing, enhancing and reshaping certified electronic mail along with the international scientific community, to ensure worldwide interoperability and favor its diffusion.Source: 13th International Conference WWW/INTERNET, Porto, Portugal, 25 - 27 October 2014
See at:
www.internet-conf.org 
| CNR ExploRA
2014
Report
Open Access
Proposta di aggiornamento delle specifiche tecniche per la posta elettronica certificata
Gennai F., Buzzi M., Ferrucci L.
In this technical report, we present a proposal to modify the protocol of the PEC (Certified Mail), the Italian infrastructure which exploits the well-known SMTP protocol to send e-mail messages and guarantee the non-repudiation of the sender and of the recipient using appropriate XML receipts and timestamps. The paper begins by describing the current problems of the PEC and try to solve the problem of identifying and retrieve the list of the authorized PEC domains avoiding the use of a centralized system, but taking advantage of the infrastructure of the secure DNS, DNSSec, in order to standardize the method. After a brief discussion of the standards DNS and DNSSec, and the introduction of standards for the publication of X.509v3 certificates inside the DNSSec itself, proposed with RFC6698 by the IETF's DANE group, the technical report introduces the proposed modifications, using a small case study to exemplify them. Finally there is a section analysis of the costs and benefits introduced by the proposal.Source: ISTI Technical reports, 2014
Gennai F., Buzzi M., Ferrucci L.
In this technical report, we present a proposal to modify the protocol of the PEC (Certified Mail), the Italian infrastructure which exploits the well-known SMTP protocol to send e-mail messages and guarantee the non-repudiation of the sender and of the recipient using appropriate XML receipts and timestamps. The paper begins by describing the current problems of the PEC and try to solve the problem of identifying and retrieve the list of the authorized PEC domains avoiding the use of a centralized system, but taking advantage of the infrastructure of the secure DNS, DNSSec, in order to standardize the method. After a brief discussion of the standards DNS and DNSSec, and the introduction of standards for the publication of X.509v3 certificates inside the DNSSec itself, proposed with RFC6698 by the IETF's DANE group, the technical report introduces the proposed modifications, using a small case study to exemplify them. Finally there is a section analysis of the costs and benefits introduced by the proposal.Source: ISTI Technical reports, 2014
See at:
ISTI Repository | CNR ExploRA
2017
Conference article
Restricted
Interoperability challenge of certified communication systems via internet
Buzzi M., Gennai F., Petrucci C.
Developing the full potential of Information and Communication Technology (ICT) can greatly innovate and promote society in a number of sectors, including eCommerce, eGovernment, and eHealth. The European Commission works to innovate and bring ICT to its full potential in any sector. Lack of interoperability and adherence to international standards heavily impacts on economic growth and competitiveness. This study suggests a conceptual model to support and fuel worldwide interoperability of Internet Certified Communication Systems (CCSs) worldwide. Current European CCS systems certify the source of an email or message but they also address specific national needs (government) by implementing closed solutions, which impedes cross-border and worldwide interoperability. The Generic CCS model (GCCS) defines an open solution that is able to redefine "closed" CCS systems, planting the seed for building worldwide interoperability between certified communication systems. Few scenarios of use illustrate the potential of the proposed model.Source: eGose '17 - Internationsl Conference on Electronic Governance and Open Society: Challenges in Eurasia, pp. 166–171, St. Petersburg, Russia, 04-06 September 2017
DOI: 10.1145/3129757.3129785
Metrics:
Buzzi M., Gennai F., Petrucci C.
Developing the full potential of Information and Communication Technology (ICT) can greatly innovate and promote society in a number of sectors, including eCommerce, eGovernment, and eHealth. The European Commission works to innovate and bring ICT to its full potential in any sector. Lack of interoperability and adherence to international standards heavily impacts on economic growth and competitiveness. This study suggests a conceptual model to support and fuel worldwide interoperability of Internet Certified Communication Systems (CCSs) worldwide. Current European CCS systems certify the source of an email or message but they also address specific national needs (government) by implementing closed solutions, which impedes cross-border and worldwide interoperability. The Generic CCS model (GCCS) defines an open solution that is able to redefine "closed" CCS systems, planting the seed for building worldwide interoperability between certified communication systems. Few scenarios of use illustrate the potential of the proposed model.Source: eGose '17 - Internationsl Conference on Electronic Governance and Open Society: Challenges in Eurasia, pp. 166–171, St. Petersburg, Russia, 04-06 September 2017
DOI: 10.1145/3129757.3129785
Metrics:
See at:
dl.acm.org | doi.org | CNR ExploRA
2022
Report
Open Access
Considerazioni derivanti dall'analisi di alcune tipologie di test di interoperabilità REM a favore delle attività di sviluppo di una piattaforma REM
Gennai F., Martusciello L.
Nell'ambito dell'accordo di collaborazione scientifica ISTI-Agid si è evidenziata la necessità di definire una suite di test di interoperabilità tra gestori REM e la piattaforma di riferimento REM-ISTI. Questo documento intende richiamare l'attenzione sul comportamento che un server REM può avere durante la ricezione di un Dispatch proveniente da un altro server REM e suggerire alcune tra le possibili soluzioni.Source: ISTI Technical Report, ISTI-2022-TR/014, 2022
DOI: 10.32079/isti-tr-2022/014
Metrics:
Gennai F., Martusciello L.
Nell'ambito dell'accordo di collaborazione scientifica ISTI-Agid si è evidenziata la necessità di definire una suite di test di interoperabilità tra gestori REM e la piattaforma di riferimento REM-ISTI. Questo documento intende richiamare l'attenzione sul comportamento che un server REM può avere durante la ricezione di un Dispatch proveniente da un altro server REM e suggerire alcune tra le possibili soluzioni.Source: ISTI Technical Report, ISTI-2022-TR/014, 2022
DOI: 10.32079/isti-tr-2022/014
Metrics:
See at:
ISTI Repository | CNR ExploRA
2005
Conference article
Restricted
A certified email system for the public administration in Italy
Gennai F., Martusciello L., Buzzi M.
The growth of Internet services poses problems of security assurance such as providing trustiness of on-line transactions, guaranteeing user privacy, and furnishing message confidentiality. This paper describes issues related to sending documents via "certified email", as required by Italian law. Issues of cryptography and digital signature are introduced followed by a brief description of the certified email system we developed, which successfully passed the interoperability and technical test carried out by the National Center for Informatics in the Public Administration of ItalySource: IADIS International Conference WWW/Internet 2005, pp. 143–147, Lisbona, 19-22 Ottobre 2005
Gennai F., Martusciello L., Buzzi M.
The growth of Internet services poses problems of security assurance such as providing trustiness of on-line transactions, guaranteeing user privacy, and furnishing message confidentiality. This paper describes issues related to sending documents via "certified email", as required by Italian law. Issues of cryptography and digital signature are introduced followed by a brief description of the certified email system we developed, which successfully passed the interoperability and technical test carried out by the National Center for Informatics in the Public Administration of ItalySource: IADIS International Conference WWW/Internet 2005, pp. 143–147, Lisbona, 19-22 Ottobre 2005
See at:
www.iadisportal.org | CNR ExploRA
1991
Report
Unknown
Guida al collegamento di terminali remoti al CNUCE
Miori Vittorio, Canino Domenico, Gennai Francesco
Manuale d'uso per guidare l'utente al collegamento ai mainframe residenti presso l'Istituto CNUCE del CNR, tramite terminali remoti.Source: ISTI Technical reports, 1991
Miori Vittorio, Canino Domenico, Gennai Francesco
Manuale d'uso per guidare l'utente al collegamento ai mainframe residenti presso l'Istituto CNUCE del CNR, tramite terminali remoti.Source: ISTI Technical reports, 1991
See at: CNR ExploRA