Researcher@Fondazione Bruno Kessler.
Keen on applied cryptography, cybersecurity, and cloud native.
Football coach, fantasy reader, and D&D master.
Research Interests
Working on
Will work on
Worked on
I speak
Experience
Research on applied cryptography, identity and access management, and cybersecurity for cloud native applications. Development of tools for research and demonstration purposes in kotlin. Supervision of interns, BSc and MSc students.
Joint PhD on cryptographic access control in cloud-edge-IoT applications (e.g., Cooperative Connected and Automated Mobility) and design of architectural models for optimal enforcement of cryptographic access control policies.
Research activities on access control in the Cloud, mobile and automotive security. Research activities on Cooperative, Connected and Automated Mobility (5G-CARMEN project). Study and design of reverse engineering protections for Java and Android Apps.
Intern
2ASPIRE
July 2018 - October 2018
Research and analysis of best practices against malicious Reverse Engineering (RE) to increase the company's knowhow in Android RE antitampering and anti-debugging protections.
150 hours working contract under the "Information Systems Management" office, Support the deployment of the Digital University project, a new platform serving as Knowledge HUB within the University of Trento.
Education
PhD in Security, Risk and Vulnerability, Cybersecurity and Reliable Artificial Intelligence curriculum with the thesis "A Security Service for Performance-Aware End-to-End Protection of Sensitive Data in Cloud Native Applications".
Master degree in Computer Science, ICT Innovation - Security&Privacy curriculum (110 cum laude) with the thesis "A Pragmatic Approach to Handle "Honest but Curious" Cloud Service Providers: Cryptographic Enforcement of Dynamic Access Control Policies".
Awarded 3rd prize at Thesis Award «Innovating information security» 15th edition - 2019, Clusit.
Research Projects (4)
Within the SeRiCS ("Security and Rights in CyberSpace") Italian partnership, the project SecCo ("Securing Containers") aims at supporting the secure development and deployment of containerized applications on distributed and heterogeneous architectures, while the project STRIDE ("Secure and TRaceable Identities in Distributed Environments") aims at supporting the secure, protected, and accountable identification of entities and actions through digital identity and access control. Relevant partners are CNR - Consiglio Nazionale delle Ricerche, Telsy S.p.A., ENI, and CINI - Consorzio Interuniversitario Nazionale per l'Informatica.
METAfora wants to implement new and innovative models of digital identity management and use, placing itself in the strategic confluence between the evolutions of European regulations on the subject, thus a regulated and top-down context, and the dynamics of growth and evolution arising from below, understood as the whole world that is now described as metaverse.
The project aims to conceive and develop a platform (called Familiar) that enables the creation of a coordination system for Long Term Care (LTC) services using innovative digital technologies, with a specific focus on the field of dementia. The ultimate goal is to enhance the quality of life for patients and increase support for their families. Relevant partners are Zucchetti Healthcare, Shifton, SDA Bocconi, Upipa, AIP – Associazione Italiana di Psicogeriatria.
The 5G-CARMEN (5G for Connected and Automated Road Mobility in the European UnioN) project is a medium-term effort to significantly drive the research, implementation, and demonstration of refined 5G solutions for the Cooperative, Connected, and Automated Mobility. Relevant partners are Deutsche Telekom AG, BMW Group, Centro Ricerche FIAT, TIM, NOKIA, and Qualcomm.
Teaching, Seminars, and Outreach Events
Teaching Assistant for the master courses "Advanced Programming of Cryptographic Methods" and "Cryptographic Protocols for Secure Networks and Applications"; preparation of lectures and exams, marking and grading of exams.
Teaching Assistant for the bachelor course "Programming 101"; preparation of lectures and exams, marking and grading of exams.
Seminar "I Perché e i Come della Ricerca: Il Lavoro del Ricercatore nel Campo della Sicurezza Informatica" at the Tron-Zanella high school.
Lecturer in advanced applications for access control in the "Cybersecurity and Critical Infrastructure Protection" professional specialization course.
Guest lecture in data security for applications based on cloud-edge computing in the "Fog and Cloud Computing" master course at the University of Trento.
Publications (12)
Stefano Berlato, Matteo Rizzi, Matteo Franzil, Silvio Cretti, Pietro De Matteis, Roberto Carbone
Work-in-Progress: A Sidecar Proxy for Usable and Performance-Adaptable End-to-End Protection of Communications in Cloud Native Applications
in 1st Workshop on Operating Systems and Virtualization Security (OSVS 2024)
Supervised Theses (8)
Marco Soldera
A Risk Assessment Methodology for VSNF Placement in Cloud Native Applications
Bachelor in Computer Science at the University of Trento (2024)
Simone Brunello
Cryptographic Access Control for Balancing Trust, Protection, and Performance
Bachelor in Computer Science at the University of Trento (2024)
Ion Andy Ditu
Leveraging Trusted Execution Environment for Efficient Revocation and Security in Cryptographic Access Control
Bachelor in Computer Science at the University of Trento (2023)
Erica Elia
A Key Recovery Protocol based on Threshold Secret Sharing for Cryptographic Access Control in the Cloud: The CryptoAC Use Case
Master in Mathematics at the University of Trento (2023)
Enrico Marconi
Combining Blockchain-as-a-Service and Cryptographic Access Control for Secure Data Sharing Across Multiple Organizations
Bachelor in Computer Science at the University of Trento (2022)
Alessandro Colombo
Attribute Based Encryption for Advanced Data Protection in IoT with MQTT
Bachelor in Computer Science at the University of Trento (2022)
Veronica Cristiano
Key Management for Cryptographic Enforcement of Access Control Policies in the Cloud: The CryptoAC Use Case
Master in Mathematics at the University of Trento (2021)
Chaudhry Muhammad Suleman
Cyber-security Risk Assessment for Cooperative, Connected and Automated Mobility: Application to Cooperative Lane Merging
Master in Computer Science at the University of Trento (2021)
Open Source Projects (4)
A wrapper allowing to easily use the OpenABE library for Attribute-based Encryption (ABE) from Kotlin multiplatform.
University project for building Joni, a tool meant to help blind and visually impaired people to keep in touch with the world. The project comprised the validation of the business idea through concrete analysis on the field and market research with the goal to make news and podcasts accessible by the blind community.
University project for building an Android app, called Glumo, to help people who suffer from diabetes with features like automatic alarms and emergency SMS. The project comprised the design of monitoring services with direct bluetooth connection with modern glycemic sensors.
University project for building a web application for finding and reviewing restaurants. The project comprised the Agile design and development of the web application with a Java backend, the implementation of the Model-View-Control (MVC) and the DAO pattern for decoupling logic and storage.
Editorial Work and Community Service
2024
Reviewer for: IEEE - TIFS, T-ITS · ICIN · WWW · ITASEC · DBSec · ICFEM
Organizing Committee member of the Topics in Applied Cryptography (TAC) workshop
2023
Reviewer for: EURASIP - JIS · DBSec · ITASEC · SECRYPT · CODASPY · SACMAT · ICISS · FPS
2022
Reviewer for: CODASPY · SECRYPT · DBSec · FedCSIS · ICISSP · FPS
2021
Reviewer for: Elsevier - JISA · SECRYPT · DPM · SACMAT · ITASEC · DBSec · FPS
2020
Reviewer for: SECRYPT · FPS · ICISS · DPM · DBSec · SACMAT
2019
Reviewer for: ICISS