I have more than 15 years of experience of research and innovation in information and system security at different levels of activities:
- Management of research and innovation activities in several EU co-funded projects under Horizon 2020, FP7, and FP6;
- Expert evaluator for the EC under Horizon Europe and Horizon 2020 of the EU in the areas of Digital Security, Future and Emerging Technologies, and Ethics;
- Innovation activities with reference to publications and evaluation of technological solutions for international conferences and journals in the field.
I have a long-standing experience in managing partner-specific work in collaborative projects. My research activities have been driven by involvement in EU co-funded RTD projects. Over the years, I have learned to deliver results under strict deadlines and strong inter-dependencies to other activities, and to adapt and meet professional standards even under changing conditions and priorities.
Please refer to section Projects for a summary of my activities and results per project (chronologically ordered) with references to publications co-authored.
Research and Practical Application Interests
- Anomaly and intrusion detection in EPES and OT protocols Modbus, IEC-104, DNP3 based on both signature-based IDS and ML-based detectors;
- Security architectures and enforcement mechanisms with a recent focus on cyber range architectural solutions and IoT security;
- Sandbox-based malware behaviour analysis;
- Models of authorization, access control and trust management;
- Identity management and privacy.
Domains of interest: service-oriented and cloud computing systems, federated systems, Internet of things and cyber-physical systems.
I have specific technical expertise in:
- X.509 certificate standard both identity and attribute certificates for authentication and access control;
- Public-key infrastructure and privilege management infrastructure (PKI/PMI) for user identity and (entity) attribute management in decentralised environments;
- Federated Identity Management. Technical realisation of Single Sign-On (SSO). Use of Security Assertion Markup Language (SAML) for federated identity information exchange, and X.509 certificates for user authentication.
Project proposals evaluation for the European Commission’s Horizon Europe and H2020 frameworks:
- Horizon Europe: PATHFINDER OPEN as Vice Chair Quality Control (2022, 2021);
- Horizon Europe: PATHFINDER CHALLENGES as Vice Chair Quality Control (2021);
- Horizon Europe: Ethics screening of proposals under MSCA and Increased cybersecurity areas (2021);
- H2020: Digital Security Focus Area, Evaluator of poposals for Work Programme Year: 2016-2017;
- H2020: FET-OPEN – Novel Ideas for Radically New Technologies, Evaluator of poposals for Work Programme Year: 2014-2015;
- H2020: Ethics screening of project proposals related to Big Data research (2015-2018);
- H2020: Ethics screening of project proposals related high performance computing (2014);
- H2020: Ethics screening of project proposals related to European research infrastructures (2014-2015).
- Computers & Security, Elsevier (2018, 2017, 2016, 2015, 2012).
- ACM Transactions on Internet Technology (2016).
- Journal of Information Security and Applications, Elsevier (2016).
- Service Oriented Computing and Applications, Springer (2016, 2015, 2013, 2011, 2008).
- Security and Communication Networks, John Wiley & Sons (2014, 2012, 2011, 2010, 2009).
- World Wide Web Journal, Springer (2014).
- African Journal of Business Management, AcademicJournals (2013).
- Journal of Zhejiang University Science C, Springer (2013).
- Simulation Modelling Practice and Theory, Elsevier (2011).
- Future Internet, MDPI AG (2011).
- IEEE Communications Surveys and Tutorials (2010).
- Journal Of Systems and Software, Elsevier (2010).
- Journal of Internet Services and Applications, Springer (2010).
- Computer Communications, Elsevier (2008).
Program committee member:
- International Conference on Information Systems Security and Privacy:
- IFIP International Conference on New Technologies, Mobility and Security:
- International Workshop on Emerging Technologies for Authorization and Authentication:
- International Workshop on Security Engineering for Cloud Computing:
- IARIA International Conference on Emerging Security Information, Systems and Technologies:
- International Conference on Agents and Artificial Intelligence:
- IARIA International Conference on Advances in Human-oriented and Personalized Mechanisms, Technologies, and Services:
- International ACM Conference on Management of Emergent Digital EcoSystems:
- International Workshop on Security and Privacy in Model Based Engineering 2015 (SPIE-2015)
- 3rd International Workshop on Privacy Enhanced Technology and Security Engineering (PETSE 2011).
- International Symposium on Service, Security and its Data management technologies in Ubi-com:
- 1st International Conference on Digital Businesses (Digibiz-09).
- 2nd International Conference on Information Security and Assurance / Session on Security & Privacy in Pervasive Computing environments (SPPC-2008).
- European Symposium on Research in Computer Security: ESORICS 2016, ESORICS 2015.
- International Conference on Information and Communication Technology Research: (ICTRC-2015).
- 8th International Workshop on Formal Aspects of Security and Trust (FAST-2011).
- International Symposium on Engineering Secure Software and Systems: ESSoS-2010, ESSoS-2009.
- 5th International Conference on Security and Cryptography (SECRYPT-2010).