Curriculum

Claudio Agostino Ardagna PhD
Associate Professor
Dipartimento di Informatica (DI)
Universita' degli Studi di Milano

1. Education

PhD in Computer Science at Universita' degli Studi di Milano [February 2008]

PhD student in Computer Science "XX cycle" at Universita' degli Studi di Milano [November 2004 - November 2008]

Laurea in computer science, with full marks and honors, from the Universita' degli Studi di Milano [October 2003]

2. Professional Experience

Associate Professor, Universita' degli Studi di Milano, (Dipartimento di Informatica) [March 2015 - present]

Assistant Professor, Universita' degli Studi di Milano, (Dipartimento di Informatica) [December 2008 - February 2015]

Research fellow, Universita' degli Studi di Milano, (Dipartimento di Tecnologie dell’Informazione) [October 2004 - October 2008]

Research Collaborator, Universita' degli Studi di Milano, (Dipartimento di Tecnologie dell’Informazione) [2004]

3. Visit in international research centers and partecipation in international schools

Visiting professor, Etisalat BT Innovation Centre (EBTIC), Khalifa University, Abu Dhabi, UAE [January-February 2014]. The research activity, in collaboration with Prof. Rasool Asal, focused on security and privacy in the cloud.

Visiting position, Center for Secure Information Systems (CSIS) Department, George Mason University, VA (USA) [August 2010,August 2009,June-August 2008]. The research activity, in collaboration with prof. Sushil Jajodia focused on security and privacy in mobile and distributed systems.

Partecipation at the International School On Foundations Of Security Analysis And Design -- Bertinoro - Italy [September 2006,September 2004]

4. Awards, Honors, and Patents

Winner of the ERCIM STM WG 2009 Award for the Best Ph.D. Thesis on Security and Trust Management

He is a co-inventor of the European Patent titled "Method, System, Network and Computer Program Product for Positioning in a Mobile Communications Network" (with M. Anisetti, V. Bellandi, E. Damiani, S. Reale). European Patent No. EP1765031, Published in date 21 March 2007

5. Teaching Activities

5.1 University courses and participation to evaluation committees

He has held the following courses for the Laurea Degree in Computer Science (CCD Informatica - Crema), Universita' degli Studi di Milano.

  • "Reti di Calcolatori (Modulo 2)": academic year 2014/2015
  • "Reti di Calcolatori (Modulo 2)": academic year 2013/2014
  • "Reti di Calcolatori (Modulo 2)": academic year 2012/2013
  • "Reti di Calcolatori (Modulo 2)": academic year 2011/2012
  • "Reti di Calcolatori (Modulo 2)": academic year 2010/2011
  • "Sistemi per l’Elaborazione delle Informazioni (Modulo 2)": academic year 2009/2010
  • "Laboratori di Basi Dati": academic year 2008/2009

He has taught some lessons and has participated in the evaluation committees for the following courses for the Laurea Degree in Computer Science (CCD Informatica - Crema), Universita' degli Studi di Milano.

  • "Privacy e Protezione dei Dati": academic years 2010/2011, 2011/2012, 2012/2013, 2013/2014
  • "Tecniche Avanzate per la Protezione dei Dati": academic years 2007/2008, 2008/2009, 2009/2010
  • "Elementi di Sicurezza e Privatezza": academic years 2005/2006, 2006/2007, and 2007/2008.
  • "Traduttori": academic year 2006/2007.
  • "Protocolli Avanzati di Rete": academic year 2004/2005.

He has participated in the evaluation committees for the following courses for the Laurea Degree in Computer Science (CCD Informatica - Crema), Universita' degli Studi di Milano.

  • "Algoritmi e Strutture Dati": academic year 2008/2009.

5.2 PhD school courses

He has taught some lessons for the following courses for the PhD School in Computer Science, Universita' degli Studi di Milano.

  • December 2015: Security Certification: From Software-Based to the Cloud Systems (with M. Anisetti, E. Damiani)
  • January 2012: Privacy Preserving Techniques for GeoLocation Services (with Prof. Bettini)
  • April 2011: Security Patterns in ICT infrastructure (with Prof. Damiani)
  • May 2010: Fundamentals of security (with Prof. Pierangela Samarati, Prof. Sabrina De Capitani Di Vimercati, Prof. Danilo Bruschi)

5.4 Other teaching activities

October-November 2014: He has held the course Sicurezza Informatica within the course "Tecnico superiore per il risparmio energetico nell'edilizia sostenibile", in the Post high-school Istruzione Tecnica Superiore (IFTS), Crema, Italy (with M. Anisetti)\\

October-November 2014: He has held the course Cloud Computing: Tecnologie per la Collaborazione within the course "Tecnico superiore per il risparmio energetico nell'edilizia sostenibile", in the Post high-school Istruzione Tecnica Superiore (IFTS), Crema, Italy (with M. Anisetti)

March 2014: He has held the course "Comunicazione Integrata in Rete" within the course "Tecnico superiore per la comunicazione e il multimedia per la valorizzazione di beni ed eventi culturali", in the Post high-school Istruzione e Formazione Tecnica Superiore (IFTS), Crema, Italy (with Luca Ludovico)

May 2013: He has taught some lessons in the course "Virtualization technologies -- Advanced" at the Università degli Studi di Milano (with E. Damiani, F. Frati, D. Rebeccani)

April 2013: He has taught some lessons in the course "Virtualization technologies" at the Università degli Studi di Milano (with E. Damiani, F. Frati, D. Rebeccani)

March 2012: He has held the course "Advanced techniques for network security" at Adecco S.p.A.

October 2011: He has taught some lessons in the course "Virtualization technologies" at the Università degli Studi di Milano (with E. Damiani, F. Frati, D. Rebeccani)

April 2011: He has held the course "Fundamentals of network security" at Adecco S.p.A.

March 2011: He has taught some lessons titled "Software security" in the course "Advanced techniques for software engineering" at Agusta Westland (with E. Damiani, F. Frati, G. Gianini)

March 2010: He has held the course "Fundamentals of network security" at the Università degli Studi di Milano.

January-April 2004: He has held the course "Produzione di pagine e siti web statici" in the Post high-school Istruzione e Formazione Tecnica Superiore (IFTS), Crema, Italy.

He has been tutor for the following courses for the Laurea Degree in Computer and Network Security (on-line edition), Universita' degli Studi di Milano:

  • "Elementi di Sicurezza e Privatezza": academic years 2005/2006, 2006/2007, and 2007/2008.

He has been (co-)supervisor of the Ph.D. candidate Kouessi A.R. Sagbo with a thesis titled "Early Assessment of Service Performance Using Simulation".

He has been (co-)advisor of thesis focusing on different topics related to security, SOA and web services, data protection, and mobile networks.

6. Professional Activities

Evaluator of:
  • Research proposals submitted to the "Scientific Independence of young Researchers (SIR) program", Ministero dell'Istruzione, dell'Universita' e della Ricerca, Italy [2014]
  • Research proposals submitted to the "National Center of Science and Technology Evaluation", Ministry of Education and Science, Republic of Kazakhstan [2014]
  • Research proposals for research assistant positions (JUNIOR), Universita'a degli Studi dell'Insubria [2013]
  • Research proposals submitted to the "Cyber Security Research programme", The Dutch National Science Foundation (NWO) [2013]

  • 2012: evaluator of research proposals submitted to the \Partnership Programme - Joint Applied Research Projects - PCCA 2011", Romanian National Council for Development and Innovation.

      2008-2013: he has been the secretary of the IFIP (Informational Federation for Information Processing) Working Group 11.3 on "Data and Application Security".

      Since 2011, he is the member of the IFIP (Informational Federation for Information Processing) Working Group 2.14 on "Services-oriented Systems".

      Co-Editor of the following special issues on international journals:

      • Special Issue on "Security and Dependability Assurance of Software Architectures" (con E. Damiani, S. Guergens, A. Mana, G. Spanoudakis), Journal of Systems Architecture, 57(3), March 2011
      • Special Issue on "Open Source Certification" (con E. Damiani, L. Barbosa, P.T. Breuer), In International Journal of Computer Systems Science and Engineering (IJCSSE), 25(4), July 2010

      Editorial board member of the following international journals:

      • Mobile Information Systems, ISSN 1574-017X [December 2014-present]
      • International Journal of Big Data (IJBD) [July 2013-present]

      Steering Committee member of:

      • 6th Workshop in Information Security Theory and Practice (WISTP 2012) - Security, Privacy, and Trust in Computing Systems and Ambient Intelligent Ecosystem, Egham, UK, June 2012

      Program Chair of:

      • International Symposium on Secure Virtual Infrastructures Cloud and Trusted Computing 2015 (CTC 2015), Rhodes, Greece, October 2015 (co-chair with M. Jensen)
      • IEEE 2015 5th International Workshop on Security and Privacy Engineering (SPE 2015), New York, NY, USA, June-July 2014 (co-chair with M. Jensen)
      • 2nd International Workshop on Security Assurance n the Cloud (IWSAC 2014), Marrakech, Morocco, November 2014 (co-chair with R. Asal, M. Anisetti)
      • IEEE 2014 Fourth International Workshop on Security and Privacy Engineering (SPE2014), Anchorage, Alaska, USA, June-July 2014 (co-chair with Z. Chen, E. Damiani, M. Jensen)
      • 1st International Workshop on Securing Services on the Cloud, Milan, Italy, September 6-8, 2011 (co-chair with Ernesto Damiani)
      • 5th Workshop in Information Security Theory and Practice (WISTP 2010) - Security and Privacy of Mobile Devices in Wireless Communications, Crete, Greece, 1-3 June, 2011 (co-chair with Jianying Zhou)

      Co-chair of:

      • Workshop on "Assurance in the Cloud" at the Cyber Security & Privacy (CSP) EU Forum 2013, Brussels, Belgiu,, April 2013 (co-chair with Michele Bezzi, Ernesto Damiani)
      • Workshop on "Web Service Security Contracts" at the Cyber Security & Privacy (CSP) EU Forum 2012, Berlin, Germany, April 2012 (co-chair with Michele Bezzi, Ernesto Damiani, and Miguel Ponce de Leon)
      • Track "Security and Trust Computing" of the 5th International Conference on Future Information Technology (FutureTech 2010), Jeju, Korea, May 2010 (co-chair with Jongsung Kim and Andreas U. Schmidt)

      He has been Ph.D. Symposium Chair of IEEE SERVICES 2015, New York, NY, USA, June-July 2015

      Program Committee member of:

      • 5th International Symposium on Data-Driven Process Discovery and Analysis (SIMPDA 2015), Vienna, Austria, December 2015
      • 7th International Conference on Management of computational and collective IntElligence in Digital EcoSystems (MEDES 2015), Caraguatatuba/Sao Paulo, Brazil, October 2015
      • International Workshop on Data-driven and Predictive Business Analytics (DPBA 2015), Adelaide, Australia, September 2015
      • 18th International Information Security Conference (ISC 2015), Trondheim, Norway, September 2015
      • 4th ASE International Conference on Cyber Security (CyberSecurity 2015), Stanford, CA, USA, August 2015
      • 9th International Conference on Information Security Theory and Practice (WISTP 2015), Heraklion, Greece, August 2015
      • 9th International Conference on Frontier of Computer Science and Technology (FCST 2015), Dalian, China, August 2015
      • 5th International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2015), Las Vegas, NV, USA, August 2015
      • 3rd International Conference on Future Internet of Things and Cloud (FiCloud 2015), Rome, Italy, August 2015
      • 7th International Symposium on Cyberspace Safety and Security (CSS 2015), New York, USA, August 2015
      • 3rd International Conference on Human Aspects of Information Security, Privacy and Trust (HAS 2015), Los Angeles, CA, USA, August 2015
      • 3rd International Symposium on Security in Computing and Communications (SSCC 2015)), Kerala, India, August 2015
      • Web2Touch 2015: Modelling the Collaborative Web Knowledge Track @ IEEE WETICE 2015, Larnaca, Cyprus, June 2015
      • 1st International Conference on Mobile, Secure and Programmable Networking (MSPN 2015), Paris, France, June 2015
      • 7th IFIP International Conference on New Technologies, Mobility and Security - Security Track (NTMS 2015 - Security Track), Paris, France, July 2015
      • Future Internet Services and Applications (FISA 2015), Larnaca, Cyprus, June 2015
      • 5th International Conference on Cloud Computing and Services Science (CLOSER 2015), Lisbona, Portugal, May 2015
      • CSP Innovation Forum 2015 (Cyber Security and Privacy Innovation Forum), Brussels, Belgium, April 2015
      • 10th Dependable and Adaptive Distributed Systems (DADS 2015), Track of the 30th ACM Symposium on Applied Computing, Salamanca, Spain, April 2015
      • Workshop on Security and Privacy in Model Based Engineering (SPIE 2015), Angers, France, February 2015
      • 6th International Conference on Computer Science and its Applications (CSA 2014), Guam, USA, December 2014
      • 10th International Conference on Signal-Image Technology \& Internet-Based Systems (SITIS 2014), Marrakesh, Morocco, November 2014
      • 17th Information Security Conference (ISC 2009), Hong Kong, October 2014
      • 2nd Cloud and Autonomic Computing Conference (CAC 2014), London, UK, September 2014
      • 2nd International Workshop on Security and Privacy Preserving in e-Societies (SeceS 2014), Buraidah Al Qassim, Saudi Arabia, September 2014
      • 2nd International Symposium on Security in Computing and Communications (SSCC 2014), Delhi, India, September 2014
      • 7th International Conference on Human-centric Ubiquitous Computing and Applications (HumanCom-14), Ostrava, Czech Republic, August 2014
      • 12th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2014), Dalian, China, August 2014
      • 9th International Workshop on Security (IWSEC 2014), Hirosaki, Japan, August 2014
      • 4th International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2014), Shanghai, China, August 2014
      • 28th IFIP WG 11.3 Conference on Data and Application Security and Privacy (DBSEC 2014), Vienna, Austria, July 2014
      • Web2Touch 2014: Ontology Applications and Web Semantics Conference Track @ IEEE WETICE 2014, Parma, Italy, June 2014
      • 3rd Track on Provisioning and Management of Service Oriented Architecture and Cloud Computing (PROMASC 2014) @ IEEE WETICE 2014, Parma, Italy, June 2014
      • 8th International Workshop in Information Security Theory and Practice (WISTP 2014), Heraklion, Greece, June 2014
      • 2nd International Conference on Human Aspects of Information Security, Privacy and Trust, Heraklion, Greece, June 2014
      • 4th International Conference on Cloud Computing and Services Science (CLOSER 2013), Barcelona, Spain, April 2014
      • 6th IFIP International Conference on New Technologies, Mobility and Security - Security Track (NTMS 2014 - Security Track), Dubai, UAE, March-April 2014
      • 9th Dependable and Adaptive Distributed Systems (DADS 2013), Track of the 28th ACM Symposium on Applied Computing, Gyeongju, Korea, March 2014
      • 9th International Conference on Signal-Image Technology \& Internet-Based Systems (SITIS 2013), Kyoto, Japan, December 2013
      • 5th FTRA International Conference on Computer Science and its Applications (CSA 2013), Danang, Vietnam, December 2013
      • 15th IEEE International Conference on High Performance Computing and Communications (HPCC 2013), Zhangjiajie, China, November 2013
      • 8th International Workshop on Security (IWSEC 2013), Okinawa, Japan, November 2013
      • 5th International Symposium on Cyberspace Safety and Security (CSS 2013), Zhangjiajie, China, November 2013
      • 18th European Symposium on Research in Computer Security (ESORICS 2013), London, UK, September 2013
      • International Symposium on Security in Computing and Communications (SSCC 2013), Mysore, India, August 2013
      • 3rd IEEE International Workshop on Security and Privacy Engineering (SPE 2013), San Francisco, CA, USA, June 2013
      • IEEE 2013 International Workshop on Service Security and Assurance Perspectives (WOSSAP 2013), San Francisco, CA, Usa, June 2013
      • 7th IEEE International Conference on Digital Ecosystems and Technologies Special Theme - Complex Environment Engineering (IEEE DEST 2013), Stanford, CA, USA, July 2013
      • 27th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2013), Newark, NJ, USA, July 2013
      • 1st International Conference on Human Aspects of Information Security, Privacy and Trust (HAS 2013), Las Vegas, NV, USA, July 2013
      • 3rd International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2013), Nassau, Bahamas, July 2013
      • Workshop on Provisioning and Management of Service Oriented Architecture and Cloud Computing (PROMASC 2013), Hammamet, Tunisia, June 2013
      • 7th Workshop in Information Security Theory and Practice (WISTP 2013) - Securing Mobile and Cyber-physical Systems, Crete, Greece, May 2013
      • International Conference on Privacy and Security in Mobile Systems (PRISMS 2013), Atlantic City, NJ, USA, June 2013
      • 3rd International Conference on Cloud Computing and Services Science (CLOSER 2012), Aachen, Germany, May 2013
      • 3rd IFIP WG 11.6 Working Conference on Policies & Research in Identity Management (IFIP IDMAN 2013), London, UK, April 2013
      • 8th Dependable and Adaptive Distributed Systems (DADS 2013), Coimbra, Portugal, March 2013
      • 7th International Symposium on Security and Multimodality in Pervasive Environment (SMPE 2013), Barcelona, Spain, March 2013
      • International Conference on Computing, Networking and Communications (ICNC 2013), San Diego, CA, USA, January 2013
      • 4th IEEE International Conference on Cloud Computing Technology and Science (CloudCom 2012), Taipei, Taiwan, December 2012
      • 4th International Symposium on Cyberspace Safety and Security (CSS 2012), Melbourne, Australia, December 2012
      • 2012 ASE/IEEE International Conference on Cyber Security (ICCS 2012), Washington, DC, USA, December 2012
      • 2012 FTRA International Workshop on Human centric computing, P2P, Grid and Cloud computing (HPGC 2012), Korea, December 2012
      • 8th International Conference on Signal-Image Technology \& Internet-Based Systems (SITIS 2012), Sorrento, Naples, November 2012
      • IEEE Asia Pacific Cloud Computing Congress 2012 (APCloud 2012), Wuzhou Guest House, Shenzhen, China, November 2012
      • 4th FTRA International Conference on Computer Science and its Applications (CSA 2012), Jeju, Korea, November 2012
      • 7th International Workshop on Security (IWSEC 2012), Fukuoka, Japan, November 2012
      • 17th European Symposium on Research in Computer Security (ESORICS 2012), Pisa, Italy, September 2012
      • 5th FTRA International Conference on Human-centric Computing (HumanCom 2012), Gwangju, Korea, September 2012
      • 5th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2012), Rome, Italy, August 2012
      • 26th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2012), Paris, France, July 2012
      • International Conference on Security and Cryptography (SECRYPT 2012), Rome, Italy, July 2012
      • International Workshop on Privacy, Security and Trust in Mobile and Wireless Systems (MobiPST 2012), Munich, Germany, July 2012
      • 1st International Workshop on Clouds for Business and Business for Clouds (C4BB4C), Madrid, Spain, July 2012
      • IEEE 2012 Services Workshop on Security and Privacy Engineering (SPE2012), Honolulu, HI, USA, June 2012
      • 4th International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec 2012), Frankfurt, Germany, June 2012
      • 6th International Conference on Digital Ecosystem Technologies - Complex Environment Engineering (IEEE DEST-CEE 2012), Campione d'Italia, Italy, June 2012
      • 6th Workshop in Information Security Theory and Practice (WISTP 2012) - Security, Privacy, and Trust in Computing Systems and Ambient Intelligent Ecosystem, Egham, UK, June 2012
      • 2nd International Conference on Cloud Computing and Services Science (CLOSER 2012), Porto, Portugal, April 2012
      • 6th International Symposium on Security and Multimodality in Pervasive Environment (SMPE 2012), Fukuoka, Japan, March 2012
      • International Conference on Computing, Networking and Communications, Communications and Information Security Symposium (ICNC 2012 - CIS), Hawaii, USA, January--February 2012
      • 9th IEEE International Conference on Dependable, Autonomic and Secure Computing (DASC 2011), Sydney, Australia, December 2011
      • Workshop on Provisioning and Management of Service Oriented Architecture and Cloud Computing (PROMASC 2011), Paphos, Cyprus, December 2011
      • Workshop on Privacy in the Electronic Society (WPES 2011), Chicago, IL, USA, October 2011
      • 3rd International Conference on Computer Science and its Applications (CSA 2011), Jeju, Korea, December 2011
      • 2011 FTRA International Workshop on Human centric computing, P2P, Grid and Cloud computing (HPGC 2011), Jeju, Korea, December 2011
      • 5th International Conference on Network and System Security (NSS 2011), Milan, Italy, September 2011
      • 5th International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2011), Nice/Saint Laurent du Var, France, August 2011
      • 9th Annual Conference on Privacy, Security and Trust (PST 2011), Montreal, Canada, July 2011
      • 6th International Workshop on Security (IWSEC 2011), Tokyo, Japan, November 2011
      • International Workshop on Security and Privacy Preserving in e-Societies (SeceS 2011), Lebanon, June 2011
      • International Conference on Security and Cryptography (SECRYPT 2011), Seville, Spain, July 2011
      • 25th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2011), Richmond, USA, July 2011
      • IEEE International Conference on Communications (ICC 2011), Kyoto, Japan, June 2011
      • 3rd International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (Mobisec 2011), Aalborg, Denmark, May 2011
      • 6th Conference on Network Architectures and Information Systems Security (SAR-SSI 2011), La Rochelle, France, April 2011
      • 5th International Symposium on Security and Multimodality in Pervasive Environments (SMPE-11), Biopolis, Singapore, March 2011
      • 4th IFIP International Conference on New Technologies, Mobility and Security - Security Track (NTMS 2011 - Security Track), Paris, France, February 2011
      • 6th International Conference on Information Systems Security (ICISS 2010), Gandhinagar Gujarat, India, December 2010
      • 6th International Conference on Signal-Image Technology & Internet-Based Systems (SITIS 2010), Kuala Lumpur, December 2009
      • 3rd International Conference on Human-centric Computing (HumanCom-10), Cebu, Philippines, August 2010
      • 11th Internation Conference On Web Information System Engineering (WISE 2010), Hong Kong, China, December 2010
      • 4th International Conference on Network and System Security (NSS 2010), Melbourne, Australia, September 2010
      • 2010 International Workshop on Computing Technologies and Business Strategies for u-Healthcare (CBuH2010), Seoul, Korea, July 2010
      • 5th International Workshop on Security (IWSEC 2010), Kobe, Japan, November 2010
      • International Conference on Security and Cryptography (SECRYPT 2010), Athens, Greece, July 2010
      • Second International ICST Conference on Security and Privacy in Mobile Information and Communication Systems (MobiSec 2010), Catania, Sicily, May 2010
      • Workshop on Provisioning and Management of Service Oriented Architecture and Cloud Computing, Tozeur, Tunisia, May-June 2010
      • 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2010), Rome, Italy, June 2010
      • 4th International Symposium on Security and Multimodality in Pervasive Environment 2010 (SMPE 2010), Perth, Australia, April 2010
      • 6th International Conference on Security and Privacy in Communication Networks (SecureComm2010), Singapore, September 2010
      • 2010 IFIP IDMAN Conference on National Identity Management, Norway, November 2010
      • 4th Workshop in Information Security Theory and Practice (WISTP 2010) - Security and Privacy of Pervasive Systems and Smart Devices, Passau, Germany, April 2010
      • 25th Annual Computer Security Applications Conference (ACSAC 2009), Honolulu, Hawaii, USA, December 2009
      • 2nd International Conference on Computer Science and its Applications (CSA 2009), Jeju, Korea, December 2009
      • 5th International Conference on Signal-Image Technology and Internet-Based Systems (SITIS 2009), Marrakech, Marocco, November 2009
      • 2009 ACM Workshop on Secure Web Services (SWS 2009), Chicago, USA, November 2009
      • International Workshop on Security and Privacy in Wireless and Mobile Computing, Networking and Communications (SecPri_WiMob 2009), Marrakech, Marocco, October 2009
      • 3rd International Conference on Information Security and Assurance (ISA 2009), Seoul, Korea, June 2009
      • 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, July 2009, Montreal, Canada.
      • 3nd Symposium on Security and Multimodality in Pervasive Environments (SMPE 2009), Bradford, U.K., May 2008.
      • 24th Annual Computer Security Applications Conference (ACSAC 2008), Anaheim, California, December 2008.
      • 4th International Conference on Signal-Image Technology & Internet-based Systems (SITIS 2008), Track on Open Source Software Development and Solutions (OSSDS), Bali, Indonesia, November-December 2008.
      • International Workshop on Privacy in Location-Based Applications (PiLBA 2008), Malaga, Spain, October 2008.
      • International Workshop on Security and Privacy in Wireless and Mobile Computing, Networking and Communications (SecPri WiMob 2008), Avignon, France, October 2008.
      • 23rd International Information Security Conference (SEC 2008) co-located with IFIP World Computer Congress 2008, Milan, Italy, September 2008.
      • 2nd Symposium on Security and Multimodality in Pervasive Environments (SMPE 2008), Dublin, Ireland, July 2008.
      • 2nd IEEE Conference on Digital Ecosystems and Technologies (IEEE DEST 2008), Phitsanulok, Thailand, February 2008.

      Publication Chair of:

      • 5th International Workshop on Security and Trust Management (STM 2009), Saint Malo, France, September 2009
      • Information Security Conference (ISC 2009), Pisa, Italy, September 2009

      Finance Chair of:

      • 14th IEEE International Conference on Mobile Data Management (MDM 2013), Milan, Italy, June 2013

      Publicity chair of:

      • Workshop in Information Security Theory and Practice (WISTP 2013) -- Securing Mobile and Cyber-physical Systems, Heraklion, Greece, May 2013
      • 27th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSec 2013), Newark, NJ, USA, July 2013
      • 8th International Conference on Information Systems Security (ICISS 2012), Guwahati, India, December 2012
      • 7th International Conference on Information Systems Security (ICISS 2011), Kolkata, India, December 2011
      • European Symposium on Research in Computer Security (ESORICS 2011), Leuven, Belgium, September 2011
      • 5th International Conference on Information Systems Security (ICISS 2010), Kolkata, India, December 2010
      • 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2010), Rome, Italy, June 2010
      • 4th Workshop in Information Security Theory and Practice (WISTP 2010) - Security and Privacy of Pervasive Systems and Smart Devices, Passau, Germany, April 2010
      • Workshop in Information Security Theory and Practices 2009: Smart Devices, Convergence and Next Generation Networks, Brussels, Belgium, September 2009
      • 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Montreal, Canada, July 2009.
      • 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, London, UK, July 2008.
      • Workshop in Information Security Theory and Practices 2008: Smart Devices, Convergence and Next Generation Networks, Sevilla, Spain, May 2008.
      • 2nd International Workshop on Security and Trust Management (STM'06), Hamburg, Germany, September 2006.
      • 10th European Symposium on Research in Computer Security (ESORICS), Milan, Italy, September 2005.

      Reviewer of the following international conferences/workshops:

      • International Conference on Information and Communication Technology Research (ICTRC2015), Abu Dhabi, UAE, May 2015
      • 19th European Symposium on Research in Computer Security (ESORICS 2014), Wroclaw, Poland, September 2014
      • 9th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2014), Kyoto, Japan, June 2014
      • 33rd International Conference on Distributed Computing Systems (ICDCS 2013), Philadelphia, PI, USA, July 2013
      • IEEE BigData Congress 2013 conference (BigData 2013), Santa Clara, CA, USA, June-July 2013
      • 33rd International Conference on Distributed Computing Systems (ICDCS 2013), Philadelphia, PI, USA, July 2013
      • 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2013), Hangzhou, China, May 2013
      • International Conference on Security, Privacy and Applied Cryptography Engineering (SPACE 2012), Chennai, India, November 2012
      • 19th ACM Conference on Computer and Communications Security (CCS 2012), Raleigh, NC, USA, October, 2012
      • 14th International Conference on Information and Communications Security (ICICS 2012), Hong Kong, October 2012
      • 8th International Conference on Security and Privacy in Communication Networks (SecureComm 2012), Padua, Italy, September 2012
      • 7th International Conference on Information Systems Security (ICISS 2011), Kolkata, India, December 2011
      • 2011 International Conference on Information Systems (ICIS 2011), Shanghai, China, December 2011
      • 5th ACM International Conference on Distributed Event-Based Systems (DEBS 2011), New York, NY, USA, July 2011
      • 9th IEEE International Conference on Web Services (ICWS 2011), Washington, DC, USA, July 2011
      • 16th ACM Symposium on Access Control Models and Technologies (SACMAT 2011), Innsbruck, Austria, June 2011
      • 6th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2011), Hong Kong, March 2011
      • 12th International Conference on Information and Communications Security (ICICS 2010), Barcelona, Spain, December 2010
      • 13th Information Security Conference (ISC 2010), Boca Raton, FL, USA, October 2010
      • 19th ACM International Conference on Information and Knowledge Management (CIKM 2010), Toronto, Canada, October 2010
      • 7th European Workshop on Public Key Services, Applications and Infrastructures (EuroPKI 2010), Athens, Greece, September 2010
      • 2nd IEEE International Conference on Information Privacy, Security, Risk and Trust (PASSAT 2010), Minneapolis, Minnesota, USA, August 2010
      • IEEE International Symposium on Policies for Distributed Systems and Networks, George Mason University, Fairfax, VA, USA, July 2010
      • 30th International Conference on Distributed Computing Systems (ICDCS 2010), Genova, Italy, June 2010
      • 5th ACM Symposium on Information, Computer and Communications Security (ASIACCS 2010), Beijing, China, April 2010
      • 13th International Conference on Extending Database Technology (EDBT 2010), Lausanne, Switzerland, March 2010
      • Financial Cryptography 2010 (FC 2010), Tenerife, Canary Islands, Spain, January 2010
      • 4th International Conference on Risks and Security of Internet and Systems (CRiSIS 2009), Toulouse, France, October 2009
      • 5th International ICST Conference on Security and Privacy in Communication Networks (SecureComm 2009), Athens, Greece, September 2009
      • 22nd IEEE Computer Security Foundations Symposium 2009 (CSF 2009), Port Jefferson, New York, USA, July 2009
      • 5th International Conference on Open Source Systems, Skovde, Sweden, June 2009
      • 29th International Conference on Distributed Computing Systems (ICDCS 2009), Montreal, Quebec, Canada, June 2009
      • 23rd International Conference on Advanced Information Networking and Applications (AINA-09), Bradford, UK, May 2009
      • 15th ACM Conference on Computer and Communications Security (CCS 2008), Alexandria, VA, USA, October 2008
      • Workshop on Privacy in the Electronic Society, Alexandria, VA, USA, October 2008
      • 13th European Symposium on Research in Computer Security (ESORICS 2008), Malaga, Spain, October 2008
      • 22nd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, London, U.K., July 2008.
      • 10th Information Security Conference (ISC 2007), Valparaiso, Chile, October 2007.
      • 2007 IEEE Symposium on Security and Privacy, Oakland, California, USA, May 2007.
      • Annual Computer Security Applications Conference (ACSAC 2006), Miami Beach, Florida, USA, December 2006.
      • 3rd International Conference on Service Oriented Computing, Amsterdam, The Netherlands, December 2005.
      • 4th International Conference on Web Engineering (ICWE 2004), Munich, Germany, July 2004.

      Reviewer of the following international journals:

      • ACM Computing Surveys
      • ACM SIGMOBILE periodical, Mobile Computing and Communications Review (MC2R)
      • ACM Transactions on the WEB (TWEB)
      • Annals of telecommunications
      • Applied Computing and Informatics (ACI)
      • COMputer NETworks (COMNET)
      • Computers and Security (COSE)
      • Future Internet
      • IEEE Internet Computing
      • IEEE Systems Journal
      • IEEE Transactions on Cloud Computing (TCC)
      • IEEE Transactions on Dependable and Secure Computing (TDSC)
      • IEEE Transactions on Information Forensics and Security (TIFS)
      • IEEE Transactions on Mobile Computing (TMC)
      • IEEE Transactions on Parallel and Distributed Systems (TPDS)
      • IEEE Transactions on Services Computing (TSC)
      • IEEE Transactions on Systems, Man and Cybernetics (TSMC)
      • IEEE Transactions on Visualization and Computer Graphics (TVCG)
      • IET Information Security
      • Information Systems Frontiers
      • International Journal of Big Data (IJBD)
      • International Journal of Communication Systems (IJCS)
      • Journal of Biomedical Informatics
      • Journal of Computer and System Sciences (JCSS)
      • Journal of Computer Science and Technology, Springer
      • Journal of Computer Security (JSC)
      • Journal of Computer Standards \& Interfaces (CSI)
      • Journal of Information Processing Systems (JIPS)
      • Journal of Science of Computer Programming
      • Journal of System Architecture (JSA)
      • Multimedia Tools and Applications (MTAP)
      • Springer Artificial Intelligence and Law
      • Springer Computing
      • Springer Journal of Systems and Software
      • Universal Access in the Information Society (UAIS), Springer
      • Wireless Communications and Mobile Computing, Wiley InterScience
      • World Wide Web Journal (WWWJ)

      7. Invited Talks

      • Verification, validation, and certification of non-functional properties in distributed systems, ETISALAT BT Innovation Center, Khalifa University, Abu Dhabi, UAE, February 10, 2014
      • 2nd International Workshop on Policies for the Future Internet (PoFI 2011), Pisa, Italy, June 9, 2011.
      • 5th International Workshop on Security and Trust Management (STM 2009), Saint Malo, France, September 25, 2009.

      8. Research Projects

      He is currently working/has worked in the context of the following research projects.

      • PRIN 2010-2011
        Genomic Data Management (GenData 2020)
        February 2013 -- January 2016
        Design of novel and advanced technological solutions for supporting the next-generation healthcare systems.

      • 7th FWP (Seventh Framework Programme) (ICT - Trustworthy ICT)
        Certification infrastrUcture for MUlti-Layer cloUd Services (CUMULUS)
        October 2012 -- September 2015
        Activities: Definition and implementation of novel test-based solutions for security certification of Cloud services.

      • Telecom Italia: Progetti end-to-end
        Studio e sperimentazione di scenari di scalabilità orizzontale nell'ottica di fornitura di servizi cloud evoluti in ambito PaaS
        May 2013 -- December 2013
        Activities: Definition and implementation of novel solutions supporting horizontal scalability in a cloud environment and allowing the distribution and consumption of advanced cloud services in a PaaS scenario.

      • PRIN 2010-2011
        Genomic Data Management (GenData 2020)
        February 2013 -- January 2016
        Activities: Design of novel and advanced technological solutions for supporting the next-generation healthcare systems.

      • 7th FWP (Seventh Framework Programme) (ICT - Trustworthy ICT)
        Advanced Security Service cERTificate for SOA (ASSERT4SOA)
        October 2010 -- September 2013
        Activities: Definition and implementation of innovative solutions for test-based certification of services.

      • Telecom Italia: Progetti end-to-end
        Studio e sperimentazione di servizi cloud evoluti in ambito PaaS
        July 2011 -- December 2011
        Activities: Definition and implementation of novel cloud-based PaaS solutions supporting the release of SOA-based functionalities in the cloud.

      • 7th FWP (Seventh Framework Programme) (ICT - Information and Communication Technologies)
        Privacy and Identity Management in Europe for Life (PrimeLife)
        March 2008 -- June 2011
        Activities: Definition and implementation of innovative solutions for protecting and controlling access to personal data of users.

      • 6th FWP (Sixth Framework Programme) (IST - Information Society Technologies)
        Privacy and Identity Management for Europe (PRIME) project
        March 2004 -- February 2008
        Activities: Definition of access control policies and languages, and authorization techniques in the context of distributed systems supporting privacy and digital identities

      • PITAGORA project
        January 2004 -- December 2004
        Activities: Research and development in the context of mobile networks. The activities focus on mobile networks and their remote management, mobile network security and privacy, mobile phone geolocation and, finally, knowledge abstraction and management

      9. Research Interests

      His research interests are in the areas of information security and privacy, distributed and cloud computing, SOA and cloud certification, access control, mobile networks, and open source security. Among them, he investigated the following issues: privacy protection and identity management, protection of Web Service infrastructures, SOA and cloud security and privacy, service and cloud security certifications, access control policies and languages, and mobile networks security and privacy.

      Currently, he is studying innovative test-based security certification solutions for distributed services, anonymous techniques and protocols for privacy protection in the context of mobile networks, and scalability techniques for the cloud. He is also studying enhanced access control solutions for open Cloud/Web-based scenarios, security assurance techniques, and test-based security certification solutions for software. Finally, he is co-author of the book on Open Source Security Certification.


      10. Publications