Older news are available here.
Security is an important aspect of life. Even more when it comes to internet and Identity Management. Public Key Infrastructures help in providing an efficient method to issue digital identities that can be used over public network to secure communications and data exchange. My long term goal is to make the deployment of PKIs and usage of Digital Certificates on a large scale feasable for every day use. My research has potential impacts on many fields. The capillary adoption of certificates at every level, i.e. for small pervasive devices (sensors or mobile phones) or for people (digital IDs and passports), can stimulate research in the area by rethinking the principles of PKIs. Moreover adoption of digital certificates and digital identities provided by governments will allow for new opportunities in eCommerce, Privacy and Digital Data Management.
My current research work aims to achieve usable security that uses digital certificates to simplify key management issues. Rather than focusing on the definition of new cryptographic algorithms, my research is aimed to provide simpler and effective trust management. My short term objective is to make current PKI technology easy to use for both application developers and users. For this I am working at the design of a Public Key System aimed at supporting the deployment of Trust Infrastructures in the Internet. Moreover, I am also working at the definition and standardization of the PKI Resource Query Protocol (PRQP). I also started several projects that serve as frameworks to deploy my research into real environments.
To pursue my long term goal, I will focuse my teaching efforts on providing students with a global vision about security issues by exposing them to both technical and non-technical aspects. I also plan to leverage the interdisciplinary nature of security in order to collaborate with other departments. This will stimulate students and collaborators to think about security and privacy issues as a whole: a complex and comprehensive process. Moreover the experience acquired in years of consultancy work in the area allow me to more effectively help students in their curriculum development.
I received my Ph.D. from the Poilitecnico di Torino in Computer Engineering in March 2007. In 2011, I joined the Politechnic Institute of NYU as research professor in the Computer Science and Engineering (CSE) department. I also hold the assistant director position at the Center for Interdisciplinary Studies in Security and Privacy (CRISSP). Following my doctorate, I joined Dartmouth College as a Post-Doctoral Research Fellow with the Institute for Security Technology Studies (ISTS). During my graduate studies, I worked at the PKI/Trust Lab at Dartmouth College for six months where I contributed to the work of Prof. Sean Smith and his collaborators. Before then, I worked for several companies as PKI/Security consultant. In 1998, I started the OpenCA project and I still continue its development and management. In addition to my Ph.D., I hold a Laurea (equiv. to BS and MS) in Computer Engineering from the University of Modena, Italy.