professor and assistant director
computer science and engineering
polytechnic institute, nyu
Six MetroTech Center, Brooklyn, NY 11201
tel. (603) 369 - 9332|fax. (718) 260 - 3136
openca -at- acm -dot- org
Current Reseach Projects and Activities
The Public Key System:
Public Key technology is about multiple parties across different domains
making assertions that can be chained together to make trust judgments.
We are currently working to a new framework to facilitate the
deployment of Trust Infrastructures in the Internet.
[ Paper |
Internet Draft ]
Usable PKIs for Mobile Devices:
Usability is an important aspect of any system.
We are studying how to use mobile devices like Smart Phones to provide
a secure environment for portable credentials via the usage of
Proxy Certificates (PorKI Project).
PKI Resources Query Protocol:
one of the most strategic problems still open is the PKI data and services
We are developing a new protocol (PRQP) that helps users and third
parties to locate CAs' provided services.
[ internet draft |
Trusted Computing Deployment:
Trusted Computing is becoming ever more important for applications
and operating system. By combining TPM into existing environments
it is possible to provide a new source of trust that may be used
for secure computing.
Open Research Projects
[ LibPKI ]
The LibPKI Project is aimed to provide an easy-to-use PKI library for
PKI enabled application development.
The library provides the developer with all the needed functionalities
to manage certificates, from generation to validation.
The LibPKI Project enables developers with the possibility to implement
complex cryptographic operations with a few simple function calls by
implementing an high-level cryptographic API.
[ OpenCA Labs ]
The OpenCA Labs, born from the former OpenCA Project, is an open
organization aimed to provide a framework for PKI studying and
development of related projects.
[ P.A.O.S. Project ]
This project collects and analyses the usage of HTTP servers by
the Italian Public Administrations. At the moment the scope of the
data collection includes local administrations - municipalities, provinces
Past Research Projects
Centralised Trust Management:
by using a sort of cross-certification, we are currently investigatin how
to provide a centralised management of trusted certificates within current
applications (e.g. web browsers or MUAs).
[ paper ]
E-Mail Policy Enforcement System:
by combining public-key technologies with existing Internet protocols
EMPE provides a method to shift the sender authentication information
from the SMTP envelope or communication channel to the message body.
Perfect and Trusted Viewers:
a method to define the requirements for the applications that comply with
the "What You See Is What You Sign" (WYSIWYS) requirement for electronic
Privacy Preserving OCSP:
OCSP requests and responses could be tracked by an adversary to find out activities
of a user . We are studying an extension to the OCSP protocol
which provide a level of anonymity.