I am working on load time and run-time policies enforcement on
multi-application platforms, such as Java Card, Android or Firefox OS.
For the load time checks we are advocating the
Security-by-Contract
(SxC) approach. In this approach the platform will check each
loaded application if it's
contract
is compliant with the policy of the platform and of the other
applications. The contract contains application claims on its
security-relevant behavior, e.g. calls to other applications or
security APIs; it is validated on the platform with respect to the
loaded code. In 2012 together with Gemalto we have implemented
the SxC framework that fits on a real smart card.
For the run-time enforcement we are focusing on constructing an
enforcement mechanism that would be able to flexibly accommodate
different information flow properties. Currently each information
flow enforcement mechanism suits only one information flow
property (such as non-interference in different flavors); and
modification from enforcing non-interference into enforcing
non-deducibility is not straight-forward.
The EU Security and Trust R&D projects landscape
I am now involved in the
EU FP7 SecCord project,
which aims to support the EU research projects in Trust and
Security by enhancing cross-project collaborations
and disseminating achieved results to the key stakeholders.
Trento is now collecting data (project
booklets, alongside with conducting semi-structured
interviews with the project coordinators) from the FP7 Security and Trust
projects (Call 1, Call 5 and Call 8). We will use this data to
prepare EU Yearbook highlighting the key achievements, aspirations
and innovations attained by the projects.
-
If you are an EU FP7 Security and Trust project
coordinator or participant, and you would like the world
(including the potential customers of your technology)
to know about your project, please
contact me.
Since 2010 I am a TA for the Computational Complexity (Laurea
Magistrale) course at the
University of Trento.
The course covers various topics related to computational problems
and their complexity: from the classical NP-completeness theory to
randomized complexity classes and zero-knowledge proof systems. We
are trying to motivate the students for out-of-the-box thinking
by using creative exercises. The undirected connectivity for
a graph G may seem boring, but what if Facebook asks you this at
a job interview? Traditionally, the students will also assist James
Bond (e.g. by playing an NPC black-jack or deducing how
to use a fancy gadget provided by Q to beat mafia in poly-time),
participate in a court trial with an interactive proof system
against a lying witness, and do a lot more.
PhD in Mathematics from the Novosibirsk State University
(
NSU), 2008.
In my thesis I investigated the EDP connectivity metrics of
random graphs, which is defined as the expected number of
disconnected pairs of nodes in the graph; and how to choose an
optimal network topology by minimizing EDP.