Current position



Postdoc Researcher - University of Bergamo, department of Engineering
Topic: Information technology for the protection of data

Education



Software Engineering - University of Bergamo
PhD program in Engineering and Applied Sciences
Sep 1, 2018 - Oct 1, 2021
Apr 5, 2022 - Graduated with honors
Advisor: prof. Stefano Paraboschi
Thesis: Technologies for the secure collection, sanitization, processing and release of data

Software Engineering - University of Bergamo
Master of Science (MSc)
Sep 1, 2016 - Jul 17, 2018
GPA: 4.0/4.0 - Graduated summa cum laude
Thesis: Transforming query trees for cost optimization in secure multi-provider execution

Software Engineering - University of Bergamo
Bachelor of Science (BSc)
Sep 1, 2013 - Jul 19, 2016

Skills



Core competencies:

  • Programming languages: Go, Python

  • Software: Ubuntu, Emacs, git, Make

  • Scientific writing with LaTeX

  • Access control techniques

Other programming languages/frameworks/tools used occasionaly (say, less than 3 projects):

  • Programming Languages: Rust, C++, Java, Javascript, SQL, C, Elisp, M4, TE, CIL, ODRL, RDF

  • Software: Docker, Postgres, Redis, Deno, Bazel, Apache Spark, FRESCO mpc, Z3, FUSE, eBPF

  • see my dotfiles

Languages:

  • Italian (native), English (fluent)

Awards



University of Bergamo Alumni Association
Dept. of Management, Information and Production Engineering
LUBERG - New graduate of the year
Nov 19, 2019
LUBERG new graduate of the year award rewards talent, determination and commitment of graduates who stand out for a particularly brilliant academic record, the results achieved in the degree course, the originality and the scientific rigor of the thesis.

Work Experience



Autonomous collaborations

  • Partner: UniBg
    Development of a prototype for the management of a language for security policies in a Digital Data Market
    • May 3, 2021 - Sep 13, 2021
    • Jul 20, 2020 - Nov 20, 2020
    • Jul 4, 2019 - Nov 4, 2019

Teaching experience

Teaching assistant, courses at University of Bergamo

  • Introduction to programming in Python
    Year 2018, 2020
    Topics: Basic types, control-flow statements, functions, lists

  • Data Bases I
    Year 2019, 2020, 2021, 2022
    Topics: Structured Query Language, Conceptual and Logical database modeling

  • Data Bases II
    Year: 2019, 2020, 2021
    Topics: Concurrency, scheduling, distributed databases, XQUERY

  • Computer Security
    Year: 2021, 2022
    Topics: Access Control, DAC, MAC, Capabilities (Linux), Isolation of 3rd-party apps in Android

Other experiences



Competitions

  • Cybersecurity Games & Conference (CSAW 2021) - Applied Research Competition, Top 10 Finalist in Europe (certificate)
  • Google hash code 2019 Finals - Team: Unibg Seclab, 38th place

Thesis projects

  • Supervised 30+ thesis students - Topics

Programming

  • AlgoExpert - Completed 100 problems in Python (certificate)

Software Contributions



  • SEApp: Bringing Mandatory Access Control to Android Apps (link)
    A modification to AOSP to extend the mandatory access control layer to Android apps. SEApp leverages SELinux to restrict access to the internal storage, restrict access to services, and isolate vulnerability prone components. This is achieved executing components on dedicated processes. A dedicated app policy module (written in CIL) regulates the permissions associated to each process. Changes to AOSP are implemented in both Java and C++.

  • ITYT: Practical Time-Locked Secrets using Smart Contracts (link)
    A framework to deploy time-locks using the blockchain. It leverages multi-party computation to split a secret among many parties, each obtaining a share. The parties need to cooperate to recover the secret following a pre-defined protocol. The protocol is programmed using a smart contract. The smart contract is developed in Solidity, while the multi-party computation protocol is developed in Java using the FRESCO programming framework.

  • Spark-based Mondrian (link)
    A Dockerized Apache Spark-based version of Mondrian, a sanitization algorithm to achieve k-anonimity. It is executed on a Spark cluster with a varying number of executors. Docker containers are used to scale the number of executors. The anonymization app is an Apache Spark application implemented in Python.

  • dot-emacs (link)
    A minimal version of my .emacs.d/ useful to anyone that may want to test Emacs for code development. Mostly Elisp code.

  • MOSAICrOWN Policy Engine (link)
    The policy engine is the tool responsible for parsing the MOSAICrOWN policy and checking whether a subject request is permitted or denied. Policies are written in ODRL, while the tool is implemented in Python.