-
Notifications
You must be signed in to change notification settings - Fork 18
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
38 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,40 @@ | ||
--- | ||
person: UmbertoMorelli | ||
--- | ||
links: | ||
|
||
- name: CV | ||
value: https://drive.google.com/file/d/15nfxRTdc2uC1Ho1CnK_CtdmwzUJTk-2J/view | ||
|
||
- name: LinkedIn | ||
value: morelliumberto | ||
|
||
- name: ORCID | ||
value: 0000-0003-2899-2227 | ||
|
||
- name: ResearchGate | ||
value: Umberto-Morelli | ||
--- | ||
Technologist at the Security & Trust Research Unit of the FBK Cybersecurity Center | Representative for the ISO 9001:2015 and ISO 27001:2022 certification for the Cybersecurity Center. | ||
|
||
|
||
Eight years experience in line with three objectives: | ||
|
||
* Support the security-by-design and security-by-default paradigms in established technologies by developing tools to aid cybersecurity architects and developers. Notable examples: | ||
* Development and extension of [SecurePG](https://sites.google.com/view/securepg/home), a Java tool for the local generation and evaluation of access control policies in cloud environments ([Amazon AWS](https://aws.amazon.com) and [OpenStack](https://www.openstack.org) platforms); and for migrating identities and permissions (expressed in natural language) to/from the cloud. | ||
* Collaborative development [MQTTSA](https://github.com/stfbk/mqttsa), a Python tool to automatically detect security misconfigurations in MQTT environments and provide a pdf report of the security best practices, the potential vulnerabilities, and a list of actionable mitigations. | ||
* Contribute to developing an interface to automatically host a secure MQTT service (and evaluate its performance according to different scenarios). | ||
|
||
* Develop prototypes with emerging technologies to support their secure adoption, or leverage their potential to enhance the protection of users and their data. Significant cases: | ||
* Collaboratively design, develop and test a Kotlin Android mobile application and a set of Python backend microservices to host a secure remote voting election (created in a multidisciplinary working group). | ||
* Use Hyperledger Fabric, a private distributed ledger, to access health data securely. | ||
* Experiment with using the Italian identity card (CIE 3.0) in the following use cases: Home Automation, Automotive and enterprise services (such as Pull Printing). | ||
|
||
* Raise awareness on cybersecurity issues and best practices, mainly in Cloud and IoT environments. Among the activities: | ||
* Participation at local events, such as ISACA, ProM, and Webvalley, and provision of University seminars, workshops, and lessons for specialised institutes (e.g., the ITT Buonarroti in Trento). | ||
* Tutor for Security&Trust internship students and coach for young researchers. | ||
* Contribute to developing a [laboratory](https://github.com/stfbk/ITOTLab) to experiment with students on IT/OT infrastructures and related cybersecurity issues. | ||
|
||
I'm passionate about state-of-the-art approaches (e.g., for identity management and cloud/edge access control), cutting-edge security solutions (e.g., following the zero-trust approach and leveraging the cyber-threat intelligence), and technologies that impact society: e-voting, digital wallets and the secure offering of public services (such as [TreC](https://trec.trentinosalute.net) - the healthcare platform for the citizens of Trento). | ||
|
||
|
||
I'm currently contributing to [MERIT](https://digitalmerit.eu/), a 4-year EU project launched in Oct. 2022, which includes Universities, SMEs, DIH, and FBK as an Excellence Center, with the primary goal of creating a University master programme on the most relevant AI, CS and IoT topics; to upskill MERIT members with targeted initiatives, as well as support the dissemination activities of the identified target groups. |