Skip to content

Commit

Permalink
Update umberto-morelli.md
Browse files Browse the repository at this point in the history
  • Loading branch information
umorelli authored Jan 30, 2024
1 parent 73df518 commit 135ac9b
Showing 1 changed file with 38 additions and 1 deletion.
39 changes: 38 additions & 1 deletion _people/umberto-morelli.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,40 @@
---
person: UmbertoMorelli
---
links:

- name: CV
value: https://drive.google.com/file/d/15nfxRTdc2uC1Ho1CnK_CtdmwzUJTk-2J/view

- name: LinkedIn
value: morelliumberto

- name: ORCID
value: 0000-0003-2899-2227

- name: ResearchGate
value: Umberto-Morelli
---
Technologist at the Security & Trust Research Unit of the FBK Cybersecurity Center | Representative for the ISO 9001:2015 and ISO 27001:2022 certification for the Cybersecurity Center.


Eight years experience in line with three objectives:

* Support the security-by-design and security-by-default paradigms in established technologies by developing tools to aid cybersecurity architects and developers. Notable examples:
* Development and extension of [SecurePG](https://sites.google.com/view/securepg/home), a Java tool for the local generation and evaluation of access control policies in cloud environments ([Amazon AWS](https://aws.amazon.com) and [OpenStack](https://www.openstack.org) platforms); and for migrating identities and permissions (expressed in natural language) to/from the cloud.
* Collaborative development [MQTTSA](https://github.com/stfbk/mqttsa), a Python tool to automatically detect security misconfigurations in MQTT environments and provide a pdf report of the security best practices, the potential vulnerabilities, and a list of actionable mitigations.
* Contribute to developing an interface to automatically host a secure MQTT service (and evaluate its performance according to different scenarios).

* Develop prototypes with emerging technologies to support their secure adoption, or leverage their potential to enhance the protection of users and their data. Significant cases:
* Collaboratively design, develop and test a Kotlin Android mobile application and a set of Python backend microservices to host a secure remote voting election (created in a multidisciplinary working group).
* Use Hyperledger Fabric, a private distributed ledger, to access health data securely.
* Experiment with using the Italian identity card (CIE 3.0) in the following use cases: Home Automation, Automotive and enterprise services (such as Pull Printing).

* Raise awareness on cybersecurity issues and best practices, mainly in Cloud and IoT environments. Among the activities:
* Participation at local events, such as ISACA, ProM, and Webvalley, and provision of University seminars, workshops, and lessons for specialised institutes (e.g., the ITT Buonarroti in Trento).
* Tutor for Security&Trust internship students and coach for young researchers.
* Contribute to developing a [laboratory](https://github.com/stfbk/ITOTLab) to experiment with students on IT/OT infrastructures and related cybersecurity issues.

I'm passionate about state-of-the-art approaches (e.g., for identity management and cloud/edge access control), cutting-edge security solutions (e.g., following the zero-trust approach and leveraging the cyber-threat intelligence), and technologies that impact society: e-voting, digital wallets and the secure offering of public services (such as [TreC](https://trec.trentinosalute.net) - the healthcare platform for the citizens of Trento).


I'm currently contributing to [MERIT](https://digitalmerit.eu/), a 4-year EU project launched in Oct. 2022, which includes Universities, SMEs, DIH, and FBK as an Excellence Center, with the primary goal of creating a University master programme on the most relevant AI, CS and IoT topics; to upskill MERIT members with targeted initiatives, as well as support the dissemination activities of the identified target groups.

0 comments on commit 135ac9b

Please sign in to comment.