Dr Daniele Sgandurra received his PhD in Computer Science from the University of Pisa. He is currently a Lecturer at the Information Security Group. Daniele has been a visiting researcher at the security group of IBM Zurich Research Laboratory, by participating in the Phantom project (virtual machine introspection-based security). He was a PostDoc researcher at the Institute of Informatics and Telematics, National Research Council of Italy, where he has mainly worked in the field of mobile security, and a Research Associate at the Department of Computing, Imperial College London, focusing on threat modelling for Cloud environments and malware analysis. His research focuses on
cybersecurity of systems, in particular security of operating systems/virtualisation, mobile systems and the Internet of Things (IoT).
Room: 154 Founders West
Daniele’s Past Projects:
Coco Cloud (Confidential and Compliant Clouds) is an FP7 project that aims to facilitate data sharing in cloud environments by providing end-to-end data centric security from the client to the cloud based on the (semi-)automated enforcement ofData Sharing Agreements. These agreements may reflect legal, contractual or user defined preferences, which may be conflicting and thus an appropriate balance and model for their enforcement must be found.
Partners: Hewlett-Packard, The Italian National Research Council, Imperial College London, University of Oslo, SAP, Atos, AGID, Bird & Bird, and Grupo Hospitalario Quirón.
CIPART (Cloud Intelligent Protection at Run-Time) aims to develop novel techniques for intelligent cloud protection by advancing the state of the art in system modelling at run time, attack scenarios based analysis, novel techniques for selecting countermeasures and remedial actions and novel techniques for re-perimeterisation of the cloud environment. The methodology adopted combines fundamental research on knowledge representation, probabilistic analysis and machine learning with empirical and experimental studies in an industrial test-bed environment.
Additionally, the project also aims to achieve a better understanding of the business models and incentives involved in the relationships between cloud tenants and hosting organisations in the provision of security services based on measures of cost, risk and value and to propose new models that facilitate sharing of risk and exchange of security relevant information, which would in turn allow to simplify security management and provide better protection.
MSP (Mobile Security and Privacy) is an EIT ICT LAB project whose goal is to design and develop a set of mechanisms for the protection of the application execution in the mobile devices. This entails run-time enforcement mechanisms for application specific security policies.
SERIT: I’ve been a member of the coordinating committee of SERIT (SEcurity Research in ITaly), the national technological platform on homeland security jointly promoted by CNR and Finmeccanica. SERIT includes SMEs, research institutions, Universities, companies in Italy that focus their researches in the field of Homeland Security. The platform groups more than 250 Italian partners and more than 1000 members: http://www.piattaformaserit.it/
IBM Zurich Research Lab (Introspection-based Context Agent Injection) https://www.zurich.ibm.com/csc/security/securevirt.html
Petras IoT HUB: https://www.petrashub.org/