• No results found

Alessandro Colantonio

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Alessandro Colantonio"

Copied!
5
0
0

Loading.... (view fulltext now)

Download now ( 5 Page )

Full text

(1)

Curriculum Vitæ

Alessandro Colantonio

July 23, 2013

Personal Information

Address . . . B via Silicella 23 int. C6, Roma (Italy);

Phone . . . H +39 349 1434081;

E-mail . . . k [email protected];

Personal Home Page . . . . E ricerca.mat.uniroma3.it/users/colanton;

Date and place of birth . . . July 21, 1976, Penne, Pescara (Italy);

Nationality . . . Italian;

Marital status . . . Married.

Education

Ph.D., 2011. Ph.D. in Mathematicsat “Roma Tre” University, Rome, Italy. Thesis: “Role

Mining Techniques To Improve RBAC Administration.”

Advanced Studies, 2008.Italian 2ndlevel Master in Information Security and Governance

(1-year, post Master’s Degree) at “La Sapienza” University, Rome, Italy. Thesis: “A Cost-Driven Approach to Role Engineering.”

Master’s Degree, 2001. Computer Engineer (Italian 5-years “Laurea Magistrale in

In-gegneria Informatica”, equivalent to M.Eng./M.Sc.) at University of Pisa, Italy. The-sis: “Design and Implementation of a Hard Real-Time, Small Memory Footprint, and Portable Operating System Kernel.”

Languages

Italian. Native language.

English. Fluent business and technical English. BULATS certificate C1/4, March 2011

(www.bulats.org/Bulats/Results.html)

IT Security Experience

June 2011 – present, Founder and CTO atBay31 AG(www.bay31.com). Development

(2)

associ-ated with user access. Unique application of new techniques for data-mining, pattern recognition and risk management to access governance.

April 2006 – May 2011, Chief Research & Development Officer at CrossIdeas (www.

crossideas.com, formerlyEngiweb Security). Design of novel techniques and method-ologies for GRC in IAM systems.

December 2002 – March 2006, Consultant atAccenture, Rome office (www.accenture.

com). Main IT security-related activities:

Alitalia Servizi (www.alitalia.it). Coordination of Asset Inventory and Risk

As-sessment activities based on BS 7799 and ISO 17799 standards.

Italian Ministry of Health (www.nsis.ministerosalute.it). Design of IT security

policies and procedures for the NSIS Project.

Ente Tabacchi Italiano (ETI, now BAT, www.bat.com). Asset Inventory and Risk

Assessment activities based on BS 7799 and ISO 17799 standards.

Research Interest

Methodologies and models for GRC (Governace, Risk Management, and Compliance) in

Role-Based IAM (Identity & Access Management) systems, focusing on Role Engineering.

Data Mining algorithms. Data Compression algorithms.

Real-Time Operating Systems mechanisms for Embedded Systems. Office Automation applications.

Books

[1] Alessandro Colantonio, Roberto Di Pietro, and Alberto Ocello. Role Mining in Business— Taming Role-Based Access Control Administration. World Scientific Publishing Co. Inc, 2011.

Journal Papers

[1] Alessandro Colantonio, Roberto Di Pietro, and Nino Vincenzo Verde. A business-driven decomposition methodology for role mining. Computers & Security, 2012. To appear. [2] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde.

Vi-sual role mining: A picture is worth a thousand roles. IEEE Transactions on Knowledge and Data Engineering (TKDE), 2011. In press.

[3] Alessandro Colantonio and Roberto Di Pietro. CONCISE: COmpressed ’N’ Composable Integer SEt. Information Processing Letters, 110:644–650, 2010.

[4] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. A new role mining framework to elicit business roles and to mitigate enterprise risk.

(3)

Deci-[5] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. Tam-ing role minTam-ing complexity in RBAC. Computers & Security, 29:548–564, 2010. Special Issue on “Challenges for Security, Privacy & Trust”.

Conference and Workshop Papers

[1] Nino Vincenzo Verde, Jaideep Vaidya, Vijayalakshmi Atluri, and Alessandro Colantonio. Role engineering: From theory to practice. InProceedings of the 2ndACM Conference on Data and Application Security and Privacy, CODASPY ’12, pages 181–192, 2012.

[2] Alessandro Colantonio. Prioritizing role engineering objectives using the analytic hier-archy process. In Proceedings of the 8th Conference of the Italian Chapter of AIS, itAIS

2011, pages 419–427, 2011.

[3] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. Mining business-relevant RBAC states through decomposition. InProceedings of the IFIP TC 11 25thInternational Information Security Conference, SEC ’10, pages 19–30, 2010. [4] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde.

Evaluating the risk of adopting RBAC roles. InProceedings of the 24thAnnual IFIP WG

11.3 Working Conference on Data and Applications Security, DBSec ’10, pages 303–310, 2010.

[5] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. ABBA: Adaptive bicluster-based approach to impute missing values in binary matrices. InProceedings of the 25thACM Symposium on Applied Computing, SAC ’10, pages 1027–

1034, 2010.

[6] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. A formal framework to elicit roles with business meaning in RBAC systems. InProceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT ’09,

pages 85–94, 2009.

[7] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. Mining stable roles in RBAC. InProceedings of the IFIP TC 11 24thInternational Informa-tion Security Conference, SEC ’09, pages 259–269, 2009.

[8] Alessandro Colantonio, Roberto Di Pietro, Alberto Ocello, and Nino Vincenzo Verde. A probabilistic bound on the basic role mining problem and its applications. InProceedings of the IFIP TC 11 24thInternational Information Security Conference, SEC ’09, pages 376–

386, 2009.

[9] Alessandro Colantonio, Roberto Di Pietro, and Alberto Ocello. Leveraging lattices to improve role mining. In Proceedings of the IFIP TC 11 23rd International Information Security Conference, SEC ’08, pages 333–347, 2008.

[10] Alessandro Colantonio, Roberto Di Pietro, and Alberto Ocello. A cost-driven approach to role engineering. InProceedings of the 23rd ACM Symposium on Applied Computing,

(4)

Trade Journal Articles

[1] Alessandro Colantonio. Politiche di separazione dei compiti basate sulla modellazione del business. ICT Security, (69), November/December 2008. http://www.nstecna.com. [2] Alessandro Colantonio. Modelli matematici a supporto del role engineering.ICT Security,

(65), June 2008.http://www.nstecna.com.

[3] Alessandro Colantonio. Minimizzazione dei costi di controllo degli accessi attraverso metodologie di role engineering. ICT Security, (61), January/February 2008. http: //www.nstecna.com.

[4] Alessandro Colantonio. Un approccio al role engineering basato sui costi. Computer Pro-gramming, (174), December 2007. http://www.infomedia.it.

[5] Alessandro Colantonio. Metodologie di role engineering. ICT Security, (60), Novem-ber/December 2007. http://www.nstecna.com.

Teaching Experience

Adjunct Professor (Italian “professore a contratto”) of “Computer Security” for

Mathe-matics course at “Roma Tre” University, Rome, Italy, a.y. 2010–2011 and 2011–2012. (Settore Scientifico-Disciplinare INF/01)

Teaching Assistant of “Computer Security” for Mathematics course at “Roma Tre”

Uni-versity, Rome, a.y. 2009–2010.

Teaching Assistantof “Computer Science Fundamentals” Mathematics Degree Course at

“Roma Tre” University, Rome, a.y. 2007–2008 and 2008–2009.

Invited talk on “Data Mining for Access Control” for Computer Science Dept., Escuela

Politécnica Superior, “Carlos III de Madrid” University, April 25, 2012.

Invited talk on “Role Management” for Mathematics course at “Roma Tre” University,

Rome, November 10–11, 2007.

Invited talkon “Role Engineering” for Information Technology course at “La Sapienza”

University, Rome, January 14, 2009.

Visiting student at University of Malaga, Computer Science Department, Campus de

Teatinos, Malaga, Spain, June 2009. Reference: Prof. Javier Lopez. Full grant of “Roma Tre” University, Rome, Italy.

Other Experience

December 2002 – March 2006, Consultant atAccenture, Rome office (www.accenture.

com). Main experience:

Alitalia Servizi(www.alitalia.it). Design of Enterprise Architecture Integration

(EAI) and coordination of Interface Assessment activities.

(5)

• Design of Data Warehouse Business Intelligence component (Data Marts and

KPI) to monitor drugs supply chain within Italian distribution system.

May 2002 – December 2002, Consultant at Altran Italia, Rome office (www.altran.

com). Middleware specification for Flight Data Processor (FDP) project,Alenia Marconi Systems(www.amsjv.com).

October 2001 – May 2002, Software Architect at Magneti Marelli Powertrain (www.

magnetimarelli.com), Bologna office. Design and development of real-time operating system mechanisms for electronic engine controllers. In collaboration with ReTiS Lab

(retis.sssup.it),Scuola Superiore Sant’Annaof Pisa, andCadence European Labs.

Additional Information

Attended an IRCA/RICEC certified course for Information Security Management

Sys-tem (ISMS) Lead Auditors, according to ISO/IEC 27001:2005 and BS 7799-2:2002 stan-dards, Rome, Italy, March 2007.

Member of IFIP WG11.3 and ACM SIGAPP.

Reviewer for the following journals: Elsevier JSS, Springer KAIS, IEEE TDSC, IEEE TIFS,

Elsevier COSE

Part of the Technical Program Committee of the following conferences: ACM RACS

2011, 2012, 2013

Technical Skills

Operating Systems: OS X, MS Windows, GNU/Linux, MS-DOS. Office Automation: Apple iWork, MS Office, LATEX.

DBMS/Content Management: Oracle, SQL Server, PostgreSQL, MS Access, EMC

Doc-umentum.

Programming Languages: Java (J2EE), C/C++, PL/SQL, MS VBA, ARM Assembly; Development tools: Eclipse, MS Visual Studio, ARM Development Suite, GNU gcc.

With reference to the Italian law on privacy, D. Lgs. 196/2003, “Codice in materia di protezione dei dati personali”, I hereby authorize the reader of this document to use my personal data for hiring purposes.

Rome, July 23, 2013

References

Download now ( PDF - 5 Page - 56.30 KB )

Related documents

REFINITIV WORKSPACE WEB QUICK START GUIDE

Note : If you go through the Workspace home page, you can access the browser-based Workspace sign-in screen by clicking the Open in Web button.. Exclusive

Quick Start Guide For Vera Advanced Home Security Solution

From turning lights off and on to locking the door at night, your Vera Advanced Home Security Solution can handle these chores according to the schedule you create, or just by

German Constitutional Law in the UK Supreme Court

Terrorism Database Act, 1 BvR 1215/07, para 91, that as part of a co-operative relationship, a decision of the European Court of Justice should not be read by a national court in

Robust Path Planning and Feedback Design under Stochastic Uncertainty

state constraints are not tight in the optimal solution.. Illustration of new approach to chance constrained path planning. a) First, a nonrobust optimal solution is found, which

Deriving principal channel metrics from bank and long-profile geometry with the R package cmgo

The package derives a reference (centerline) of one or multi- ple given channel shapes and calculates channel length, local and average channel widths, local and average slopes,

International Journal of Grid

Our proposed security architecture provides a Platform-as-a-Service (PaaS) for the execution of services that operate on sensor data in accordance with the necessary

Pferdeverzeichnis. 1 A Little Lord 2 Holst Db W v.aljano Mutter v.calido I St.,--- B: Ruesch,Friedrich Z: Ruesch,Friedrich

Hann B H v.Don Frederico Mutter v.Cordial Medoc 4)Fuß unregelmäßig weiß mit Kronenflecken,---. B: Fischer,Isabel

WSN JELLY ATTACK. terms of finish to finish delay. Security in WSN may be a terribly huge space of research; we've simply touched the

The work offered in the third line eliminates the Jelly Fish nodes that form a wireless sensor network, and reduces the energy level according to the communication needs...