I am hiring!

I have a 2 year post-doctoral position in Security and Privacy and a position as a scientific programmer. To apply, send me an e-mail with your CV and a research statement.

Find more info about the CINI Cyber Security National Lab i am involved with, by clicking on its logo Cyber Security National Lab


link on the name of the project you are interested


MOSES is a modified version of AndroidOS that supports Bring Your Own Device (BYOD) applications. It allows the creation of secure containers, via sofwtare, on which different profiles can run regulated by configuarable fine-grained security policies.


CRêPE (Context-Related Policy Enforcement) is a modified version of AndroidOS that support contexts, both logical and physical defined contexts. Also, it supports efficient context-related policy enforcement on mobile platforms. A context-related policy is a policy which enforcing requires the awareness of the user/device context.


Trishul is a system primarily designed to enforce policies associated with data/information. While most of existing IFC enforcement systems associate IFC policies to applications, we associate them to data. Thus an information flow control policy can be enforced by any application dealing with that piece of data. At the core of the architecture is a Java Virtual Machine (JVM) implementation that supports information flow control. Trishul addresses direct and implicit flows plus a new indirect way of leaking information we pointed out in a related publication.


Turtle F2F is a free and open source anonymous peer-to-peer network project facilitating free speech and sharing information by combining encryption with peer-to-peer (P2P) technology. Like no other anonymous P2P software, it allows users to share files and otherwise communicate without fear of legal sanctions or censorship. The basic idea behind Turtle is to build a P2P overlay on top of pre-existing trust relationships among Turtle users. Each user acts as node in the overlay by running a copy of the Turtle client software. Unlike existing P2P networks, Turtle does not allow arbitrary nodes to connect and exchange information. Instead, each user establishes secure and authenticated channels with a limited number of other nodes/friends controlled by people he or she trusts (friends). There is also a wikipage dedicated to the project. Turtle F2F inspired also a more professional implementation of the system, called RetroShare that has a relatively enthusiast community of users mainly in France.

RFID Guardian

the RFID Guardian: a mobile battery-powered device that offers personal RFID security and privacy management. The main focus of our project is to create an industry standard, open source, RFID security product based on our current RFID Guardian. The HW specifications can be found here. While the software can be downloaded from here.