I have been working at Microsoft Research since 2004. In 2010, I joined the Languages and Tools team at European Microsoft Innovation Center (EMIC) in Munich, Germany. Before this, I was part of the Security and Privacy team at EMIC and was mainly involved in European collaborative research projects. In 2004, I finished my PhD in network security at Eurecom Institute (Sophia-Antipolis, France) and ENST (Paris) with Prof. Refik Molva as supervisor. The main topic of this work was security of pervasive computing environments in terms of access control, trust establishment, and privacy. I received my Master of Science in networks and distributed systems (DEA-RSD) from the Polytech Nice-Sophia (former ESSI) and INRIA Sophia in 2000. From 1995 to 1999, I worked as an engineer in software development at Siemens in Switzerland. I was mainly involved in projects related to the telecommunication management network. Prior to that, I studied telecommunication at HEIG-VD (former EIVD) in Yverdon, Switzerland.
- FORMULA – Modeling Foundations: FORMULA (Formal Modeling Using Logic Programming and Analysis) is a modern formal specification language targeting model-based development (MBD). It is based on algebraic data types (ADTs) and strongly-typed constraint logic programming (CLP), which support concise specifications of abstractions and model transformations. Around this core is a set of composition operators for composing specifications in the style of MBD.
- Data Usage and Privacy Policies: This project involves developing a new language for specifying data usage and privacy policies in the context of distributed web services, using SecPAL as a starting point. The new language lets services specify how they will handle user data and to which third parties this data may be disclosed. On the user side, the language specifies restrictions and obligations on data usage and forwarding.
- Applications of logical inference to policies and management.
- Specification and enforcement of privacy. Usage control in terms of authorizations, delegations and obligations.
- Credentials combining unlinkability and non-transferability
- Proof of proximity and location
- Scalable application of inference engines to real problems.
- Security of distributed systems (Web Services, STS, WCF)
- Secure software engineering, threat modeling.
- Project management, agile development.
- Other interests: Trusted Computing Platforms, Rights Managements.
Collaborative Research Projects
- PrimeLife: Bringing sustainable privacy and identity management to future networks and services
- SeCSE: Service Centric System Engineering
- FIDIS: Future of Identity in the Information Society (Network of Excellence)
- MOSQUITO: Mobile Workers’ Secure Business Applications in Ubiquitous Environments (STREP FP6)
- WiTness: WIreless Trust for mobile busiNESS (STREP FP5)
- SAR-SSI Conf. on Network Architectures and Information Systems Security (2007-2008, 2010-2012).
- SEC 2010, 25th IFIP International Information Security Conference – Security & Privacy − Silver Linings in the Cloud.
- W3C Workshop on Access Control Application Scenarios, November 2009 — Luxembourg.
- Privacy on the Web special track at SAC 2010
- PESOS 2009, Principles of Engineering Service Oriented Systems.
- SecureComm 2007, International Conference on Security and Privacy in Communication Networks.
- CANS’06, International Conference on Cryptology and Network Security.
- ESAS 2005, European Workshop on Security and Privacy in Ad hoc and Sensor Networks.