(last updated: September 2020)
currently working as Senior Privacy Researcher
at the European
Center of Huawei in Munich, Germany.
I hold a Ph.D. Degree in Computer Science from University of Mannheim in Germany, and a M.Sc. Degree in Information Technology from Carnegie Mellon University in USA.
An overview of my current and past positions:
My PhD research was focused on Security in Connected Smart Objects. Since then I have broadened my interests to include the following topics:
Some of the cool projects I have worked on in the recent past:
Under GDPR, data that cannot be traced back
to a particular individual can be kept and used for
processing. However proper data anonymization is no
small task and especially in the context of big data, the
task is becoming even more challenging. The project was to
apply Privacy Enhancing Technologies like Differential
Privacy and k-Anonymity
to anonymize big data in such a way that their utility
is not lost when executing data mining algorithms on them.
Adoption of Privacy Enhancing Technologies
Privacy Design Patterns
- This is an ongoing project and a continuous effort to
collect and document common practices to solve typical
privacy problems. Especially I am interested in
formulating such design patterns for engineers who design
new services and they adopt the Privacy by Design approach as
prescribed by GDPR.
Human Factors of PETs
- This project involved a user trial to understand the
factors that influence users' intention to use Privacy
Enhancing Technologies (PETs) and how they perceive the
trade-off between benefits and costs connected with the
usage of these tools. The user acceptance of PETs had
rarely been studied outside the laboratory and so we are
one of the first to present such results.
disclosure of Personally Identifiable Information (PII) is
a basic requirement to realize the Privacy by Design (PbD)
notions. While technologies such as SAML or OpenID allow a
selective disclosure of PII, these approaches are based on
the presence of a Trusted Third Party (TTP) that needs to
be queried during interaction with the service. One of the most advanced
Privacy-Enhancing Technologies today is the Privacy-Preserving Attribute-Based
Credentials, which enable
users to disclose a minimal set of credential attributes
to services, or to perform anonymous proofs of possession
of certain credentials or attribute values matching
certain criteria, while limiting the linkability of
was an FP7 research project (2010-2015) with the objective
to define a common, unified architecture for
privacy-respecting ABC systems to allow comparing their
respective features and combining them on common
platforms. I was involved with the coordination the
project as well as the architecture workpackage,
dissemination of the results and evaluation of the user
Internet of Things
Connected Vehicles - The
C-ITS environment requires a trust element that must, at a
minimum, provide cryptomaterial that enables trust, both
in the contents of messages, and the protection of data
from unintended readers. This can be achieved by building
on PKI. However the systems currently under development in
the US, Australia and EU are somewhat different in their
Mobile Phones - Mobile
have very sophisticated sensing capabilities and they are
an important building block of the Internet of Things.
People and their mobile devices can provide their
streams in accessible ways to third parties interested in
integrating and remixing the data for a specific purpose.
This trend is often named Mobile Crowdsensing. With this
important new shift in mobile device usage – from a
communication tool to a ubiquitous “experience sharing
instrument” – comes a new dimension in trust and privacy
challenges. In this project I have worked in designing and
implementing a platform that protects the anonymity of
both requesters and producers, while at the same time it
enables the incorporation of trust frameworks, incentive
mechanisms and privacy-respecting reputation schemes.
Wireless Sensor Networks - In this project we have worked in building an attack tool for Wireless Sensor Networks. It can identify common applied protocols and use this information for performing attacks such as Sinkhole attack, Replay attack, or Injecting malicious code in order to take control over the network. On the other hand I have worked extensively in building defensive mechanisms for WSNs, such as intrusion detection and authentication mechanisms.
A common objective of attacks targeting cloud resources is to use the compute power of these resources to execute other attacks. For example cryptomining malware makes 90% of remote code execution attacks. The project was to implement threat detection for popular cloud services, which identifies anomalous activities and potentially harmful attempts to exploit these services. This involves collecting IP addresses which is considered as personal data, explicitly so by GDPR. In this project collecting and sharing threat intelligence information was done in a manner compliant to GDPR.
Professional Activities (Full list here)