Marco Casassa Mont

Profile picture
Researcher
Bristol

Biography

*** My full HP Labs web page is available at: http://www.hpl.hp.com/personal/mcm/ ***

I am a Senior Research Scientist at the HP Labs, Bristol, UK - Cloud & Security Lab (CSL). This web page contains public information about my R&D work, inventions, publications,  technical reports and professional activity. Additional information is available about my biography (CV) and education. During my 16 years at HP Labs, I have been the lead in a variety of R&D programs including collaborations with and technology transfers to HP business units and international projects (in the security, identity management and privacy areas), such as the EU F6 PRIME project (Privacy and Identity Management for Europe) and UK TSB EnCoRe project (Ensuring Consent and Revocation).

I am a HPL technical lead in the areas of: Security; Security Analytics; IAM; Privacy; Policy Management; Cloud. I am also the UK TSB EnCoRe Privacy project Coordinator and the technical lead of its Work Package 2, in charge of defining and delivering the EnCoRe Technical Architecture.

I currently work in the Safe Cloud project, on R&D topics related to: Cloud Computing; Safe and Controlled Information Sharing; Situational Awareness for next-generation disaggregated IT scenarios. Recent deliverables include R&D work in the space of Security Intelligence-as-a Service (SILAS) and Situational Awareness for companies operating in the Cloud. These R&D activities are carried out jointly with HP business groups. 

I  am collaborating with HP Enterprise Security Solutions and contributing to their  Security Innovation offerings, in particular in providing risk assessment and strategic decision support capabilities in the Security, Incident Management and IAM areas.

I am active on the publication and patenting front. I am part of various (IEEE, ACM, etc.) conference Program Committees. I am a Senior Member of IEEE. I am also an IISP member. I have more than 45 patents filed (about 80, considering  patents filed in multiple countries) and 11 patents granted.

I run a blog on "Research on Security and Innovation in the Cloud" to share ideas and opinions on future R&D security and Cloud areas.

 

Research interests

 

My  expertise and current R&D interests are in the following areas:  

  • Security
  • Information Management
  • Cloud Computing
  • Security Analytics
  • Situational Awareness, Event Management, SIM/SEM
  • Identity and Access Management (IAM) Technologies and Solutions
  • Risk Management, IT & Data Governance and Compliance
  • Trust, Security and Privacy Technologies  for People, Enterprises and Web environments
  • Web Services and Internet technologies
  • Adaptive Systems, Automation and Policy Management

Awards

 I am a Senior Member of IEEE.

Publications

 International Journals and Magazines

  1. Siani Pearson, Marco Casassa Mont - Sticky Policies: An Approach for Managing Privacy across Multiple Parties, IEEE Computer Magazine, Volume 44, Number 9, pp. 60-68, September 2011, 2011

  2. Marco Casassa Mont – author of 2 chapters - Book: J. Camenish, R. Leenes, D. Sommer, Digital Privacy: PRIME (Privacy and Identity Management for Europe) – Chapter 12 (Privacy Models and Languages: Obligation Policies)  and Chapter 15 (Privacy-aware Identity Lifecycle Management), Springer, LNCS 6545, 2011<O:P></O:P>

  3. Anna Squicciarini, Sathya Dev Rajasekaran, Marco Casassa Mont - Using Modeling and Simulation to Evaluate Enterprises' Risk Exposures to Social Networks, IEEE Computer Magazine, Volume 44, Number 1, pp. 66-73, January 2011, 2011

  4. Adrian Baldwin, Marco Casassa Mont, Yolanta Beres, Simon Shiu -  Assurance for Federated Identity Management, Journal of Computer Security (JCS), Volume 18, Number 4/2010, 2010

  5. Siani Pearson, Marco Casassa Mont, Manny Novoa -  Securing Information Transfer in Distributed Computing Environments, IEEE Security & Privacy ,Volume 6, Number 1, January/February 2008, 2008

  6. Marco Casassa Mont, Robert Thyne -  Privacy Policy Enforcement in Enterprises with Identity Management Solutions, Journal of Computer Security (JCS), Volume 16, Number 2/2008, 2008

  7. Phil Hunt (Oracle), Marco Casassa Mont -  Identity Governance Framework: Liberty Alliance's Initiative Addressing Privacy and SOX, Sarbanes-Oxley Compliance Journal, 2008

  8. Marco Casassa Mont - Automation of Privacy  Management- Digma Magazine, Zurich, Switzerland, 1 March 2007, 2007

  9. Marco Casassa Mont - Handling Privacy Obligations in Enterprises: Important Aspects and Technical Approaches - Journal of Computer Science and Engineering, CSSE, Vol.20, Number 6, November 2005, 2005

  10. Marco Casassa Mont, Kwok-Nga Chan, Pete Bramhall - Management and Enforcement of Obligations in Enterprises - Information Security Bulletin, ISB, September 2005, 2005

Conference Papers

  1. Giuseppe Petracca, Anna Cinzia Squicciarini, William Horne, Marco Casassa Mont: ReaasONets: a fuzzy-based approach for reasoning on network incidents: ACM Conference on COmputer and Communications Security 2012, 2012

  2. <em style="mso-bidi-font-style: normal">Marco Casassa Mont, Kieran McCorry, Nick Papanikolaou, Siani Pearson “ecurity and Privacy Governance In Cloud Computing via SLAs and a policy orchestration service, Frank Leymann, Ivan Ivanov, Marten van Sinderen and Tony Shan (eds.), Proc. Closer 2012, Portugal, SciTePress, April 2012.

  3. <em style="mso-bidi-font-style: normal">Nick Papanikolaou, Siani Pearson, Marco Casassa Mont and Ryan Ko, Automating Compliance for Cloud Computing Services, Frank Leymann, Ivan Ivanov, Marten van Sinderen and Tony Shan (eds.), Proc. Closer 2012, Portugal, SciTePress, April 2012. <O:P></O:P>

  4. Siani Pearson, Marco Casassa Mont, Liqun Chen, Archie Reed, End-to-end Policy-based encryption and Management of Data in the Cloud, 29 November - 1 December 2011, Athens, Greece.

  5. Rahmouni, H., Solomonides, T., Casassa Mont, M., Shiu, S. A Model-driven Privacy Compliance Decision Support for Medical Data Sharing in Europe. Methods of Information in Medicine, August 15 2011, 2011

  6. Simon Shiu, Adrian Baldwin, Yolanta Beres, Marco Casassa Mont, Geoff Duggan - Economic Methods and Decision Making by Security Professionals, WEIS 2011, George Mason University,  14-15 June 2011, US

  7. Siani Pearson, Marco Casassa Mont and Gina Kounga, “Enhancing Accountability in the Cloud via Sticky Policies”, STAVE, 28-30 June 2011, Crete, Greece, Springer, 2011

  8. Nick Papanikalaou, Siani Pearson and Marco Casassa Mont, “Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography”, STAVE, 28-30 June 2011, Crete, Greece, Springer, 2011

  9. Marco Casassa Mont, Richard Brown, Risk Assessment and Decision Support for Security Policies and Related Enterprise Operational Processes, IEEE Policy 2011 Symposium, Pisa, 6-8 June 2011, Italy, 2011 

  10. Gina Kounga, Marco Casassa Mont, Pete Bramhall, Privacy Preserving Management of Personal Data for Assisted Living Applications, 1st International Workshop on the Security of the Internet of Things, secIoT 2010, 29 November 2010, Tokyo, Japan, 2010

  11. David Pym, Martin Sadler, Simon Shiu, Marco Casassa Mont, Information Stewardship in the Cloud: A Model-based Approach, 2nd International ICST Conference on Cloud Computing, CloudComp 2010, 26-28 October 2010, Barcelona, Spain [Conference Presentation: slides (MS.ppt)], 2010

  12. Nick Papanikolau, Sadie Creese, Michael Goldsmith, Marco Casassa Mont, Siani Pearson, EnCoRe: Towards a Holistic Approach to Privacy, IEEE and ACM International Conference on Security and Cryptography 2010, SECRYPT 2010, 26-28 July 2010, Athens, Greece, 2010

  13. Gina Kounga, Marco Casassa Mont, Pete Bramhall, Extending XACML Access Control Architecture for Allowing Preference-Based Authorization, 7th International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2010, 30 August - 3 September 2010, Bilbao, Spain, 2010

  14. Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: Providing Decision Support for Investments, 5th IFIP/IEEE Workshop on Business-driven IT Management - BDIM 2010, 19 April 2010, Osaka, Japan  [Conference Presentation: slides (MS.ppt)], 2010

  15. Marco Casassa Mont, Siani Pearson, Sadie Creese, Michael Goldsmith, Nick Papanikolaou - Towards an Integrated Approach to the Management, Specification and Enforcement of Privacy Policies, position paper at W3C Workshop on Access Control Application Scenarios, 17-18 November 2009, Luxembourg

  16. Yolanta Beres, Marco Casassa Mont, Jonathan Griffin, Simon Shiu - Using Security Metrics Coupled with Predictive Modelling and Simulation to Assess Security processes, IEEE International Workshop on Security Measurements and Metrics, IEEE MetriSec 2009, 14 October, Lake Buena Vista, Florida, US

  17. Adrian Baldwin, Marco Casassa Mont, Simon Shiu - Using Modelling and Simulation for Policy Decision Support in Identity Management, IEEE 10th Symposium on Policies for Distributed Systems and Networks, IEEE Policy 2009 Symposium, 20-22 July, London, 2009

  18. Anna Squicciarini, Marco Casassa Mont, Abhilasha Bhargav-Spantzel, Elisa Bertino - Automatic Compliance of Privacy Policies in Federated Digital Identity Management, IEEE 9th Workshop on Policies for Distributed Systems and Networks, IEEE Policy 2008, 2-4 June, Palisades, NY, US, 2008

  19. Adrian Baldwin, Marco Casassa Mont, Yolanta Beres, Simon Shiu - On Identity Assurance in the Presence of Federated Identity Management Systems, ACS CCS 2007 Workshop on Digital Identity Management, DIM 2007, 2 November 2007, George Mason University, Fairfax, VA, US, [Conference Program and Presentations], 2007 

  20. Marco Casassa Mont, Boris Balacheff - On Device-based Identity Management in Enterprises, 4th International Conference on Trust, Privacy and Security in Digital Business 2007, TrustBus 2007, 3-7 September 2007, Regensburg, Germany [Conference Presentation: slides (MS .ppt)], 2007

  21. Marco Casassa Mont, Filipe Beato - On Parametric Obligation Policies: Enabling Privacy-aware Information Lifecycle Management in Enterprises, 8th IEEE Workshop on Policies for Distributed Systems and Networks, Policy 2007, 13-15 June 2007, Bologna, Italy [Conference Presentation: slides (MS .ppt)], 2007

  22. John Soren Pettersson, Simone Fischer-Hubner, Marco Casassa Mont, Siani Pearson - How ordinary internet users can have a chance to influence privacy policies, 4th Nordic Conference on Human-Computer Interaction, NordiCHI 2006, 14-18 October 2006, Oslo, Norway, 2006

  23. Marco Casassa Mont, Robert Thyne - Privacy Policy Enforcement in Enterprises with Identity Management Solutions - 4th International Conference on Privacy, Security and Trust 2006, PST 2006, 30 October, 01 November 2006, Toronto, Canada  [Conference Presentation: slides (MS .ppt)], 2006

  24. Marco Casassa Mont - On the Need to Explicitly Manage Privacy Obligation Policies as Part of Good Data Handling Practices  - W3C Workshop on Languages for Privacy Policy Negotiation and Semantic-Driven Enforcement, W3C Privacy Workshop 2006, 17-18 October 2006, Ispra, Italy [Workshop Presentation: slides (MS .ppt)], 2006

  25. Marco Casassa Mont - Privacy-aware Information Lifecycle Management in Enterprises: Setting the Context - Information Security Solution Europe 2006, 10-12 October 2006, Rome, Italy, ISSE 2006, [Conference Presentation: slides (MS .ppt)], 2006

  26. Marco Casassa Mont - Towards Scalable Management of Privacy Obligations in  Enterprises - 3rd International Conference on Trust, Privacy and Security in Digital Business 2006, TrustBus 2006, 4-8 September 2006, Krakow, Poland [Conference Presentation: slides (MS .ppt)], 2006

  27. Marco Casassa Mont, Siani Pearson, Robert Thyne - A Systematic Approach to Privacy Enforcement and Policy Compliance Checking in Enterprises - 3rd International Conference on Trust, Privacy and Security in Digital Business 2006, TrustBus 2006, 4-8 September 2006, Krakow, Poland [Conference Presentation: slides (MS .ppt)], 2006

  28. Stephen Crane, Marco Casassa Mont - A Customisable Reputation-based Privacy Assurance System using Active Feedback - 2nd IEEE International Workshop on the Value of Security through Collaboration, SECOVAL 2006, 2 September 2006, Baltimore, MD, USA, 2006

  29. Marco Casassa Mont, Robert Thyne - A Systemic Approach to Automate Privacy Policy Enforcement in Enterprises - 6th Workshop on Privacy Enhancing Technologies 2006, PET 2006, 28-30 June, Cambridge, United Kingdom, [Conference Presentation: slides (MS .ppt), Pre-proceeding paper], 2006

  30. Siani Pearson, Marco Casassa Mont - A System for Privacy-aware Resource Allocation and Data Processing in Dynamic Environments- 21st IFIP International Security Conference 2006, 22-24 May 2006, Karlstad, Sweden SEC 2006/InetSec 2006 [Conference Presentation: slides (MS .ppt)], 2006

  31. Siani Pearson, Marco Casassa Mont - Provision of Trusted Identity Management using Trust Credentials, 4th International Conference on Trust Management 2006, i-Trust 2006, 16-19 May 2006, Pisa, Italy, 2006

  32. Thomas Roessler, Giles Hogben, Marco Casassa Mont, Siani Pearson - Position paper: Rule Language Requirement for Privacy-Enabled Identity Management, Rule Languages for Interoperability 2005, 27-28 April 2005, Washington D.C., USA, 2005

  33. Marco Casassa Mont, Robert Thyne, Pete Bramhall, Kwok-Nga Chan - Privacy Policy Enforcement in Enterprises: Addressing Regulatory Compliance and Governance Needs - Information Security Solution Europe 2005,  ISSE 2005, 27-29 September 2005, Budapest, Hungary, [Conference Presentation: slides (MS .ppt)], 2005

  34. Marco Casassa Mont, Robert Thyne, Pete Bramhall - Privacy Enforcement for IT Governance: Doing it for Real - 2nd International Conference on Trust, Privacy and Security in Digital Business 2005, TrustBus 2005, 22-26 August, Copenhagen, Denmark [Conference Presentation: slides (MS .ppt)], 2005

  35. Marco Casassa Mont, Siani Pearson - An Adaptive Privacy Management System for Data Repositories - 2nd International Conference on Trust, Privacy and Security in Digital Business 2005, TrustBus 2005, 22-26 August, Copenhagen, Denmark [Conference Presentation: slides (MS .ppt)], 2005

  36. Siani Pearson, Marco Casassa Mont, Stephen Crane - Persistent and Dynamic Trust:  Analysis and the Related Impact of Trusted Platforms - 3rd International Conference on Trust Management 2005, i-Trust 2005, 23-26 May 2005, Roquencourt, France, 2005  

  37. Marco Casassa Mont- Dealing with Privacy Obligations in Enterprises - Information Security Solutions Europe 2004, ISSE 2004, 28-30 September 2004, Berlin, Germany [Conference Presentation: slides (MS .ppt)], 2004

  38. Marco Casassa Mont- Dealing with Privacy Obligations: Important Aspects and Technical Approaches - 1st International Conference on Trust, Privacy and Security in Digital Business 2004, TrustBus 2004, 30 August - 3 September 2004, Zaragoza, Spain [Conference Presentation: slides (MS .ppt)], 2004

  39. Marco Casassa Mont, Siani Pearson, Pete Bramhall - Towards Accountable Management of Privacy and Identity Management - 8th European Symposium on Research on Computer Security 2003, ESORICS 2003, 13-15 October, 2003, Gjovik, Norway [Conference Presentation: slides (MS .ppt)], 2003

  40. Marco Casassa Mont, Siani Pearson, Pete Bramhall - Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services  - IEEE Workshop on Trust and Privacy in Digital Business 2003, TrustBus 2003 (DEXA 2003), 1-5 September, 2003, Prague, Czech Republic [Conference Presentation: slides (MS .ppt)], 2003

  41. Marco Casassa Mont, Pete Bramhall, Keith Harrison - A Flexible Role-based Secure Messaging Service: Exploiting IBE Technology for Privacy in Health Care - IEEE Workshop on Trust and Privacy in Digital Business 2003, TrustBus 2003 (DEXA 2003), 1-5 September, 2003, Prague, Czech Republic [Conference Presentation: slides (MS .ppt)], 2003

  42. Yolanta Beres, Pete Bramhall, Marco Casassa Mont, Mickey Gittler, Siani Pearson - On the Importance of Accountability and Enforceability of Enterprise Privacy Languages - W3C Workshop on the Long Term Future of P3P and Enterprise Privacy Languages - 2003, W3C 2003, 19-20 June 2003, Kiel, Germany  [Position paper (.pdf), 2003

  43. Marco Casassa Mont, Keith Harrison, Martin Sadler - The HP Time Vault Service: Exploiting IBE for Timed Release of Confidential Information - The 12th World Wide Web International Conference 2003, WWW2003, 20-24 May, 2003,  Budapest, Hungary[Conference Presentation: slides  (MS .ppt)], 2003

  44. Marco Casassa Mont, Richard Brown - Active Digital Credentials: Dynamic Provision of Up-to-Date Identity Information, International Conference, Infrastructure Security Conference 2002, INFRASEC 2002, 1-3 October 2002, Bristol, United Kingdom [Conference Presentation: slides (MS .ppt)], 2002 

  45. Marco Casassa Mont, Adrian Baldwin, Yolanta Beres, Keith Harrison, Martin Sadler - Reducing Risks of Widespread Faults and Attacks for Commercial Software Applications: Towards Diversity of Software Components - 26th IEEE Computer Software and Application Conference 2002, COMPSAC 2002,  26-29 August 2002, Oxford, England [Conference Presentation: slides (MS .ppt)], 2002 

  46. Adrian Baldwin, Simon Shiu, Marco Casassa Mont -Trust Services: A Framework for Service-based Solutions - 26th IEEE Computer Software and Application Conference 2002, COMPSAC 2002,  26-29 August 2002, Oxford, England, 2002

  47. Marco Casassa Mont, Pete Bramhall, Joe Pato, Owen Rees, Mickey Gittler - Identity Management: a Key e-Business enabler - Advances in Infrastructure for e-Business, e-Education, e-Science and e-Medicine on the Internet 2002, SSGRR 2002s, 29 July - 4 August 2002, L'Aquila, Italy [Conference Presentation: slides (MS .ppt)], 2002 

  48. Marco Casassa Mont, Mike Yearworth - Negotiated Revealing of Traders' Credentials in e-Marketplaces: Dealing with Trust and Privacy Issues - 4th International IEEE  Workshop on Advanced Issues of E-Commerce and Web-based Information Systems, WECWIS 2002, 26-28 June 2002, Newport Beach, California, USA  [Conference Presentation: slides (MS .ppt)], 2002

  49. Adrian Baldwin, Yolanta Beres, Marco Casassa Mont, Simon Shiu - Trust Services: Reducing Risk in e-Commerce - 4th Conference on Electronic Commerce Research 2001,  ICECR-4, 8-11 November 2001, Dallas, Texas, USA, 2001

  50. Marco Casassa Mont, Lorenzo Tomasi - A Distributed Service, Adaptive to Trust Assessment, based on Peer-to-Peer E-Records Replication and Storage - 8th IEEE workshop on  Future Trends of Distributed Computing Systems 2001, FTDCS 2001, 31 October - 2 November, 2001, Bologna, Italy [Conference presentation: .ppt slides], 2001

  51. Marco Casassa Mont, Adrian Baldwin, Cheh Goh - POWER Prototype: Towards Integrated Policy-based Management - IEEE/IFIP Network Operations and Management Symposium, NOMS2000, 10-14 April 2000, Honolulu, Hawaii USA, 2000

  52. Marco Casassa Mont, Adrian Baldwin, Cheh Goh - Role of Policies in a Distributed Trust Framework - Policy Workshop 1999, 15-17 November 1999, Bristol, United Kingdom [Presentation, Position Paper], 1999

HP Labs Technical Reports

  1. HPL-2012-206 Marco Casassa Mont, Richard Brown, Simon Arnell, Neil Passingham, Security Analytics: Risk analysis for an Organisation's Incident Management Process, HPL-2012-206  

  2. HPL-2012-36 Marco Casassa Mont, Sharma Vaibhav,  Siani Pearson,  EnCoRe: Dynamic Consent, Policy Enforcement and Accountable Information Sharing within and across Organisations, HPL-2012-36

  3.  HPL 2012-22 Marco Casassa Mont, Ilaria Matteucci, Marinella Petrocchi, Marco Luca Sbodio Enabling Data Sharing in the Cloud, HPL-2012-22<O:P></O:P>

  4. HPL-2011-137 Siani Pearson, Marco Casassa Mont, Liqun Chen, Archie Reed, End-to-End Policy-based Encryption and management of Data in the Cloud, HPL-2011-137

  5. HPL-2011-118 Nick Papanikolaou, Siani Pearson, Marco Casassa Mont, Ryan K. L. Ko, Towards Greater Accountability in Cloud Computing through Natural-Language Analysis and Automated Policy Enforcement, HPL-2011-118

  6. HPL-2011-117 Nick Papanikolaou, Siani Pearson, Marco Casassa Mont,  Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography, HPL-2011-117

  7. HPL-2011-12 Marco Casassa Mont, Richard Brown, Risk Assessment and Decision Support for Security Policies and Related Enterprise Operational Processes, HPL-2011-12

  8. HPL-2010-200 Gina Kounga, Marco Casassa Mont, Pete Bramhall, Privacy Preserving Management of Personal Data for Assisted Living Applications - HPL-2010-200

  9. HPL-2010-83 Nick Papanikolau, Sadie Creese, Michael Goldsmith, Marco Casassa Mont, Siani Pearson - EnCoRe: Towards a Holistic Approach to Privacy  -  HPL-2010-83

  10. HPL-2010-82 Marco Casassa Mont, Siani Pearson, Sadie Creese, Michael Goldsmith, Nick Papanikolau - Towards a Conceptual Model for Privacy Policies -  HPL-2010-82

  11. HPL-2010-35 Marco Casassa Mont, Adrian Baldwin, Simon Shiu, Paul Collins - Job Design: providing Strategic Decision Support for Risk Analysis and Policy Definitions, HPL-2010-35

  12. HPL-2010-12 Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: A Case Study on Enterprise Business Services, HPL-2010-12

  13. HPL-2010-11 Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: Providing Decision Support for Investments, HPL-2010-11

  14. HPL-2009-361 Kounga Gina, Marco Casassa Mont, Pete Bramhall - Extending XACML Access Control Architecture for Allowing Preference-Based Authorization, HPL-2009-361

  15. HPL-2009-191 Marco Casassa Mont, Patrick Goldsack - Secure Delivery of Services: The HP Labs Vision and Framework, HPL-2009-191

  16. HPL-2009-173 Adrian Baldwin, Marco Casassa Mont, David Pym, Simon Shiu - System Modelling for Economic Analysis of Security Investments: A Case Study in Identity and Access Management - HPL-2009-173

  17. HPL-2009-142 Yolanta Beres, Marco Casassa Mont, Jonathan Griffin, Simon Shiu - Using Metrics Coupled with Predictive Modelling and Simulation to Assess Security Processes - HPL 2009-142

  18. HPL-2009-138 Anna Squicciarini, Marco Casassa Mont, Sathya Dev Rajasekaran - Towards an Analytic Approach to Evaluate Enterprises' Risk Exposure to Social Networks - HPL-2009-138

  19. HPL-2009-57 Marco Casassa Mont, Adrian Baldwin, Simon Shiu - Identity Analytics - User Provisioning Case Study: Using Modelling and Simulation for Policy Decision Support - HPL-2009-57, 2009

  20. HPL-2009-56 Adrian Baldwin, Marco Casassa Mont, Simon Shiu - Using Modelling and Simulation for Policy Decision Support in Identity Management - HPL-2009-56, 2009

  21. HPL-2009-49 Marco Casassa Mont, Siani Pearson, Gina Kounga, Yun Shen, Pete Bramhall - On the Management of Consent and Revocation in Enterprises: Setting the Context - HPL-2009-49, 2009

  22. HPL-2008-188 Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu, Yolanta Beres - Identity Analytics: Using Modeling and Simulation to Improve Data Security Decision Making- HPL-2008-188, 2008

  23. HPL-2008-186 Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu - Towards Identity Analytics in Enterprises - HPL-2008-186, 2008

  24. HPL-2008-84 Marco Casassa Mont, Adrian Baldwin, Simon Shiu - On Identity Analytics: Setting the Context- HPL-2008-84, 2008

  25. HPL-2008-26  Marco Casassa Mont, Boris Balacheff, Jason Rouault, Daniel Drozdzewski - On Identity-Aware Devices: Putting Users in Control across Federated Services- HPL-2008-26, 2008

  26. HPL-2008-25 Adrian Baldwin, Marco Casassa Mont, Yolanda Beres, Simon Shiu- Assurance for Federated Identity Management - HPL-2008-25, 2008

  27. HPL-2008-8 Anna Squicciarini, Marco Casassa Mont, Abhilasha Bhargav-Spantzel, Elisa Bertino- Automatic Compliance of Privacy Policies in Federated Digital Identity Management - HPL-2008-8, 2008

  28. HPL-2007-70 Siani Pearson, Marco Casassa Mont, Manny Novoa - Securing Information Transfer within Distributed Computing Environments- HPL-2007-70, 2007

  29. HPL-2007-53 Marco Casassa Mont, Boris Balacheff - On Device-based Identity Management in Enterprises - HPL-2007-53, 2007

  30. HPL-2007-47 Adrian Baldwin, Marco Casassa Mont, Simon Shiu - On Identity Assurance in the Presence of Federated Identity Management Systems - HPL-2007-47, 2007

  31. HPL-2007-7 Marco Casassa Mont, Filipe Beato - On Parametric Obligation Policies: Enabling Privacy-aware Information Lifecycle Management in Enterprises - HPL-2007-7, 2007

  32. HPL-2006-185 Siani Pearson, Marco Casassa Mont - A System for Privacy-Aware Resource Allocation and Data Processing in Dynamic Environments - HPL-2006-185, 2006

  33. HPL-2006-109 Marco Casassa Mont - On Privacy-aware Information Lifecycle Management in Enterprises: Setting the Context - HPL-2006-109, 2006

  34. HPL-2006-72 Marco Casassa Mont, Robert Thyne - Privacy Policy Enforcement in Enterprises with  HP Identity Management Solutions - HPL-2006-72, 2006

  35. HPL-2006-56 Marco Casassa Mont, Stephen Crane - A Customizable Privacy Assurance System based on Active Feedback - HPL-2006-56, 2006

  36. HPL-2006-51 Marco Casassa Mont, Robert Thyne  - A Systemic Approach to Automate Privacy Policy Enforcement  in Enterprises - HPL-2006-51, 2006

  37. HPL-2006-45 Marco Casassa Mont - Towards Scalable Management of Privacy Obligations in Enterprises - HPL-2006-45, 2006

  38. HPL-2006-44 Marco Casassa Mont, Siani Pearson, Robert Thyne - A Systemic Approach to Policy Enforcement and Policy Compliance Checking  in Enterprises - HPL-2006-44, 2006

  39. HPL-2005-180 Marco Casassa Mont - A System to Handle Privacy Obligations in Enterprises - HPL-2005-180, 2005

  40. HPL-2005-110 Marco Casassa Mont, Robert Thyne, Kwok Chan, Pete Bramhall - Extending HP Identity Management Solutions to Enforce Privacy Policies and Obligations for Regulatory Compliance by Enterprises - HPL-2005-110, 2005

  41. HPL-2005-55 Siani Pearson,  Marco Casassa Mont, Stephen Crane - Analysis of Trust Properties and Related Impact of Trusted Platforms   - HPL-2005-55, 2005

  42. HPL-2005-54 Marco Casassa Mont, Stephen Crane, Siani Pearson - Handling Privacy Obligations and Constraints to Underpin Trust and Assurance - HPL-2005-54, 2005

  43. HPL-2005-53 Stephen Crane, Marco Casassa Mont, Siani Pearson -  On Helping Individuals to Manage Privacy and Trust - HPL-2005-53, 2005

  44. HPL-2005-10 Marco Casassa Mont, Robert Thyne, Pete Bramhall -  Privacy Enforcement with HP Select Access for Regulatory Compliance - HPL-2005-10, 2005

  45. HPL-2004-211 Marco Casassa Mont, Siani Pearson, Pete Bramhall -  An Adaptive Privacy Management System For Data Repositories - HPL-2004-211, 2004

  46. HPL-2004-109 Marco Casassa Mont -  Dealing with Privacy Obligations in Enterprises - HPL-2004-109, 2004

  47. HPL-2004-34 Marco Casassa Mont -  Dealing with Privacy Obligations: Important Aspects and Technical Approaches- HPL-2004-34, 2004

  48. HPL-2004-14 Marco Casassa Mont -  Identity Management: On the "Identity = Data + Policies" Model - HPL-2004-14, 2004

  49. HPL-2003-149 Marco Casassa Mont, Pete Bramhall, Joe Pato - On Adaptive Identity Management: The Next Generation of Identity Management Technologies - HPL-2003-149, 2003

  50. HPL-2003-144 Marco Casassa Mont, Adrian Baldwin, Joe Pato - Secure Hardware-based Distributed Authorization Underpinning a Web Service Framework - HPL-2003-144, 2003

  51. HPL-2003-119 Yolanta Beres, Pete Bramhall, Marco Casassa Mont, Mickey Gittler, Siani Pearson - Accountability and Enforceability of Enterprise Privacy Policies - HPL-2003-119, 2003

  52. HPL-2003-101 Marco Casassa Mont,  Pete Bramhall -  IBE Applied to Privacy and Identity Management - HPL-2003-101, 2003

  53. HPL-2003-49 Marco Casassa Mont,  Siani Pearson, Pete Bramhall - Towards Accountable Management of Identity and Privacy: Sticky Policies and Enforceable Tracing Services - HPL-2003-49, 2003

  54. HPL-2003-21 Marco Casassa Mont,  Pete Bramhall, Chris R. Dalton, Keith Harrison - A Flexible Role-based Secure Messaging Service: Exploiting IBE in an Health Care Trial - HPL-2003-21, 2003

  55. HPL-2002-243 Marco Casassa Mont,  Keith Harrison, Martin Sadler - The HP Time Vault Service: Innovating the Way Confidential Information is Disclosed, at the Right Time - HPL-2002-243, 2002

  56. HPL-2002-178 Marco Casassa Mont, Adrian Baldwin, Yolanta Beres, Keith Harrison, Martin Sadler, Simon Shiu - Towards Diversity of COTS Software Applications: Reducing Risks of Widespread Faults and Attacks - HPL-2002-178, 2002

  57. HPL-2002-164 Marco Casassa Mont, Pete Bramhall, Mickey Gittler, Joe Pato, Owen Rees  - Identity Management: a Key e-Business enabler - HPL-2002-164, 2002 

  58. HPL-2002-112 Yolanta Beres, Adrian Baldwin, Marco Casassa Mont, Simon Shiu - Identity and Accountability in business-to-business e-commerce - HPL-2002-112, 2002 

  59. HPL-2002-59 Marco Casassa Mont, Richard Brown - Active Digital Credentials: Provision of Up-to-Date Identity and Profile Information - HPL-2002-59, 2002 

  60. HPL-2001-216 Marco Casassa Mont, Mike Yearworth - Negotiated Revealing of Trader Credentials in e-Marketplaces mediated by Trusted and Privacy-aware Admittance Controllers - HPL-2001-216, 2001

  61. HPL-2001-198 Adrian Baldwin, Yolanta Beres, Marco Casassa Mont, Simon Shiu -  Trust Services: a Trust Infrastructure for E-Commerce - HPL-2001-198, 2001

  62. HPL-2001-133 Marco Casassa Mont, Lorenzo Tomasi, Rebecca Montanari - An Adaptive System Responsive to Trust Assessment based on Peer-to-Peer Evidence Replication and Storage - HPL-2001-133, 2001

  63. HPL-2001-28 Marco Casassa Mont, Richard Brown - PASTELS Project: Trust Management, Monitoring and Policy-driven Authorization Framework for E-Services in an Internet-based B2B Environment - HPL-2001-28, 2001

  64. HPL-2000-75 Claudio Bartolini, Marco Casassa Mont - Digital Credentials and Authorization to Enhance Trust in Negotiation within E-Services Marketplaces - HPL-2000-75, 2000

  65. HPL-1999-126 Marco Casassa Mont, Adrian Baldwin, Cheh Goh - POWER Prototype: Towards Integrated Policy-Based Management - HPL-1999-126, 1999

  66. HPL-1999-104 Marco Casassa Mont, Adrian Baldwin, Cheh Goh - Role of Policies in a Distributed Trust Framework - HPL-1999-104, 1999

  67. HPL-1998-76 Adrian Baldwin, Marco Casassa Mont - Policy Based Monitoring of a Web-Based Service - HPL-1998-76, 1998

  68. HPL-1998-86 Giacomo Piccinelli, Marco Casassa Mont - Uncertainty Modelling for Adaptive Information Management - HPL-118-86, 1998

  69. HPL-1998-65 Giacomo Piccinelli, Marco Casassa Mont - Fuzzy-Set Based Information Retrieval for Advanced Help Desk - HPL-1998-65, 1998

  70. HPL-1998-27 Giacomo Piccinelli, Marco Casassa Mont - A Type 2 Fuzzy Set Based Model for Adaptive Information Retrieval, HPL-1998-27, 1998

Patents

80

Professional activities

I am or I have been the General Chair/co-Chair of the following  Conferences, Workshops and Interest Groups:

  1. 10th IEEE Symposium Policy 2009
  2. W3C Policy Languages Interest Group (PLING) - ongoing (till Feb 2011)
  3. 1st International Conference on Global Defence and Business Continuity, ICGD&BC 2007, 1-6 July  2007 - Silicon Valley, California

I have been serving as a member of the Program Committee of various conferences and workshops:

  1. 4th IEEE CloudCom 2012, CloudCom 2012, 3-6 December 2012, Taipei, Taiwan
  2. 6th International Conference on Network and System Security 2012, NSS 2012, 21-23 November 2012, Wu Yi Shan, Fujian, China
  3. 15th IEEE International Conference on Computational Science and Engineering, CSE 2012, 3-5 October 2012, Paphos, Cyprus
  4. 2nd International Symposium on Secure Virtual Infrastructures, DOA-SVI 2012, 10 September 2012, Rome, Italy
  5. 7th ACM Dependable and Adaptive Distributed Systems (DADS) Conference, DADS 2012, 25-29 March 2013, Riva del Garda (Trento), Italy
  6. 9<SUP>th</SUP> IEEE International conference on Autonomic and Trusted Computing, ATC 2012,  4-7 September 2012, Fukuoka, Japan
  7. 6th IEEE International Conference on Network and System Security, NSS 2012, 21-23 November 2012, Wu Yi Shan, Fujian, China
  8. 4<SUP>th</SUP> International Symposium on Cyberspace Safety and Security, CSS 2012, 12-13, December 2012, Melbourne, Australia
  9. 4th International Conference on Security and Privacy in Mobile Information and Communication Systems, Mobisec 2012, June 25-26, 2012, Frankfurt am Main, Germany
  10. 9th International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2012, 3-7 September  2012, Vienna, Austria
  11. International Conference on Security and Cryptography, SECRYPT 2012, 24-27 July 2012, Rome. Italy
  12. 7th ACM Workshop on Digital Identity Management, ACM DIM 2011, 11 October 2011, Chicago, IL, US
  13. 12th IEEE Policy 2011 Symposium, Policy 2011, 6-8 June 2011, Pisa, Italy, 2011
  14. 8<SUP>th</SUP> IEEE International conference on Autonomic and Trusted Computing, ATC 2011,  2-4 September 2011, Banff, Canada
  15. 1<SUP>st</SUP> International Workshop on Securing Services in the Cloud, IWSSC 2011, 7 September 20-11, Milan, Italy
  16. 5th IEEE International Conference on Network and System Security, NSS 2011, 6-8 September 2011, Milan, Italy
  17. 5th Workshop in Information Security Theory and Practices, WISTP 2011, 1-3 June  2011, Heraklion, Greece
  18. 1st International Workshop on Privacy Management in Mobile Applications, PriMo 2011, 27 June 2011, Copenhagen, Denmark
  19. 8th International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2011, 29 August-2 September  2011, Toulouse, France
  20. International Conference on Security and Cryptography, SECRYPT 2011, 18-21 July 2011, Seville, Spain
  21. 3rd International ICST Conference on Security and Privacy in Mobile Information and Communication Systems, Mobisec 2011, May 17-19, 2011, Aalborg, Denmark
  22. 6th ACM Workshop on Digital Identity Management, ACM DIM 2010, 8 October 2010, Chicago, IL, US
  23. 7th International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2010, 30 August-3 September  2010, Bilbao, Spain
  24. 11th IEEE Policy 2010 Symposium, Policy 2010, 21-23 July 2010, George Mason University, US, 2010
  25. 4th IEEE International Conference on Network and System Security, NSS 2010, 1-3 September 2010, Melbourne, Australia
  26. 2nd International ICST Conference on Security and Privacy in Mobile Information and Communication Systems, MobiSec 2010, 27-28 May 2010, Catania, Sicily, Italy
  27. International Conference on Security and Cryptography, SECRYPT 2010, 26-28 July 2010, Athens, Greece
  28. 5th International Conference on Internet Monitoring and Protection, ICIMP 2010, 9-15 May 2010, Barcelona, Spain
  29. 5th IEEE International Conference on Future Information Technology, FutureTech 2010, 20-24 May 2010, Busan , Korea
  30. 4th Workshop in Information Security Theory and Practices, WISTP 2010, 12-14 April  2010, Passau, Germany
  31. 25th ACM Symposium on Applied Computing, SAC 2010, 22-26 March 2010, Lausanne, Switzerland
  32. W3C Workshop on Access Control Application Scenarios, W3C Workshop 2009, 17-18 November 2009, Luxembourg
  33. 25th Annual Computer Security Applications Conference, ACSAC 2009, 7-11 December 2009, Honolulu, Hawaii, US
  34. 1st IEEE Conference on Biometrics, Identity and Security, IEEE BIdS 2009, 22-24 September 2009, Tampa, Florida, US
  35. 2nd IEEE International Workshop on Security and Privacy in Enterprise Computing, IEEE InSPEC 2009, 31 August - 4 September 2009, Auckland, New Zealand  
  36. 5th ACM Workshop on Digital Identity Management, ACM DIM 2009, 9-13 November 2009, Chicago, IL, US
  37. 3rd IEEE International Conference on Semantic Computing, IEEE ICSC 2009, 14-16 September 2009, Berkeley, CA, US
  38. 6th International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2009, 31 August-4 September  2009, Linz, Austria
  39. 4th International Conference on Internet Monitoring and Protection, ICIMP 2009, 24-28 May 2009, Venice, Italy
  40. 4th International Conference SAR-SSI 2009, 22-26 June 2009, Luchon, France
  41. International Workshop on Security and Privacy in Enterprise Computing 2008, InSPEC 2008, in conjunction with 12th IEEE EDOC 2008, 15 September 2008, Munchen, Germany, 2008
  42. 24th Annual Computer Security Applications Conference 2008, ACSAC 2008, 8-12 December, Anaheim, California, US, 2008
  43. Digital Identity Protection Session at the 2008 International Conference on Security and Management Workshop, WorldCom 2008, 14-17 July, Las Vegas, Nevada, US, 2008
  44. 4th ACM Workshop on Digital Identity Management, DIM 2008 (co-located with ACM CCS 2008), 31 October 2008, Fairfax, VA, US
  45. 5th International Conference on Trust, Security and Privacy 2008, TrustBus 2008, 1-5 September 2008, Turin, Italy
  46. 23rd IFIP International Information Security Conference, SEC 2008, 8-10 September 2008, Milan Italy
  47. 9th IEEE Workshop on Policies for Distributed Systems and Networks, IEEE Policy 2008, 2-4 June 2008,  Palisades, NY, US 
  48. 1st IEEE International Conference on Semantic Computing, ISCS 2007, 17-19 September  2007, Irvine, California
  49. 4th International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2007, 3-7 September  2007, Regensburg, Germany
  50. 1st International Conference on Global Defense and Business Continuity, ICGD&BC 2007, 1-6 July  2007 - Silicon Valley, California, US
  51. 8th  IEEE Workshop on Policies for Distributed Systems and Networks, Policy 2007, 13-15 June 2007, Bologna, Italy
  52. W3C Workshop on Languages for Privacy Policy Negotiation and Semantics-Driven Enforcement, 17-18 October 2006, Ispra, Italy
  53. 3rd International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2006, 4-8 September 2006, Krakow, Poland
  54. 1st PRIME Workshop on Standards for Privacy in User-Centric Identity Management, 6-7 July 2006, Zurich, Switzerland
  55. 4th International Conference on Privacy, Security and Trust 2006, PST 2006, 30 October - 01 November 2006, Toronto, Canada
  56. 2nd International Conference on Trust, Privacy & Security in Digital Business, TrustBus 2005, 22-26 August  2005, Copenhagen, Denmark
  57. 26th IEEE Computer Software and Application Conference 2002, COMPSAC 2002, 26-29 August 2002, Oxford, England