BrainMap

Alexandru Lupascu

MSc

Co-founder & CTO - OMNIA Protocol

Researcher | Entrepreneur | Manager | Consultant

I help companies identify new business models and improve the existing ones by leveraging emerging technologies such as blockchain, privacy-preserving computation techniques, edge computing, and federated machine learning. High integrity, committed and innovation-focused leader known for the ability to build a culture for success. Driven by vision, passion, and deliverables, I manage to drive growth and overcome regulatory barriers with the use of technology.

Expertise & keywords

Serviciu electronic pentru pastrarea si garantarea pe termen lung a semnaturilor electronice (LTPS) Call name: PROIECT TEHNOLOGIC INOVATIV PT REGIUNI MAI DEZVOLTATE ( Bucuresti-Ilfov)
123423 2020 - 2022

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); UNITATEA MILITARA 02648 (RO)

Affiliation: CERTSIGN SA (RO)

Project website:

Abstract:

Secure chAnnel Between iO and Trusted prOcessing unit: intel software guaRd Extension Call name: P 2 - SP 2.1 - Proiect de transfer la operatorul economic
PN-III-P2-2.1-PTE-2019-0802 2020 - 2022

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); UNIVERSITATEA POLITEHNICA DIN BUCURESTI (RO)

Affiliation: CERTSIGN SA (RO)

Project website: https://www.sabotore.ro

Abstract:

The new trusted execution environment (TEE) integrated within modern CPUs (Intel Software Guard Extensions and ARM TrustZone) enable isolation of security-critical applications from the rest of the software running on the system. However, they lack support for trusted I/O (e.g. keyboard, display), making those technologies unreliable in the case of user-centric applications. For example, one simply cannot securely send any keyboard input to the CPU when the operating system has been compromised. In this project, we aim to solve this gap by creating a new hardware device that will act as a bridge between I/O devices and TEE. Our solution will have multiple security functionalities, including symmetric encryption for a secure channel, asymmetric encryption and hashing for mutual authentication and attestation. The device should be portable, with limited memory and restricted processing capabilities. Moreover, the device itself needs to be hardened against multiple types of attacks, including physical attacks. Our efforts will be directed in producing the device for three main business cases: (1) a token that provides authentication and secure channel for I/O devices, (2) a hardware module that allows secure printing directly from the TEE, and (3) a cryptographic USB that allows both local and remote secure storage. Designing the hardware for each of the three business cases is an important aspect of this project, we will look into how the existing prototype can be extended by adding hardware security modules such as a Trusted Platform Module or Secure Storage. From the Technology Readiness Level (TRL) perspective, SABOTORE starts a level 4, with a proof of concept already implemented and presented to well recognized international academic conference, and we plan to bring it to TRL level 6, with participation at more industry oriented events and possible a patent application if possible.

ALADIN Airports Landside and Air-land Side Attacks’ Detection and Prevention Call name: P 3 - SP 3.5 - Proiecte EUREKA Tradiţional (Network), EUREKA-Cluster, Eurostars
PN-III-P3-3.5-EUK-2016-0038 2017 - 2019

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); BEIA CONSULT INTERNATIONAL S.R.L. (RO)

Affiliation:

Project website: http://www.beiaro.eu/aladin-airports-landside-air-land-side-attacks-detection-prevention/

Abstract:

The cyber-security is now the key issue for the aerospace industry and services who manage the airspace and organize inspections of the equipment driving by. Thereby, we propose ALADIN that aims to prevent failures caused unexpectedly by the hacker at Landside area such as parking and baggage check services, and Air-landside areas that includes for instance the communication between aircraft on the ground and air traffic control. The focus of the project are primarily as follow: ● Analyze the risks and vulnerabilities of airport information & control systems and the ecosystem of airport assets/objects. This investigation will provide dedicated methodologies and tools to assess the resiliency level of the Airports, ● Define the cyber, physical or combined threats scenario that could target these airport information & control systems or any other airport assets, ● Design and implement the Attack Monitoring, Prevention and Detection building blocks in air-landside and landside areas to react smartly and quickly to the cyber-attacks with adapted intrusion prediction, detection and recovery countermeasures, ●Developing lightweight cryptographic techniques to assure a data confidentiality, ●Develop a simulation environment platform to evaluate the methods and techniques defined and implemented in ALADIN to assess their effectiveness with respect to dependability, security and performance, ●Define different cyber-security services that ALADIN could provide to an airport, ● Demonstration by embedding some attacks scenarios with their related security countermeasures. The result of ALADIN will be a Cyber protection and detection framework, incorporating the above described objectives. They will be marketable as standalone components or fully integrated system as soon as the project is over in order to address either existing or new airports sites. The estimated time for marketing techniques, tools or methodologies is of max 1 year from finalizing WP 5, 6, in 2019.

Privacy preserving Information Extraction System for the Romanian language Call name: P 2 - SP 2.1 - Proiect experimental - demonstrativ
PN-III-P2-2.1-PED-2016-1799 2017 - 2018

Role in this project: Key expert

Coordinating institution: Academia Tehnica Militara

Project partners: Academia Tehnica Militara (RO); CERTSIGN SA (RO)

Affiliation: CERTSIGN SA (RO)

Project website: https://ppie.certsign.ro

Abstract:

The PPIE system for Romanian is a novel proposal to extracting meaninfull data from natural language text. The privacy component of the system controls the access to the semantic relations in the ontology graph through encryption and automated classification of the privacy level by a smart decizion making algorithm.

At present, there is no Information Extraction system for the Romanian language. There are such IE systems for English, but porting them to Romanian would yield poor results due to the performance of current Romanian processing modules (if existing) and the peculiarities of the Romanian language (if directly applying an English trained module on Romanian).

Our proof-of-concept system is based on the development of components, linked together into an end-to-end system: web crawler (transforms the HTML page into simple, unprocessed text), text preprocessor (“normalize” the text: split it into sentences, tokenize it, performs part-of-speech tagging and creates a dependency tree for sentences), named entity recognizer (detects the bounds of a named entity and classifies it into a given class according to our privacy preserving ontology, relation extractor (RE) (links extracted entities into a relation described in the ontology), privacy preserving ontology (contains definitions and the information itself). The integrated intelligent module filters and self-decides the data to be protected and the privacy level).

Our system targets companies, services and organizations interested in obtaining repositories containing smart-searchable information doubled by a security-enforcing mechanism. This is an essential step in future targeted, knowledge repositories belonging to public or private entities in need of relevant access to information. Another target of the project is reflected by the cyber-terrorism on social media finding its applicability in issues of national security.

Cloud based cryptographic mechanisms under the sole control of the user Call name: P 2 - SP 2.1 - Proiect de transfer la operatorul economic
PN-III-P2-2.1-PTE-2016-0191 2016 - 2018

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); Academia Tehnica Militara (RO); Ministerul Apararii Nationale prin Agentia de Cercetare pentru Tehnica si Tehnologii Militare (ACTTM) (RO)

Affiliation: Academia Tehnica Militara (RO)

Project website: http://www.Mc3ex.certsign.ro

Abstract:

The paperless office concept emerged in the 20th century and was used to describe the office of the future, in which paper documents are eliminated. Although the use of computers boomed and in present days are replaced gradually by laptops, tablets and smartphones, the paperless office is not that wide spread. Paper documents have a major place in the workflow of institutions, companies and people.

The barriers for the use of electronic documents are the juridical aspects together with the low adoption at the user and institution level, who still prefer the printed documents.

MC3Ex aims to take advantage from a sum of factors: recent law changes (the EU Regulation 910/2014) and the emergence of e-Government services which managed to form a critical mass of users that are familiarized with the use of electronic documents and electronic signature, in order to develop security services that will cover in a unitary solution relevant scenarios for the use of electronic documents: electronic signature and encryption services provided by a trusted third party but under the sole control of the user. These new services simplify the access to critical elements that ensure the protection of documents -the cryptographic keys - but maintains exclusive control in the hands of the user. Until now, to have legal value, the keys had to be on cryptographic smart cards held by the user. Legislation and technological advances allow exploring a new approach: keys stored centrally in the cloud, but still under the sole control of the user using a range of devices: PC, tablet or smartphone.

The Coordinator, certSIGN has experience as a provider of qualified certificates as well as security software house. The partners, MTA and ACCTM, contribute with academic expertise and product evaluation.

New Innovative System for Radiation Safety of Patients Investigated by Radiological Imaging Methods, based on Smart Cards and PKI Infrastructures Call name: Joint Applied Research Projects - PCCA-2011 call, Type 2
PN-II-PT-PCCA-2011-3.2-1517 2012 - 2016

Role in this project: Key expert

Coordinating institution: UNIVERSITATEA POLITEHNICA DIN BUCURESTI

Project partners: UNIVERSITATEA POLITEHNICA DIN BUCURESTI (RO); CERTSIGN SA (RO); Spitalul Universitar de Urgenta Militar Central "Dr.Carol Davila" (RO)

Affiliation:

Project website: http://141.85.100.1/SRSPIRIM/

Abstract:

Implementing an integrated system for radiation safety and security of the citizens, using electronic smart cards, represents a project for Romanian Government and mainly for Romanian Health Ministry due to investigations of patients by radiological imaging methods. The project could be extended to include all activities that expose the peoples to the risk of radiation exposure.

Due to the fact that the current methods for recording the dose of radiations applied to patients during investigations by radiological imaging methods, based on papers, do not allow or make very difficult the aggregation of such data in order to determine if the maximum allowed cumulative dose is reached, the implementation of a secure integrated system for radiation safety of citizens involved either in medical investigations by radiological imaging methods or in other activities with a high risk of radiation exposure, built on smart cards technology, covers one of the major needs of the health-care system. Such a radiation safety system provides a couple of secure services like electronic patient record of radiological investigations, assistance in prescription of future radiological investigations based on the patient history, different reports and statistics and even the control access of persons to risk of radiation exposure based on information stored on their smart cards.

The project consortium proposes itself to develop an electronic radiation safety card based on smart cards and the system for citizens’ radiation safety that will integrate all activities with risks of radiations, not only the patients investigated by radiological imaging methods. The smart cards allow authentication, digital signature and secure data storage. The whole system will be built on two types of radiation safety cards:

• Citizen Radiation Safety Card – CRSC – dedicated to patients;

• Professional Radiation Safety Card – PRSC – intended to medical and investigation laboratories personnel.

Advanced models for the design and evaluation of modern cryptographic systems Call name: Joint Applied Research Projects - PCCA-2011 call, Type 2
PN-II-PT-PCCA-2011-3.2-0212 2012 - 2016

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); Academia Tehnica Militara (RO); Ministerul Apararii Nationale prin Agentia de Cercetare pentru Tehnica si Tehnologii Militare (ACTTM) (RO); UTI GRUP S.A. (RO)

Affiliation:

Project website: http://www.certsign.ro/certsign/resurse/documentatie/Proiecte-cercetare-dezvoltare/ADECS

Abstract:

The development of information protection systems, which are based on new techniques and technologies and which provide a degree of safety as high as possible, represents and will represent a major research field. Currently, the security components (encryption algorithms and techniques, hash algorithms, authentication mechanisms) are used more and more frequently in various software applications, without a scientific evaluation of their correct implementation. If either personal data or confidential information is concerned, the corresponding protection can only be obtained through mechanisms verified, tested and implemented correctly.

The project intends to develop certain capabilities in the field of research of cryptographic algorithms and encryption techniques adjusted to the security requirements of present days. An experimental model will be designed for the implementation of a modern encryption system of voice transmissions for mobile phones. The solution will cover the main existing platforms (Android and Apple iOS) and will allow the protection voice transmissions in real time.

In addition, the project intends to create security testing-evaluation platforms for the information systems, consisting in:

• Testing-evaluation platform of the cryptographic algorithms;

• Security evaluation platform of the IT products, according to the FIPS 140-2 standard;

The creation of a common framework for the implementation of security applications for smartphones will be envisaged, especially on the platforms used most frequently, such as Apple iOS or Google Android.

The results of this project will be used in a wide series of systems and equipment designed for information protection. At the same time, the evaluation procedures and platforms will represent a first major step towards creating a national testing/evaluation framework of the IT systems and equipment.

Processing and ensuring technologies of electronic content Call name: Dezvoltare Produse - Sisteme - Tehnologii - 2012
PN-II-IN-DPST-2012-1-0087 2013 - 2015

Role in this project: Key expert

Coordinating institution: SC Certsign SA

Project partners: SC Certsign SA (RO)

Affiliation:

Project website: http://www.proiect-tape.ro/

Abstract:

As briefly described in the description of the project proposal and business plan the idea of implementing this project came as a result of several converging factors :

• It is undeniable that the volume of electronic information generated and / or processed within organizations is in constant growth. Processing electronic information clearly enhances corporate productivity but on the other hand raises a number of safety issues in managing , maintaining and ensuring content.

• Need to develop technologies whose main functions cover the identification, collection and indexing of electronic content provided by client setting and marking its authenticity and integrity , archiving electronic content in order to guarantee it for long-term.

Pre-emptive approach to electronic information processing areas is most likely to be exposed in a litigious event , while other players in the market focuses on the search and processing of data on-demand, or after an litigious event occurs. Although there is concern in the field of collection and archiving of electronic information ( through various solutions produced especially internationally), the proposal of this project brings as additional value utilisation of state of the art security mechanisms (electronic signature elements, timestamping , PKI) for safe archiving electronic content and long-term guarantee.

Development of technologies for securing data in Cloud Call name: Dezvoltare Produse - Sisteme - Tehnologii - 2012
PN-II-IN-DPST-2012-1-0086 2013 - 2015

Role in this project: Key expert

Coordinating institution: SC Certsign SA

Project partners: SC Certsign SA (RO)

Affiliation:

Project website: http://dtsdc.ro/;http://www.certsign.ro/certsign/resurse/documentatie/Proiecte-cercetare-dezvoltare/DTSDC

Abstract:

Starting from the need to improve the company's capabilities in the development of new solutions

to improve the quality, product diversity and reduced response time requirements

market, the project aims to develop the range of products made to date in SC

CertSign SA by developing processing technology and electronic content guarantee

which form the basis of new, innovative, potentially commercial operation in order

obtaining profitable results for the company.

FILE DESCRIPTION	DOCUMENT
List of research grants as project coordinator or partner team leader
Significant R&D projects for enterprises, as project manager
R&D activities in enterprises
Peer-review activity for international programs/projects