BrainMap

Mr. Cristian Lupascu

PhD

- CERTSIGN SA

Web of Science ResearcherID: AAB-3106-2019

Expertise & keywords

EUDI Wallet interface solution for requesting electronic certificates Call name: PNCDI IV, SP 5.7.1 - Proiect de transfer la operatorul economic
PN-IV-P7-7.1-PTE-2024-0575 2025 - 2027

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); Academia Tehnică Militară „FERDINAND I” (RO)

Affiliation:

Project website: https://www.certsign.ro/ro/rewire-solutie-de-interfatare-cu-eudi-wallet-pentru-solicitarea-atestarilor-electronice/

Abstract:

The main goal of the project is to expand the portfolio offered by the certSIGN company by implementing a service for requesting and processing electronic attestations of attributes, as they are regulated in eIDAS2, chapter 9 and according to security and interoperability standards.

The project's objective is the design, development, testing and validation of a system for processing electronic attestations of attributes. The utility of the project comes from the fact that it will help the rise of adoption rate of digital systems, as it will significantly simplify the integration effort on the part of service providers. Considering the complexity of such an integration with EUDI Wallet, it may be difficult for service providers, especially for entities that cannot afford to allocate dedicated resources to such a project.

Estimated deliverables include studies, business cases, technical development documentation, system architecture and test plan. Also, the necessary software components will be implemented, and will finally be integrated into a unitary system. The system and its components will then be tested and validated under real use conditions, resulting in a test report. Among the estimated results, there are those of dissemination: registration certificate at ORDA, website, articles on social media channels, but also academic articles, published at scientific conferences and journals.

ADVANCED SYSTEM FOR CONTENT AUTHENTICITY PROTECTION Call name: PNCDI IV, SP 5.7.1 - Proiect de transfer la operatorul economic
PN-IV-P7-7.1-PTE-2024-0741 2025 - 2027

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); Academia Tehnică Militară „FERDINAND I” (RO)

Affiliation:

Project website: https://www.certsign.ro/ro/asserter-sistem-avansat-pentru-protectia-autenticitatii-continutului/

Abstract:

The main goal of the ASSERTER project consists in the creation of a new electronic system that enables the attestation of content authenticity, its long term assurance, as well as the identification of other elements with a certain degree of similarity. The proposed system will implement the requirements defined in the specifications designed by the Coalition for Content Provenance and Authenticity (C2PA), which outline the framework for content authenticity attestation. Therefore, the proposed service will output encapsulations that can be processed by any applications or software tools made available by different manufacturers implementing the C2PA specifications.

The specific objectives of the ASSERTER system will include, apart from the main service that generates encapsulations in accordance with C2PA specifications, software modules that will enable the:

• insertion of encapsulations’ data in the blockchain,

• exposure of the main functionalities of the C2PA encapsulation generation service,

• integration with the electronic signatures long-term preservation service, developed and operated by certSIGN,

• identification of the degree of confidence in the authenticity of a specific content, using elements of Artificial Intelligence, that will process data received from a specialized component, which extracts a set of main characteristics related to the content,

• integration with the WebSign application, one of the certSIGN solutions for creating electronic signatures.

Interoperable System for the Attestation of Electronic Attributes Call name: PNCDI IV, SP 5.7.1 - Proiect de transfer la operatorul economic
PN-IV-P7-7.1-PTE-2024-0456 2025 - 2026

Role in this project:

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); Academia Tehnică Militară „FERDINAND I” (RO)

Affiliation:

Project website: https://www.certsign.ro/ro/resolute-sistem-interoperabil-pentru-atestarea-atributelor-electronice/

Abstract:

The main goal of the project is to expand the portfolio offered by the certSIGN company by implementing a service for the attestation of electronic attributes, as they are regulated in eIDAS2, chapter 9 and according to security and interoperability standards.

The project's objective is to design, develop, test and validate a system for issuing electronic attestations of attributes. To achieve this goal, it is necessary to address the following components: (1) service for issuing qualified electronic attestations of attributes, the main component of the system, (2) connector to authentic sources, (3) connector to the e-identity wallet, and (4) register with the status of electronic certificates, to have the possibility to revoke electronic certificates.

Estimated results include studies, business cases, technical development documentation, system architecture and test plan. Also, the necessary software components will be implemented and will finally be integrated into a unitary system. The system and its components will later be tested and validated under real use conditions, generating a test report. Among estimated results, there are those of dissemination: certificate of registration at ORDA, website, articles on social media channels, but also academic articles, published at conferences and scientific journals.

System for scanning and mapping IP resources in Romania, aimed at the early detection of cyber threats Call name: P 5.6 - SP 5.6.3 - Solutii
PN-IV-P6-6.3-SOL-2024-2-0279 2024 - 2026

Role in this project: Key expert

Coordinating institution: DIRECTORATUL NATIONAL DE SECURITATE CIBERNETICA

Project partners: DIRECTORATUL NATIONAL DE SECURITATE CIBERNETICA (RO); SAFETECH INNOVATIONS SA (RO); CERTSIGN SA (RO); UNIVERSITATEA "ŞTEFAN CEL MARE" DIN SUCEAVA (RO); Academia Tehnică Militară „FERDINAND I” (RO); UNIVERSITATEA NAȚIONALĂ DE ȘTIINȚĂ ȘI TEHNOLOGIE POLITEHNICA BUCUREȘTI (RO)

Affiliation:

Project website: https://dnsc.ro/pagini/proiect-ipradar

Abstract:

The IPRadar project, which consists in the development of a system for scanning and mapping IP resources in Romania, is an ambitious initiative to strengthen national cyber security, offering a proactive and comprehensive approach to identifying cyber threats, through the use of advanced technologies and intelligent data analysis . . The main objective is the hosting of an IT system, intended for cyber security, which is capable of actively scanning IT resources exposed in the Internet environment, from the territory of Romania, with the aim of early detection of cyber threats. The project provides a detailed picture of the level of existing security of the public cyberspace on the territory of Romania, advanced technologies for scanning ports, identifying services running on these ports, and associating these services with known vulnerabilities, by correlating them with vulnerability databases. The proposed solution responds to specific objectives and challenges. presented, by integrating the most advanced analytics and distributed big data processing technologies into a platform designed to ensure scalability, high availability, fault tolerance and extensibility, and which will contain components that will implement active scanning, data collection , analyzing and reporting IP addresses and related information from public cyberspace. The project will develop a modular, scalable platform capable of supporting integration with various external systems and databases. The platform will include dedicated components for distributed scanning, collection and aggregation, data indexing and querying, vulnerability management and threat intelligence, reporting and alerting, and API interfaces. The project meets the requirements of the beneficiaries and allows further development for applications intended for other beneficiaries

Portable, resilient and secure cloud data migration system Call name: P 5.6 - SP 5.6.3 - Solutii
PN-IV-P6-6.3-SOL-2024-0068 2024 - 2026

Role in this project: Key expert

Coordinating institution: Academia Tehnică Militară „FERDINAND I”

Project partners: Academia Tehnică Militară „FERDINAND I” (RO); UNIVERSITATEA NAȚIONALĂ DE ȘTIINȚĂ ȘI TEHNOLOGIE POLITEHNICA BUCUREȘTI (RO); CERTSIGN SA (RO); UNIVERSITATEA MARITIMA DIN CONSTANTA (RO); INSTITUTUL NATIONAL DE CERCETARE - DEZVOLTARE IN INFORMATICA - ICI BUCURESTI (RO)

Affiliation:

Project website: https://mta.ro/coral

Abstract:

The CORAL project aims to create a portable and secure platform made up of processing equipment, storage, communications, security and software for the cloud, which can be used to implement "disaster recovery" or "business continuity" scenarios. The platform must provide the ability to migrate data, containers or virtual machines to and from virtualized / cloud environments. The final solution must be delivered in a compact, rugged format, comply with applicable national tempest standards and be able to operate in a cluster.

Certified components based interoperable system for remote electronic signature creation services conforming to EIDAS Regulation Call name: P 2 - SP 2.1 - Proiect de transfer la operatorul economic
PN-III-P2-2.1-PTE-2021-0655 2022 - 2023

Role in this project: Project coordinator

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); Academia Tehnică Militară „FERDINAND I” (RO); Ministerul Apararii Nationale prin Agentia de Cercetare pentru Tehnica si Tehnologii Militare (ACTTM) (RO)

Affiliation: CERTSIGN SA (RO)

Project website: https://www.certsign.ro/en/cisres-interoperable-system-based-on-certified-components-for-remote-electronic-signature-creation-services/

Abstract:

The project has the main goal to implement a new service in certSIGN's portfolio, that would allow any third party or client to integrate into their solution or to make qualified remote signatures according to eIDAS regulation, by using open interfaces such as the CSC API specification.

ADVANCED SECURITY MECHANISMS FOR AUTONOMOUS SYSTEMS Call name: P 2 - SP 2.1 - Proiect de transfer la operatorul economic
PN-III-P2-2.1-PTE-2019-0817 2020 - 2022

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); UNIVERSITATEA BUCURESTI (RO); Academia Tehnică Militară „FERDINAND I” (RO)

Affiliation: CERTSIGN SA (RO)

Project website: https://www.certsign.ro/ro/massa

Abstract:

The purpose of MASSA is to develop new security systems that provide the technological level to enable smart autonomous devices to communicate in a secure manner while maintaining the authenticity, integrity and confidentiality of messages and information exchanged.

In recent years, especially in the USA and at EU level, there have been several regulatory measures regarding intelligent transport systems. The US has defined the IEEE 1609.2 standard. In the EU, ETSI has laid down a security framework based on several standards and specifications for intelligent transport systems.

As a first objective we aim at developing, implementing and validating a PKI (TRL5) system, scalable and flexible, for intelligent transport systems in order to authorize the access of vehicles to various infrastructure services and to secure V2X communications.

The second objective of the project is to achieve the technical components necessary for the extension of the proposed PKI service to be compatible with two other categories of autonomous systems:

- Autonomous drone systems. The purpose is to propose a viable technical solution to secure the communication protocols used for drones.

- Intelligent systems based on IoT sensors used in home appliances that are now the subject of concrete implementations in smart home architectures.

The third objective of the project is to use of data science for transportation planning and traffic optimization.

- We will study optimal ways of placing sensors in the infrastructure to identify bottlenecks.

- We will implement We will apply vehicle synchronization techniques to achieve a common goal (in our case, to reduce traffic congestion).

- We will investigate the possibility of using the methods derived from decision theory and social choices to obtain an automatic and complex traffic management system.

Secure chAnnel Between iO and Trusted prOcessing unit: intel software guaRd Extension Call name: P 2 - SP 2.1 - Proiect de transfer la operatorul economic
PN-III-P2-2.1-PTE-2019-0802 2020 - 2022

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); UNIVERSITATEA POLITEHNICA DIN BUCURESTI (RO)

Affiliation: CERTSIGN SA (RO)

Project website: https://www.sabotore.ro

Abstract:

The new trusted execution environment (TEE) integrated within modern CPUs (Intel Software Guard Extensions and ARM TrustZone) enable isolation of security-critical applications from the rest of the software running on the system. However, they lack support for trusted I/O (e.g. keyboard, display), making those technologies unreliable in the case of user-centric applications. For example, one simply cannot securely send any keyboard input to the CPU when the operating system has been compromised. In this project, we aim to solve this gap by creating a new hardware device that will act as a bridge between I/O devices and TEE. Our solution will have multiple security functionalities, including symmetric encryption for a secure channel, asymmetric encryption and hashing for mutual authentication and attestation. The device should be portable, with limited memory and restricted processing capabilities. Moreover, the device itself needs to be hardened against multiple types of attacks, including physical attacks. Our efforts will be directed in producing the device for three main business cases: (1) a token that provides authentication and secure channel for I/O devices, (2) a hardware module that allows secure printing directly from the TEE, and (3) a cryptographic USB that allows both local and remote secure storage. Designing the hardware for each of the three business cases is an important aspect of this project, we will look into how the existing prototype can be extended by adding hardware security modules such as a Trusted Platform Module or Secure Storage. From the Technology Readiness Level (TRL) perspective, SABOTORE starts a level 4, with a proof of concept already implemented and presented to well recognized international academic conference, and we plan to bring it to TRL level 6, with participation at more industry oriented events and possible a patent application if possible.

Avant-garde Technology Hub for Advanced Security Call name: P 1 - SP 1.2 - Proiecte complexe realizate in consorții CDI
PN-III-P1-1.2-PCCDI-2017-0272 2018 - 2021

Role in this project: Key expert

Coordinating institution: Academia Tehnica Militara

Project partners: Academia Tehnica Militara (RO); UNIVERSITATEA POLITEHNICA DIN BUCURESTI (RO); ACADEMIA DE STUDII ECONOMICE (RO); UNIVERSITATEA BUCURESTI (RO)

Affiliation: Academia Tehnica Militara (RO)

Project website: https://www.security-hub.ro/

Abstract:

The project “Avant-garde Technology Hub for Advanced Security (ATLAS)” will enhance the research and collaboration performance of partners in the field of cybersecurity technologies. Based on the existing doctoral and master's degree programs, the project will develop the capabilities of the partners in this field and will steer them into creating and extending both governmental and private sector relationships.

The project consists of two major tracks: increasing the involvement and visibility at national and international level through fundamental and applied research; and institutional development by means of knowledge transfer between partners and external collaborators. The research and development program addresses hot topics in the field of cybersecurity, such as: applications and operating systems security, IoT and cloud security.

The major research directions that ATLAS will look into are: enhancing software security using machine learning and formal methods, security of IoT devices using distributed intelligence, new cryptographic technologies for securing IoT communications and cloud services.

Each partner will contribute to the research area in which it has expertise and, within the project, will offer support for other partners or external collaborators. To this end, an important component of ATLAS is the development of a distributed infrastructure for training and advanced research in the field of cybersecurity. This platform will allow knowledge sharing and exploitation of existing expertise by providing new services to partners.

The sustainability of the project resides in improving doctoral and master’s degree programs, and increasing collaboration with external partners in a strategic field at national and european level.

Advanced Community Epidemic Management Techniques Call name: P 2 - SP 2.1 - Soluţii - 2020 - 1
PN-III-P2-2.1-SOL-2020-0148 2020 - 2021

Role in this project: Key expert

Coordinating institution: Spitalul Universitar de Urgenta Militar Central "Dr.Carol Davila"

Project partners: Spitalul Universitar de Urgenta Militar Central "Dr.Carol Davila" (RO); CERTSIGN SA (RO)

Affiliation:

Project website: http://www.scumc.ro/tamec-tehnici-avansate-de-management-a-epidemiei-in-comunitate/

Abstract:

TAMEC (Advanced Community Epidemic Management Techniques) ensures the design and development of effective systems for prevention, prediction, control and monitoring of asymptomatic and symptomatic transmission of SARS-CoV-2 infection within the community. The proposed solution contains a system for detecting contacts of patients confirmed with SARS-CoV-2 using mobile devices; a system for managing and mapping the distribution of confirmed cases as well as a system for collecting, monitoring in real time and managing hospital resources. TAMEC proposes a crucial innovation for ensuring the protection of personal data, by using homomorphic encryption - information can be processed directly in encrypted form, without being accessed by the entity that processes it. The consortium proposes a team with extensive expertise in homomorphic encryption, the consortium partner holding an international patent in this field. Designed "privacy by design", TAMEC ensures a wide adoption of the end-user system, maximizes the social and economic impact and contributes to the efficiency of the health care system and the reduction of the COVID-19 pandemic or other epidemics.

ALADIN Airports Landside and Air-land Side Attacks’ Detection and Prevention Call name: P 3 - SP 3.5 - Proiecte EUREKA Tradiţional (Network), EUREKA-Cluster, Eurostars
PN-III-P3-3.5-EUK-2016-0038 2017 - 2019

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); BEIA CONSULT INTERNATIONAL S.R.L. (RO)

Affiliation: CERTSIGN SA (RO)

Project website: http://www.beiaro.eu/aladin-airports-landside-air-land-side-attacks-detection-prevention/

Abstract:

The cyber-security is now the key issue for the aerospace industry and services who manage the airspace and organize inspections of the equipment driving by. Thereby, we propose ALADIN that aims to prevent failures caused unexpectedly by the hacker at Landside area such as parking and baggage check services, and Air-landside areas that includes for instance the communication between aircraft on the ground and air traffic control. The focus of the project are primarily as follow: ● Analyze the risks and vulnerabilities of airport information & control systems and the ecosystem of airport assets/objects. This investigation will provide dedicated methodologies and tools to assess the resiliency level of the Airports, ● Define the cyber, physical or combined threats scenario that could target these airport information & control systems or any other airport assets, ● Design and implement the Attack Monitoring, Prevention and Detection building blocks in air-landside and landside areas to react smartly and quickly to the cyber-attacks with adapted intrusion prediction, detection and recovery countermeasures, ●Developing lightweight cryptographic techniques to assure a data confidentiality, ●Develop a simulation environment platform to evaluate the methods and techniques defined and implemented in ALADIN to assess their effectiveness with respect to dependability, security and performance, ●Define different cyber-security services that ALADIN could provide to an airport, ● Demonstration by embedding some attacks scenarios with their related security countermeasures. The result of ALADIN will be a Cyber protection and detection framework, incorporating the above described objectives. They will be marketable as standalone components or fully integrated system as soon as the project is over in order to address either existing or new airports sites. The estimated time for marketing techniques, tools or methodologies is of max 1 year from finalizing WP 5, 6, in 2019.

Key word spotting for real time surveillance in telephone conversations in Romanian Call name: P 2 - SP 2.1 - Proiect experimental - demonstrativ
PN-III-P2-2.1-PED-2016-1974 2017 - 2018

Role in this project: Key expert

Coordinating institution: INSTITUTUL DE CERCETARI PENTRU INTELIGENTA ARTIFICIALA ,,MIHAI DRAGANESCU''

Project partners: INSTITUTUL DE CERCETARI PENTRU INTELIGENTA ARTIFICIALA ,,MIHAI DRAGANESCU'' (RO); Academia Tehnica Militara (RO)

Affiliation: Academia Tehnica Militara (RO)

Project website: http://heimdall.racai.ro

Abstract:

This project proposes the development of a key word spotting system for real time surveillance in telephone conversations in Romanian. The project comes in the context of homeland security, i.e. the fight against organized crime and terrorism.

The project starts from a proof of concept (TRL3) keyword spotting system (KWS) based on HMM acoustic models and improves in it by adding new acoustic models based in neural networks and real time capabilities.

The improved KWS will be integrated and tested in a laboratory VoIP network. Both accuracy and real-time performance will be assessed. The end product (i.e. KWS integrated in VoIP network) will be named Heimdallr (god in Norse mythology can hear grass as it grows). The project ends at TRL4.

Although the system is designed in the context of homeland security, it could be converted to other applications such as automatic call-center monitoring and business analytics.

Cloud based cryptographic mechanisms under the sole control of the user Call name: P 2 - SP 2.1 - Proiect de transfer la operatorul economic
PN-III-P2-2.1-PTE-2016-0191 2016 - 2018

Role in this project: Key expert

Coordinating institution: CERTSIGN SA

Project partners: CERTSIGN SA (RO); Academia Tehnica Militara (RO); Ministerul Apararii Nationale prin Agentia de Cercetare pentru Tehnica si Tehnologii Militare (ACTTM) (RO)

Affiliation: Academia Tehnica Militara (RO)

Project website: http://www.Mc3ex.certsign.ro

Abstract:

The paperless office concept emerged in the 20th century and was used to describe the office of the future, in which paper documents are eliminated. Although the use of computers boomed and in present days are replaced gradually by laptops, tablets and smartphones, the paperless office is not that wide spread. Paper documents have a major place in the workflow of institutions, companies and people.

The barriers for the use of electronic documents are the juridical aspects together with the low adoption at the user and institution level, who still prefer the printed documents.

MC3Ex aims to take advantage from a sum of factors: recent law changes (the EU Regulation 910/2014) and the emergence of e-Government services which managed to form a critical mass of users that are familiarized with the use of electronic documents and electronic signature, in order to develop security services that will cover in a unitary solution relevant scenarios for the use of electronic documents: electronic signature and encryption services provided by a trusted third party but under the sole control of the user. These new services simplify the access to critical elements that ensure the protection of documents -the cryptographic keys - but maintains exclusive control in the hands of the user. Until now, to have legal value, the keys had to be on cryptographic smart cards held by the user. Legislation and technological advances allow exploring a new approach: keys stored centrally in the cloud, but still under the sole control of the user using a range of devices: PC, tablet or smartphone.

The Coordinator, certSIGN has experience as a provider of qualified certificates as well as security software house. The partners, MTA and ACCTM, contribute with academic expertise and product evaluation.

FILE DESCRIPTION	DOCUMENT
List of research grants as project coordinator or partner team leader
Significant R&D projects for enterprises, as project manager
R&D activities in enterprises
Peer-review activity for international programs/projects