Michele Mangili Curriculum Vitæ Et Studiorum

Michele Mangili Curriculum vitæ et studiorum

Personal First Name, Surname: Michele Mangili Information Address: Via Giovanni Pascoli, 10/F 24060, Bagnatica (BG), Italy

Telephone: (+39) 035 680281 Mobile: (+39) 333 7793112 Email: [email protected]

Date of birth: May 31st, 1987 Place of birth: Seriate, BG (Italy) Citizenship: Italian

Languages: Italian (Native) English (TOEFL iBT score: 115/120)

Education Undergraduate student of M.Sc. in Computer Engineering Present School of Engineering - University of Bergamo Via Salvecchio, 19 24129, Bergamo (Italy) • Area of Study: Networked Information Systems • Current GPA: 29.78/30 • Ranking: Top 1% among 232 M.Sc. students enrolled at the School of Engineering, University of Bergamo.

B.Sc. in Computer Engineering September 2006 - September 2009 School of Engineering - University of Bergamo Via Salvecchio, 19 24129, Bergamo (Italy) • Thesis Topic: Supporting software evolution through a diagnostic approach of maintainability • Advisor: Professor Paolo Salvaneschi • Area of Study: Software Engineering • Comprehensive ﬁnal grade: 110/110 “cum laude” • GPA: 29.43/30 • Ranking: First among 478 B.Sc. students enrolled at the School of Engineering, University of Bergamo.

High school Diploma in Science Education (Liceo Scientifico) July 2006 Liceo Scientifico Lorenzo Federici Via dell’Albarotto 24069, Trescore Balneario (BG), (Italy) • Comprehensive final grade: 100/100

1 of 6 Awards I have received the following grants on the basis of my academic performance:

Date Provider Grants (dd/mm/yyyy) Authority Description Available Grant awarded for the GPA grade of The city of Bergamo the academic years 2006 - 2009. I 29/08/2010 Fondazione MIA 1 was ﬁrst among 478 B.Sc. students 1 enrolled at the School of Engineering University of Bergamo. Grant awarded for the GPA grade of 20/11/2010 A.N.C.E. 2 4 the academic year 2008/2009. Grant awarded for the GPA grade of 14/11/2009 A.N.C.E. 3 5 the academic year 2007/2008. Grant awarded for the GPA grade of 08/11/2008 A.N.C.E. 4 6 the academic year 2006/2007. Grant awarded for the comprehensive 5 18/11/2006 A.C.E.B. ﬁnal grade of the school year 12 2005/2006.

Scientific Visiting Scholar - SAP Labs France SAS, Mougins, (France) Collaborations From July 2011 to January 2012, I have been working as an intern in the Security Research Team at SAP Labs France. The work was performed in the context of the European project PoSecCo (Policy and Security Conﬁguration Management).

Research PoSecCo: Policy and Security Configuration Management Projects European Project (EU FP7) Project Overview Future Internet (FI) applications will see dynamic compositions of services. Their progress crucially depends on the service providers’ ability to achieve, maintain and prove compliance with security requirements and manage policies and configurations in a cost effective way. PoSecCo overcomes these difficulties by establishing a traceable and sustainable link between high-level requirements and low-level configuration settings. PoSecCo is co-founded by the European Commission under the 7th Framework Programme (Information and Communication Technologies).

Contribution I designed and implemented a web service architecture for a conﬁguration validation and auditing tool. We leveraged the SCAP (Security Content Automation Protocol) standards, in particular we used and extended the OVAL, XCCDF and CPE languages. The ﬁnal result of this internship experience was an application that automatically executes security checklists on given targets.

Submitted M. M. Casalino, M. Mangili, H. Plate, S. E. Ponta. Detection of conﬁguration vulnerabilities in Conference distributed (Web) environments. 9th Conference on Detection of Intrusions and Malware & Publications Vulnerability Assessment, July 26-27th, 2012, Heraklion, Crete, Greece.

1http://www.larassegna.it/inserti/bgUniversita 2011 gennaio.pdf 2http://www.ancebergamo.it/documenti/acebinforma/2010/novembre2010.pdf 3http://www.ancebergamo.it/documenti/acebinforma/2009/novembre2009.pdf 4http://www.ancebergamo.it/documenti/acebinforma/2008/ottobre novembre2008.pdf 5http://www.ancebergamo.it/documenti/acebinforma/2006/novembre2006.pdf

2 of 6 Professional Salvaneschi & Partners, Bergamo, Italy Experience Software Engineering - Quality assurance Position Held: Consultant October 2008 to July 2010 I was responsible to draw up test plans and to execute functional test cases of software applications at MediaMarket S.p.A. . I carried out acceptance tests for 15 different projects, in fields ranging from Intranet applications, cash registers and the data warehouse. Archivio, Bergamo, Italy Web development Position Held: Trainee July 2008 to September 2008 • Dynamic web sites development in ASP and ASP.NET . • Usage of CSS and XHTML technologies to build the layout. Archivio, Bergamo, Italy Web development Position Held: Trainee July 2006 to August 2006 • Dynamic web sites development in ASP. • Static web sites building, using HTML and CSS. Jimmy Computers, Trescore Balneario (BG), Italy Informatics, repair service, retail store Position Held: Trainee July 2006 to August 2006 • Personal Computer assembly and repair service • Installation and configuration of Windows and Linux operating systems.

Social and I prefer working in an environment where I am given autonomy of choice in order to reach the Organizational objective. I can coordinate the work with a special attention toward other people’s needs. I am Skills good at adjusting to the context. During my internship at SAP Labs France, I had the chance to work in an international environment. Our working group was composed by German people as well as Tunisians and the everyday language was English.

Technical and Programming Languages: Software Skills • Java • C/C++ • ASP, ASP.NET • HTML, CSS, JavaScript I have a solid knowledge of the Object Oriented programming paradigm and especially the Java technology. In particular, I am skilled at designing the software architecture of an application using UML and Petri Nets. I have been using these languages to implement different applications ranging from rich-client, plugin-based software built with the Eclipse RCP technology, to web applications based on the web services technology. I do believe that it is a very good practice to complete the code with unit tests because they can seriously boost the quality of the final result. DataBase Management Systems and Query Tools: • DBMS: PosgreSQL, MySQL, Apache Derby, Microsoft SQL Server, Microsoft Access • Query and Reporting tools: Quest for DB2, SPSS Clementine, Business Objects I used the aforementioned DataBase Management Systems (DBMS) during my studies at university and my professional experience at Archivio. I also had the chance to practice both the conceptual and logical design of the database using the Entity-Relationship model. I have a good knowledge of SQL, not only as a query language but also as a Data Manipulation (DML) and Data Definition Language (DDL).

3 of 6 Furthermore, I used the above mentioned query and reporting tools in the last 6 months of my professional experience at MediaMarket. In fact, I worked as a consultant on the acceptance test of a reporting application for the data warehouse. Operating Systems: • Microsoft Windows Family • Mac OS X • GNU Linux Driving License: B

List of Prof. Stefano Paraboschi (E-mail: [email protected]; phone: (+39) 035 2052356) References • Full Professor at the Department of Information Technology & Mathematical Methods, University of Bergamo • Via Marconi 5, I-24044, Dalmine, Bergamo, Italy • Prof. Paraboschi is the chair of the B.Sc. and M.Sc. programs of the School of Engineering at University of Bergamo and deputy chair of the Department of Information Technology & Mathematical Methods. Prof. Fabio Martignon (E-mail: [email protected]; phone: (+33) 01.69.15.68.16) • Full Professor at the Laboratoire de Recherche en Informatique (LRI) UniversitéParis-Sud • Bat. 650, rue Noetzlin, 91190 Gif-sur-Yvette, France • Prof. Martignon is a Professor (“Professeur de 2nde classe”) in Computer Science (Section 27 “Informatique”), Laboratoire de Recherche en Informatique (LRI), UniversitéParis-Sud 11, France. He was also my professor of Computer Networks and Internet Applications at the University of Bergamo. Dr. Serena Elisa Ponta (E-mail: [email protected]; phone: (+33) (0)4.92.28.64.33) • Researcher at SAP Labs France - Sophia Antipolis • SAP Labs France SAS, 805, avenue du Dr. Maurice Donat, 06250 Mougins, France • Dr. Ponta was my internship supervisor at SAP. She is working as the work package lead in the PoSecCo Research team at SAP Labs France. Henrik Plate (E-mail: [email protected]; phone: (+33) (0)4.92.28.63.48) • Researcher at SAP Labs France - Sophia Antipolis • SAP Labs France SAS, 805, avenue du Dr. Maurice Donat, 06250 Mougins, France • Henrik Plate is the Scientific & Technical Coordinator of the PoSecCo Research team at SAP Labs France.

4 of 6 Courses For ordinary exams, universities in Italy use a 30-point scale simply divided in two: non passing (0 to 17), and passing grades (18 to 30 cum laude). For outstanding results, the Cum Laude “praise” is added to the maximum grade.

B.Sc. First Year ECTS Passed on date Description Credits Status (dd/mm/yyyy) Grade Mathematics I 10 Passed 16/02/2007 30 Physics I 5 Passed 25/01/2007 30 Chemistry 5 Passed 10/09/2007 28 Information Technology 5 Passed 01/02/2007 30 cum laude Physics II 5 Passed 11/06/2007 30 Computer Architecture 5 Passed 20/06/2007 30 cum laude Mathematics II 7.5 Passed 03/07/2007 27 Information Technology II 10 Passed 18/06/2007 30 cum laude Test of English Language 5 Passed 15/01/2007 Passed

B.Sc. Second Year ECTS Passed on date Description Credits Status (dd/mm/yyyy) Grade Behavior, Design and 7.5 Passed 14/01/2008 30 Finances of Organizations Control Theory I 5 Passed 14/01/2008 30 cum laude Technical Physics 7.5 Passed 06/02/2008 26 Electrical Engineering 5 Passed 17/01/2008 30 Computer Networks 2.5 Passed 15/01/2008 29 Operating Systems 5 Passed 15/01/2008 29 Control Theory II 5 Passed 23/06/2008 30 cum laude Information Systems 5 Passed 04/07/2008 30 Electronic Instrumentation 5 Passed 16/06/2008 30 cum laude Statistics 7.5 Passed 23/06/2008 28 Software Engineering 7.5 Passed 20/06/2008 30 cum laude

B.Sc. Third Year ECTS Passed on date Description Credits Status (dd/mm/yyyy) Grade Management of Company 5 Passed 15/07/2009 27 Information Systems Electronics for Digital Systems 5 Passed 13/02/2009 30 cum laude Management Accounting Systems 7.5 Passed 15/01/2009 30 Telecommunications 2.5 Passed 13/02/2009 30 cum laude Numeric Calculations 5 Passed 17/06/2009 30 Information Systems II 5 Passed 14/01/2009 30 cum laude Internet Applications 5 Passed 26/06/2009 30 Information Technology 5 Passed 14/01/2009 30 for Industry Architectures and 5 Passed 16/06/2009 30 cum laude Protocols for Internet Experimental Activities 10 Done 22/06/2009 in Laboratories - Final examination 5 Passed 24/09/2009 -

5 of 6 M.Sc. First Year ECTS Passed on date Description Credits Status (dd/mm/yyyy) Grade System Identiﬁcation 10 Passed 27/01/2010 30 and Data Analysis Project of Information 5 Passed 01/09/2010 30 cum laude Technology III Information Transmission Theory 5 Attended Computer Security 5 Passed 08/09/2010 30 Artiﬁcial Intelligence 5 Passed 21/01/2010 30 cum laude Operations Research 5 Passed 12/02/2010 28 Stochastic Models 5 Passed 17/04/2012 30 Information Technology III 5 Passed 19/01/2010 30 cum laude Enterprise IT Infrastructures 5 Passed 29/06/2010 30 cum laude Business Management 5 Passed 19/01/2010 28 Algebra and Logic 5 Passed 24/02/2011 30

M.Sc. Second Year ECTS Passed on date Description Credits Status (dd/mm/yyyy) Grade Robotics project 5 Passed 25/01/2011 30 Theoretical Computer Science 5 Passed 18/01/2011 30 cum laude Robotics 10 Passed 24/01/2011 30 Computer Graphics 5 Passed 22/07/2011 30 Languages and Compilers Project 5 Passed 06/07/2011 30 cum laude Languages and Compilers 5 Passed 21/01/2011 30 cum laude Advanced Algorithms 5 Passed 10/02/2011 30 Internship 10 Done - - Final Examination 10

6 of 6