Massimiliano Pala

  • Research Professor

Update: After a great experience at NYU Poly, I decided to move on and pursue a career in the industry as VP of Engineering at Penango, Inc. Thanks to all of my students who inspired me to be a better advisor each day more.

I received my Ph.D. from the Poilitecnico di Torino in Computer Engineering in March 2007. In 2011, I joined the Politechnic Institute of NYU as research professor in the Computer Science and Engineering (CSE) department. I also hold the assistant director position at the Center for Interdisciplinary Studies in Security and Privacy (CRISSP). Following my doctorate, I joined Dartmouth College as a Post-Doctoral Research Fellow with the Institute for Security Technology Studies (ISTS). During my graduate studies, I worked at the PKI/Trust Lab at Dartmouth College for six months where I contributed to the work of Prof. Sean Smith and his collaborators. Before then, I worked for several companies as PKI/Security consultant. In 1998, I started the OpenCA project and I still continue its development and management. In addition to my Ph.D., I hold a Laurea (equiv. to BS and MS) in Computer Engineering from the University of Modena, Italy.

University of Modena and Reggio Emilia2003

Laurea (BS + MS), Computer Engineering and IT Systems

Polytechnic of Turin2007

Ph.D., Computer Engineering

Penango, Inc.

VP of Engineering

From: December 2012 to present

Modena's Municipality.

PKI Architect

From: January 2001 to December 2001

Universtiy of Modena and Reggio Emilia

PKI Architect

From: January 2001 to December 2002

Nabla2 S.r.l.

Company Co-Founder and Project Manager.

From: January 2001 to December 2006

Modena's Municipality.

Project Manager. UnoX1 CRM Project.

From: July 2003 to July 2004

Solving S.r.l.

Consultant. Security Software Engineer.

From: January 2004 to July 2004

Computer Science Department. Dartmouth College

Research Fellow

From: January 2007 to December 2009

Institute for Security, Technology, & Society. Dartmouth College.

Research Fellow

From: January 2009 to May 2011

NYU Poly

Research Professor and Co-Director of CRISSP

From: May 2011 to December 2012

Journal Articles

  • Massimiliano Pala and Shereyas Cholia and Scott A. Rea and Sean W. Smith. Securing the Grid via Borderless PKIs, In Cloud, Grid and High Performance Computing: Emerging  Applications., IGI Global
  • Massimiliano Pala and Sean W. Smith. Finding the PKI Needles in the Internet haystack. In International Journal of Computer Security, IOS Press, Vol. 18, No. 3, 2010, pp. 397–420, DOI: 10.3233/JCS-2009-0366
  • Massimiliano Pala and Shreyas Cholia and Scott A. Rea and Sean W. Smith. Interoperable PKI Data Distribution in Computational Grids. In International Journal of Grid and High Performance Computing (IJGHPC), Volume 1, Issue 2, pages 56-73. January-March 2009
  • M. Pala, M. Marian, N. Moltchanova, A.Lioy. PKI past, present and future. In International Journal on Information Security, Springer Verlag, Vol. 5, No. 1, January 2006, pp. 18-29, ISSN:1615-5262


Other Publications

List of Selected Peer-Reviewed publications:

  • Massimiliano Pala and Sara Sinclair and Sean W. Smith. PorKI: Portable PKI Credentials via Proxy Certificates, In 7th European PKI Workshop on Public Key Infrastructures, Athens, Greece, September 2010
  • Massimiliano Pala. A Proposal for Collaborative Internet-scale trust infrastructures deployment: the Public Key System (PKS), In 9th Symposium on Identity and Trust on the Internet (IDTrust 2010), NIST, Gaithersburg, MD, April 2010.
  • Massimiliano Pala and Yifei Wang. On the Usability of User Interfaces for Secure Website Authentication in Browsers, In EuroPKI 2009: Proceedings of the 6th European PKI Workshop on Public Key Infrastructures, Pisa, Italy, September 2009
  • Massimiliano Pala. The PKI Resource Query Protocol (PRQP). Internet Draft, PKIX WG, Experimental, IETF Archive
  • Massimiliano Pala and Scott A. Rea. Usable Trust Anchor Management. In 8th Symposium on Identity and Trust on the Internet (IDtrust 2009), NIST, Gaithersburg, MD, April 2009.
  • Massimiliano Pala and Sean W. Smith. Peaches & Peers. In EuroPKI-2008: Proceedings of the 5th European PKI workshop on Public Key Infrastructure, vol. 5057/2008 of Lecture Notes in Computer Science, pp. 223–238, Springer-Verlag. ISBN:978-3-540-69484-7
  • Massimiliano Pala, Scott A. Rea, Shreyas Cholia, and Sean W. Smith. Extending PKI interoperability in Computational Grids. In Proceedings of the 8th IEEE International Symposium on Cluster Computing and the Grid (CCGrid 2008), pp. 645–650, IEEE Computer Society, May 2008
  • Massimiliano Pala and Sean W. Smith. AutoPKI: a PKI Resources Discovery System. In EuroPKI-2007: Proceedings of the 4th European PKI Workshop on Public Key Infrastructure, vol. 4582/2007 of Lecture Notes in Computer Science, pp. 154-169, Springer-Verlag. ISBN: 978-3-540-73407-9, DOI: 10.1007/978-3-540-73408-6
  • Massimiliano Pala and Antonio Lioy. Fighting e-mail abuses: the EMPE approach. In EuroPKI-2006: Proceedings of the 3rd European PKI Workshop on Public Key Infrastructure, vol. 4043/2006 of Lecture Notes in Computer Science, pp.130-144, Springer-Verlag. ISBN: 3-540-35151-5, DOI: 10.1007/11774716 11
  • Gianluca Ramunno, Massimiliano Pala, Marco Aime, and Antonio Lioy. Motivations for a Theoretical Approach to WYSIWYS. In CMS-2005: Proceedings of IFIP International Conference on Communications and Multimedia Security, Vol. 3677/2005 of Lecture Notes in Computer Science, pp. 289-290, Springer-Verlag. ISBN: 3-540-28791-4, ISSN: 0302-9743
  • Massimiliano Pala, Marius Marian, Natalia Moltchanova, and Antonio Lioy. The EuroPKI Experience. In EuroPKI 2004: Proceedings of the 1st European Workshop on Public-Key Infrastructures, Vol. 3093/2004 of Lecture Notes in Computer Science, pp. 14-27, Springer-Verlag. ISBN: 3-540-22216-2, ISSN: 0302-9742
  • Massimiliano Pala, Diana Berbecaru, and Antonio Lioy. System Description Language. In POSITIF Project, March, 2006, Available On-line:

Research Interests

General/Collaborative Research

My current research interests are in Usable Security. In particular I focus my interests on several aspects of it: users, technology deployers/adopters, and developers. Most recently, my work is focused on the design of a new support system for Trust Infrastructures in distributed environments, i.e. the Internet. In particular, this research project is aimed at lowering today's trust deployment barriers by means of combining different technologies in a novel fashion: DHT-based peer-to-peer networking, Public Key Cryptography, and Federated Identities. Preliminary work, publications, and discussions with academia and industry partners have been, so far, an extremely valuable source of positive feedback. In the future, I envision this work to spawn several important research projects that might change Security, Usability, and Trust in the future always-connected environment.


Interoperability and Usability for PKI Management, (Co-Principle Investigator)

Institute for Security Technologies Studies and Department of Hom, Jan 2007-Mar 2009

Read more

Securing the Railway IT Infrastructure. A proposal to I3P., (Investigator)

I3P, Nov 2009-Mar 2010

Portable PKI System Interface for Internet Enabled Operating Syst, (Principle Investigator)

CISCO Systems, March 2010—December 2010