Biografia
Specialista in innovazione presso l’Istituto Poligrafico e Zecca dello Stato, dove contribuisce all’evoluzione del sistema di autenticazione “Entra con CIE”, all’analisi, progettazione e definizione delle specifiche dell’IT-Wallet. Ha iniziato la sua carriera come ricercatore presso il CNIT, occupandosi di soluzioni per la mobilità, multi-homing e sistemi di navigazione indoor. Vanta oltre 13 anni di esperienza nello sviluppo mobile nei settori delle telecomunicazioni, bancario e sanitario, con competenze in architetture software, protocolli di sicurezza e Internet of Things (IoT).
Abstract
Monitoring e compliance in OpenID Federation: da CIE a EUDI Wallet
Dal 2023 OpenID Federation è in esercizio come framework di trust per la Federazione CIE (Carta d'Identità Elettronica) in Italia. L'esperienza operativa ha permesso di sperimentare con successo le potenzialità di questo framework, che ha colmato i gap dei sistemi tradizionali negli aspetti di trust management, ponendo l'Italia tra i paesi pionieri sul tema.
Presentazioni
- DOCUMENTO
Video
Bio
Innovation Specialist at Istituto Poligrafico e Zecca dello Stato, where he contributes to the evolution of the "Entra con CIE" authentication scheme, the analysis, design, and definition of IT-Wallet specifications. He began his career as a researcher at CNIT, working on mobility solutions, multi-homing, and indoor navigation systems. Over 13 years in mobile development across telecom, banking, and healthcare, with expertise in software architectures, security protocols, and IoT.
Abstract
Monitoring and Compliance in OpenID Federation: from CIE to EUDI Wallet
Since 2023, OpenID Federation has been in production as a trust framework for the CIE Federation (Electronic Identity Card) in Italy. The operational experience enabled the successful testing of this framework's capabilities, which addressed the gaps in traditional systems' trust management aspects, positioning Italy among the pioneering countries in this field.
Starting from the basic principles of Federation, we will analyze how continuous compliance monitoring represents both a critical challenge and a paradigm shift compared to traditional federations. In traditional federations, compliance verification typically happens only during initial registration, but what happens when an entity is no longer compliant due to deprecated algorithms, regressions, or vulnerabilities? OpenID Federation, thanks to its architecture based on REST APIs and native mechanisms for automatic and dynamic validation, enables the Trust Anchor to continuously verify the configurations of federated entities and take action in a precise and timely manner. The flexible, decentralized, and hierarchical approach of OpenID Federation guarantees, on one side, a high degree of autonomy in the management of technical components and, on the other side, allows integration tools that offer governance actors real-time visibility on the health status of the federation and allow detailed audit of entities' lifecycle, transforming trust from static to dynamic.
The evolution towards the European Wallet (EUDI Wallet) amplifies this need as this new model introduces greater complexity in terms of use cases and cross-border interoperability. In such a scenario, the native monitoring capabilities of OpenID Federation become crucial to guarantee security and manageability at a large scale.
