Manel Medina

My professional CV

Past and current Activities:

Member of ESRAB & ESRIF since 2005 till 2009.

· Head & creator of esCERT-UPC, Spanish Computer Emergency Response Team, since 1995.

· Head & founder of cANet, the Internet Applications research center (Politechnical University of Catalunya)

· Founder of Safelayer Secure Communications, leading european PKI software provider.

· President & founder of InetSecur & tb-security, information security management companies

· CIO of SeMarket, company deploying multimodal-biometric and PKI enabled solutions.

· Founder of Ready People, geolocation GSM & 3G enabled mobile handset applications.

· Founder of Consorcio Digital, non-profit association to promote the use of e-invoice in Spain.

· President of AEFTIC: Association of Computer Forensics Experts in Spain.

· President & founder of Adam Documental, spin-off co. offering PKI enabled security solutions.

· CENIT: INTEGRA, R&D project funded by the Spanish Government to identify & deploy new integrated tools for border control, to identify abnormal behaviour of travellers.

· CIDEM: RAFFI, R&D project funded by the Catalan Government to identify & deploy antifraud tools for access to web e-banking applications based on behavioural profile, biometric and PKI user identification.

· CELTIC: FIDELITY, project to specify & develop mobile and web applications based on Federated Identity management and facilitating user mobility between centres of trus.

· IST: EISPP, project to promote SME computer and network security policies, and to define and set-up a service to issue a vulnerability advisories publication service, coordinated with several European Union CERTs.

· EU funded EAWARE project to promote computer security awareness to SME.

· TEN-Telecom: CTO of the CertiVeR project, to specify and deploy a service to validate and revoke Qualified Certificates. Together with Atos-Origin & CamerFirma (Spanish ChamberSign).

· IST: PERMIS, project to experiment the systems to control the access to information systems, based in attribute certificates and PMI (Privilege Management Infrastructure).

· Co-ordinator of the ESTIO, Project, funded by the ISIS program of the EC and leaded by UPC to specify Qualified Certificates and other e-signature verification and generation products assessment tools, based on the standard formats: ETSI ES 201377 and IETF CMS.

· Co-editor of the “EESSI (European Electronic Signature Standardization Initiative) technical report”, document issued by the ISIS program, through the CEN,

· Member of the CEN EESSI (European Electronic Signature Standardization Initiative)

· Co-editor of ETW-066 e-Commerce Technical Report of CEN EWOS Workshop on Open Syst.

· Participation as “witness invited expert” in the international hearing organised by the European Commission in Copenhagen the 1998-04-23, in the Common CA requirements panel.

· Consulted by the Spanish representative in the SOGITS to produce the Spanish comments to the COM(98)297 Directive proposal on Electronic Signature.

· Technical expert in the specification of the Digital Signature project of the International Chambers of Commerce.

· Editor of the specification of the Catalan PKI, for the Catalan government, within the framework of Strategic plan for the Information Society and advisor of its Agency, CATcert

Past and current projects:

Many publications in Spanish and International magazines and conferences.

Co-editor of ISO, EWOS, & CEN standards and Technical reports

He has leaded the implementation of a GRID platform to collect statistical data about the use of Catalan, Spanish and English in web pages.

He has crated the research centre of Internet applications (cANet) of the UPC, and within this, the esCERT (Spanish Computer Emergency Response Team), from which it has born the spin-off companies, Safelayer, InetSecur and Adam Documental.

He has participated and leaded a number of EU funded projects, which aim was to promote computer and Internet security, and PKI in particular, since 1981:

· PROFIT: Seguridad estratégica: Seguridad 2020.

· MEDEA. Trustied Secure Computing.

· Celtic/Eureka: FIDELITY, to implement and set up proof of concept use cases applications where Liberty Alliance protocols will be demonstrated in different Telecom Operators and Application Service Providers over Europe. The main objective is the cooperation between Identity Providers and Centers of Trust to authenticate and grant access to users belonging to other communities.

· IST: EISPP, project to promote SME computer and network security policies, and to define and set-up a service to issue a vulnerability advisories publication service, coordinated with several European Union CERTs.

· TEN-Telecom: CertiVeR project, to specify and deploy a service to validate and revoke Qualified Certificates, and other user credentials. A project leaded by SlumbergerSema Group, and including CamerFirma (Spanish ChamberSign) amongst its partners.

· IST: PERMIS, project of the IST program, together with the Univ. of Salford amongst other partners, to experiment the systems to control the access to information systems, based in attribute certificates and PMI (Privilege Management Infrastructure), in collaboration with technical companies and local administrations teams in Bologna, Salford and Barcelona.

· IST ESTIO, Project, funded by the ISIS program of the EC and leaded by UPC to specify Qualified Certificates and other e-signature verification and generation products assessment tools, based on the standard formats: ETSI ES 201377 and IETF CMS.

· PISTA: GTCE: system to manage and sign electronically payment titles, like letters of exchange, and e-cheques. Specification of the technical and functional requirements and architecture of a system to avoid duplication of these e-payment documents, and to manage the secure interchange of this responsibility amongst bancks.

· CPPC: ViNo-e: deployment of a e-visa and notarization of projects for architects professional association.

· IST: DEDICA, which aim was to deploy a PKI infrastructure for EDIFACT, fully compatible and interacting with X.509 PKI.

· ESPRIT: ICE, to deploy a pan-european academic PKI infrastructure. Within this project we developed a CA software, and issued about 20,000 certificates as public PKI in 1998, which is still running at UPC, with more than 40,000 certificates issued up to now.

The most recent activities in the field of electronic certification of signatures and electronic commerce are:

· CTO of the CertiVeR consortium. http://www.certiver.com

· Co-ordinator of the ESTIO project.

· Co-editor of the “EESSI (European Electronic Signature Standardization Initiative) technical report”, document issued by the ISIS program, through the CEN, with funding of the European commission, and then has been member of the EESSI (European Electronic Signature Standardization Initiative), also sponsored by CEN.

· Participation as “witness invited expert” in the international hearing organised by the European Commission in Copenhagen the 1998-04-23, in the Common CA requirements panel.

· Consulted by the Spanish representative in the SOGITS to produce the Spanish comments to the COM(98)297 Directive proposal on Electronic Signature.

· Technical expert in the specification of the Digital Signature project of the International Chambers of Commerce.

· Editor of the specification of the Catalan PKI, for the Catalan government, within the framework of Strategic plan for the Information Society of this government.

·

Director of esCERT (Spanish Computer Emergency Response Team), who is providing electronic certificates to about 40,000 users of the UPC and the Bank of Sabadell, in TIBC (WG10) compatible smart cards, with proprietary technology. This department is also going to provide the technology to the Spanish Chambers of Commerce, for its participation in the ICC Digital Signature project