Personal Profile

Born on 1978. I have more than 12 years of experience in IT Security. I have been involved in projects in Europe, Africa, and in the United States. My actual field is electonic healthcare. I am an active contributor of European Large Scale Pilots. I am ITIL and ISO 27000 certified and I have a lot of interests (see below). Download full CV.

Computer Science

My job is in IT. I am 1/3 Developer, 1/3 Agile Security Architect, and 1/3 Editor of standards. In IT I enjoy continual improvement. I like participating international task forces, challenges, and emergency situations. I think at coding as one of the most important stage of any IT process. I am a Computing Reviews reviewer.


I am a wine maker, for leisure. I inherited a small wineyard in Chianti, and I am following one of the old Chianti recipes (Canaiolo, Malvasia, and Sangiovese). My high school was in agriculture, which is part of my cultural heritage. I strongly believe in organic agriculture. I think that IT and mathematical modelling will help us to build a better and sustainable future.


I play classical guitar, samba and bossa nova. I also play electric guitar, where I try to play funky, but it's hard!


I love sports: I am playing baseball since I was 16, with various interruptions. In the meanwhile I enjoyed Karate for 8 years. I am actually playing fastpich in Antella. I love running, I am an happy half-marathon runner.

IT Security

I am an IT Security Architect. I developed, planned, and engineered IT security measures in Africa, Europe, and in the United States. Service Oriented Architectures (e.g., web services) security is my main focus, SAML, XACML, XSPA, TrustEl, Stork, XUA, OAuth are the keywords


I am a Object Oriented Java developer, with strong background in C and MATLAB. I follow Kent Beck's Test Driven Development, and I fit in Continuos Delivery settings


I am used to play Lego with international standards and profiles (such as ISO, IHE, ETSI, HL7, OASIS, and rfcs). I use them, I contribute to them and I develop them


My academical background is in Computer Science

Ph.D., Formal Methods

I have a Ph.D. (italian Dottorato di Ricerca, Doctor Europaeus) in formal methods applied to Computer Science, obtained from the University of Florence. My thesis has been reviewed by Fraunhofer, University of Leicester, and ICT4G fellows.

M.Sc., Numerical Analysis

I have a master's degree in Computer Science, with a specialization in numerical analysis. I have made my thesis at CERN, at the LHC Computing Grid (LCG).

My Results

  • Developed monitoring tools for the CERN's LHC Grid
  • Found a serious bug in the IHE XUA specifications
  • Provided a formal semantics to XACML
  • Developed Java applications used in very busy environments (e.g., FET-and-Open NCP)
  • Contributed to the development of IHE, ETSI, epSOS standards, and EU guidelines
  • Provided solid technological foundations used by member states for cross-border eHealth


Only three experiences are listed here. A complete list is available in the full CV.

Tiani "Spirit" GmbH, 2007 -

SME based in Vienna, specialized in eHealth. Here I am full time employed as architect / java developer / consultant for the Ministry of Health. I participated in the development of the epSOS, IHE Security profiles, eSens, and many other projects. At the time of writing, I have a mandate to explore the Gas and Energy sectors for IT interoperability.

CERN 2006

I was at CERN as student. I enjoyed one year of work in one of the most exciting place in the world. I developed a system controlling the availability of the machines in the computer centre.

Fal.Co. S.a.s 2001 - 2005

Fal.Co. was a SME outsourcing developers. I worked with this team as system integrator: I produced C++ code to integraty legacy COBOL applications towards modern frameworks.

Massimiliano Masi, IT Security Architect. Via di Ripoli 249, 50126 Firenze, IT