Security for Web Services. Web services, an emerging distributed computing paradigm, poses challenging problems in security, due to their dynamic decentralised scalable nature, operating over an untrusted Internet, for which no adequate solutions exist today. This research addresses the model, architecture and design of secure authorisation for web services. It achieves conceptual advances in terms of a flexible authorisation model, proposes a new XML based policy language, develops a comprehens ....Security for Web Services. Web services, an emerging distributed computing paradigm, poses challenging problems in security, due to their dynamic decentralised scalable nature, operating over an untrusted Internet, for which no adequate solutions exist today. This research addresses the model, architecture and design of secure authorisation for web services. It achieves conceptual advances in terms of a flexible authorisation model, proposes a new XML based policy language, develops a comprehensive security policy management framework, designs a distributed authorisation service and demonstrates a practical secure web service system in .NET.It presents a new approach to formally reasoning about conflict resolution policies with dynamic delegation.Read moreRead less
Security for Mobile Agent Based Systems. Mobile agents are emerging to be a significant technology in networked computing and pose fundamental challenges in security, for which no suitable solutions exist today. This research project addresses the theory, architecture and design of secure mobile agent systems. It achieves key conceptual advances by proposing a comprehensive security mode and a novel computational trust model for mobile agents. It develops new schemes for dynamic privilege man ....Security for Mobile Agent Based Systems. Mobile agents are emerging to be a significant technology in networked computing and pose fundamental challenges in security, for which no suitable solutions exist today. This research project addresses the theory, architecture and design of secure mobile agent systems. It achieves key conceptual advances by proposing a comprehensive security mode and a novel computational trust model for mobile agents. It develops new schemes for dynamic privilege management and offers new insights into the open research problem of protection against malicious hosts. It considers a novel calculus to formally reason about security properties and demonstrates practical secure agent based Internet applications.Read moreRead less
Specifications, Proofs and Animations for Cryptographic Protocols. Cryptographic protocols are fundamental security tools for electronic communications. Despite years of intensive research it remains difficult to obtain high confidence in the security of almost any new protocol. Research in the computer security community has emphasised formal specifications and state based searching, while the cryptographic community has concentrated instead on complexity theoretic proofs. This project will un ....Specifications, Proofs and Animations for Cryptographic Protocols. Cryptographic protocols are fundamental security tools for electronic communications. Despite years of intensive research it remains difficult to obtain high confidence in the security of almost any new protocol. Research in the computer security community has emphasised formal specifications and state based searching, while the cryptographic community has concentrated instead on complexity theoretic proofs. This project will unify these two approaches for the first time by formally specifying and animating the very models used in cryptographic proofs. The result will be proofs that are uniquely accessible to practioners combined with increased confidence that the proofs are both correct and relevant.Read moreRead less