Objective
Research objectives and content
Most human societies and organisations are resilient in that they survive the dishonestry or incompetence of individual members, yet this resilience is generally absent from the automatic information processing systems on which these societies and organisations increasingly depend. The overall goal of my proposed research is to develop the means of building distributed systems that continue to obey a desired security policy even when one or more clients or servers are subverted by an attacker.
My first research goal is to establish a theoretical framework for mapping classical access control policies such as Bell-LaPadula and Clark-Wilson on to protocols for distributed authentication and key exchange using mechanisms such as threshold signature and byzantine fault tolerance. My second goal is to build one or more demonstrator systems to show that resilient distributed systems are possible.
I hope to facilitate new distributed applications with a high degree of resilience, that use resources efficiently, and that can be easily administered, while placing only limited trust in the physical security of the hardware and the trustworthiness of individual staff.
Training content (objective, benefit and expected impact)
The project will give me a thorough understanding of threat models and security mechanisms including crypto protocols, access control, hardware aspects of system security, evaluation and formal verification. I will also get to understand the tradeoffs between performance and assurance. Links with industry / industrial relevance (22)
Cambridge has a large number of computer companies, many of them spun off from the University and with which the laboratory maintains close links. The laboratory also advises the UK insurance industry and the British Medical Association on security risks of information systems.
Fields of science (EuroSciVoc)
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.
- natural sciences computer and information sciences computer security access control
- natural sciences computer and information sciences data science data processing
You need to log in or register to use this function
Programme(s)
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Multi-annual funding programmes that define the EU’s priorities for research and innovation.
Topic(s)
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.
Call for proposal
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Data not available
Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.
Funding Scheme
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.
Coordinator
CB2 3QG CAMBRIDGE
United Kingdom
The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.