Frist 27. september 2017
DTU Compute’s Sections for Cyber Security invites enthusiastic and dedicated MSc students to apply for a 3-year PhD project in Context-Aware Access Control, starting in December 2017 or earlier. The project is financed by a DTU alliance scholarship, and will be conducted together with Nanyang Technological University in Singapore. One third of the project will be conducted in Singapore.
Our department DTU Compute is an internationally unique academic environment spanning the science disciplines mathematics, statistics and computer science. At the same time we are an engineering department covering informatics and communication technologies (ICT) in their broadest sense. Finally, we play a major role in addressing the societal challenges of the digital society where ICT is a part of every industry, service, and human endeavour.
DTU Compute strives to achieve research excellence in its basic science disciplines, to achieve technological leadership in research and innovation, and to address societal challenges in collaboration with partners at DTU and other academic institutions, nationally and internationally, and, equally important, with industry and organizations. We communicate and collaborate with leading centres and strategic partners in order to increase participation in major consortia.
DTU Compute plays a central role in education at all levels of the engineering programmes at DTU - both in terms of our scientific disciplines and our didactic innovation.
Video Surveillance is in transformation from analog, where video streams from analog cameras are recorded or monitored at a central location using dedicated communication channels, to digital surveillance systems, where video from digital cameras can be observed and recorded from multiple locations using the Internet. This gives greater flexibility, e.g. patrolling watchmen may access video from an area where an alarm has occurred before they arrive on the scene or first responders (paramedics, firemen, and police) may be granted access to video streams before they arrive at the scene of a major incident, but it also requires new access controls models, policies and mechanism to secure against unwanted access.
The Attribute-Enhanced Role-Based Access Control model (AERBAC) combines the flexibility of enforcement from the attribute based access control model with the convenient specification of policies from the role-based access control model. Attributes, such as current location; time; task; or status of alarms, may be considered as part of the access control decision, thus supporting context-aware access control policies.
The Singapore Smart Nation Project is installing surveillance cameras for a number of applications ranging from traffic monitoring to crime prevention, thus requiring either duplication of infrastructure or a context-aware access control model that support multiple constituencies and “break glass” policies in emergency situations. The proposed project is to model the security requirements for access to the video surveillance system in the Singapore Smart Nation application scenarios using AERBAC. This requires identification of all stakeholders, both authorized users and potential attackers, definition of a framework to specify and enforce access control policies that meet the security requirements and development of a proof of concept prototype of the proposed framework. The AERBAC model provides many of the fundamental artifacts for this access control framework, but there is currently no dedicated language to specify context-aware access control policies for video surveillance systems. This specification language must be general, because it must capture the security policies of multiple organizations, and intuitive, because many video surveillance systems are installed and configured by electricians or other staff with limited computer security experience, so a graphical representation of (some of) the artifacts should be considered.
The access control framework developed in the proposed project, will be evaluated both analytically, through a security analysis of the framework, and empirically, through a proof of concept implementation of the framework using a subset of the Singapore Smart Nation research testbed. The security analysis will examine the coverage of the security model (does it cover all essential security requirements), the expressiveness of the developed access control policy specification language (is it easy to express and understand all the necessary access control policies), and the performance of the developed prototype (does it efficiently, effectively and scalably enforce all specified policies).
Candidates must have a master degree in computer security, software engineering, informatics, computer networks, computer science and engineering (CSE), applied mathematics, or engineering, or equivalent academic qualifications. Preference will be given to candidates who can document experience in computer security, policy systems, domain specific languages, software architecture, ubiquitous computing, or the Internet of Things, and have strong software engineering competences. Furthermore, excellent competence in communication in English – both oral and in writing – is essential.
Approval and Enrolment
The scholarship for the PhD degree is subject to academic approval, and the candidate will be enrolled in the DTU Compute PhD School Programme. For information about the general requirements for enrolment and the general planning of the scholarship studies, please see the DTU PhD Guide.
The assessment of the applicants will be made by associate professor Christian D. Jensen and assistant professor Weizhi Meng.
We offer an interesting and challenging job in an international environment focusing on education, research, scientific advice and innovation, which contribute to enhancing the economy and improving social welfare. We strive for academic excellence, collegial respect and freedom tempered by responsibility. The Technical University of Denmark (DTU) is a leading technical university in northern Europe and benchmarks with the best universities in the world.
Salary and appointment terms
The salary and appointment terms are consistent with the current rules for PhD degree students. The period of employment is 3 years. The scholarship is an alliance scholarship with Nanyang Technological University (NTU Singapore) and a third of the time will be spent working on the project in Singapore.
Further information concerning the project can be obtained from associate professor Christian D. Jensen, , tel.: +45 4525 3724
. You can read more about our section and work at the Cyber Security section’s homepage.
Further information concerning the application is available at the DTU Compute PhD homepage or by contacting PhD coordinator Lene Matthisson +45 4525 3377
Applications must be submitted in English as one single PDF, and we must have your online application by September 27th, 2017. Please open the link in the red bar in the top of the page: "apply online" (“ansøg online”).
Applications must include:
Candidates may apply prior to obtaining their master's degree, but cannot begin before having received it.
All interested candidates irrespective of age, gender, race, disability, religion or ethnic background are encouraged to apply.
DTU is a technical university providing internationally leading research, education, innovation and scientific advice. Our staff of 5,800 advance science and technology to create innovative solutions that meet the demands of society; and our 10,600 students are being educated to address the technological challenges of the future. DTU is an independent academic university collaborating globally with business, industry, government, and public agencies.DTU Compute has a total staff of 400 including 100 faculty members and 130 Ph.D. students. We offer introductory courses in mathematics, statistics, and computer science to all engineering programmes at DTU and specialised courses to the mathematics, computer science, and other programmes. We offer continuing education courses and scientific advice within our research disciplines, and provide a portfolio of innovation activities for students and employees.