Some ideas for a Master thesis

Privacy, Data Protection & Trust Management

1. In the last years, businesses have become more dynamic and, consequently, organizations have to adapt quickly to changes in structure, businesses, and environmental conditions. Organizations thus have to deal increasingly often with unexpected situations and exceptions. For instance, a physician can take actions that diverge from the procedures adopted by the hospital to face emergency situations. Preventing such actions may be critical for the life of the patient. Traditional access control systems are too inflexible to be used in dynamic environments. Their inflexibility often forces users to bypass them and, in extreme cases, to switch off security measures. The objective of this project is to design and develop an automated infringement management mechanism that supports the system in making informed decision on data access by performing real-time risk/benefit analysis.
2. Tag-Based Authorization (TBA) is a hybrid access control model that combines the ease of use of extensional access control models with the expressivity of logic-based formalisms. In particular, it allows the users of a system to assign descriptive tags to the system's resources (i.e., subjects and objects); security experts then write logical authorization policies in terms of those tags. The main limitation of the TBA model is that it lacks support for policy administration. More precisely, it does not allow policy-writers to specify administrative policies that constrain the tags that users can assign, and to verify the compliance of assigned tags with these policies. The goal of this project is to enable policy administration in TBA.

Identity Management

1. Over the years, formal methods have been developed for the analysis of security and privacy aspects of communication in IT systems. Existing methods, however, are insufficient to deal with privacy, especially in identity management (IdM), as they fail to take into account whether personal information can be linked to its data subject. This goal of this project is to design and develop a framework in which privacy aspects of communication can be modelled and verified.
2. Service providers (SPs) typically collect personal information about users while providing their services. Privacy-enhancing identity management systems try to make sure SPs cannot link different visits of the same user. Typically, this is done by avoiding the use of unique user identifiers. However, an SP may still link different visits with some probability because of common information about the user between visits. Record linkage theory has been proposed as a general theory to assess the likelihood that two collections of personal information are about the same user. This project focuses on record linkage theory in the context of visits of users to SPs, and in particular to study how this theory can be embedded into a framework for the analysis of identity management protocols.
3. When a service provider needs information about a user from different sources ("identity providers"), normally the user need to log in at each identity provider separately. Single sign-on has been proposed as a way to facilitate the user. In particular, single sign-on allows users to log in at one identity provider and then the identity provider collects the necessary credentials and information from the other providers. Although single sign-on makes the system more usable, it has security and privacy implications on the privacy. This aim of this project is to study and compare existing methods for single sign-on (especially with 3 or more identity providers) in terms of privacy of the user and assurance for the parties involved.

Business Process

1. Business Process Management is emerging as a means for understanding the activities that organizations can perform to optimize their business processes or to adapt them to new organizational needs. The Business Process Modeling Notation (BPMN) is emerging as the de-facto standard modeling notation in industry. BPMN was designed to provide a graphical notation for XML-based business process languages, such as WS-BPEL. Unfortunately, BPMN is informal and leaves room for ambiguity about its semantics. Moreover, it does not allow for formal analysis. These issues are challenging and call for formal frameworks encoding graphical elements into formal specifications. This project aims to investigate techniques for the formal specification and analysis of business processes. The project also includes the development of a prototype that supports the transformation of BPMN models into formal specifications and a front-end with an existing model checker for formal analysis. See (Prandi et al., 2008) for more details.