Research Area: Privacy and Security
Description: This research area involves a number of different sub-disciplines, including the following: mathematics; communications protocols; distributed systems; software development; specification and formal design; model checking and theorem proving; verification, validation, & testing; and hardware/firmware design. It seeks to combine some of these sub-disciplines in ways that allow secure and private interactions over electronic and wireless networks.
Applications:The Internet can be a dangerous place where malicious software, denial of service, phishing, credit card theft, identity theft, and other attacks threaten the well-being and productivity of many in society. Other electronic networks – including voice/data networks (such as cell phone and wireless ad hoc nets), text networks (such as IM), and social networks (such as Facebook and mySpace) – are not much better. The goal of this research is to create environments in which it is safe for people to work and play. Specific applications include e-commerce, e-business, online gaming, healthcare, and corporate & government networks.
Professors:
| Adams (group) | privacy technologies, cryptography, access control |
| Bochmann (group) | security of distributed applications, trust management |
| Boukerche (group) | security for wireless ad hoc and sensor networks, modeling intrusion detection for mobile phone systems |
| Felty (group) | policy compliance and policy verification, proof-carrying code |
| Jourdan | security of software applications |
| Logrippo | formal methods in security |
| Matwin | privacy-preserving data mining, privacy enhancing technologies |
| Miri (group) | secure sensor and ad hoc networks, biometric-based cryptosystems, cryptography for resource-constrained devices |
| Peyton | privacy for federated identity management frameworks, privacy for evolving e-health business processes |
| Yeap | security for SIP-based real-time communication applications, network identity-enabled architectures, network-based micropayments, next-generation RFID architecture and applications |
Research groups involving several professors:
- Ontario Research Network on Electronic Commerce - Information and Communications Technologies (ORNEC-ICT)
Some recent projects:
- Delegation and proxy services for digital credential environments [Adams; project funded in part by ORNEC]
- Formal verification of a new algorithm for detecting conflicts in firewall access rules [Felty/Matwin; funded in part by NSERC, OCE]
- Security for SIP-based real-time communication applications; network identity-enabled architectures; network-based micropayments; next-generation RFID architecture and applications [Yeap; Partner: Bell University Laboratories]
- Expressing and Proving Privacy-Sensitive Information Flow Properties using the Java Modeling Language [Felty/Matwin, funded by NSERC (Discovery grant and Idea-to-Innovation)]
- A Semantic Approach to Foundational Proof-Carrying Code [Felty, funded in part by NSERC, partner: Secure Internet Programming Lab at Princeton University, USA]
- Methods and tools for the design validation, implementation, and testing of security policies [Logrippo; Partner: Computer Associates]
Slide Show
Opportunities for collaboration: Opportunities for joint research exist at all levels, from exploratory research to contract research, from sponsoring a student to supporting a dedicated project, and many variations in between. University-based research can be very cost-effective for your company and in most cases your support can be used to leverage additional grants from government agencies resulting in a multiplying effect. To find out more about a specific lab/group, project, or to discuss your research needs, contact the Technology & Research Development Office at (613) 562 5800 x2440. Email: research@eng.uottawa.ca , or the researcher directly (The School of EECS).
Printable Handout 
Research Area Coordinator: Adams