Secure Component Composition for Personal Ubiquitous Computing
Project Overview
In recent years, with the growth of personal computer usage and the internet, networked computers have become more widely used in more diverse applications than ever before. As this trend continues so we can expect ordinary everyday appliances to become part of these networks, and networked devices will become pervasive and often invisible to their users.
Against such a backdrop, we see that the security concerns surrounding the use of networked devices will become all the more relevant, while at the same time the level of skill required to set up and use them will necessarily decrease.
In the broadest sense, the aim of this project is to bridge the gap between the essential need for security in the fluid networked environment afforded by personal ubiquitous computing, with the restrictions imposed by a framework in which users cannot be expected to necessarily understand the intricacies of the security measures needed to maintain it.
A personal ubiquitous computing (PUC) system will be comprised of dynamic, distributed and heterogeneous components providing a networked information space. Much of the technology required for such a system is already available, but so far no framework exists to satisfy the security requirements described here, and the complex nature of these requirements has ensured that it is becoming one of the most challenging research issues that needs to be addressed within the area.
In order to achieve the objectives we propose the use of secure component composition techniques providing run-time evaluation and control of an overall networked system based on its components. Of necessity this must be an automated, dynamic and adaptive process, ensuring that the system security can be re-evaluated whenever a change to the system is made. At the same time its automated nature will ensure minimal user interaction, so that security measures are maintained in a manner transparent to the user.
An extendable software framework should allow for advances, for example in the development of new secure component composition techniques, to be integrated into the system, thus maintaining both security and cost effectiveness of the overall system.
At present a considerable body of work has been devoted to security evaluation of components and secure component composition. However no overall framework has been provided to consolidate the various techniques and harness them for security control. This applies particularly when considering the requirements of a PUC system evaluated at runtime in an automated, dynamic and adaptive manner.
CMS @ LJMU
The School of Computing and Mathematical Sciences at Liverpool John Moores University lies at the forefront of research into network computing security techniques with a large group working in the area of Distributed Multimedia Systems and Security. The project members bring with them a wealth of knowledge from the areas of distributed systems, security protocols and secure component composition. For more information about the individual members of the project team, or for details of papers and conference meetings related to the project, please click on the links at the top of the page.Funding
The project is supported by a three year EPSRC grant awarded in March 2003 (grant reference GR/S01634/01).
An RSS feed of site news is now available.
Pucsec
5 most recent items
16 Apr 2007 : Interview with Professor Madjid Merabti (link)
UK Future TV recently released an in-depth interview with Professor Madjid Merabti. The video of this is now available for download from the UK Future TV website, and has been linked to from the Presentations page.
7 Feb 2007 : Project members attend EPSRC Meet the Scientist event (link)
We recently attended an EPSRC Meet the Scientist event, developing skills to communicating science and engage with a general audience. It was a very useful and enlightening, and we're hoping this will lead to more opportunities to discuss our research with the public in future.
6 Feb 2007 : New style (link)
The site has been given a new, cleaner and hopefully more attractive style.
2 Jan 2007 : Special Issue on "Advances in Smart Home Security" (link)
The International Journal of Smart Home will be releasing a Special Issue on "Advances in Smart Home Security". The submission deadline is 31st January 2007, so there's still time to submit a paper.
2 Jan 2007 : Chinacom 2007 (link)
Chinacom was a big success last year and various members of the PUCsec project will also be involved with the next event in August. The meetings page has been updated with the details.