Dr Benjamin Aziz
I am a senior lecturer at the School of Computing, University of Portsmouth. I gained a PhD in Computer Science from Dublin City University in 2003 and since, I have held several post-doctoral research posts in University College Cork, Imperial College London and Rutherford Appleton Laboratory in Oxford.
My research in the field of computer and information security spans more than 15 years. In particular, my research interests are focused on areas related to formal analysis of security properties, engineering secure large-scale distributed systems, security requirements at the engineering level, trust management and digital forensic analysis and formalisation. Over the years, I have published over 70 articles, papers, reports and book chapters in these areas.
I am a member of several international working groups including the Cloud Computing Security Alliance, ERCIM Formal Methods for Industrial and Critical Systems, ERCIM Security and Trust Management and IFIP WG 11.3 on Data and Application Security and Privacy. I coordinate the Computer Security and Digital Forensics Research Group in the School of Computing. Finally, I am also an Associate Editor-in-Chief of the International Journal of Security (IJS) and an Associate Editor of Wiley’s Security and Communications Networks (SCN).
Digital Forensics Analysis and Methods
Digital forensics can be defined as the art and science of applying computer science knowledge to aid the legal process. The main concern of a forensic analysis is to obtain digital evidence of illegal or fraudulent behaviour in a manner that preserves the quality of the evidence to stand defence in the court room. As in any forensic investigative process, investigating digital evidence may involve a number of phases, which include collecting, preserving, filtering and presenting the evidence. My interest in this area lies in combining classical security methods, such as security policies and security services, with digital forensics. In particular, it is possible to show that a forensics service can be used to raise the security assurance for a computing system. I am also interested in investigating the notion of a digital forensics policy and generating forensic requirements using formal requirements engineering methodologies
Trust and Security Management
The management of trust and security in distributed systems involves several phases starting from the definition of what security and trust mean, their analysis, deployment and enforcement of trust and security mechanisms and the re-evaluation of these mechanisms based on the evolution of the general requirements of the system and the business environment it is running within. In this area, I am interested in the management of security policies, including the problem of policy refinement from the high business levels to low infrastructure levels, the analysis of security policies for desirable behaviours such as the lack of conflicts and coverage analysis. I am also interested in the expressivity of security policy languages, mainly standards like XACML. In the area of trust management, my main research interest lies in reputation systems and the use of trust-enhancing mechanisms such as public key infrastructures.
Large-scale Distributed Systems
Driven by industrial use and computationally intensive applications, large-scale distributed systems, such as Grids and Clouds, often pose new challenges to already existing solutions within the context of security and reliability. Such challenges include scalability, cost and complexity of management and in the case of Clouds, elasticity of computational state. In this area, I am interested in research investigating any aspect of trust, security and reliability of large-scale and computationally intensive systems.
Requirement engineering is concerned with the analysis of the requirements of systems before the systems are designed or implemented. There are several requirements engineering methodologies, such as i*/Tropos and KAOS, which allow computer engineers to specify and analyse the requirements and properties of their to-build systems. My main research interests in this area are concerned with the capturing of security and dependability requirements of distributed systems using formal expressions such as the linear temporal logic, the verification of security requirements and the derivation of specification and system designs from their requirements.
Formal Modelling and Verification of Security Properties
Computing systems that are risk-critical, such as components of avionic or defence systems, or cost-critical such as systems handling large-scale scientific experiments are required to have a high degree of security and reliability in the face of human error and external malicious intruders. Therefore, the use of robust formal methods, though expensive, is desirable in ensuring such systems do not fail frequently and provide a minimum trustworthy behaviour for their users. I have been involved for several years in the formal analysis of various systems starting simple toy-like security protocols to large-scale industrial systems, using formal languages such as process algebra (mainly Pi-calculus and its variants) and the B/Event-B refinement language. I am also interested in static analysis techniques based on the abstract interpretation of the program semantics. I am particularly interested in the analysis of privacy and security properties as well as quantitative aspects of distributed systems.