Research Interests

For people in a rush: I do research about security, in particular; access control, the use of privacy-enhanced technologies in different contexts and security/privacy of blockchain. Some of the areas I worked on (or am working on) include:

Funded Projects: Throughout the years I worked on several projects. Some of them include

Some other problem specific projects and software can be found here.


Not in a rush? /\ Something more casual?
I work at the intersection of privacy engineering, blockchain and access control. I am passionate about the identification of security/privacy problems when accessing or processing sensitive data, and the development of feasible solutions to these problems. Some of the central questions to my research include: Some additional works I am busy with include the design and implementation of security services for cloud systems with a focus on computation over encrypted data and federated authorizations. The particular application areas of the proposed techniques in my research include verifiable (and private) genome analysis and secure smart energy systems in which the processing of large sensitive data is outsourced to (possibly untrusted) clouds and the access to data is strictly regulated.


Earlier times..

In my PhD, I developed/applied run-time reasoning and verification techniques for all activities involved in static and dynamic analysis of certain security properties and constraints. So simply, I work on run-time verification in access control. The access control model I consider is mainly Role Based Access Control (RBAC). Conventionally access control to resources has been considered from two perspectives:

Recent advances in automated reasoning enabled the use of formal methods in verification of the specifications at design time. However, as many information (i.e. parameter) used in access control decision is only available at run-time and the design time analysis can easily lead to state explosion problem in many access control settings, run-time analysis can provide efficient solutions to many verification problems. So the question is can we use the existing methods or develop new ones that exploit automated reasoning techniques at run-time?

What I did was developing and implementing formal/semi-formal methods for the verification of specifications at run-time by 1. Approximating some of the run-time parameters at compile time and simulation, 2. Using efficient representation techniques and algorithms to encode the problem, 3. Optimizing the analysis of state traces at run-time (in just in time manner) by state space elimination as at run-time one needs to deal with only finite traces.