KTH-SEECS Applied Information Security Lab

National University of Sciences and Technology (NUST)

News

Year 2013


  • Conference Paper Published in NCIA 2013 -- 2013-12-12

    Paper titled, "Survey on Secure Live Virtual Machine (VM) Migration in Cloud" by Naveed Ahmad, Ayesha Kanwal and Muhammad Awais Shibli has been accepted In: 2nd National Conference on Information Assurance 2013 (NCIA-2013) 11-12 December, 2013.


  • Conference Paper Published in NCIA 2013 -- 2013-12-12

    Paper titled, "Intrusion Detection System in Cloud Computing: Challenges and Opportunities" by Yasir Mehmood, Umme Habiba, Muhammad Awais Shibli and Rahat Masood has been accepted In: 2nd National Conference on Information Assurance 2013 (NCIA-2013) 11-12 December, 2013.


  • Papers presented in NCIA held at MCS Rwp -- 2013-12-11

    Mr. Naveed Ahmad and Mr. Yasir Mehmood from KTH-AIS lab presented their research papers in the 2nd National Conference on Information Assurance 2013 (NCIA) held in MCS,Rwp during 11-12 December 2013. The papers entitled as "Survey on Secure Live Virtual Machine (VM) Migration in Cloud" and "Intrusion Detection System in Cloud Computing: Challenges and Opportunities" respectively.


  • Seminar on Cloud Computing -- 2013-12-06

    The seminar on Cloud Computing: Buzzword or a Saviour was held on 6th December 2013.
    News Link: http://seecs.nust.edu.pk/Seminars_workshops/pages/cloud_computing-kth/


  • Conference Paper Published in PRDC 2013 -- 2013-12-02

    Paper titled, "Assessment Criteria for Cloud Identity Management Systems" by Umme Habiba, Abdul Ghafoor, Rahat Masood, Muhammad Awais Shibli has been published In: 19th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC), IEEE, Vancouver, British Columbia, Canada, 2-4 December, 2013.


  • Successful Master Thesis Defense of Amna Joiya -- 2013-12-01

    KTH - AIS Lab would like to congratulate Ms. Amna Joiya on her successful thesis defense. In her thesis titled “Secure and Privacy Enhanced Email System as a Cloud Service”, she addressed the security issues faced by email systems and proposed a system which is based on proxy architecture to provide standard email services along with extended and innovative features. Some of the extended features are: (a) protection of email headers using standard cryptographic format, (b) transparent handling of anonymous identities belonging to different domains, (c) protection of inboxes from unauthorized emails. The designed system is implemented in the form of a service using standard techniques so it can be deployed easily in the cloud environment as a service. The system also supports cross domain exchange of email letters. It transparently and securely exchanges user’s private information across the domain after developing infrastructure level trust between them. After designing and implementing, he verified the system using automated verification tool; Scyther. Heartiest congratulations to Amna on this commendable achievement and best wishes for all of your future prospects.


  • Conference Paper Published in SIN 2013 -- 2013-11-26

    Paper titled, "Securing the Virtual Machine in Cloud Computing" by Muhammad Kazim, Rahat Masood, Muhammad Awais Shibli has been accepted in 6th International Conference on Security of Information and Networks (SIN), ACM, SIGSAC, Askaray, Turkey, 26-28 November, 2013.


  • Chapter accepted in Springer book -- 2013-11-05

          Book chapter titled Access Control as a Service in Cloud: Challenges, Impact and Strategies” by Awais Shibli, Rahat Masood, Umme Habiba, Ayesha Kanwal, Yumna Ghazi, Rafia Mumtaz has been accepted in 'Continued Rise of the Cloud: Advances and Trends in Cloud Computing', Springer 2014.


  • HEC approves the Proposal titled "Secure and Authorized Dynamic Group Resource Management" worth 5 Million PKR -- 2013-11-04

    The KTH – Applied Information Security lab, directed by Dr. Muhammad Awais Shibli,  is pleased to announce the approval of their project proposal entitled “Secure and Authorized Dynamic Group Resource Management” by the Higher Education Commission (HEC), Pakistan. The proposal is approved with a budget of rupees 5 million over a period of 24 months. The project will be a comprehensive research and development targeting the area of group secure information sharing (g-SIS), which will aim at developing a holistic solution to the problems of dynamic access control within group-centric environment, management of group resources and delegation of rights within groups. The goal of this project is to facilitate educational institutions all over Pakistan as well as the security agencies, research community and software houses by providing a comprehensive solution to the problems related to group secure communication. We would like to express our deepest gratitude for the tremendous support we have received from everyone. We need your support and prayers to bring positive visibility of the emerging research culture in Pakistani universities. Also, we encourage dedicated individuals with passion for research, development, and innovation to work with us and gain first-hand knowledge in this state-of-the-art domain. For more deitals click here.


  • Conference Paper Published in KES 2013 -- 2013-09-09

    Paper titled, "Cloud based Secure and Privacy Enhanced Authentication and Authorization Protocol" by Umer Khalid, Abdul Ghafoor, Misbah Irum, Muhammad Awais Shibli, has been accepted in 17th International Conference in Knowledge Based and Intelligent Information and Engineering Systems (KES), Elsevier, Kitakyushu, Japan, 9 - 11 September 2013.


  • Conference Paper Published in Future Tech 2013 -- 2013-09-04

    Paper titled, "Fine Grained Access Control in Object-Oriented Databases" by Rahat Masood and Awais Shibli has been published in 8th FTRA International Confrence on Future Information Technologies (FutureTech), Springer LNEE Series, Gwangju, Korea, 4-6 September 2013.


  • Conference Paper Published in GreenCom 2013 -- 2013-08-20

    Paper titled, "Assessment Criteria for Trust Models in Cloud Comptuing" by Ayesha Kanwal, Rahat Masood, Ume E Ghazia, Muhammad Awais Shibli, Abdul Ghafoor Abbasi, has been accepted in 9th IEEE International Conference on Green Computing and Communications (GreenCom), IEEE, Beijing, China, 20-23 August, 2013.


  • Successful Final Year Project Completion of Arjumand Fatima and Yumna Ghazi -- 2013-08-01

    The KTH-AIS Lab would like to congratulate Ms. Arjumand Fatima and Ms. Yumna Ghazi, students of Bachelors in Information & Communication Systems Engineering (BICSE) on successful completion of their Final Year Project. Their project entitled “Design and Implementation of Identity Control and Access Management for Cloud-based Environment” was carried out under the supervision of Lab Director, Dr. Awais Shibli. Their work highlights the solution of identity management challenges in cloud computing by providing an implementation of Web Single Sign-on (SSO) using SAML, according to the Federal ICAM’s specifications. They successfully developed an effective SSO mechanism which centralizes authorization and identity management in the cloud and eliminates the need for multiple identities, consequently reducing the possibility of identity theft and making the cloud experience more secure. This project required proficiency in Java, J2SE, J2EE, JSP, Servlets, Web services, XML, SAML, Apache Tomcat Server and Cryptographic techniques.

    Currently, Ms. Arjumand Fatima and Ms. Yumna Ghazi are working as Research Associates at KTH-SEECS AIS Lab in an ongoing funded project named “Extensible Access Control Framework for Cloud based Applications”.


  • Successful Master Thesis Defense of Hirra Anwar -- 2013-07-01

    We are extremely pleased to announce that Hirra Anwar has defended her MSc thesis titled "Secure Access Control System for Digital Repositories - DSpace as a case study". Hirra’s accomplishments during her MSc studies are remarkable with numerous peer-reviewed presentations, abstracts and published articles in various prestigious confrences and journals. She was able to complete her thesis with in the allotted time. Her work simply is at the forefront of the field and we are extremely proud of her accomplishments. We are also very excited to have Hirra as a faculty member in Department of Computer Science at NUST-SEECS.
    Congratulations Hirra, you surely deserve every honour that you have received!


  • Successful Master Thesis Defense of Rahat Masood -- 2013-05-01

    KTH - AIS Lab is extremely pleased to announce that Ms. Rahat Masood has defended her MSc thesis titled "Fine-Grained Access Control for Database Management Systems". In her thesis work, she proposed a fine-grained access control scheme, to enhance the security of Database Management Systems.  The advancement in database technology (mainly including Object-Oriented and NoSQL) has made traditional security controls no longer adequate for providing effective security measures, since design and principles of such databases are completely different from those of traditional databases. In order to provide the strong shield of protection in Database Management Systems, a fine-grained access control scheme, to control access at the row and column level or even at cell-level, should be effectively implemented for the traditional and the latest database paradigms. Rahat’s accomplishments during her MSc studies were outstanding with various published research articles in IEEE, ACM and Springer prestigious confrences along with a publication in a journal paper.  Wcongratulate Rahat on this achievement. 


  • Successful Master Thesis Defense of Imraan Shamoon -- 2013-05-01

    The KTH-AIS Lab Group would like to congratulate Mr. Imraan Shamoon on his successful thesis defense! In his thesis entitled “Access Control Lists Conflict Detection and Resolution System”, he carried out the research in two main directions, where firstly he proposed ACL conflict detection and resolution algorithm, which resolve conflicts with user interaction. Secondly, he used XACML policy specification language to convert the conflict free ACLs to XACML policy after which the request evaluator used the XACML policy to response the access request. During his thesis, he published one research paper titled “Policy Conflict Management using XACML” in 2nd International Conference on Communication and Information Sciences, IEEE Proceedings. Best wishes to Imraan in all of his endeavors! 


  • Successful Master Thesis Defense of Khalid Hafeez -- 2013-04-12

    Khalid Hafeez successfully defended his thesis work entitled "Interoperability among Access Control Models” on April 12, 2013. Khalid completed his dissertation research in making access control models interoperable among different organizations. His solution shows the sharing of valuable resources between different organizations in a secure, reliable and efficient manner with no or minimal changes to their existing infrastructure. The proposed solution converts the existing access control policies of collaborating organizations into Attribute based Access Control (ABAC) Model by a Model Transformation Utility (MTU). As a case-study, policies of Role based Access Control (RBAC) model are transformed into ABAC policies using MTU and using Extensible Access Control Markup Language (XACML). Khalid designed number of test cases to verify the correctness of policies transformation. Congratulations Khalid for your successful thesis defense! We wish you continued success in your career.


  • New Research Initiatives for MS Students -- 2013-04-12

    KTH-Applied Information Security Lab offers thesis research in the areas of Cloud Security. Currently, we are working on multidisciplinary areas of information security, particularly including Cloud and Database security. In order to expand our knowledge on Cloud security domain, we are proposing several research thesis ideas on the design and development of solutions for secure Cloud environments. Through these new initiatives, we aim to meet the security challenges that Cloud Computing is facing today.  

    We welcome all students in search of a Master thesis to identify an area of interest from our given research initiatives and to communicate this to us whenever possible. Besides the possibility of working on predefined thesis topics, we can also specify custom topics related to the interests of students (however, topics should only be from Cloud security area). We will be glad to discuss and form your ideal thesis topic. Please click the Research Initiatives to read about our ideas. 

    If you decide to work on any of the ideas, please let us know. Thesis topics can be discussed with Lab Director - Dr. Muhammad Awais Shibli during office hours. To learn more about available topics, contact us at ais.kth@seecs.edu.pk


  • Successful Master Thesis Defense of Um-e-Ghazia -- 2013-03-27

    The KTH-AIS Lab Group would like to congratulate Miss Um-e-Ghazia on her successful thesis defense! Her thesis titled “Usage based Access Control for Web based Applications” was carried out in two main directions where she explored the applicability of Usage based access control model in different applications and environments. Her theoretical work highlights the essential features that must be incorporated in access control models to cater dynamism of Cloud environment. She analyzed and compared number of Cloud based access control models through NIST defined access control metrics. Her results indicate that UCON model is the most appropriate model that can perform better according to specifications of Cloud environment. She has proposed the UCON profile in eXtensible access control markup language (XACML). This UCON profile has been formulated by the addition of newly created attributes and identifiers in XACML that enable organizations to deploy this model in different scenarios. During her thesis, she published two research papers titled “Comparative Analysis of Access Control Systems on Cloud” and “Usage Control Model Specification in XACML Policy Language”. We will sorely miss her intelligence, enthusiasm and mentorship in the lab, and although we weigh her departure with a heavy heart, we anticipate great things in her future. Best wishes to Ghazia in all of her endeavors!


  • Job Openings for Funded ICT R&D Project -- 2013-03-23

    KTH-AIS Lab is in the process of hiring potential candidates to work on the ICT R&D funded project titled “Extensible Access Control Framework for Cloud based Applications”. This research project focuses on the design and development of a generic access control framework for Cloud applications hosted on Software as a Service (SaaS) delivery model. The project will facilitate private and public sectors by help assuring them that their information on Cloud is appropriately and securely managed. This project is an initiative taken by KTH-AIS to make Pakistan visible as a credible partner in the worldwide Cloud Security community. Please visit the link for further details on announced positions.


  • National ICT R&D approves the Proposal titled "Extensible Access Control Framework for Cloud based Applications" worth 13 Million PKR -- 2013-03-03

    With the grace of Allah-Almighty, KTH- Applied Information Security Lab is pleased to announce the approval of their project proposal entitled “Extensible Access Control Framework for Cloud based Applications” by National ICT R&D Fund, Ministry of Information Technology. The proposal is approved with the proposed budget of 13 Million PKR over a period of 24 months. This project focuses on the design and development of a generic access control framework for the Software as a Service (SaaS) hosted Cloud applications. The main goal of this project is to facilitate private and public sectors by help assuring them that their information on Cloud is appropriately and securely managed. It will serves as an incubator and capacity builder for higher education and our research institutes. The project is an initiative taken by KTH-AIS to make Pakistan visible as a credible partner in the worldwide Cloud Security community. We need your support and prayers to bring positive visibility of the emerging research culture in Pakistani universities. We encourage undergraduate students of NUST to come forward and avail an opportunity to work with our graduate researchers and gain firsthand knowledge in the state-of-the-art Cloud security.


  • Conference Paper Published in ICACT 2013 -- 2013-01-27

    Paper titled, "Management of Symmetric Cryptographic Keys in Cloud Based Environment" by Faiza Fakhar and Muhammad Awais Shibli has been published in 15th International Conference on Advanced Communications Technology (ICACT), Co-sponsored by IEEE, PyeongChang, Korea 2013


  • Conference Paper Published in ICACT 2013 -- 2013-01-27

    Paper titled, "Comparative Analysis of Security Mechanisms in Cloud Paradigm" by Faiza Fakhar and Muhammad Awais Shibli has been accepted in 15th International Conference on Advanced Communications Technology (ICACT), Co-sponsored by IEEE, PyeongChang, Korea 2013


  • Successful Master Thesis Defense of Muhammad Asif -- 2013-01-02

    KTH - AIS Lab would like to congratulate Mr. Muhammad Asif on his successful thesis defense. In his thesis titled “Generic Light Weight Certificate Management Protocol”, he designed Generic Light Weight Certificate Management Protocol (GLCMP). He adopted a holistic approach in order to solve complex certificate management task. In order to achieve desired objectives, proxy based architecture has been adopted to offload computational intensive operations from mobile devices. In GLCMP, the trust between mobile device and proxy server is developed without exchanging any secret information on network. In addition, GLCMP is designed and developed by using the concept of generic security objects. The claimed security properties (authentication, confidentiality and non-repudiation) of the protocol are formally verified by employing formal Z-Notation modeling. In Z-Notation modeling, different attacks are formalized on messages exchanged between components and discussed all possible scenarios in which an attacker can attack the protocol.  Congratulations Asif and best wishes for future.