The focus of my research is Computer Security. The ever increasing dependence of society on computers and the information they store and transmit creates an equal importance of the security of systems and data. A system is only as valuable as it is secure. Most of this work is done as part of the Distributed Systems and Network Security Research group at Macquarie University under the leadership of Prof. V. Varadharajan.
Within the broad area of Computer Security most of my work concentrates on two fields, authorisation (or access control) and network security.
Authorisation determines what a user or other entity is able to do within a system. I am involved in a number of projects in this area. One involves examining the common basic models of access control (such as the access control matrix, capabilities, role based access control and lattice based access control) and establishing a formalism which encompasses them all. A grand unified theory of access control, if you like. Another is examining access control for distributed systems. In this project we aim to develop structures and mechanisms to allowed controlled devolution of management of access control throughout the system. Other projects include access control for XML data stores and language mechanisms for expressing access control policies.In the area of network security we are currently working on security for mobile and ad-hoc networks. Challenges in this area include allowances for low power devices, transitory network sstructrue and position and requirements for anonymity. Past projects involved security for Asynchronous Transfer Mode (ATM) networks, protocols for inter-system authentication and, with the Active Nets research group at the University of Sydney, work on active networks.
I have supervised 13 honours students, most of whose projects were in the area of security, and the following research students: