You are here


Like traditional security protocols, web-based security protocols are difficult to get right and are therefore a natural target for formal method techniques. We analyzed a number of Web-based security protocols.

The security model of the Android OS is based on the effective combination of a number of well-known security mechanisms. Although each security mechanism has been extensively tested and proved to be effective in isolation, their combination may suffer from unexpected security flaws.

Cloud computing and Service-oriented Applications provide access to data and resources in open environments. The main security challenge is thus to ensure that only authorized entities can access the resources. Access control (AC) is the main mechanism to mediate access between entities and resources. We design models, policy languages, policy analysis and enforcement mechanisms to meet the security challenges posed by cloud and service-oriented applications.