The candidate’s tasks include:
- Assistance with teaching classes in security
- Conducting research publishable in reputable international venues
- Writing of progress reports and presentations towards thesis
- Work constructively towards goals set by supervisors
The candidate should be prepared to engage in the project ``Semi-Controlled Distributed Account Management’’ described below. The project is within the Security and Trust of Software System (SaToSS) research group led by Prof Sjouke Mauw.
Description of proposed PhD thesis topic...
The use of a password manager is a current best practice that many users and organisations follow. Password managers facilitate the generation and maintenance of unique, complex and random passwords and thus help prevent account compromise due to weak or reused passwords. However, with the rising number of apps, online accounts, smart devices and authentication methods, we are facing many new threats that are not related to passwords. For example, we must now also worry about misconfigured apps, third-party access permissions to accounts, vulnerabilities of devices, and security incidents at service providers.
Moreover, our apps, accounts, and devices are interconnected: An email app on a smartphone provides access to the email account to anyone who can unlock the smartphone. If, say, the smartphone user’s groceries account supports password resetting by email, then the user’s groceries account, too, can be accessed by anyone who can unlock the smartphone. There are many other such connections due to multi-factor, single sign-on, and other authentication methods. We refer to this collection of apps, devices, accounts, and authentication methods as an account ecosystem.
The interconnected nature of items in an account ecosystem means that for any security incident involving one item, there are potential ramifications for every other item in an account ecosystem. In our user study of 20 young to middle aged adults, they reported on average 43 items in their account ecosystems that were in active use. The complexity of account ecosystems is expected to further increase significantly with new services, such as Open Banking, connecting our existing accounts with new third-party account services, and new items, such as wearable devices, smart home appliances, car infotainment systems connecting to our existing devices such as smartphones, home routers, and introducing new apps and cloud services to control them.
Yet, there is no tool that helps managing our account ecosystems and no simple way to assess the risks to the integrity and availability of items in our account ecosystem. Indeed, it is precisely the lack of such a tool at the larger scale of an organisation’s account ecosystem that leaves many institutions blind to the possible attack paths that ransomware attacks have exploited.
Similar Positions
-
Ph D Candidate: Environmental Microbiology , Radboud University, Netherlands, about 15 hours ago
Employment 1.0 FTE Gross monthly salary € 2,770 - € 3,539 Required background Research University Degree Organizational unit Faculty of Science Application deadline 12 May 2024 Apply now Are you f...
-
Ph D Position Ad Riddle, Amsterdam UMC, Netherlands, 27 days ago
28 Mar 2024 Job Information Organisation/Company Amsterdam UMC Research Field Medical sciences Researcher Profile First Stage Researcher (R1) Country Netherlands Application Deadline 11 Apr 2024 -...
-
Ph D Position On Development Of A Bio Artificial Kidney Device Consisting Of Living Membranes For Improved Kidney Replacement ..., AcademicTransfer, Netherlands, 21 days ago
PhD position on Development of a BioArtificial Kidney device consisting of living membranes for improved kidney replacement ... PhD position on Development of a BioArtificial Kidney device consist...
-
Ph D Position Youth Mental Health (100%) , University of Basel, Switzerland, 9 days ago
The Faculty of Psychology is one of the seven faculties of the oldest university in Switzerland. With our focuses on Society & Choice and Health & Interventions, we are nationally and internationa...
-
Four Ph D Positions In Ai, Digital Humanities, And Cultural Heritage , University of Amsterdam, Netherlands, 13 days ago
Do you want to become part of a dynamic community that is at the forefront of Artificial Intelligence, Digital Humanities, and Cultural Heritage? Our experts from the Institute for Logic, Language...
-
B 0045 24 – Research Grant (Bi) – 01/04/2024 – More4 Water – Water4 All/0007/2022, Instituto de Telecomunicações, Portugal, 21 days ago
3 Apr 2024 Job Information Organisation/Company Instituto de Telecomunicações Research Field Engineering » Electronic engineering Engineering » Electrical engineering Engineering » Computer engine...