NTNU Erasmus Mundus

Dr Lawrie Brown's SSP 2010

Lawrie visited the Dept of Telematics at NTNU (Norwegian University of Science and Technology) (pictured below left) in Trondheim, Norway (pictured right), as a NordSecMob (NSM) scholar with support from the European Commission under the Erasmus Mundus program, during session 1 in 2010.

During this time he both contributed to the teaching of relevant NSM courses at NTNU by providing a series of guest lectures to the course "TTM4135 InfoSec"; and explored research collaborations with staff there, with a particular focus and effort in the area detailed below. He also gave several short talks introducing himself and his background to several groups of staff, and presented a couple of his recent seminars.

Lawrie also briefly visited DTU Infomatics at the start of this period, to meet and talk with some of the NordSecMob staff and students there.

Restricted Proxy Certificates for Client Authentication

The main focus of his research was on exploring details of how Restricted X.509 Proxy Certificates can be used as a means of identification and authorisation in a range of application contexts distinct from the grid computing community in which they were developed. More specifically, he is interested in applications where a server issues proxy certificates to user clients to grant them (possibly restricted) access to the service. They thus function as a capability. This is the opposite sense to how they are used in the grid computing community, where a client users issues the proxy certificate to the grid in order to grant to it some of the user's privileges. He is currently exploring several specific application contexts: including their use to authorize the connection of first-responders mobile devices to a restricted ad-hoc network created to handle some emergency; as a mechanism that would allow an anonymous user to make contributions to a project (such as entries into a wiki), whilst still allowing the service to track their contributions as distinct from those of others; and to authorise client use of a home area network (HAN) granting different rights to different categories of devices.

Dr Lawrie Brown / 20 Jul 2010