Security and Privacy

We look at security and privacy and their relationship to the system development process. Our work informs and is driven by the importance of the early understanding of the needs of security and privacy upon a system. Our work includes: security and privacy polices: for example formal verification that a security policy is respected; security and privacy requirements elicitation and analysis: for example argumentation methods to validate that a system satisfies its security goals; and model-driven security analysis: for example, formally verifying that a system modelled with UML maintains information confidentiality. Contact: Dr. Arosha K. Bandara Research Projects Our ongoing research projects include model-based security argumentation and verification for life-long evolving systems (SecureChange, EU FP7), privacy rights management for mobile applications through privacy policy learning, verification and enforcement (EPSRC PRiMMA). We also engage the public through the events held at the Bletchley Park Museum and the public awareness web page (Security and Privacy for All).