Research Assistant in Mobile Forensics, University of Bristol, UK, EU
Based in the Systems Centre and the Cryptography Group within the Department of Computer Science, you will work on a European Union funded project exploring the design and implementation of new approaches for the detection of and response to Internet abuse. You will join a team of researchers working on the same project, with whom you will be expected to work in very close collaboration. As such, evidence of prior teamwork and excellent communication skills are essential.
You will be required to conduct research in computer and network forensics, to design and develop tools for the extraction and forensic analysis of digital evidence from Android Smartphones and to assist with the integration of those tools with a visualization toolkit, which is also being developed as part of the same project. The work will focus primarily on network activity and social networking applications. Other areas will also be investigated during the course of the project, including but not limited to data extraction and forensic investigation of WiFi routers, Femtocells, wireless sensor devices.
You will be expected to disseminate project results by writing academic papers and by making presentations. You will also participate in writing project deliverables and reports. The role will require interaction with law enforcement agencies and legal practitioners, so having the ability to develop a good understanding of legal issues surrounding the abuse of the Internet will be an asset.
Excellent understanding of information security and computer networking is essential. Prior experience with collaborative software development is desirable, with focus on the languages listed in the ‘Further Particulars’ document. You will possess or be near completion of a PhD in information and communication security, computer networks, computer forensics or related discipline.
This post is funded for 12 months. It is expected that interviews will
Senior Lecturer / Associate Professor, University of Cape Town, South Africa
The Department of Mathematics and Applied Mathematics is a large and dynamic establishment with over thirty faculty members. We seek to make two new appointments in Pure Mathematics as soon as possible. Applications are sought for two posts at the level of Senior Lecturer / Associate Professor.
Candidates must be in possession of a PhD in the Mathematical Sciences and are expected to have a strong research track record, which must show evidence of independence and leadership.
Applications in all areas of Pure Mathematics will be considered. However we are particularly seeking active researchers whose research field complements and strengthens the existing research in our department in algebra, analysis, discrete mathematics related to computer science (including cryptography), and geometry. The department intends filling one of the posts with an algebraist.
Candidates should indicate for which level of position they are applying. Level of appointment will be commensurate with experience and standing of applicants; at Associate Professor level a record of Post Graduate supervision would normally be expected.
The successful applicants will be expected to teach not only in their areas of research, but also service courses offered to other Faculties such as Engineering and Commerce, to contribute to the administration of the department and its courses, to supervise students and to attract research funding.
The annual remuneration packages, including benefits, are as follows:
• Associate Professor: R 663 359
• Senior Lecturer: R 562 173
To apply, please e-mail the completed UCT Application form (HR201) and all other relevant documentation as indicated on the form, with the subject line “SL/AP - MAM” followed by the reference number to Ms Melanie Falken at melanie.falken (at) uct.ac.za.
Reference number for this position: SR463/13
Incentivizing Outsourced Computation, by Mira Belenkiy and Melissa Chase and C. Chris Erway and John Jannotti and Alptekin Küpçü and Anna Lysyanskaya
We describe different strategies a central authority, the boss, can use to distribute computation to untrusted contractors. Our problem is inspired by volunteer distributed computing projects such as SETI@home, which outsource computation to large numbers of participants. For many tasks, verifying a task\'s output requires as much work as computing it again; additionally, some tasks may produce certain outputs with greater probability than others. A selfish contractor may try to exploit these factors, by submitting potentially incorrect results and claiming a reward. Further, malicious contractors may respond incorrectly, to cause direct harm or to create additional overhead for result-checking.
We consider the scenario where there is a credit system whereby users can be rewarded for good work and fined for cheating. We show how to set rewards and fines that incentivize proper behavior from rational contractors, and mitigate the damage caused by malicious contractors. We analyze two strategies: random double-checking by the boss, and hiring multiple contractors to perform the same job.
We also present a bounty mechanism when multiple contractors are employed; the key insight is to give a reward to a contractor who catches another worker cheating. Furthermore, if we can assume that at least a small fraction h of the contractors are honest (1% − 10%), then we can provide graceful degradation for the accuracy of the system and the work the boss has to perform. This is much better than the Byzantine approach, which typically assumes h > 60%.
Policy-based Secure Deletion, by Christian Cachin and Kristiyan Haralambiev and Hsu-Chun Hsiao and Alessandro Sorniotti
Securely deleting data from storage systems has become difficult
today. Most storage space is provided as a virtual resource and traverses
many layers between the user and the actual physical storage medium.
Operations to properly erase data and wipe out all its traces are
typically not foreseen. This paper introduces a cryptographic model
for policy-based secure deletion of data in storage systems, whose
security relies on the proper erasure of cryptographic keys.
Deletion operations are expressed in terms of a deletion policy that
describes data destruction through deletion attributes and
protection classes. A protection class is first applied to the
stored data. Later, a secure deletion operation takes attributes as
parameters and triggers the destruction of all data whose protection
class is deleted according to the policy. No stored data is ever
re-encrypted. A cryptographic construction is presented for
deletion policies given by directed acyclic graphs; it is built in a
modular way from exploiting that secure deletion schemes may be
composed with each other. Finally, the paper describes a prototype
implementation of a Linux filesystem with policy-based secure