Me, myself and my research...

My PhD topic is "Identity Management using Mobile Devices" in which I am investigating how modern smartphones, ever increasing in power and size, can be used for managing our online identities. Even though Identity Management has been a very popular topic in recent times, there have been several discrepancies on several aspects of Identity Management. Many central topics are either not defined properly or have several interpretations. One of the main reasons for this is the lack of a formal definition. In my theoretical works, I am working to develop a mathematical model of Identity and Identity Management to solve this problem. The practical aspect of my PhD involves investigating how the existing identity management technologies can take advantage of the ubiquitousness of modern smartphones. I have several publications on these works. Feel free to have a look at my publications if you are curious.

Identity Management has been a very popular topic in recent years. With the proliferation of online services, people are flooded with online accounts. In many cases, when someone needs to access an online service, he/she has to register by providing several information (Name, Age, e-mail, telephone number, etc.) including a username/password. An online account with these information in a service provider (an organisation that provides online service, e.g. Banks) is regarded as a digital identity of the user. When the number of such digital identities start increasing, their management become problematic for any user. The side effects of this are that users use the same username/password pair for different accounts during registration which ultimately increases the chance of personal data being stolen and users face difficulties to manage personal data that are scattered in several places. These, for all the right reasons, raise lots of security and privacy concern. Identity Management is the research topic that investigates how the number of accounts that any user needs to manage to access a number of online services can be minimised and how users can manage their online data in a secure and privacy-friendly way.

We, the human being, love Petnames. We love to give Petnames for identifying different surrounding entities. This is so naturally embedded into us that we even don't notice it. A Petname System focuses on the easiness the petname brings to identify an entity and allows the user to provide a petname for an entity. Research shows that users have difficulties to identify an entity while they engage in online activities. This is one of the main reasons that makes phishing attacks so successful. Integrating Petname Systems into the browsers might help the user to easily differentiate between legitimate and fraudulent websites. In our research, we have formulated several key properties for a Petname System.

Trust Management has been a very popular research topic in recent years. Trust management is the mechanism by which the trust relationship between two stated entities can be analysed and then, if needed, be established. There have been several aspects of trust management, but currently my focus is mainly on the roles the trust management plays in Identity Management.

Security Usability is the mixture of CHI and Security that measures the effectiveness of a security solution or a secure system. A secure system is considered less useful if its users find it difficult to use. Several research show that general users who lack with technical know-hows of current security technologies find it very difficult to use them properly. This has been considered as one of the key reasons behind many security breaches.

Apart from the topics mentioned above, I also have keen interest in other Privacy Enchancing Technologies (PETs) and RFID Security.

• Reviewer of the Theory and Practice of Cryptography Solutions for Secure Information Systems (CRYPSIS). Editors: Atilla Elçi et al. Published by IGI Global, May 2013. ISBN13: 9781466640306
• Program Co-Chair, the 6th International Conference on Security of Information and Networks (SIN'15), 2015.
• Local Arrangements Co-Chair, the 6th International Conference on Security of Information and Networks (SIN'14), 2014.
• PC Member (Poster Chair), the 6th International Conference on Security of Information and Networks (SIN'13), 2013.
• Organiser of the 1st SICSA Cyber Security Conference, 2013.
• PC Member of the 17th Nordic Conference on Secure IT Systems (NordSec 2012).
• Organiser of the workshop titled Large Scale Experiments & Modelling at the SICSA PhD Conference 2012.