What will you be doing?
Risk-adaptive access control (RAdAC) is a novel method for restricting access to resources (systems and data) to authorized users. It holds promise for providing more fine-grain access decisions than conventional access-control methods, such as RBAC, while at the same time allowing for a higher dynamicity in these decisions. The core concept behind RAdAC is that an explicit link should be formed between the “business benefits” and “security risks” associated to granting a user access. If the actual risk outweighs the acceptable risk (related to the business benefits), access is granted. RAdAC makes these risk estimations based on a set of attributes that are associated to a user, their device or the resources, such as a user’s geolocation, their device security status and the classification levels of the requested resources.
Both the resources that a user may request and the attributes used by RAdAC can be considered as sensitive or classified information that should be secured. In isolation, RAdAC only provides a means to ensure that only authorized and “trustworthy” users are allowed access to these resources, without providing the means to secure them or the attributes used by RAdAC. Yet, the protection of this sensitive data is fundamental to the practical implementation and realization of RAdAC.
In this thesis project, you will research how cryptographic means can be utilized to ensure that attributes and resources are sufficiently protected. For resource protection, you may research how concepts such as attribute-based encryption (ABE) can be utilized within the RAdAC concept. For the protection of attributes, you may research various ways that can be used to both encrypt attributes at rest or in transit, while having them available for risk calculations when access to a resource is requested.
What do we require of you?
- You are working on a Master’s degree in computer science or mathematics and would like to work on ICT security
- You are familiar with cryptography and are interested in deepening your knowledge in cryptography and/or applying cryptographic concepts in practice.
- You are capable of analytical thinking and understanding and bridging the gaps between multiple disciplines and technologies.
- You are capable of working autonomously.
- You have good communication skills.
- You are creative and innovative.
What can you expect of your work situation?
TNO is an independent research organisation whose expertise and research make an important contribution to the competitiveness of companies and organisations, to the economy and to the quality of society as a whole. Innovation with purpose is what TNO stands for. With 3000 people we develop knowledge not for its own sake but for practical application. To create new products that make life more pleasant and valuable and help companies innovate. To find creative answers to the questions posed by society. We work for a variety of customers: governments, the SME sector, large companies, service providers and non-governmental organisations. Working together on new knowledge, better products and clear recommendations for policy and processes. In everything we do, impact is the key. Our product and process innovations and recommendations are only worth something if our customers can use them to boost their competitiveness.
This department Cyber Security & Robustness (CSR) employs approximately 50 professionals who work on issues related to the security of IT networks, systems and smartphones to help our clients and associates take charge of their ICT security, detect fraud, review their architecture or develop a security design for new systems. The division is located at two locations: Groningen and The Hague.
What can TNO offer you?
You want to work on the precursor of your career; a work placement gives you an opportunity to take a good look at your prospective future employer. TNO goes a step further. It’s not just looking that interests us; you and your knowledge are essential to our innovation. That’s why we attach a great deal of value to your personal and professional development. You will, of course, be properly supervised during your work placement and be given the scope for you to get the best out of yourself. Naturally, we provide suitable work placement compensation.
Has this vacancy sparked your interest?
Then please feel free to apply on this vacancy! For further questions don’t hesitate to contact us.
Note that applications via email and third party applications are not taken into consideration.
Contact: Robert Seepers
Phone number: +31 (0)6-15214919