Information Security Institute A university for the real world
QUT Home
Contact us
ISI HomeAbout UsResearchEvents and Community OutreachFor ISI Members


Research
Research Groups
Research Laboratories
Publications
Scholarships
[ Print-friendly version ]

Postgraduate Scholarships in the Information Security Institute

To assist students in their studies, QUT and the Information Security Institute (ISI) offer a range of scholarships that provide real support for commencing and continuing students. The ISI has a range of projects some of which carry specific scholarships.

Domestic Applicants

A domestic applicant is someone who has permanent residency (PR) or citizenship of Australia. The following scholarships are available through QUT and the ISI.

  • The Annual Scholarship Round is open and will close at 5pm on 9 October, 2009. Commencing domestic research higher degree students apply for admission and a QUT Postgraduate Research Award (PRA) scholarship via the QUT Research Students Centre:
    http://www.rsc.qut.edu.au/future/scholarships/Annual_round_awards.jsp
  • Students who are recipients of an Australian Postgraduate Scholarship (APA) or a QUT Postgraduate Research Award (QUPRA) will receive an ISI top up of $6,000 per annum subject to satisfactory progress
  • Up to 3 top up scholarship to students of exceptional research potential. Value of the top up will be equal to the difference of a full ISI scholarship ($36,669 for 2009) and an Australian Postgraduate Scholarship (APA) ($20,427 for 2009):
    2009 Institute Rules Domestic

International Applicants

An international applicant is someone who does not have permanent residency (PR) or citizenship of Australia. The following scholarships are available through QUT and the ISI.

  • The Annual Scholarship Round is open and will close on 30 September, 2009. Commencing international research higher degree students apply for admission and a QUT Postgraduate Research Award (PRA) scholarship via the QUT Research Students Centre:
    http://www.rsc.qut.edu.au/future/scholarships/Annual_round_awards.jsp
  • Students who are recipients of a QUT Postgraduate Research Award (QUPRA) will receive an ISI top up of $6,000 per annum subject to satisfactory progress
  • Students who are the recipient of a QUT Postgraduate Research Award (QUPRA) may receive a QUT fee waiver.

 

Projects Areas

Specific projects are list below. Applications are welcome from suitably qualified students for PhD study in any area of ISI's research. Applicants are encouraged to propose a project within any of the ISI Research Groups: http://www.isi.qut.edu.au/research/groups/.

ARC Linkage Project: Airports of the Future
ID and Authorisation Management Sub-project
PhD Proposal - An authorisation system for the airport information model.

A significant opportunity exists to work with a multidisciplinary team on a large-scale research project that is investigating the next generation of management and information systems for "airports of the future". With over 30 participating partners encompassing the full spectrum of the airport eco-system, this project offers a rare opportunity to undertake cutting-edge research grounded in the real-world needs of the commercial aviation sector.

The project aims to improve the security, efficiency and passenger experience within Australian airports by developing an integrated, adaptive complex systems approach for the engineering, design, management and operation of airport systems. An "Airport Information Model" (AIM) lies at the heart of the conceptual vision. This model will house strategic decision support systems; it will encompass structure, space, operations, building functionality, security and facilitation systems; and will provide both conceptual and quantitative management tools.

The research opportunity lies in the field of information security, focusing on developing authorisation systems for the AIM. The AIM will store a vast range of sensitive information that will require protection against unauthorised access and misuse. As a unifying metaphor, the AIM acts as a gateway to applications and services that drive airport business, from passenger facilitation to physical security, screening and surveillance. An identity management and authorisation system that reflects the needs of a complex organisational and administrative environment is needed.

The research will focus on developing an authorisation model for the AIM. Due to the heterogeneity of the systems the AIM unifies and links, an abstract, platform-independent authorisation architecture such as the OASIS standardised, XACML will form the basis of the model. The work will also involve investigations of authorisation methods appropriate for cooperative but independent database systems. The enforcement of privacy related policies over data use and disclosure determined by a requester.s access purpose rather than their identity will also be a focus.

For more information please contact the project leader Prof Ed Dawson

 

Security-aware Business Process Management

In the modern business world the design and management of business processes is a key factor for companies to compete effectively. Business Process Management (BPM) focuses on aligning organizations with customers requirements. It is a holistic management approach that promotes business effectiveness and efficiency while striving for innovation, flexibility, and integration with technology. While the focus on BPM is now a widely accepted industrial attitude, existing BPM methodologies barely consider security constraints and objectives. Business processes and security issues are developed separately and often do not follow the same strategy. It is however crucial to ensure the security of corporate business processes for the success of companies.

This project will study the state of the art of BPM and security and investigate a systematic overview on how security can be applied to and/or integrated with BPM. This will involve identifying a number of research topics in security and BPM areas which in combination will lead to novel methodologies and techniques for developing and maintaining security-awareness through the entire business process life cycle. Possible topics include, but are not limited to, the following:

- Security-aware business process design and improvement
- Security management of service registry and access to SOA-based BPM systems
- Creation and maintenance of BPM system users security profiles
- Information and trust management using security measurements
- Business process compliance with security policy

For more information please contact the project leader Prof Arthur ter Hofstede

 

Efficiency of Hyperelliptic Curve Arithmetic

The use of hyperelliptic curves in cryptography came about in 1989 from Neal Koblitz. Although introduced only 3 years after Elliptic Curve Cryptography, not many cryptosystems implement hyperelliptic curves because the implementation of the arithmetic isn't as efficient as with cryptosystems based on elliptic curves or factoring. The efficiency of implementing the arithmetic depends on the underlying finite field and in practice it turns out that finite fields of characteristic 2 are a good choice for hardware implementations while software is usually faster in odd characteristic.

However, as has been seen with the case of elliptic curves, much recent research on implementation of elliptic curve arithmetic has lead to giant strides forward in the efficiency of elliptic curve arithmetic, which is continuing to this day. This research project would involve investigating ways and means to improve the arithmetic of hyperelliptic curves with the goals of (1) developing different forms of the hyperelliptic equation which may provide improved arithmetic, (2) investigating which coordinate systems provide increased efficiency, and (3) combining (1) and (2) to produce algorithms that are more efficient than those currently used.

For more information please contact the project leader Prof Ed Dawson, Dr Gary Carter

 

PhD Proposal: Forensics in control systems

The systems controlling our critical infrastructures such as gas, electricity, water and communications are constructed from unique hardware, teamed with commercial software, operating systems, and public networks. It is widely acknowledged that these control systems have brittle security properties and are vulnerable to cyber attack and subversion. To date, security efforts have been focused on preventative security, with little attention paid to developing forensic capabilities in support of rapid identification and remediation of incidents.

The goals of this project are to identify novel approaches to conducting forensics within control systems. The potential candidate may choose from a wide range of potential research challenges related to forensic attribution. These challenges lie at multiple layers of the computing stack, ranging from extraction of evidence from custom hardware, to source attribution of malicious software, and forensics of unknown network protocols.

For more information please cotnact the project leader Dr Bradley Schatz

 

-------------------------------------------------------------------------------------------------
For enquiries, please contact:

Elizabeth Hansford
Administration Manager
Information Security Institute
Queensland University of Technology
GPO Box 2434 BRISBANE QLD 4001
Phone: +61 7 3138 9573
Email: e.hansford@qut.edu.au
Web: www.isi.qut.edu.au


About Us | Research | Events and Community Outreach | For ISI Members
QUT Home | ISI Home | Site Map | Search
CRICOS No. 00213J
 Privacy | Copyright Matters | Accessibility
 Compliance | Contact Us | Feedback | Disclaimer
 Last modified 14-Sep-2009