Ph.D. Research Assistantships

Department of Computer Science, Stevens Institute of Technology, Hoboken, New Jersey, USA
Department of Computing and Information Sciences, Kansas State University, Manhattan, Kansas, USA

Description of the Positions

Two Ph.D. research assistantships are available starting Spring 2007 for research in software security policy specification and program analyses for software security.

Project title: Access Control and Downgrading in Information Flow Assurance.

The project is funded by the US National Science Foundation (CyberTrust). It also involves collaborations with several researchers in the European project Mobius, at IBM Research, Microsoft Research, the SAnToS Laboratory at Kansas State University, etc.

One position is at the Department of Computer Science, Stevens Institute of Technology and the other is at the Department of Computing and Information Sciences, Kansas State University. The Ph.D. supervisors will be Anindya Banerjee (publications) at Kansas State University and/or David Naumann (publications) at Stevens Institute of Technology.

Project Summary

The broad objective is for confidentiality and integrity requirements to be expressed as such, with clear meaning for requirements analysts and implementors. Designs should explicitly account for the use of access controls and other means to satisfy information flow requirements. Designs and implementations must be checked for conformance with information flow policies, accounting for interaction with less trustworthy components. Rigorous validation tools must serve both to ensure compliance and also to help avoid waste of resources in unnecessary runtime checks, monitoring, or other security measures. The tools should not only guide developers but also facilitate system administration, so that trustworthiness is maintained as circumstances change and systems evolve.

Suggested Background

The ideal candidates will have background and interests in one or more of the following areas:

• Computer Security (a basic course covering, e.g., Bishop's Introduction to Computer Security text)
• Programming Languages (a basic course on Principles of Programming covering, e.g., Friedman, Wand and Haynes's Essentials of Programming Langauges text)
• Reasoning about programs (as covered in a semantics or a formal methods course)
• Program Analysis (a basic course covering, e.g., Nielson, Nielson and Hankin's Principles of Program Analysis text).

The positions are available starting in Spring 2007. The typical duration of the Ph.D. is 4--6 years and involves initial coursework followed by a qualifying examination that decides candidacy for the Ph.D. Exceptionally qualified candidates might obtain some waivers on course work. For more details about the departmental Ph.D. requirements, applicants can follow these links to the Kansas State PhD program and the Stevens Institute of Technology PhD program.

Contact Information

Inquiries can be directed to Anindya Banerjee at:

Inquiries can be directed to David Naumann at:

Applying for the Positions

Candidates will need to go through the formal application process at the respective institutions through the following links (obtained from the links above):

• Applications for Kansas State University
• Applications for Stevens Institute of Technology

• A current curriculum vitae
• A statement of research interests (1 page).
• Research publications (if any)

• the capacity in which they know the candidate and the duration for which they have known the candidate,
• the candidate's skills, abilities and performance,
• the candidate's record including details of the candidate's role(s)
• their view of the candidate's suitability for the Ph.D.
• any further relevant information which would assist us in choosing the right candidate.

Acknowledgement