Wednesday 18 December 2019 – Lunchtime Seminar with Carlos Eduardo da Silva (Senior Lecturer in Software Engineering)

Title: Employing Self-adaptation for dealing with Insider Threats
Speaker: Carlos Eduardo da Silva (Senior Lecturer in Software Engineering with the Department of Computing, Sheffield Hallam University)

Access control mechanisms have been used in information systems to restrict access to sensitive information. Such mechanisms are very effective in dealing with external agent threats. However, access control policies are often static and unable to deal with anomalous behaviour of malicious users who have access permission to the system.
Self-adaptive system has been shown as a possible response for this situation, since they are able to monitor and analyse themselves and the environment in which they are deployed for detecting the need to change, modifying themselves in response to any detected situation over various and unpredictable conditions.

In this talk, Carlos will present the journey for dealing with insider threat exploring business processes and stochastic model checking for dynamically reconfiguring the role-based access control (RBAC) of information systems; its application over OpenStack cloud platform; and the dynamic reconfiguration of distributed firewall rules.

Carlos Eduardo da Silva is a Senior Lecturer in Software Engineering with the Department of Computing at Sheffield Hallam University since September 2019. He received a PhD in Computer Science from the University of Kent at Canterbury, UK (2011). Previously (2012-2019), he was a senior lecturer at the Metropole Digital Institute (IMD) at the Federal University of Rio Grande do Norte (UFRN), Brazil, where he was the Head (Sep 2017 to Sep 2019, and Aug 2015 to Jan 2016) and deputy Head (Sep 2013 to Aug 2015) of the Post-graduate Program in Software Engineering (PPgSW) of IMD.

He is actively involved in R&D in the area of Software Engineering and its interplay with Information Security, exploring topics like Self-adaptive Software Systems, Service-orientation and Business Process, Secure by design, Digital Identity Management, Federation and Access Control. He has been involved in a number of projects related to Smart Cities and Information Security, exploring the application of the above mentioned topics to the areas of Cloud Computing, Internet of Things and DevOps. He was one of the leaders of the cloud computing for science (CNC) work group of the Brazilian National Research and Education Network (RNP), which deployed a large scale cloud storage platform throughout Brazil and resulted in a spin-off company.

He is a member of the Identity Management Technical Committee of RNP, and of the steering committee of the Special Interest Group in information and computational systems security of the Brazilian Computer Society.


See here for details of other seminars in the series.

All SHU staff and students are welcome to attend the C3RI Lunchtime Research Seminars. If you are from outside of the University and would like to attend a seminar, please email the C3RI Administrator to arrange entry.