AISB opportunities Bulletin Item
PhD student position in logic for decision making in security, Bath, UK
Logic for Decision Making in Security https://www.findaphd.com/search/ProjectDetails.aspx?PJID=83168 Main supervisor: Professor Guy McCusker, University of Bath Second supervisor: Professor David Pym, University College London Security breaches often arise as a result of users? failure to comply with security policies or follow good security practice, even when the implications of such behaviour are known to them. Simple examples include the use of unencrypted USB sticks for the transport of sensitive information, or connecting to public WiFi networks despite the well-known dangers of so doing. There is evidence that this failure to comply with policy arises from the perception that the benefit of compliance is outweighed by the reduction in users? ability to complete their tasks when complying. In recent work we have proposed a qualitative analysis of the concept of ?compliance budget?: the idea that users have a finite budget of time and energy available for such costly compliance activities, beyond which they begin to deviate from secure behaviour. Compliance Budget Logic is a multi- modal logic incorporating a notion of preference which we use to describe and explain users? security decisions. This PhD project will develop the theory and applications of this Compliance Budget Logic. The basic theory of the logic will be developed, followed by its application to security decision-making. For example, we may study how the interaction of multiple security policies and multiple budgets (e.g. users? own time, laptop battery life, etc) may be described and analysed via our logic. Some of this work will be carried out in collaboration with leading security researchers at University College London. Anticipated start date: 2 October 2017.