Research Fellow, Horizon Digital Economy Research Centre, University of Nottingham
I started my career by obtaining my B.Eng. in Computer Engineering and an AACSB/CFA accredited MBA in finance. I then worked as a developer, support engineer, a consultant, and a project manager for various multinational companies in the financial and telecom sectors. After almost a decade, I decided to go back to academia to complete an MSc and then a PhD in Computer Science at Nottingham University/UK. Currently, I’m currently a Research Fellow, examining technologies for secure Internet of Things (IoT) in a domestic environment using tangible interactions. I also have interests in delay tolerant, P2P, privacy and cyber-security, and mobile ad-hoc networks.
My greatest achievement is developing and evaluating a secure and privacy-preserving protocol for accessing Location-based Service (LBS). It was pioneering work into protecting users’ location privacy by preventing tracking by curious or malicious LBS without relying on a trusted-third party (TTP). Many existing approaches at that time relied on using a trusted server (or TTP) that acts as a ‘middle-man’ between the user and the LBS. This created a single point of attack, but also introduced a bottleneck for all communication. I became fascinated by researching means of leveraging users’ own social-network information (which is readily available on most modern mobile handsets) to facilitate an opportunistic routing. The objective was to obfuscate the source of the various queries sent to the LBS by hiding both the source and the forwarding path taken by each query. I developed a protocol named Location Privacy-aware Forwarding (LPAF), which was validated statistically and using real-world mobile phone traces.
One of the biggest research questions that needs addressing is how we can ensure that users are secure and can control their privacy across the digital world without being disadvantaged. We see technology entering new physical spaces such as bedrooms and built environment in general, and assuming new and more critical responsibilities such as controlling heating/water/electricity/doors, new sets of challenges will emerge. Thinking -- not very far-- into the future, autonomous systems are going to become more pervasive while being responsible for more critical-decisions affecting our daily lives (e.g., autonomous vehicles). These systems are not going to be centrally managed, like traditional company IT infrastructures but will be inter-connected into a wider web of other edge-systems. There is a huge amount of work yet to be done to reach the level of smartness (a very vague term!) that users expect of these systems and devices.
It is particularly exciting to envisage a future where Security and Privacy could be achieved without users’ close involvement nor requiring highly sophisticated knowledge. Secure-by-design and private-by-design is one step closer, but much more is needed to unlock future potentials of many of these ubiquitous technologies. This is not an easy objective to achieve especially as this involves –among other things-- 1) revisiting many assumptions around how enterprise and edge systems are deployed and used by end-users, as well as the infrastructure that they operate over 2) change users’ current perceptions of security and privacy which is deeply rooted for many decades. There are a lot of work to be done that will unlock uptake of many technologies especially as they are progressing much faster and in various directions while other related aspects are trying to catch-up. For example, it is quite interesting to see how data protection laws are going to evolve after being initially set in reaction to many consumers’ complaints and frustrations of technologies-- to govern how market players deal with users’ personal data. The need to have a rate of advancement in ubiquitous networking and communication research that can keep up with this thriving innovation.