TALAL HALABI

In our rapidly evolving information-driven era, security has become extremely pivotal to the technological revolution. With the continuously growing scale and complexity of information and computing systems, security has become one of the cornerstones in the design of every cyber technology, from smart cell phones to self-driving vehicles. My research interests are in the area of security of network and computer systems, and my long-term research goal is to support the security of emerging cyber technologies. My research methodologies involve operations research, algorithm design, game and decision theories, and applied machine learning. Over the past four years, I have addressed key research problems in security management in Cloud Computing systems. My current research activities are centered on securing computing-based critical infrastructures such as smart grids and transportation systems, which are becoming highly dependent on the emerging paradigms of Cyber-Physical Systems (CPS), Autonomous Systems (AS), and the Internet of Things (IoT).

Past Research: Supporting the Security of Cloud Services

My doctoral studies were focused on improving the security of Cloud-based online services. I aimed at addressing the challenges to security satisfaction in current Cloud Computing infrastructures through appropriate modeling and rigorous optimization approaches. Cloud Computing forms a new business model that enables on-demand access to an IT environment of distributed and scalable resources such as applications, servers, and storage nodes. It is based on the idea of resource democratization through the abstraction of IT infrastructures, where physical resources become decoupled from the delivered service or application. With the possibility of rapid provision and release of computing resources and flexible configuration of applications, the Cloud has created an opportunity for IT consumers to optimize the management of their workload and enjoy high performance services while reducing the cost of IT investment.

However, the migration of services and data to the Cloud inherits existing IT security vulnerabilities and introduces new ones that are specific to Cloud Computing such as consumers' loss of physical control over their data. These vulnerabilities increase the potential of various security threats like data loss and denial of service. Security is one of the main driving factors of the Cloud market today, especially for businesses that deal with sensitive information. Thus, service providers are in need for the right strategies to increase their public trustworthiness and improve their reputations. These strategies will involve, along with the deployment of appropriate security measures within the data centers, the integration of the security element into every aspect of Cloud management and operation, including application deployment, resource provisioning and allocation, and workload mobility management, to enable security-aware Cloud service hosting.

Cloud security offerings need to be fully transparent to customers and built on clear and effective terms, and services should be evaluated in a security context to demonstrate their ability to cope with the security requirements of customers' applications. Security satisfaction is a key concept to the success of a Cloud-hosted service, and its optimization is normally challenging, especially in the presence of multiple interrelated services with different security requirements, which can not be always satisfied by a single service provider. Security requirements should be modeled in a way that will facilitate their interpretation and evaluation, which is a tough task due to the lack of standard vocabularies and performance indicators that describe the implementation of security mechanisms in current clouds. The standardization of security terms will promote the usability of Security Service Level Agreement (Sec-SLA) as a strategy to protect both customers and service providers and enable the existence of thorough, fair, and practical methods for evaluating and comparing Cloud services. A rigorous security evaluation methodology should not solely be based on well-defined evaluation criteria, but also be aware of the trade-off that needs to be deliberated among them in the evaluation process.

Through my research, I addressed the challenges to security evaluation in Cloud Computing and tackled the problem of security satisfaction in independent and interconnected Cloud environments. My main interest was in providing the Cloud consumers with a trustworthy platform that can assess the security of service providers and enable an optimized security-driven Cloud service selection, and the Cloud service providers with the right strategies to perform security-aware resource management on their infrastructures. I investigated the security element from multiple angles and for different purposes to enable the creation of in depth optimization models and the design of plausible and practical solutions. During my doctoral studies, I tried to answer the following key research questions:

  • How to characterize the security level of a Cloud Computing infrastructure in quantitative terms?
  • How to exploit the concept of Sec-SLAs for effective security modeling and evaluation of security satisfaction?
  • How to enable Cloud customers to perform rigorous and optimized security-based service selection?
  • How to perform security-aware application deployment and service composition in the Cloud?
  • How to ensure the satisfaction of security requirements during workload execution and federation?
  • How to enable service providers to increase their control over the security of their Cloud infrastructures?
  • How to support service providers in the process of security integration from a resource management perspective?

The problems of security evaluation and security-aware service selection, service composition, resource management, and workload federation were all mathematically modeled in an optimization context. To solve these problems, I employed a set of techniques based on operations research, algorithmic design, game and decision theories to develop scalable and efficient solutions. Currently, I am investigating the potentials and the obstacles of incorporating the concept of Software-Defined Security (SDSec) into my proposed approaches to security management in the Cloud. SDSec is an emerging paradigm for security within next-generation complex and dynamic information and communication systems, where security services such as access control and intrusion detection are implemented and managed via software. This technology could have a prospect in addressing the challenges of multi-tenancy and Multi-Cloud characteristics of Cloud-based services through the implementation of programmable and policy-driven security.

Ongoing Research: Supporting the Security of Cyber-Physical Systems

Massive amounts of the data hosted and processed in current Cloud Computing infrastructures are generated by the emerging Cyber-Physical Systems (CPS). In my current research activities, my interest has moved one step further from the data center, and closer to the data source. My main objective consists in designing innovative security solutions to protect these distributed computing-based systems from the attacks on data integrity and availability, which will eventually increase the security of Cloud infrastructures and reduce the potentiality of large-scale cyberattacks. More specifically, my current research addresses the security challenges associated with the paradigms of CPS and IoT.

CPS are starting to shape our future by improving the quality of our lives in many domains like healthcare, energy production, industry, agriculture, and transportation, and are becoming increasingly embedded into the design of smart cities. Securing these systems is indispensable to their sustainability, since they are becoming highly integrated into national critical infrastructures. In the CPS, huge numbers of interconnected objects (e.g., sensors, actuators, machines, vehicles, etc) perform newer kinds of interactions spanning multiple layers (perception, network, and application) that bridge the physical and cyber realms. Along with the security issues inherited from the internet, CPS present a wide vulnerability space driven by their embedded characteristics such as resource-constraints, heterogeneity, large scale, and high mobility. The common threats to the confidentiality, integrity, and availability of CPS include: capture threats, where an intruder takes control over a physical or logical object in the system and uses it for malicious purposes; disruption threats, where an intruder intends to degrade or deny the service on the target node; and manipulation threats, where an intruder tries to alter the functioning of the target system and influence its decision making capabilities. These threats, if materialized, could have disastrous consequences on public safety and economy.

Therefore, in the context of protecting CPS from intrusions, the following open questions need to be highlighted:

  • How to perceive the architectural security complexity associated with the rapid integration of the cyber and physical spaces through different technologies such as connected vehicles, smartphones, web services, and Cloud Computing?
  • How to provision smart and context-aware security solutions that are able to understand the evolved structure of such networked systems and cope with their high level of connectivity and dynamics?
  • How to conquer the challenges of resource limitation in CPS through the design of intelligent, efficient, and lightweight security technologies?
  • How to effectively manage the trust relationships between the different layers in the architecture of CPS?
  • How to explore the potential of Edge Computing in securing CSP?
  • How to increase the resiliency of CPS against cyberthreats?

As a first attempt to address these questions, the initial phase of my research is focused on the protection of emerging systems of connected and autonomous vehicles, and consists in exploiting the cooperative aspect of such systems for security purposes. More concretely, I work on the design of secure collaboration schemes that ensure the integrity of exchanged data within the system and improve the decision making abilities of its entities in the presence of high rates of malicious nodes. Driven by the intrinsic distributed nature of such systems and their critical performance requirements, I carefully select the research methodologies to adopt and highly emphasize on the ones that will lead to the design of intelligent, decentralized, and scalable security solutions. One of these methodologies is cooperative game theory, which provides effective high-level approaches to describe the strategies and payoffs of the players in collaborative scenarios, and has been widely applied to solve different kinds of optimization and allocation problems in the areas of wireless networking, web servicing, and computer security.

By tackling the security challenges associated with connected vehicles from a cooperation perspective, my aim is not only to prevent the attackers from interfering with the performance of the system, but also provide the vehicles with the optimal incident response strategy under attack. Also, I highly focus on the concepts of trust establishment and management in such systems, where each node might take part in originating a cyberattack or cascading its effects. Hence, the effective evaluation of the trustworthiness of the nodes and their transmitted data will help in reducing the rates of compromised vehicles within the network and lead to improved and accurate decisions by the system. My future research agenda for the next couple of years involves addressing the questions above and investigating possible solutions.