Emil Lupu

Emil Lupu is Professor of Computer Systems in the Department of Computing at Imperial College London where he leads the Academic Centre of Excellence in Cyber Security Research and the Resilient Information Systems Security (RISS) Group. He is a Security Science Fellow of the Institute for Security Science and Technology and served as the Deputy Director of the PETRAS Centre until January 2021.

His research interests focus on the cyber security and resilience of systems including their physical, digital and human characteristics and their ability to continue operating even when they have been partially compromised. Emil has made numerous contributions in the area of policy-based network and systems management and security  including the Ponder and Ponder2 policy systems, policy analysis refinement, deployment, implementation and learning.

He serves on the editorial boards of the IEEE Transactions on Network and Service ManagementJournal of Network and Systems Management and the International Journal of Network Management, and on the program committee of numerous conferences.

Emil obtained his PhD from Imperial College London and his first degree from the ENSIMAG (École Nationale Supérieure d’Informatique and Mathématiques Appliquées de Grenoble).

Secure and Opportunistic Information Dissemination in Crisis Management

Secure dissemination of data in crisis management scenarios is always difficult to achieve because network connectivity is intermittent or absent. In this work we have combined data-centric information protection techniques based on usage control, sticky policies and rights management with opportunistic networking to enable the dissemination of information between first responders in crisis management situations. The dissemination of keys for access to the information is controlled by a policy hierarchy that describes the permitted devolution of control. Policies are evaluated whenever two users are in proximity in the field and keys are distributed upon successful evaluation. Simulations with conservative mobility models show that the delay on information access i.e., the difference between the distribution of information and the distribution of keys remains small for realistic densities of users in the geographical areas.

dissem

Enrico Scalavino, Giovanni Russello, Rudi Ball, Vaibhav Gowadia, Emil Lupu. An opportunistic authority evaluation scheme for data security in crisis management scenarios. ASIACCS 2010: 157-168.

PAQMAN: Policy Analysis for Quality of service MANagement

epsrclogo
GR/S79985/01

Policy-based management has been proposed in recent years as a suitable means for managing Quality of Service (QoS) in IP networks. Yet despite research projects, standardisation efforts, and substantial interest from industry, policy-based management is still not a reality. One of the reasons for the reticence to adopt this technology is that it is difficult to analyse policies to determine that they will actually work, given the capabilities of managed network devices, and to guarantee the stability of the network configuration, given that policies may have conflicts leading to unpredictable effects. This project aims to address the challenges of policy analysis, policy validation and policy refinement within the specific application domain of Quality of Service for IP networks. …

PAQMAN: Policy Analysis for Quality of service MANagementRead More »

AMUSE: Autonomic Management of Ubiquitous Systems for e-Health

epsrclogo
GR/S68033/01

Future e-science and e health applications will involve mobile users, possibly with on-body sensors interacting with a ubiquitous computing environment which detects their activity, current context and adapts accordingly. However, the promise of such ubiquitous computing environments will not be realised unless these systems can effectively disappear and for this they need to become autonomous by managingtheir own evolution and configuration changes without explicit user or administrator action. This project will develop the architecture, tools and techniques which permit these environments to become self-managing. To provide self-managment at varying levels (for individual devices, for simple body-areaor home-area networks, as well as large scale network infrastructures) we advocate the concept of a self managed cell (SMC) as the basic architecture pattern at both local and intergrated levels. We will define, prototype and evaluate architectures based on the SMC pattern and their use in e-health applications. To this end we will: define and implement the core SMC pattern in terms of the monitoring, service-discovery, context and policy-control services required for basic adaptation mechanisms, investigate how SMC’s can be dynamically structured into large structures and specialise SMC’s and their interactions for two e-health application scenarios.

This project was in Collaboration with Prof. Joe Sventek at the University of Glasgow