[isabelle] Open Ph.D. position in Formal Methods for Information Security at ETH Zurich



Ph.D. Research Project at ETH Zurich on
Formal Methods for Federated Identity Management
Prof. David Basin, ETH Zurich

The Information Security Group carries out research on methods and tools
for the analysis and construction of safe and secure systems. This
includes methods for specifying systems, developing systems in
correctness-preserving ways, and verifying or testing existing systems
and infrastructures. Our goal is not only to build and analyze novel
systems and security solutions, but also to develop better methods and
tools for system engineering and quality assurance activities.

We have an open Ph.D. research position on "Formal Methods for Federated
Identity Management". We seek to hire a researcher who will carry out
research on the formal analysis of federated identity management
systems, like SAML and OAuth 2.0.  The project's main objectives
are to distill requirements and designs for "next generation federated
identity management" and to bring current verification tools, in
particular our Tamarin prover, up to the level where such protocols can
be automatically analyzed on a realistic scale with respect to both
security and privacy properties.

The project, which will be carried out together with partners at Zurich
Kantonal Bank (ZKB), will run for approximately 3 years and provide the
possibility of carrying out a Ph.D. during this period. As part of this
project, the researcher will spend time with ZKB learning about the
systems under consideration and state-of-the-art approaches to their
design and analysis.

The ideal candidate for this position is an enthusiastic, outstanding
researcher with a strong background and interest in one or more of
the following areas:

- formal methods or mathematical logic,
- information security or cryptography,
- automated security protocol verification tools.

Candidates with a strong theoretical background in related areas are
also encouraged to apply. ETH Zurich regulations require PhD candidates
to hold a Master's or equivalent degree (e.g. Diplom).  The project,
which is funded by the Zurich Information Security Center, and will be
supervised by Prof. David Basin together with Dr. Ralf Sasse.

The Ph.D. student will be a paid employee of ETH Zurich. Salary and
employment conditions are attractive. ETH Zurich regulations require
doctoral students to hold a Master's or equivalent degree (e.g. Diplom).

Zurich is a diverse and multicultural city, which is consistently rated
among the best cities in the world in which to live. We favor the same
sort of diversity that defines Zurich's cultural makeup and encourage
anyone matching the profile above to apply, regardless of where you are
from.

Applications should include a curriculum vitae, a brief description of
research interests, transcripts of grades, 2-3 letters of recommendation
from teachers or employers, and, if possible, the Master's or
Bachelor's thesis and publications. Applications and informal
inquiries should be sent to Ralf Sasse at the following email address:

    infsec.positions at inf.ethz.ch

ETH Zurich specifically encourages women to apply with a view towards
increasing the proportion of female researchers.




This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.