7 Oct 2007

Design  | Code |  Diary  | WWW |  Essay | [Bill's Home]



Young Software Engineer (YSE) of the Year, 1st Prize, 2007

For the third year in a row, one of my students has a prize at the YSE of the Award. He won 1st prize for the Real Time Award, which is awarded to the project which shows the best overall usage of Software Engineering principles. The University was also award a trophy (the glass bowl in the photograph): [2006 prize winner][2005 prize winner]

2007 - Authorisation and Authentication of Processes in Distributed Systems


Name: Ewan Gunn
Programme: BSc (Hons) in Network Computing
Completed: June 2007
Grade: 1st, Winner Young Software Engineer of the Year award (based on Hons project), 2007. 1st prize for Real Time Award [Link]
PDF: Authorisation and Authentication of Processes in Distributed Systems
Communications over a network from a specific computer have become increasingly more suspect, with the increase of various security breaches in operating systems. This has allowed malicious programs such as worms, trojans, zombies and bots to be developed that exploit these security holes and run without the user being any wiser about the infection on their computer.

The current work in the field of anti-virus protection focuses on detecting and removing any malicious software or spyware from a computer. This is proving effective, however it is merely a way of treating the symptoms instead of the illness. This project presents a hypothesis based on these situations, and attempts to prove the effectiveness of a protocol developed specifically to provide preventative measures to stop the spread of malicious software, based on authentication and subsequent authorisation.

Tools such as encryption, hashing, and digital certificates were investigated and marked for use in providing the protocol to prove the hypothesis, and a further investigation took place of the common principles in security in the computing paradigm such as the CIA and AAA sets of principles, which provided a specific context within which a protocol could be constructed. A discussion was made of the only protocol that was close to a solution to the hypothesis, Kerberos, along with any usefulness that that protocol might have in the situations the hypothesis is based in.

This was followed by a design of a new protocol, consisting of a methodology of protocol design used heavily in industry – that of communication analysis and finite state machines. A further proof-of-concept program was designed as well, to provide a facility to test the effectiveness and efficiency of the protocol. In all design considerations, the evaluation of such a system was a priority, and steps were taken at the design stage to provide an easy method to collect data results.

The system was implemented in a proof-of-concept program using an open-source alternative to the .NET framework developed by Microsoft, called mono. This development environment is cross platform and fully compliant with all versions of .NET provided by Microsoft, thereby providing a cross-platform solution to the problem described above. Specific concerns faced in implementation of such a protocol were raised, and measures taken to overcome these concerns presented, along with decisions made on options available in the implementation.

An analysis was made of the efficiency of the resulting system, by taking measurements of the time taken between request conception and the subsequent request completion. Baseline measures were made on this using a simple client/server program developed during mplementation that had the option of using the system or not, with the option not to use the system. These were compared to measurements made of the same system, however with the option to use the authorisation service enabled. A conclusion and discussion of the surprising results followed.

Lastly a critque of the project is made, along with a discussion of a theoretical situation where this system might prove beneficial; a general discussion on the benefits of promoting preventative measures for malicious software spread and any further work that could be carried out specifically on the id.

Here are a few details of the project:


Ewan Gunn won 1st prize for the Real Time Award at the Young Software Engineering of Year award for 2007. He worked within the Centre for Distributed Computing and Security in the School of Computing at Napier University, and was supervised by Prof Bill Buchanan and Dr Jose Munoz. This is the third year in a row that the research group has won a prize at this event.

The Real Time Award is a special award which is given to the project which most clearly embraces sound software engineering principles. It carries a prize of £750, donated by Glasgow-based Real Time Engineering, along with the Real Time Trophy which was award to Napier University.


Ewan has just completed a BEng (Hons) in Network Computing, and gained a 1st class classification and a class medal. He has consistently achieved merits throughout his course, which is particularly pleasing as he is a mature student who came in as a direct-entry Level 3 student, and has since overtaken virtually of the students who where already studying on Computing-related programmes. He also worked as a student representative through his time at Napier, and worked well with the academics at Napier to enhance the environment for his fellow students. His plans are to undertake a PhD in security, and to use his knowledge to further improve the security of computer systems, especially in terms of the fundamental infrastructure for distributed software systems. For his project he worked in the Centre for Distributed Computing and Security, which has an extensive record of research and knowledge transfer activities, including several awards for excellence, and has a strong track record in working with industrial partners on key areas in security and digital forensics. A major objective of the centre is to strive for excellence in everything that it does, and this includes working with young engineers to fully develop their ideas, and feed best practice into their work.

Outline of technical area

Security is a major worry for many organisations, and a lack of authentication and authorisation can lead to major problems. Most security systems either focus on the application-level, such as in the detection of viruses or worms, or on the operating system-level, such as for incorrect privileges. They thus forget that applications are typically created using processes and threads, each of which might have some malicious content. This project thus outlines new methods for the authorisation and authentication at the process- and/or thread-level, which will allow the security of a distributed system to be defined at the foundation level for applications, and allow for secure applications to be built around these authenticated and authorised processes. A key factor in his work is that it is defined using the state-of-the-art .NET framework, and also that it is portable onto a full range of systems, such as for Microsoft Windows and Linux (using Mono).

Comments from Supervisor

Ewan has contemplated the idea of authenticating and authorising processes for many years, and has defined a framework which can be used to create fine-grained security of processes over distributed systems. He also has a deep interest in research and is keen to pursue a PhD. His report is extremely well-written with a good writing style, along with an excellent use of references. There is also a good coverage of the background areas for encryption and authentication, which shows that he understands the general area, and the associated issues. Along with this there is a good deal of formalisation in his areas, which is often missing with Computing students, which means that his designs are well structured using timing diagrams and UML, which are then implemented with a proof-of-concept system. The project linked perfectly at each stage, from the initial conception of the idea, to the research phase, and onto the prototype. He worked well with other researchers, including ones in Napier, and has produced work which will be used in other projects. His documentation was always up to the highest standards, as well as being keen to take on advice at key times. In fact, Ewan planning was good, and he always submitted material for review before the actual hand-in date. All of this made the project easy to supervise, as I basically had to guide him through the main stages of the project, giving high-level advice. At many times the project felt more like PhD supervision rather than an Hons project, and we both bounced ideas off each other. He was always proactive in setting up meetings, and kept minutes and actions from each one, in order that he could enhance his work. At his Viva, he impressed both the examiners, and both of them agreed that Ewan will make an excellent research, especially if he is given time to develop his ideas. Over the past few years the Centre has achieved two prize winning projects at the YSE Awards, for researchers who are now undertaking PhDs, and who are becoming international experts in their field (and still based in Scotland). Their awards have stimulated them to higher levels, and have used the excellent foundation of Scotland IS to network with other industrialists around Scotland, and beyond.

The text from this is:

Napier Student Wins First Prize at the Young Software Engineer of the Year Awards
10 October 2007

A Napier student has scooped first prize for the prestigious Real Time Award at the Young Software Engineer of the Year awards.

Ewan Gunn, who studied within the Centre for Distributed Computing and Security in the School of Computing at the University, beat off stiff competition from students across the country.

The Real Time Award is a special accolade which is given to the project which most clearly embraces sound software engineering principles. This is the third consecutive year that the research group has won a prize at these awards.

Ewan (24) has just completed a BEng (Hons) in Network Computing and gained a first class degree and a class medal.

Prof Bill Buchanan, Leader of the Centre for Distributed Computing and Security, and Ewan’s project supervisor, said: “Ewan consistently achieved merits throughout his studies which was a fantastic achievement as he is a mature student who came in as a direct-entry Level 3 student. This is a fantastic achievement and the entire department is delighted for Ewan.”

Ewan commented: “I am thrilled to have won this prize and could not have achieved this without the help of the School of Computing at the University. My project centred around Internet security as this is a major worry for many organisations and a lack of authentication and authorisation can lead to major problems. I am also keen to pursue a PhD in this area and future career.”

The text from this is:

Final year students from Edinburgh, St Andrews, Glasgow and Napier Universities won this year's prestigious Young Software Engineer of the Year awards, at the ScotSoft2007 dinner organised by ScotlandIS last week.

Hui Sun, a student of the University of Edinburgh's School of Informatics was announced as The Young Software Engineer of the Year Award. His award, a cheque for £1500 donated by the leading IT consultancy, Sopra Group, and the Young Software Engineer of the year trophy, is given to the student who has undertaken the best final year software engineering project from amongst all the Scottish universities.

Hui Sun's project concentrated on developing face recognition software for mobile phones, and the judges considered his work to be exceptional with a clear commercial application.

Second prize, a cheque for £1000, donated by the BCS in Scotland,went to Andreas Koltes, of the University of Glasgow and a native of Mainz in Germany. Andreas, an exchange student at Glasgow from the University of Passau, undertook a project based on developments in the new generation of FPGA micro-chips

Angus Macdonald, University of St Andrews, won the third prize, a cheque for £750 donated by Graham Technology, specialists in contact centre software, with his project to simplify Web Service compositions.

Ewan Gunn was awarded the Real Time award, a special award given to the project which, in the judges' opinion, most clearly embraces sound software engineering principles. Ewan won a cheque for £750, donated by Glasgow based Real Time Engineering, leading providers of expert business consultancy and IT solutions. The student's university, Napier, received the Real Time trophy.

Ewan is 24, and comes from Livingston;his project looked at new methods for authorisation and authentication in security applications.. He plans to study for a PhD at Napier's Centre of Distribute Computing and Security. The Centre has close links with the Young Software Engineer Awards with their students having won three prizes in the last four years. The Centre specialises in security and digital forensics.

"We were very impressed by the quality of entries to this year's award. It is vital that Scottish universities and students aim for the highest standards in software and IT development," commented Ian Ritchie, chair of the judging panel.




Design  | Code |  Diary  | WWW |  Essay | [Bill's Home]