Home page
Post research opportunities
Find the ideal candidate
List of registered organisations
Post your CV
Find research opportunities
Practical information
Foreign Researchers Guide
Useful links
List and locate Portuguese Mobility Centres .
Portuguese research landscape
Find out how research is organised in Portugal.
Portuguese research policy
Find out about research policy in Portugal.
Women in science
Find out about the situation of women scientists.
Unique identifier: 31e68975-d46a-4c4a-ac08-afbffb40a418

1. Descrição do cargo/posição/bolsa
1. Job description


Referência: C2008-CITI-1

Área científica genérica: Computer science

Área científica específica: Distributed Systems, Systems Security

Resumo do anúncio:

The CITI invites applications for a postdoctoral research position in Distributed Systems or Systems Security, with specific expertise in at least some of the following topics: AdHoc and Wireless Sensor Networks (WSNs); Reliable and Secure Communication; Key-Establishment Mechanisms; Secure Routing and Multicast, Intrusion Tolerance and Trust-Establishment Protocols and Mechanisms.  Important note: this is a 4-5 year “termo certo” work contract, not just a regular scholarship. The position is funded under the "Commitment to Science" program, launched by the Portuguese National Foundation for Science and Technology. The program aims to provide fixed duration work contracts between the researchers and the host institution.  More info at http://alfa.fct.mctes.pt/apoios/contratacaodoutorados/. Preference will be given to candidates with at least 3 years of post-doctoral research experience.


Texto do anúncio

AdHoc networks composed by resource-constrained devices and WSNs can be deployed in possibly large scale and hostile surroundings. When some nodes fail, as a consequence of exhausted batteries, hardware faults or intrusion attacks, nodes cannot be immediately replaced or easily repaired. Node failure may lead to generalized network partitions, reducing the network availability, thus causing different failures at different levels from the mac-layer to the application-level data processing. The network topology and the auto-organization capabilities should tolerate node-failure to avoid such network partitions. This setting calls for solutions that are autonomously resilient to support new failure and attacker models.


** Trust establishment and intrusion tolerance

Starting from the above challenges there has been recently a considerable interest in the topic of trust establishment and intrusion tolerance techniques for such environments, as a base-strategy to ensure reliability and security conditions. Current intrusion detection and tolerant systems usually generate a large amount of false alerts and cannot fully detect novel attacks or variations of known attacks which are not captured by conventional byzantine models, as currently adopted in large scale distributed systems. In addition, all existing intrusion detection systems focus on low-level attacks or anomalies. None of them can capture the logical steps or strategies behind these attacks in malicious and selfish data-aggregation and intermediary network processing behaviors, which must be the case of large scale MANETs or WSNs.


** Secure Group-Communication and Key-Establishment Protocols

The problem of securing group-based or multicast communications and the need of new key-establishment protocols in energy-constrained network environments are also important topics to support secure and reliable AdHoc and WSNs. This prompts the development of low-cost and energy-aware key exchange and authentication protocols, relyin on symmetric key cryptography or ECC-based asymmetric cryptography. This includes "bootstrapping protocols", that enable devices to establish secure local links with their neighbors in a short time period after the network is deployed. Such mechanism must be complemented with authentication and key-exchange protocols for far nodes, which can be based on secret sharing and communication via disjoint chains of intermediaries, adapted to form different topologies according with different in-network processing settings or trust-base conditions. This vision can provide a tunable degree of intrusion tolerance, with security guarantees even if some network nodes are compromised.



Existing security mechanisms used to protect general computer and network systems are too resource-intensive to be applicable in AdHoc and WSNs. The candidate is expected to focus on developing an integrated vision of two enabling technologies for securing networks of resource-constrained devices: (1) key management and establishment based on randomized cooperative protocols and (2) intrusion tolerance techniques based on complementary pro-active byzantine models.


In this effort, the main objectives will be related with the following issues:

·         Firstly, we need to revisit the adversarial models for fault and intrusion tolerance settings in large-scale topology in WSN. This includes physical capture and fake-replication attacks.

·         Secondly, we need to evaluate the failure and intrusion tolerance ability of such systems, to establish a base of trust security services. This deals with the key-distribution problem, and with efficient and energy-aware secure communication infrastructure for AdHoc and WSNs.

·       Third, it will be necessary to study what topologies are more efficient for tolerating failure and incorrect nodes, while optimizing energy-aware criteria, and taking into account the above adversarial models.


Based on new trust-base conditions and intrusion tolerance mechanisms, the goal will be to support randomized group-oriented key-establishment protocols for secure group-communication and in-network processing capabilities. The candidate will be is expected to collaborate with us on addressing the above issues.


==Work environment

The researcher to be hired is expected to investigate new intrusion tolerance approaches for securing Adhoc networks of resource-constrained devices and WSNs, with a focus on: (1) trust establishment, (2) key management, (3) secure group-oriented in-network processing and (4) integrated intrusion tolerance.

The work environment for both positions will be the Distributed Systems Group of the CITI. More information about the research environment, its members, and the current position call may be found at the CITI website: citi.di.fct.unl.pt.

Applications should include a detailed curriculum vitae, in pdf format and should be sent to:

CITI - Centro de Informatica e Tecnologias da Informação

Faculdade de Ciências e Tecnologia, Universidade Nova de Lisboa

2829-516 Caparica, Portugal

E-mail: citi-admin@di.fct.unl.pt

Telephone: +351 212 948 536

Fax: +351 212 948 541


The acceptance of the application and subsequent contract is dependent on the “Fundação para a Ciência e a Tecnologia” final decision

Número de vagas: 1

Tipo de contrato: Contrato a termo certo

País: Portugal

Localidade: Caparica

Instituição de acolhimento: Faculdade de Ciencias e Tecnologia – Universidade Nova de Lisboa

Data limite de candidatura: 15 September 2008
(A data limite de candidatura deve ser confirmada no texto do anúncio)

2. Dados de contactos da organização
2. Organization contact data

Instituição de contacto: Faculdade de Ciências e Tecnologia - UNL-C2008

Campus de Caparica
Caparica - 2829-516

Email: sec-cc@fct.unl.pt

Website: http://www.fct.unl.pt/

3. Habilitações académicas
3. Required education Level

Grau: PhD in Computer Science Degree Field: Distributed Systems, Systems Security
Domínio científico: Computer science
4. Línguas exigidas
4. Required languages

Língua: English
Prioridade Elevada
Leitura: Excelente
Escrita: Bom
Compreensão: Excelente
Conversação: Excelente
5. Experiência exigida em investigação
5. Required research experience

Domínio cient. genérico: Computer science
Domínio cient. específico:
Anos de experiência: 3 anos