Guidance notes for students answering questions.
The new process now involves you, the student, completing a section detailing the work you have carried out throughout the year. This gives you an opportunity to reflect on your achievements over the past year and gives you a chance to raise any issues or concerns that you may have. You are encouraged to be as frank and open with your answers as possible, this is your chance to highlight your achievements.
Below you will find specific guidance on answering each question, when completing the form please ensure you read each question carefully before answering.
In no more than 200 words please give the details of the work you undertook this year. Please see the sample answer below for further guidance.
This year I have looked at the policies surrounding users and the app stores. To look at the properties of apps I built a security knowledge base for Android. I also implemented an authorization language for app installation policies on Android. I produced a comparison of the different terms and conditions for different app stores. Using an SSL proxy and reverse engineering I looked at the protocols used to purchase apps. We found problems including a replay attack, integrity failures, and a network issue. This has given me a greater insight into the policies and trust assumptions used in the app markets. I showed how the *privacy paradox* can be seen by comparing user=E2=80==99s privacy preferences with their app usage behaviour. This was presented as a poster at the SOUPS conference. We are writing a full paper introducing the authorization language for Android. We hope to publish it at the ESSoS conference in January.
Please detail in no more than 200 words the number of times you have met with your Principal Supervisor and the outcomes of the meetings you had with them over the past 12 months. Remember this is your chance to feedback any potential issues or concerns you may have.
Please just provide the title and dates of the events attended.
For conferences, give the name of the conference and either “paper submitted”, “paper accepted” and/or “attended”. For “transferable skills acquired” give one sentence of how you acquired it (e.g., the name of the course you attended, and the date).
Please make a list of the activities you participated in this year and also the number of hours committed to each activity. Ie, Marking <Course name> - 20 hours, Tutoring <Course name> - 17 hours.
In no more than 200 words please outline what your current academic goals are for the year ahead. Please see the sample answer below for further guidance.
My language can model and check policies; and I have started looking at the policies we might enforce. These policies use trust relationships amongst principals to make decisions. It isn’t clear how these principals should communicate their knowledge. We want to avoid building large databases of all facts; as it isn’t reasonable on a memory limited device. Integrating the protocol with the language raises questions. How should we distinguish a principal being unable to give an answer because they don’t know, from not wanting to give a false answer? How can a third party further delegate decisions to a principal the user has not met? If we need to send an app to be analysed what should we do while we wait? We aim to define the protocol and answer these questions in the year ahead. The policies I’ve looked at so far have been short. I would like to translate a larger policy into the language to show it is expressive enough to handle real-world rules. An ideal policy might be showing that we can enforce the NIST guidelines for mobile device usage in the enterprise. A case study will help show the power (and limitations) of my solution.
Please give a brief description of how you will achieve these goals. A bullet point list or month by month timeline will suffice here.
Once all questions have been completed you are then able to
Please note the information provided in the annual review form will be visible to Academic and Administrative staff on your student EUCLID record. Any information that you don't want to be viewed here should be communicated another way to the relevant people by email or in person.