Student guidance on answering questions

Guidance notes for students answering questions.

The new process now involves you, the student, completing a section detailing the work you have carried out throughout the year.  This gives you an opportunity to reflect on your achievements over the past year and gives you a chance to raise any issues or concerns that you may have.  You are encouraged to be as frank and open with your answers as possible, this is your chance to highlight your achievements.

Below you will find specific guidance on answering each question, when completing the form please ensure you read each question carefully before answering.

Q 1: Please give details of the work you have undertaken in the last year, focussing on the progress you have made

In no more than 200 words please give the details of the work you undertook this year.  Please see the sample answer below for further guidance.

This year I have looked at the policies surrounding users and the app stores. To look at the properties of apps I built a security knowledge base for Android. I also implemented an authorization language for app installation policies on Android. I produced a comparison of the different terms and conditions for different app stores. Using an SSL proxy and reverse engineering I looked at the protocols used to purchase apps. We found problems including a replay attack, integrity failures, and a network issue. This has given me a greater insight into the policies and trust assumptions used in the app markets. I showed how the *privacy paradox* can be seen by comparing user=E2=80==99s privacy preferences with their app usage behaviour. This was presented as a poster at the SOUPS conference. We are writing a full paper introducing the authorization language for Android. We hope to publish it at the ESSoS conference in January.

Q 2: Please outline approximately how often you met with your supervisor over the last year, and whether these meetings were one-to-one or within a group. Detail the impact that these meetings have had on your academic work/thinking and whether you are satisfied with the support received.

Please detail in no more than 200 words the number of times you have met with your Principal Supervisor and the outcomes of the meetings you had with them over the past 12 months.  Remember this is your chance to feedback any potential issues or concerns you may have.


Q 3: Please give details of any conferences, seminars, workshops or regular events that you are currently attending in support of your PhD studies.

Please just provide the title and dates of the events attended. 


Q 4: Please document any academic or related achievements you have attained in the past year.  Examples of these include prizes, conferences attended / applied to, publications, grants awarded, patents applied for or awarded and transferable skills acquired.

For conferences, give the name of the conference and either “paper submitted”, “paper accepted” and/or “attended”.   For “transferable skills acquired” give one sentence of how you acquired it (e.g., the name of the course you attended, and the date).


Q 5: Please note here any career development activities you have participated in during the last year for your subject area or elsewhere in the University beyond your own research. Examples of these activities include being a teaching assistant, lecturing, tutoring, being a lab demonstrator or marking

Please make a list of the activities you participated in this year and also the number of hours committed to each activity. Ie, Marking <Course name> - 20 hours,  Tutoring <Course name> - 17 hours.


Q 6: What are your goals for the year ahead in relation to your thesis?

In no more than 200 words please outline what your current academic goals are for the year ahead.  Please see the sample answer below for further guidance.

My language can model and check policies; and I have started looking at the policies we might enforce. These policies use trust relationships amongst principals to make decisions. It isn’t clear how these principals should communicate their knowledge. We want to avoid building large databases of all facts; as it isn’t reasonable on a memory limited device. Integrating the protocol with the language raises questions. How should we distinguish a principal being unable to give an answer because they don’t know, from not wanting to give a false answer? How can a third party further delegate decisions to a principal the user has not met? If we need to send an app to be analysed what should we do while we wait? We aim to define the protocol and answer these questions in the year ahead. The policies I’ve looked at so far have been short. I would like to translate a larger policy into the language to show it is expressive enough to handle real-world rules. An ideal policy might be showing that we can enforce the NIST guidelines for mobile device usage in the enterprise. A case study will help show the power (and limitations) of my solution.

Q 7:  Give a rough plan for achieving these goals, identifying any areas that you believe could present challenges.  If you are second year or beyond, please give a rough plan for completing your thesis.

Please give a brief description of how you will achieve these goals.  A bullet point list or month by month timeline will suffice here.


Once all questions have been completed you are then able to

  • Discard changes (nothing saved)
  • Submit changes (saved and passed on to supervisor)
  • Save for later (saved but not submitted)



Please note the information provided in the annual review form will be visible to Academic and Administrative staff on your student EUCLID record. Any information that you don't want to be viewed here should be communicated another way to the relevant people by email or in person.