Young Software Engineer (YSE) of the
Year, 1st Prize, 2007
For the third year in a row, one of my students has a prize at the
YSE of the Award. He won 1st prize for the Real Time Award, which
is awarded to the project which shows the best overall usage of
Software Engineering principles. The University was also award a
trophy (the glass bowl in the photograph): [2006
prize winner][2005 prize winner]
2007 - Authorisation and Authentication
of Processes in Distributed Systems
Name: Ewan Gunn Programme: BSc (Hons) in Network Computing Completed: June 2007 Grade: 1st, Winner Young Software Engineer of the Year award
(based on Hons project), 2007. 1st prize for Real Time Award [Link] PDF:Authorisation
and Authentication of Processes in Distributed Systems Abstract: Communications over a network from a specific
computer have become increasingly more suspect, with the increase
of various security breaches in operating systems. This has allowed
malicious programs such as worms, trojans, zombies and bots to be
developed that exploit these security holes and run without the
user being any wiser about the infection on their computer.
The current work in the field of anti-virus protection focuses
on detecting and removing any malicious software or spyware from
a computer. This is proving effective, however it is merely a way
of treating the symptoms instead of the illness. This project presents
a hypothesis based on these situations, and attempts to prove the
effectiveness of a protocol developed specifically to provide preventative
measures to stop the spread of malicious software, based on authentication
and subsequent authorisation.
Tools such as encryption, hashing, and digital certificates were
investigated and marked for use in providing the protocol to prove
the hypothesis, and a further investigation took place of the common
principles in security in the computing paradigm such as the CIA
and AAA sets of principles, which provided a specific context within
which a protocol could be constructed. A discussion was made of
the only protocol that was close to a solution to the hypothesis,
Kerberos, along with any usefulness that that protocol might have
in the situations the hypothesis is based in.
This was followed by a design of a new protocol, consisting of
a methodology of protocol design used heavily in industry
that of communication analysis and finite state machines. A further
proof-of-concept program was designed as well, to provide a facility
to test the effectiveness and efficiency of the protocol. In all
design considerations, the evaluation of such a system was a priority,
and steps were taken at the design stage to provide an easy method
to collect data results.
The system was implemented in a proof-of-concept program using
an open-source alternative to the .NET framework developed by Microsoft,
called mono. This development environment is cross platform and
fully compliant with all versions of .NET provided by Microsoft,
thereby providing a cross-platform solution to the problem described
above. Specific concerns faced in implementation of such a protocol
were raised, and measures taken to overcome these concerns presented,
along with decisions made on options available in the implementation.
An analysis was made of the efficiency of the resulting system,
by taking measurements of the time taken between request conception
and the subsequent request completion. Baseline measures were made
on this using a simple client/server program developed during mplementation
that had the option of using the system or not, with the option
not to use the system. These were compared to measurements made
of the same system, however with the option to use the authorisation
service enabled. A conclusion and discussion of the surprising results
Lastly a critque of the project is made, along with a discussion
of a theoretical situation where this system might prove beneficial;
a general discussion on the benefits of promoting preventative measures
for malicious software spread and any further work that could be
carried out specifically on the id.
Here are a few details of the project:
Gunn won 1st prize for the Real Time Award at the Young Software
Engineering of Year award for 2007. He worked within the Centre
for Distributed Computing and Security in the School of Computing
at Napier University, and was supervised by Prof Bill Buchanan and
Dr Jose Munoz. This is the third year in a row that the research
group has won a prize at this event.
The Real Time Award is a special award which is given to the project
which most clearly embraces sound software engineering principles.
It carries a prize of £750, donated by Glasgow-based Real
Time Engineering, along with the Real Time Trophy which was award
to Napier University.
Ewan has just completed a BEng (Hons) in Network Computing, and
gained a 1st class classification and a class medal. He has consistently
achieved merits throughout his course, which is particularly pleasing
as he is a mature student who came in as a direct-entry Level 3
student, and has since overtaken virtually of the students who where
already studying on Computing-related programmes. He also worked
as a student representative through his time at Napier, and worked
well with the academics at Napier to enhance the environment for
his fellow students. His plans are to undertake a PhD in security,
and to use his knowledge to further improve the security of computer
systems, especially in terms of the fundamental infrastructure for
distributed software systems. For his project he worked in the Centre
for Distributed Computing and Security, which has an extensive record
of research and knowledge transfer activities, including several
awards for excellence, and has a strong track record in working
with industrial partners on key areas in security and digital forensics.
A major objective of the centre is to strive for excellence in everything
that it does, and this includes working with young engineers to
fully develop their ideas, and feed best practice into their work.
Outline of technical area
Security is a major worry for many organisations, and a lack of
authentication and authorisation can lead to major problems. Most
security systems either focus on the application-level, such as
in the detection of viruses or worms, or on the operating system-level,
such as for incorrect privileges. They thus forget that applications
are typically created using processes and threads, each of which
might have some malicious content. This project thus outlines new
methods for the authorisation and authentication at the process-
and/or thread-level, which will allow the security of a distributed
system to be defined at the foundation level for applications, and
allow for secure applications to be built around these authenticated
and authorised processes. A key factor in his work is that it is
defined using the state-of-the-art .NET framework, and also that
it is portable onto a full range of systems, such as for Microsoft
Windows and Linux (using Mono).
Comments from Supervisor
Ewan has contemplated the idea of authenticating and authorising
processes for many years, and has defined a framework which can
be used to create fine-grained security of processes over distributed
systems. He also has a deep interest in research and is keen to
pursue a PhD. His report is extremely well-written with a good writing
style, along with an excellent use of references. There is also
a good coverage of the background areas for encryption and authentication,
which shows that he understands the general area, and the associated
issues. Along with this there is a good deal of formalisation in
his areas, which is often missing with Computing students, which
means that his designs are well structured using timing diagrams
and UML, which are then implemented with a proof-of-concept system.
The project linked perfectly at each stage, from the initial conception
of the idea, to the research phase, and onto the prototype. He worked
well with other researchers, including ones in Napier, and has produced
work which will be used in other projects. His documentation was
always up to the highest standards, as well as being keen to take
on advice at key times. In fact, Ewan planning was good, and he
always submitted material for review before the actual hand-in date.
All of this made the project easy to supervise, as I basically had
to guide him through the main stages of the project, giving high-level
advice. At many times the project felt more like PhD supervision
rather than an Hons project, and we both bounced ideas off each
other. He was always proactive in setting up meetings, and kept
minutes and actions from each one, in order that he could enhance
his work. At his Viva, he impressed both the examiners, and both
of them agreed that Ewan will make an excellent research, especially
if he is given time to develop his ideas. Over the past few years
the Centre has achieved two prize winning projects at the YSE Awards,
for researchers who are now undertaking PhDs, and who are becoming
international experts in their field (and still based in Scotland).
Their awards have stimulated them to higher levels, and have used
the excellent foundation of Scotland IS to network with other industrialists
around Scotland, and beyond.
The text from this is:
Napier Student Wins First Prize at the Young Software Engineer
of the Year Awards
10 October 2007
A Napier student has scooped first prize for the prestigious Real
Time Award at the Young Software Engineer of the Year awards.
Ewan Gunn, who studied within the Centre for Distributed Computing
and Security in the School of Computing at the University, beat
off stiff competition from students across the country.
The Real Time Award is a special accolade which is given to the
project which most clearly embraces sound software engineering principles.
This is the third consecutive year that the research group has won
a prize at these awards.
Ewan (24) has just completed a BEng (Hons) in Network Computing
and gained a first class degree and a class medal.
Prof Bill Buchanan, Leader of the Centre for Distributed Computing
and Security, and Ewan’s project supervisor, said: “Ewan
consistently achieved merits throughout his studies which was a
fantastic achievement as he is a mature student who came in as a
direct-entry Level 3 student. This is a fantastic achievement and
the entire department is delighted for Ewan.”
Ewan commented: “I am thrilled to have won this prize and
could not have achieved this without the help of the School of Computing
at the University. My project centred around Internet security as
this is a major worry for many organisations and a lack of authentication
and authorisation can lead to major problems. I am also keen to
pursue a PhD in this area and future career.”
The text from this is:
Final year students from Edinburgh, St Andrews, Glasgow and Napier
Universities won this year's prestigious Young Software Engineer
of the Year awards, at the ScotSoft2007 dinner organised by ScotlandIS
Hui Sun, a student of the University of Edinburgh's School of Informatics
was announced as The Young Software Engineer of the Year Award.
His award, a cheque for £1500 donated by the leading IT consultancy,
Sopra Group, and the Young Software Engineer of the year trophy,
is given to the student who has undertaken the best final year software
engineering project from amongst all the Scottish universities.
Hui Sun's project concentrated on developing face recognition software
for mobile phones, and the judges considered his work to be exceptional
with a clear commercial application.
Second prize, a cheque for £1000, donated by the BCS in Scotland,went
to Andreas Koltes, of the University of Glasgow and a native of
Mainz in Germany. Andreas, an exchange student at Glasgow from the
University of Passau, undertook a project based on developments
in the new generation of FPGA micro-chips
Angus Macdonald, University of St Andrews, won the third prize,
a cheque for £750 donated by Graham Technology, specialists
in contact centre software, with his project to simplify Web Service
Ewan Gunn was awarded the Real Time award, a special award given
to the project which, in the judges' opinion, most clearly embraces
sound software engineering principles. Ewan won a cheque for £750,
donated by Glasgow based Real Time Engineering, leading providers
of expert business consultancy and IT solutions. The student's university,
Napier, received the Real Time trophy.
Ewan is 24, and comes from Livingston;his project looked at new
methods for authorisation and authentication in security applications..
He plans to study for a PhD at Napier's Centre of Distribute Computing
and Security. The Centre has close links with the Young Software
Engineer Awards with their students having won three prizes in the
last four years. The Centre specialises in security and digital
"We were very impressed by the quality of entries to this
year's award. It is vital that Scottish universities and students
aim for the highest standards in software and IT development,"
commented Ian Ritchie, chair of the judging panel.