Dr. Alexandra Nenadic
Contact Details
2.120 Kilburn Building
School of Computer Science
University of Manchester
Oxford Road
Manchester M13 9PL, UK
Voice: +44 (0) 161 275 0672
Fax: +44 (0) 161 275 6204
Email: anenadic-AT-cs.man.ac.uk (cut and paste, then replace -AT- with @)
Short Biography
Alex has been working as a research associate in the School of Computer Science since 2002. Currently, she is part of the Information Management Group and is involved with the MyGrid project - working on security issues for MyGrid's product Taverna. Before moving to academia, Alex used to work as a developer in industry (in Serbia and UK) for 2 years.
Alex has a BSc (1999) in Computer Science from Faculty of Mathematics, University of Belgrade, Serbia.
She also holds a PhD (2005) in Computer Science from School of Computer Science, University of Manchester, UK. (Thesis title "A Security Solution for Fairness and Non-repudiation in E-Commerce".)
Alex is generally interested in:
- Internet, Web Services and grid security
- Federated Identity and Access Management
- Design and formal verification of network security protocols
Research Projects
MyGrid project (Mar 2008 - present)
I am working on enabling secure execution of workflows from Taverna Workflow Management System and accessing various remote grid and Web services that require user authentication; secure auditing of workflow execution to aid provenance capture and tracking.
ES-LoA project (Nov 2006 - Mar 2008)
ES-LoA project was working on investigating the future requirements for a Federated Identity and Access Management system for UK HE that supports authentication methods with various strengths that are linked to the value of accessed remote resources Ð the more sensitive the resource the greater confidence in authentication is required (e.g. smart cards for highly valuable resources vs. username and password less valuable ones). I have been researching the existing definitions and applications of authentication Levels of Assurance (LoA), establishing consensus across different communities (identity providers, service providers, and grid community) about LoA, evaluating the benefits, making recommendations and consulting institutions on adopting the new technology.
FAME-PERMIS project (Jan 2005 - Nov 2006)
FAME-PERMIS developed a single sign-on solution for multi-level and devolved authentication for Shibboleth-enabled Federated Identity and Access Management. Specifically, I developed the FAME component (an Apache-Perl module) that enables users to be authenticated by their home institutions using a variety of pluggable authentication methods with different strengths (smart cards, soft certificate tokens, passwords, Kerberos, LDAP, etc.) and access external resources provided by other federation members controlled by PERMIS and linked to the strength of the authentication process.
SHEBANGS project (Jan 2005 - Nov 2006)
SHEBANGS project was carried out by the Research Computing Services, Manchester. I collaborated with this project by providing the FAME-enabled Shibboleth identity provider services to bridge access to the National Grid Service for users not possessing grid credentials.
FIDES project (Jan 2002 - Jan 2005)
FIDES was a MI/DTI-funded project carried out in collaboration with PrismTech Ltd. from Newcastle. Developed security protocols and an e-commerce tool for fair exchange of important electronic documents, such as digitally signed contracts, e-payments and e-mails, and non-repudiation of sending and receiving such documents.
Publications
A list of most recent publications:
- J. S. Chin, A. Nenadic and N. Zhang, Context-Constrained Authorisation (CoCoA) Framework for Pervasive Grid Computing, to appear in Wireless Networks Journal (WINET), Springer Netherlands, 2008.
- N. Zhang and A. Nenadic, Using Authentication Levels of Assurance to Achieve Fine-Grained Access Control in Digital World, Touch Briefings, 2007.
- A. Nenadic, N. Zhang, L. Yao and T. Morrow, Levels of Authentication Assurance: an Investigation, Proceedings of the 2007 International Conference on Information Assurance and Security, IEEE Computer Society, Manchester, UK, 2007.
