My research focuses on web security, data and application security, language-based security, and location privacy. I lead a team of researchers, engaged in a number of EU and national projects and collaborations with industry including Google, Facebook, Microsoft, and SAP. My papers are published in venues that include conference flagships IEEE Security & Privacy and ACM CCS, and journal flagships IEEE TDSC and ACM TISSEC.

I am recipient of the Facebook Research and Academic Relations Program Gift (2016), Google Faculty Research Award (2016), ERC Starter/Consolidator (2012), Chalmers Research Supervisor of the year (2010), and SSF Future Research Leader (2008) awards.

New: PhD position on Security and Privacy of Location-Based Services

Location-based services/systems (LBS) see tremendous growth, with application from smartphones to autonomous vehicles and aircraft. This project is on rigorous techniques for security and privacy in LBS, including:

• Security and privacy foundations of LBS: formal modeling and reasoning for LBS policies;

  Check out our paper on opacity, where we present a formal model of location privacy.

• Application-, service-, and system-level mechanisms: enforcing security and privacy policies for LBS by such software-level techniques as information flow control (IFC), program analysis, and monitoring, and their integration with such hardware-level mechanisms as Isolated Execution Environments (IEE) and infrastructure for secure localization;

  Check out our paper on JSLINQ, where we use information-flow control to protect user location when using third-party JavaScript libraries in web applications for nearby points of interest.

• Cryptographic techniques for LBS: designing and scaling decentralized approaches, such as those enabled by secure multi-party computation.

  Check out our paper on InnerCircle, where we design and implement a protocol for privacy-preserving location proximity.

Application deadline: June 15, 2017

Further information and application link: here.

• Program committees: POST'18, ESORICS'17, USENIX Security'17, S&P'17, EuroS&P'17 (co-chair), TMPA'17, CCS'16, ESORICS'16, USENIX Security'16, CSF'16, SAC'16, EuroS&P'16, NDSS'16, ACSAC'15, RAID'15, CCS'15, AppSecEU'15, S&P'15, SAC'15, ESSoS'15, CCS'14, NordSec'14, QASA'14, CSF'14, PSI'14, S&P'14, SAC'14, NWPT'13, NordSec'13, ESORICS'13, AppSecEU'13, ESEC/FSE'13 New Ideas Track, FCS'13, POST'13, POPL'13, NWPT'12, NordSec'12, MMM-ACNS'12, POST'12, NWPT'11, NordSec'11, SEC'11, ESOP'11, NWPT'10, MMM-ACNS'10, AppSec Research'10, PLAS'10, S&P'10, ASIACCS'10, CCS'09, CSF'09, CCS'08, CSF'08 (chair), ESOP'08, NordSec'07 (co-chair), MMM-ACNS'07, CSF'07 (chair), PLAS'07, ESOP'07, APLAS'06, ESORICS'06 (co-chair), CSFW'06, S&P'06, POPL'06, MMM-ACNS'05, SAS'05, FCS'05 (chair), CSFW'05, ESOP'05, VODCA'04, SecCo'04, SAS'04, FCS'04 (chair), FAST'03, FCS'03, CSFW'03, CSFW'02.
• Steering committees: CSF, POST, NordSec, FCS (2005-13, chair: 2005-08).
• Editorships: editorial board member for JCS and IPL; editor for web application security special issue of JCS, 2014, special issues on CSF 2008 and CSF 2007 of JCS and issue on Language-Based Security of JFP, 2005.
• Keynote invited talks: PSI'17, HotSpot'17, e-Stockholm'16, ICICS'14, RS3'14, OWASP Gothenburg Kick-Off, MMM-ACNS'10, ASIACCS'10, Dagstuhl WebAppSec'09, OWASP Sweden Kick-off, ASIAN'07, TGC'06, Dagstuhl LBS'03, FCS'03.
• Lecturing: IM&CTCPA'16 FOSAD'14, Aalborg'11, Marktoberdorf'11, Software Engineering and Verification'11, Marktoberdorf'09, GLOBAN'08, FOSAD'04, WSSA'03.
• Dagstuhl seminar organizer: Web Application Security, 2012; Mobility, Ubiquity, and Security, 2007; Language-Based Security, 2003.
• Scientific Advisory Board: CISPA-Stanford Center for Cybersecurity.

• Daniel Hausknecht
• Daniel Schoepe
• Per Hallgren
• Alexander Sjösten

• Musard Balliu
• Steven Van Acker

• Luciano Bello
• Willard Rafnsson
• Arnar Birgisson
• Jonas Magazinius
• Aslan Askarov
• Alejandro Russo

• Language-Based Security 2005-2017
• Concurrent Programming 2004-2007
• Cryptography 1998-2001