People Research Home
Contact Projects Students


Philip Robinson
Research Focus Research Interests Publications Contact
Philip Robinson received his B.Sc. in Computer Science from the University of the West Indies (UWI) in 1996. He then worked as a software programmer until 2000, when he traveled to the UK to pursue a M.Sc. in Distributed Systems. He was then awarded with the degree of M.Sc. in Distributed Interactive Systems by Lancaster University in August 2001. 

In November of 2001, he joined the Telecooperation Office (TecO) research group, Karlsruhe University, Germany, to investigate topics concerned with security in Ubiquitous Computing (UbiComp). He also joined  SAP Research to work with the Security and Trust Research group, investigating security for enterprise level applications that incorporate ubiquitous computing technology. This includes trust and security issues for mobile business applications and collaborative business processes enhanced with context awareness . The current project with SAP is called TrustCoM (Trust and Contract Management for Virtual Organizations). Virtual Organizations have dynamic properties that are comparable to those of UbiComp environments. There is therefore a conceptual overlap in the research issues even though the technical assumptions are very different.

Philip has also been the co-organizer of three workshops on security in Ubiquitous and Pervasive Computing in UbiComp 2002, UbiComp 2003 and Pervasive 2004, the latter being published as a post proceedings in the Kluwer Computer Science series. The publication is entitled: “Security, Privacy and Trust in the Context of Pervasive Computing”. 

Research Focus

The core hypothesis of my thesis is that entities in dynamic environments aim at maintaining their limited “perception of security” rather than explicitly protecting the system. If all trusted entities perceive that the system is secure, then this is the best possible security state. Furthermore, I believe that a security system may be divided into 5 hierarchical, distributable roles, which work together to form a complete security system. These roles are defined as initiator, coordinator, effector, monitor and announcer; The thesis claims that a system is most secure when all five of these management roles are assigned to and executable by trusted entities, yet allows the simplest case of all roles being carried out by a single entity.

There are two main challenges that I investigate:

1.      Complexity of managing (specification, enforcement, update) adaptive security and

2.      Coordinating secure interaction between entities in dynamic computing systems

 Before progressing to discuss the relevance of this thesis, I want to clarify the concept of “perception of security”: Perception is possible when an entity creates a model of the world in which it interacts. Perception is positively affected by events that confirm or enforce the validity of the model and negatively affected by events that distort the model. A perception of security is therefore an entity's model of system defined by its knowledge, assigned tasks and permissible views.

The research is being conducted in two different systems areas yet the similar properties of dynamics and distribution have prompted this research emphasis: 

i)     Meeting rooms and offices outfitted with supporting technology for ubiquitous computing. This allows new meeting attendees to spontaneously arrive and use equipment (projector, sensors, air conditioning) available in the room, or they may even bring their own equipment (cameras, laptops) to further enhance the system. Consequently, meeting attendees may also leave and take their equipment, causing the system to spontaneously reconfigure.

ii)     Virtual organizations represent coalitions of organizations that come together only to accomplish a business venture that could not be completed by only one (or subset) of the organizations. Therefore they need to create connections between their computer systems for resource sharing and coordination of business processes. However, partners change frequently, changing the availability of services and resources of the virtual organization, as well as the order in which processes are executed.

 The following properties are used to describe both of the above system scenarios:

 1.      Dynamic: Not possible to pre-determine actual constituents (hardware, software, users) of systems and consequent behaviour

2.      Distributed: protection goals must be locally enforced although centrally specified

3.      Task-Oriented: challenge of securing tasks as opposed to securing data

4.      Context Aware: protection goals may invariably change based on the actual state of the system

 The goal of the thesis is to show how dependable security in a distributed, dynamic system can be obtained when each entity (referred to as a controller) is given a clear description of its security assignment in the system, having proven that it can fulfill that role. The term Authorised Transient Control is used as a container for the research, as it defines:

 Authorised: each active entity in the system must be authorized to fulfill its security role, from which its perception of security is derived

Transient: the perception of security however frequently changes based on the situation, and the controllers are also expected to dynamically change (entity or role)

Control: therefore each entity of the system is assigned to control with a particular perception as reference.


 The contribution of the thesis will therefore be a security management model and coordination protocols for dynamically reconfiguring systems with the properties identified above.


Research Interests
Although security has become the thematic area of my research, my general interests are in the design, implementation and management of distributed systems. Ubiquitous computing shares many of the features of a distributed system, including autonomy of computational nodes, asynchronous communication, lack of a global clock, and dynamic interchange of resources. Therefore, many of the design, implementation and management challenges of UbiComp are also similar to those of distributed computing. Below is a list of my general interests. I have been author and co-author in at least one publication in each of these areas.
  • Context and situation awareness: development of adaptive software platforms that use system and environment information in order to define behaviour (see 9, 8, 1)
  • Crypto Protocols: usage of asymmetric and symmetric cryptographic mechanisms for designing secure message-based protocols at the application layer (see 8)
  • Policy-based systems: specification and generation of policies for specifying application behaviour (see 7, 5)
  • Security management: approaches for system administrators to manage security in such a way that the immediate requirements of users and the protection goals of the application are supported. (see 4, 3)
  • Software Engineering: object-oriented approaches to designing complex software systems (see 5, 2)
  • Trust Management: the dynamics of trust between collaborating entities and its influence on how shared applications are deployed and adapted (see 6, 2)


9 Philip Robinson: Architecture and Protocol for Authorized Transient Control. to appear in Kluwer, SPPC Workshop 2004
8Christian Decker, Michael Beigl, Albert Krohn, Philip Robinson, Uwe Kubach: eSeal - A System for Enhanced Electronic Assertion of Authenticity and Integrity. Springer, Pervasive 2004: 254-268
7 Thomas Walter, Laurent Bussard, Philip Robinson, Yves Roudier: Security and Trust Issues in Ubiquitous Environments - The Business-to-Employee Dimension. IEEE Computer Society, SAINT Workshops 2004: 696-701
6Philip Robinson, Jochen Haller, Roger Kilian-Kehr: Towards Trust Relationship Planning for Virtual Organizations. Springer, iTrust 2004: 355-361
5 Philip Robinson, Maarten Rits, Roger Kilian-Kehr: An Aspect of Application Security Management. as part of the AOSD Workshop 2004
4Philip Robinson, Jochen Haller: Revisiting the Firewall Abolition Act. IEEE Computer Society, HICSS 2003: 206
3Jochen Haller, Philip Robinson, Thomas Walter, Roger Kilian-Kehr: Framework and Architecture for Secure Mobile Business Applications. SEC 2003: 413-416
2Philip Robinson, Michael Beigl: Trust Context Spaces: An Infrastructure for Pervasive Security in Context-Aware Environments. Springer, SPC 2003: 157-172
1Michael Beigl, Albert Krohn, Tobias Zimmer, Christian Decker, Philip Robinson: AwareCon: Situation Aware Context Communication. Springer, Ubicomp 2003: 132-139


  • (being updated...)
Philip Robinson
76131 Karlsruhe
Phone: +49 (0)721 / 6902 - 89
Fax: +49 (0)721 / 966 34 18
EMail: philip@teco.uni-karlsruhe.de

Last modified in September, 2004
by philip@teco.uni-karlsruhe.de.