Magnet.me  -  The smart network where hbo and wo students find their internship and first job.

The smart network where hbo and wo students find their internship and first job.

This opportunity has expired. It is therefore no longer possible to like or apply.

See similar opportunities instead

Applied cryptography for risk-adaptive access control

Posted 22 Mar 2024
Work experience
0 to 1 years
Full-time / part-time
Full-time
Job function
Degree level
Required languages
English (Fluent)
Dutch (Fluent)

Your career starts on Magnet.me

Create a profile and receive smart job recommendations based on your liked jobs.

WHAT WILL YOU BE DOING?

Risk-adaptive access control (RAdAC) is a novel method for restricting access to resources (systems and data) to authorized users. It holds promise for providing more fine-grain access decisions than conventional access-control methods, such as RBAC, while at the same time allowing for a higher dynamicity in these decisions. The core concept behind RAdAC is that an explicit link should be formed between the “business benefits” and “security risks” associated to granting a user access. If the actual risk outweighs the acceptable risk (related to the business benefits), access is granted. RAdAC makes these risk estimations based on a set of attributes that are associated to a user, their device or the resources, such as a user’s geolocation, their device security status and the classification levels of the requested resources.

Both the resources that a user may request and the attributes used by RAdAC can be considered as sensitive or classified information that should be secured. In isolation, RAdAC only provides a means to ensure that only authorized and “trustworthy” users are allowed access to these resources, without providing the means to secure them or the attributes used by RAdAC. Yet, the protection of this sensitive data is fundamental to the practical implementation and realization of RAdAC.

In this thesis project, you will research how cryptographic means can be utilized to ensure that attributes and resources are sufficiently protected. For resource protection, you may research how concepts such as attribute-based encryption (ABE) can be utilized within the RAdAC concept. For the protection of attributes, you may research various ways that can be used to both encrypt attributes at rest or in transit, while having them available for risk calculations when access to a resource is requested.

WHAT DO WE REQUIRE OF YOU?

  • You are working on a Master’s degree in computer science or mathematics and would like to work on ICT security
  • You are familiar with cryptography and are interested in deepening your knowledge in cryptography and/or applying cryptographic concepts in practice.
  • You are capable of analytical thinking and understanding and bridging the gaps between multiple disciplines and technologies.
  • You are capable of working autonomously.
  • You have good communication skills.
  • You are creative and innovative.

WHAT CAN YOU EXPECT OF YOUR WORK SITUATION?

TNO is an independent research organisation whose expertise and research make an important contribution to the competitiveness of companies and organisations, to the economy and to the quality of society as a whole. Innovation with purpose is what TNO stands for. With 3000 people we develop knowledge not for its own sake but for practical application. To create new products that make life more pleasant and valuable and help companies innovate. To find creative answers to the questions posed by society. We work for a variety of customers: governments, the SME sector, large companies, service providers and non-governmental organisations. Working together on new knowledge, better products and clear recommendations for policy and processes. In everything we do, impact is the key. Our product and process innovations and recommendations are only worth something if our customers can use them to boost their competitiveness.

This department Cyber Security & Robustness (CSR) employs approximately 50 professionals who work on issues related to the security of IT networks, systems and smartphones to help our clients and associates take charge of their ICT security, detect fraud, review their architecture or develop a security design for new systems. The division is located at two locations: Groningen and The Hague.

WHAT CAN TNO OFFER YOU?

You want to work on the precursor of your career; a work placement gives you an opportunity to take a good look at your prospective future employer. TNO goes a step further. It’s not just looking that interests us; you and your knowledge are essential to our innovation. That’s why we attach a great deal of value to your personal and professional development. You will, of course, be properly supervised during your work placement and be given the scope for you to get the best out of yourself. Naturally, we provide suitable work placement compensation.

Innovation with purpose: that is what TNO stands for. We develop knowledge not for its own sake, but for practical application. TNO connects people and knowledge to create innovations that boost the competitive strength of industry and the well-being of society in a sustainable way.

Management Consulting
Den Haag
3,300 employees

What employees are saying

Thymen Wabeke

Innovator

Thymen Wabeke

“At TNO, you'll never do the same thing twice.”
Innovator Thymen Wabeke has found that, at TNO, every project is different. Plenty of opportunities to find out what you are good at, and to identify areas for further personal development.
“At Data Science, we develop smart computer programs that…

Michiel van den Baar

Trainee

Michiel van den Baar

“Together, we want to make the world a bit better”
Michiel van den Baar started his traineeship in a sustainable chemistry department. He is convinced that TNO can really make a difference in this area.
“My fascination with the energy transition dates back to my studies in Mechanical Engineering.…