Simon Foley's Personal Page

Dr. Simon N. Foley
Statutory Lecturer in Computer Science,
Department of Computer Science,
University College Cork,
Cork, Ireland
Phone: +353 21 4205923
Email: s.foley@cs.ucc.ie

Security Research and Teaching


The security group at UCC includes myself, William Fitzgerald (PhD '10), Fatih Turkmen, Samane Abdi, Olgierd Pieczul, Ultan Neville and BSc/MSc project students. Past members include Thomas Quillinan (PhD '06) Hongbin Zhou (PhD '07) Barry Mulcahy (PhD '08) Wayne Mac Adams (MSc '11) and Benyamin Aziz (Post-doc).

Our research areas research areas include distributed/network access controls, autonomic security, trust, security analysis, security risk management and physical security. Our research is partly supported by the SFI Strategic Research Cluster FAME and United Technologies Research Center. I'm currently on the editorial boards of the Journal of Computer Security and the International Journal of Information Privacy, Security and Integrity, Program co-Chair of the International Conference on Risks and Security of Internet Systems and serve on the program committees of a number of conferences. In the past, I served as Program and as General Chair of the ACM/ACSA New Security Paradigms Workshop and the IEEE Computer Security Foundations Workshop.

Teaching for 2011/2012: CS3511 Web Security, CS4614 Introductory Network Security, CS4615 Computer Systems Security, CS6325 Network Security and CS6315 Mobile Systems Security. Lecture notes, etc. available on the Departmental Moodle Server (UCC access only), you can get a sense of the undergraduate courses from recent exam papers CS3511 and CS4253 (CS4253 now split as CS4614 and CS4615).

Publications wordle web-page

(also as RSS feed from CSBIB)

Please note that the original publishers hold the copyright to these papers. Before downloading please check publisher copyright notices. For example, ACM, IEEE, and Springer

  • W. M. Fitzgerald and S. N. Foley. Reasoning about the Security Configuration of SAN Switch Fabrics, 4th Symposium on Configuration Analytics and Automation (SafeConfig), Arlington, VA, USA, October 2011. to appear. paper

  • S. N. Foley, W. M. Fitzgerald, Wayne MacAdams Federated Autonomic Network Access Control, 4th Symposium on Configuration Analytics and Automation (SafeConfig), Arlington, VA, USA, October 2011.

  • S.N. Foley and S. Abdi, Avoiding Delegation Subterfuge using Linked Local Permission Names , Proceedings of 8th International Workshop on Formal Aspects of Security and Trust (FAST2011), Springer LNCS, 2011 to appear. paper

  • K. Feeney, S.N. Foley and R. Brennan, A Trust Model for Capability Delegation in Federated Policy Systems, Proceedings of 6th IEEE International Conference on Risks and Security of Internet and Systems, Romania, IEEE Press, 2011.

  • S. N. Foley, W. M. Fitzgerald: Management of Security Policy Configuration using a Semantic Threat Graph Approach, Journal of Computer Security, 2011, paper

  • C. Martinez-Garcia, G. Navarro-Arribas, S.N. Foley, J. Borrell. Flexible security inter-domain interoperability through attribute conversion Information Sciences, 181(16): 3491-3507 (2011). paper

  • H. Zhou and S.N. Foley Fast automatic security protocol generation , Journal of Computer Security, to appear, 2011.

  • S.N. Foley and W. Mac Adams. Trust Management of XMPP Federation, Proceedings of IFIP/IEEE Workshop on Managing Federations and Cooperative Management, IEEE Press, 2011. paper

  • R. Brennan, Z. Etzioni, J. Keeney, K. Feeney, D. O'Sullivan, W.M. Fitzgerald, S.N. Foley, Federated autonomic management of HAN services, Proceedings of the 12th IFIP/IEEE International Symposium on Integrated Network Management, IM 2011. 646--649.

  • W.M. Fitzgerald and S.N. Foley, Management of Heterogeneous Security Access Control Configuration using an Ontology Engineering Approach 2nd ACM Workshop on Assurable & Usable Security Configuration, 2010. paper

  • S.N. Foley, W. Mac Adams and B. O'Sullivan Aggregating Trust Using Triangular Norms in the KeyNote Trust Management System. 6th International Workshop on Security and Trust Management, Athens, Greece, Springer LNCS, 2010. paper

  • K. Feeney, R. Brennan, S.N. Foley, A Trust Model for Capability Delegation in Federated Policy Systems. In 6th IEEE/ifip International Conference on Network and Service Management, Niagra, Canada, 2010.

  • R. Brennan, K. Feeney, J. Feeney D. O'Sullivan, J.J. Fleck II, S.N. Foley, S. van der Meer. Multi-Domain IT Architectures for Next Generation Communications Service Providers. IEEE Communications Magazine, August 2010. paper

  • S. Bistarelli, S.N. Foley, B. O'Sullivan, F. Santini, Semiring-based Frameworks for Trust Propagation in Small-World Networks and Coalition Formation Criteria, Journal of Security and Communication Networks, to appear. paper

  • W. M. Fitzgerald, S. N. Foley Aligning Semantic Web Applications with Network Access Controls, Computer Standards & Interfaces, Elsevier, 2010. paper

  • S.N. Foley Security Risk Management using Internal Controls. ACM Workshop on Information Security Governance, 2009. paper

  • S.N. Foley and H. Moss. A Risk-Metric Framework for Enterprise Risk Management. IBM Journal of Research and Development, special issue on Business Integrity and Risk Management, 54(3), 2010. paper

  • S.N. Foley, V.M. Rooney. Qualitative Analysis for Trust Management: Towards a Model of Photograph Sharing Indiscretion. International Security Protocols Workshop, Cambridge, 2009, LNCS to appear. paper

  • S.N. Foley and W.M. Fitzgerald. An Approach to Autonomic Security Policy Configuration using Semantic Threat Graphs. 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security, 2009. Springer LNCS. paper

  • B. Jennings, R. Brennan, W. Donnelly, S.N. Foley, D. Lewis, D. O'Sullivan, J. Strassner and S. van der Meer. Challenges for Federated, Autonomic Network Management in the Future Internet. IFIP/IEEE International Workshop on Management of the Future Internet, NY, June 2009. paper

  • S. Bistarelli, S.N. Foley, B. O'Sullivan and F. Santini, From Marriages to Coalitions: A Soft CSP Approach Recent Advances in Constraints, 13th Annual ERCIM International Workshop on Constraint Solving and Constraint Logic Programming, Springer LNAI 5655, 2009. paper

  • W.M. Fitzgerald, S.N. Foley, M. O'Foghlu. Network Access Control Configuration Management using Semantic Web Techniques, Journal of Research and Practice in Information Technology, to appear. paper

  • B. Aziz, S.N. Foley, J. Herbert, and G. Swart, Configuring storage area networks using mandatory security, Journal of Computer Security, 17(2) 2009. paper

  • W.M. Fitzgerald, S.N. Foley M O'Foghlu Network Access Control Interoperation using Semantic Web Techniques 6th International Workshop on Security in Information Systems, (WOSIS 2008), Barcelona, Spain, June 2008. paper

  • S.N. Foley, G. Bella, S. Bistarelli, Security Protocol Deployment Risk, International Security Protocols Workshop, Cambridge UK. April, 2008. paper

  • S. N. Foley and W. M. Fitzgerald. Semantic Web and Firewall Alignment, Proceedings of the First International Workshop on Secure Semantic Web, 2008, Cancun, Mexico, IEEE CS Press. paper

  • W. M. Fitzgerald, S. N. Foley, M. O'Foghlu: Confident Firewall Policy Configuration Management using Description Logic , Short paper. Twelfth Nordic Workshop on Secure IT Systems, Short Paper, Reykjavik, Iceland, October 11-12, 2007 paper

  • S N. Foley, W. Fitzgerald, S. Bistarelli, B. O'Sullivan, M. O'Foghlu. Principles of Secure Network Configuration: Towards a Formal Basis for Self-Configuration Proceedings of IPOM 2006, 6th IEEE International Workshop on IP Operations and Management, October, 2006. paper

  • Hongbin Zhou, Simon N Foley A Framework for Establishing Decentralized Secure Coalitions Proceedings of IEEE Computer Security Foundations Workshop, Venice, Italy, July 2006, IEEE CS Press. paper

  • S.N. Foley, B.P. Mulcahy, T.B. Quillinan and J.P. Morrison. Supporting Heterogenous Middleware Security Policies in WebCom Journal of High Speed Networks, Special issue on Security Policy Management, paper

  • B. Aziz, S.N. Foley, J. Herbert and G. Swart. Reconfiguring Role Based Access Control Policies Using Risk Semantics. Journal of High Speed Networks, Special issue on Security Policy Management, paper

  • J.P Morrison, B. Coughlan, A. Shearer, S.N. Foley, D. Power, and R. Perrot WebCom-G: A Candidate Middleware for Grid Ireland\/} International Journal of High Performance Computing Applications, to appear.

  • Stefano Bistarelli, Simon N. Foley and Barry O'Sullivan A Soft Constraint-based Approach to the Cascade Vulnerability Problem Journal of Computer Security, 13(5), pp699-720, 2005. paper

  • B.C. Clayton and T.B. Quillinan and S.N. Foley. Automating Security Configuration for the Grid. International Journal of High Performance Computing and Networking, Volume 13, Number 2 / 2005 Pages: 113 - 125.

  • T.B. Quillinan, S.N. Foley, Synchronisation in Trust Management using Push Authorisation First International Workshop on Security and Trust Management (STM'05), Milan, Italy, September 2005. paper

  • S.N. Foley, S. Bistaelli, B. O'Sullivan, J. Herbert and G. Swart Multilevel Security and Quality of Protection First Workshop on Quality of Protection, Como, Italy, September 2005. paper

  • G. Navarro, S.N. Foley, Approximating SAML using Similarity Based Imprecision 2005 IFIP International Conference on Intelligence in Communication Systems. paper

  • G. Swart, B. Aziz, S.N. Foley and J. Herbert. Trading Off Security in a Service Oriented Architecture , In Proceedings of the 19th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Storrs, CT, USA, August 7-10, 2005. paper

  • H. Zhou, S.N. Foley. A Logic for Analysing Subterfuge in Delegation Chains. Workshop on Formal Aspects in Security and Trust (FAST2005), Newcastle upon Tyne, UK, July 18-19, 2005. paper

  • B.P. Mulcahy, S.N. Foley and J.P. Morrison Cross Cutting Condensed Graphs 2005 International Conference on Parallel and Distributed Processing Techniques and Applications (PDPTA 2005). IEEE CS Press.

  • S.N. Foley, H Zhou. Authorisation Subterfuge by Delegation in Decentralised Networks In Proceedings of International Security Protocols Workshop, Cambridge UK. April, 2005. Springer Verlag LNCS. paper

  • S.N. Foley, B. Mulcahy and T.B. Quillinan Dynamic Adinistrative Coalitions with WebCom_DAC Proceedings of Web 2004: Third Workshop on e-Business. Washington DC, December, 2004. paper

  • T.B. Quillinan, S.N. Foley. Security in WebCom: Addressing naming issues for a Web Service architecture, ACM Workshop on Secure Web Services (ACM-SWS2004). paper

  • G. Swart, B. Aziz, S.N. Foley and J. Herbert. Automatic Configuration of Services for Security, Bandwidth, Throughput, and Availability. ICSOC04 Forum/Short Paper (2nd International Conference on Service Oriented Computing) 2004.

  • S. Bistarelli, G. Bella and S.N. Foley Soft Constraints for Security, First International Workshop on Views On Designing Complex Architectures (VODCA), September 2004. Springer Verlag Electronic Notes in Computer Science. paper

  • H. Zhou, S.N. Foley A Collaborative Approach to Autonomic Security Protocols Proceedings of the ACSA New Security Paradigms Workshop, Nova Scotia, September 2004. paper

  • S. Bistarelli, S.N. Foley and B. O'Sullivan Reasoning about Secure Interoperation using Soft Constraints Proceedings of FAST-2004 Workshop on Formal Aspects of Security and Trust, Toulouse, August 2004. paper

  • B. Aziz, S.N. Foley, J. Herbert, G. Swart Configuring Storage-Area Networks for Mandatory Security, 18th Annual IFIP WG 11.3 Working Conference on Data and Applications Security Sitges, Spain, July 25-28, 2004. paper

  • T. Quillinan, B. Clayton, S.N. Foley. GridAdmin: Decentralising Grid Administration using Trust Management. 3rd International Symposium on Parallel and Distributed Computing, IEEE Press, July 2004. paper

  • S.N. Foley Believing the Integrity of a System. Invited paper. IJCAR 2004 Workshop on Automated Reasoning for Security Protocol Analysis, July 4, 2004. Springer Verlag Electronic Notes in Computer Science. paper

  • S. Bistarelli, S. Foley and B. O'Sullivan Detecting and Eliminating the Cascade Vulnerability Problem from Multi-level Security Networks using Soft Constraints. Proceedings of AAAI/IAAI-2004 (16th Innovative Applications of AI Conference), AAAI Press San Jose, USA, July 2004. paper

  • S.N. Foley, T.B Quillinan, B. Mulcahy, M. O'Connor, J.P. Morrison. A Framework for Heterogeneous Middleware Security, 13th Heterogeneous Computing Workshop (HCW 2004), Santa Fe, New Mexico, USA, April 26, 2004. paper

  • S. Bistarelli, S.N. Foley, B. O'Sullivan. Modelling and Detecting the Cascade Vulnerability Problem using Soft Constraints. Proceedings of ACM Symposium on Applied Computing (SAC-2004), ACM Press Nicosia, Cyprus, March 2004. paper

  • S. Bistarelli, S.N. Foley, B. O'Sullivan. A Constraint Based Framework for Modelling the Cascade Vulnerability Problem Workshop on COnstraint and LOgic Programming in Security. Workshop held alongside ICLP-2003 Mumbai, India, December 2003. Electronic Notes in Theoretical Computer Science.

  • H. Zhou, S.N. Foley. Fast Automatic Synthesis of Security Protocols using Backward Search, In proceedings of the ACM Workshop on Formal Methods for Security Engineering (FMSE), Washington DC, October 2003. paper

  • S. Bisterelli, S.N. Foley. A Constraint framework for the qualitative analysis of dependability goals: Integrity. In Proceedings of the International Conference of Computer Safety, Reliability and Security. Scotland, September 2003. Springer Verlag LNCS. paper

  • S. Bistarelli, S.N. Foley. Analysis of Integrity Policies using Soft Constraints. In Proceedings of IEEE International Workshop on Policies for Distributed Systems and Networks. Lake Como, Italy. June 2003. paper

  • S.N. Foley, H. Zhou, Towards an Architecture for Autonomic Security Protocols In Proceedings of International Security Protocols Workshop, Cambridge UK. April, 2003. Springer Verlag LNCS paper

  • S.N. Foley Using Trust Management to Support Transferable Hash-Based Micropayments. In proceedings of the 7th International Financial Cryptography Conference. Guadeloupe FWI, January 2003. Springer Verlag LNCS. paper

  • S.N. Foley. A Non-Functional Approach to Systems Integrity, IEEE Journal on Selected Areas in Communications. 21(1), pages 36-43. January 2003. paper

  • S.N. Foley, T.B. Quillinan. Using Trust Management to Support MicroPayments, In proceedings of the Annual Conference on Information Technology and Telecommunications, Waterford, Ireland, October 2002. paper

  • C. Wolf, P. Fitzpatrick, S.N. Foley, E. Popovici. HFE in Java: Implementing Hidden Field Equations for Public Key Cryptography In proceedings of the Irish Signals and Systems Conference, Cork, Ireland, June 2002. paper

  • S.N. Foley Supporting Imprecise Delegation in KeyNote. In Proceedings of International Security Protocols Workshop, Cambridge UK. April, 2002. Springer Verlag LNCS, paper

  • S.N. Foley, T.B. Quillinan, J.P. Morrison, Secure Component Distribution using WebCom. In Proceedings of IFIP/Sec 2002 17th International Conference on Information Security, pages 387-398, Cairo Egypt, May 2002. paper

  • S.N. Foley Supporting Imprecise Delegation in KeyNote using Similarity Measures
    Proceedings of The Sixth Nordic Workshop on Secure IT Systems, Pages 101-119, November, 2001, Copenhagen..

  • S.N. Foley and R. Dumigan. Are Palm Handheld Viruses a Significant Threat?, Communications of the ACM, Technical Opinion. Pages 105-107, January 2001.
    An interview on this work appeared in the New York Times

  • S.N. Foley and J.P. Morrison Computational Paradigms and Protection. Proceeding of New Security Paradigms Workshop, pages 3-11, New Mexico, 2001. ACM Press. paper

  • S.N.Foley Trust Management and Whether to Delegate. Proceedings of the International Security Protocols Workshop, (Cambridge, UK), April 2001. Springer Verlag, forthcoming. paper

  • S.N. Foley, T.B. Quillinan, J.P. Morrison, D.A. Power and J.J. Kennedy Exploiting KeyNote in WebCom: Architecture Neutral Glue for Trust Management. In Proceedings of The Fifth Nordic Workshop on Secure IT Systems, Pages 101-119, October, 2000, Reykjavik, Iceland. paper

  • S.N. Foley Conduit Cascades and Secure Synchronisation. In Proceeding of ACM New Security Paradigms Workshop, pages 141-150, (Cork, Ireland) 2000, ACM Press. paper

    This paper was also selected from this workshop for special presentation and inclusion in the Proceedings of the National Information Systems Security Conference (Baltimore, MD, USA), October 16-19, 2000.

  • S.N. Foley Evaluating System Integrity. Proceeding of ACM New Security Paradigms Workshop (Charlottesville, VA, USA), 1998, ACM Press, pages 40-47. paper

  • S.N. Foley. External Consistency and the Verification of Security Protocols. 6th International Workshop on Security Protocols. (Cambridge, UK), April 1998. Springer LNCS 1550, pp24-35. paper

  • S.N. Foley. A Kernelized Architecture for Multilevel Secure Application Policies. European Symposium on Research in Computer Security, Louvain-la-Neuve, Belgium, 17 pages, September 16-18, 1998, Springer LNCS 1485, pp 33-49.. paper

  • S.N. Foley. Supporting Secure Canonical Upgrade Policies in Multilevel Secure Object Stores. In Proceedings of the 13th IEEE Annual Computer Security Applications Conference (San Diego, CA), IEEE Computer Society Press, 1997, pages 69-80. paper

  • S.N. Foley. The Specification and Implementation of Commercial Security Requirements Including Dynamic Segregation of Duties. In Proceedings of the 4th ACM Conference on Computer and Communications Security (Zurich, Switzerland), ACM Press, 1997, pages 125-134. paper

  • S.N. Foley. Building Chinese Walls in Standard Unix. December 1997. In Computers and Security Journal, 16(6):551-563. paper

  • S.N. Foley, L. Gong, and X. Qian. A Security Model of Dynamic Labelling Providing a Tiered Approach to Verification. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, CA), IEEE Computer Society Press, 1996, pages 142-153. full length TR

  • S.N. Foley and J.L. Jacob. Specifying Security for CSCW Systems. In Proceedings of the IEEE Computer Security Foundations Workshop (Kenmare, Co. Kerry), IEEE Computer Society Press, 1995, pages 136-145.

  • S.N. Foley. Reasoning about Confidentiality Requirements. In Proceedings of the IEEE Computer Security Foundations Workshop (Franconia, NH), IEEE Computer Society Press, 1994, pages 150-160. paper

  • S.N. Foley. Aggregation and Separation as Noninterference Properties. Journal of Computer Security, 1(2):159-188, 1992. paper

  • S.N. Foley. Separation of Duty Using High Water Marks. In Proceedings of the IEEE Computer Security Foundations Workshop (Franconia, NH), IEEE Computer Society Press, 1991, pages 79-88.

  • S.N. Foley. A Taxonomy for Information Flow Policies and Models. In Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, 1991, pages 98-108.

  • S.N. Foley. Secure Information Flow Using Security Groups. In Proceedings of the IEEE Computer Security Foundations Workshop (Franconia, NH), IEEE Computer Society Press, 1990, pages 62-72.

  • S.N. Foley. Unifying Information Flow Policies. Technical Report 900020, Royal Signals and Radar Establishment, Malvern, Worcs., UK., 1990.

  • S.N. Foley. Lattices for Security Policies. Technical Report 90005, Royal Signals and Radar Establishment, Malvern, Worcs., UK., 1990. report .

  • S.N. Foley. A Model for Secure Information Flow. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland, CA), IEEE Computer Society Press, 1989, pages 248-258.

  • S.N. Foley. A Universal Theory of Information Flow. In Proceedings 1987 IEEE Symposium on Security and Privacy (Oakland, CA), IEEE Computer Society Press, pages 116-122.

[CSS from style.org].