Hello everyone! I am an ERCIM (European Research Consortium for Informatics and Mathematics) Alain Bensoussan Research Fellow at Fraunhofer Institute for Applied Information Technology (FIT), Sankt Augustin, Germany. During this one-year research fellowship I will be researching on Self-sovereign Identity Management using Blockchain Technology. I am being supervised by Prof. Wolfgang Prinz.

Before starting my research fellowship, I joined as an Associate Professor at the Department of Computer Science and Engineering of the BRAC University, Dhaka, Bangladesh. I am currently on research leave, however, I actively still supervise undergraduate and graduate students for their theses and projects. My BRAC University page can be accessed from this location.

I actively advise the Government of Bangladesh in different capacities, particularly in Blockchain. I am the principal author of the National Blockchain Strategy document of Bangladesh.

Previously, I was an Assistant Professor at the Department of Computer Science and Engineering of the Shahjalal University of Science and Technology (SUST), Sylhet Bangladesh. During my SUST tenure, I established the first-ever blockchain-focused security research laboratory, called SUBSEL (Shahjalal University Blockchain and SEcurity Laboratory), in Bangladesh at SUST. Please visit the SUBSEL homepage for more information. I am acting as the Advisor of SUBSEL currently.

Before joining SUST I worked as a Research Associate at the Centre for Global Finance and Technology of the Imperial College Business School, Imperial College London, UK. I was involved in a project in collaboration with Citi Group to explore how the blockchain technology could be leveraged to streamline the KYC (Know Your Customer) process for any global financial institution. I am still associated with the Centre to continue this research remotely from SUST.

While I was at Imperial, I had the opportunity to work at the UK Cabinet Office as their first Technology Fellow. I was a part of a joint-project involving the UK Cabinet Office, UK Ministry of Justice and UK Police in which I explored how the blockchain technology could be leveraged for securing digital evidences. I designed and developed a proof of concept which the UK ministry of Justice exploring the possibility for real-life trial. This has been a very successful project and it received world-wide media attention. Please check the Media link to view a few media coverages.

I worked as a Research Fellow at the Electronics and Computer Science of the University of Southampton in a Horizon 2020 cloud security project called SUNFISH in between September, 2015 to June, 2017. In this project, we investigated how the blockchain technology could be exploited to increase the security in a cloud federation.

I was a Post-doctoral Research Assistant at the School of Computing Science of the University of Glasgow in a project called the Integrated Multimedia City Data (iMCD). This was part of an ongoing ESRC funded Urban Big Data Centre, Glasgow under the umbrella of Big Data Theme. I was responsible for conducting research and developing systems for collating a large collection of textual and multimedia data from online news sources, microblogs, social sharing sites such as Youtube & flickr and wearable sensors such as life-loggers and GPS devices and then to analyse this data set to make sense.

I was a SICSA (Scottish Informatics and Computer Science Alliance) Funded, PhD student at the University of Glasgow. My thesis title is User-controlled Identity Management Systems using Mobile Devices in which I investigated how modern smartphones, ever increasing in power and size, could be used for managing our online identities. My primary supervisor was Dr. Ron Poet and secondary supervisor was Dr. Gethin Norman.

I am originally from Bangladesh, a beautiful south-asian country. I did my Bachelor in Computer Science & Engineering from the Department of Computer Science and Engineering at Shahjalal University of Science & Technology, Bangladesh. I have a double masters in Security and Mobile Computing from the Norwegian University of Science and Technology, Norway and University of Tartu, Estonia. I was awarded with the prestigious Erasmus Mundus Scholarship  to pursue my masters study.

My latest Résumé can be found here.


Email:
  • sadek.ferdous at bracu.ac.bd
  • s.ferdous at imperial.ac.uk
Research profile:

Google Scholar
Research Gate

Research

My current research interests include the following topics:

Blockchain (Distributed ledger)

There has been a tremendous interest regarding the Blockchain technology in the recent years. A blockchain is a public ledger consisting of blocks which are added one after another within a certain period following a strict set of rules and provides some strong security guarantees. Bitcoin has been the first example of an application that harnesses the advantage of the blockchain technology. Recently, Ethereum has showcased another tremendous utilisation of the blockchain technology. Ethereum provides a programming platform on top of the blockchain which boasts not only all the advantages of the blockchain technology but also an interface to deploy irrefutable smart-contracts. It has been envisioned that such a programming platform will revolutionise the financial industries as well as the IoT domain. I am currently investigating the ways the Ethereum-based blockchain technology can be exploited to guarantee security in different application domains.

Identity Management

Identity Management has been a very popular topic in recent years. With the proliferation of online services, people are flooded with online accounts in which the users are required to register by providing several information (Name, age, e-mail, etc.) including a username/password. An online account with these information in a service provider (an organisation that provides online service, e.g. Banks) is regarded as a digital identity of the user. When the number of such digital identities increases, their management becomes problematic for any user. The side effects of this are that users use the same username/password pair for different accounts during registration which ultimately increases the chance of personal data being stolen. Identity Management is the research topic that investigates how the number of online accounts can be minimised to mitigate these risks and how users can manage their online data in a secure and privacy-friendly way.

Trust Management

Trust Management has been a very popular research topic in recent years. Trust management is the mechanism by which the trust relationship between two stated entities can be analysed and then, if needed, be established. There have been several aspects of trust management, but currently my focus is mainly on the roles the trust management plays in Identity Management.

Security Usability

Security Usability is the mixture of CHI and Security that measures the effectiveness of a security solution or a secure system. A secure system is considered less useful if its users find it difficult to use. Several studies have shown that general users who lack with technical know-hows of find it difficult to use them properly resulting in security breaches.

Privacy Enhancement Technologies

Privacy Enhancement Technologies (PETs) are the mechanisms that are deployed to ensure the privacy of users in different domains. Traditionally, researches in this topic have mostly focused only in two domains: database and location based services. I am interested to investigate the applicability and effectiveness of traditional mechanisms in other domains as well.

Security

I am interested to investigate the applications of different security technologies into an array of other domains such as cloud computing, IoT, Software-defines Networking (SDN), Vehicular Adhoc Networking (VANET), etc. More specifically, I am intesrested to investigate the usage and effectiveness of adopting different crypto mechanims in these domains.

Internet of Things (IoT) Security

IoT is envisioned to change every aspects of our lives in future in an unprecedented manner. However, many of them being tiny small devices with small processing power lack proper built-in security mechanism. These are targetted by attackers. I am interested to investigate how the security of IoT devices can be increased.

Others

I have also keen interest in information retrieval mechanisms, social network analysis and alternate realities (Virtual/Augmented Reality) and their implications regarding how they can affect the ways users can manage different security, privacy and trust issues.


Research service:

  • Reviewer of the IEEE Systems Journal.
  • Reviewer of the Frontiers of Computer Science.
  • Reviewer of the International Journal of Information Security.
  • Distinguished Juror & Mentor, Bangladesh Blockchain Olympiad, 2020 & 2021.
  • Reviewer of the IEEE Transactions on Intelligent Transportation Systems.
  • Reviewer of the IEEE Access.
  • Reviewer of the Journal of Parallel and Distributed Computing.
  • Reviewer of the Knowledge Engineering Review Journal.
  • Reviewer of the International Journal of Network Security (IJNS).
  • Reviewer of the Theory and Practice of Cryptography Solutions for Secure Information Systems (CRYPSIS). Editors: Atilla Elçi et al. Published by IGI Global, 2013.
  • Track chair, the IEEE Region 10 Symposium (TENSYMP), 2020.
  • Joint Secretary, the 2nd International Conference on Bangla Speech and Language Processing (ICBSLP), 2019.
  • PC Member, the 3rd Symposium on Distributed Ledger Technology (SDLT), 2018.
  • Joint Secretary, the 1st International Conference on Bangla Speech and Language Processing (ICBSLP), 2018.
  • Program Co-Chair, the 8th International Conference on Security of Information and Networks (SIN’15), 2015.
  • Local Arrangements Co-Chair, the 7th International Conference on Security of Information and Networks (SIN’14), 2014.
  • PC Member (Poster Chair), the 6th International Conference on Security of Information and Networks (SIN’13), 2013.
  • Organiser of the 1st SICSA Cyber Security Conference, 2013.
  • PC Member of the 17th Nordic Conference on Secure IT Systems (NordSec 2012).
  • Organiser of the workshop titled “Large Scale Experiments & Modelling” at the SICSA PhD Conference 2012.


Publications

Policy Document


Journal publications

Book chapters

Conference publications

Posters


Media Coverage

A reseach carried out by my student made it to a local news paper! It is about the security state of some of the local, including governmental, websites in Bangladesh and the threats they pose. To read it, please click here.

During my secondment as a Technology Fellow at the UK Cabinet Office, my project on security digital evidences using the blockchain technology received world-wide media coverages. Some of the links are presented below:


Research Grants

I have received a number of research grants to carry out research projects in the intersection of blockchain and security:
  • Innovation grant of 8 lakh (9400 USD) from the Information and Communication Technology Division, Government of Bangladesh to conduct research on the intersection of e-KYC and blockchain. (Status: Onging)
  • AWS (Amazon Web Services) Cloud Credits for Research, a grant of 20,000 USD in order to deploy a private blockchain evaluation framework within Amazon Clouds. (Status: Completed)
  • Shahjalal University grant of 4.5 lakh BDT (5300 USD) to develop an identity federation within Shahjalal University. (Status: Completed)

Teaching

During my SUST tenure, I taught a number of graduate and undergraduate courses such as:
  • Computer Architecture
  • Introduction to Computer Security
  • Introduction to Cryptography
  • Cryptographic Protocols
  • Introduction to Porgramming Language with C