Jason Crampton's Home Page at the ISG

I am a Reader in the Information Security Group at Royal Holloway, University of London. I did my PhD in the School of Computer Science and Information Systems at Birkbeck, University of London under the supervision of Professor George Loizou. I still maintain close links with Birkbeck, where I am an Associate Research Fellow.
My research concentrates on role-based access control models, particularly role-based administration and the specification and enforcement of separation of duty policies. A list of selected publications is available here.

I teach Computer Security (IY5512), one of the core courses on the Information Security Masters Programme at Royal Holloway.

I am an Associate Editor of ACM Transactions on Information and System Security.

Forthcoming events in which I am involved include

15th ACM Symposium on Access Control Models and Technologies

Third IEEE International Symposium on Trust, Security and Privacy for Emerging Applications

Below is a wordle derived from the text of one of my recent papers. The font-size of a word in the image is proportional to its frequency in the text. The image provides quite an accurate snapshot of my research interests. Click on the image to see a high resolution pdf.

.

This is a short list of selected and forthcoming publications. A complete list of publications is available here or from DBLP.

Selected publications

Administrative scope: A foundation for role-based administrative models (with G. Loizou). ACM Transactions on Information and System Security, 6(2), 201-231, 2003.

Specifying and enforcing constraints in role-based access control. In Proceedings of 8th ACM Symposium on Access Control Models and Technologies (SACMAT03), 43-50, 2003.

On permissions, inheritance and role hierarchies. In Proceedings of 10th ACM Conference on Computer and Communications Security (CCS 2003), 85-92, 2003.

Understanding and developing role-based administrative models. In Proceedings of 12th ACM Conference on Computer and Communications Security (CCS 2005), 158-167, 2005.

On key assignment for hierarchical access control (with K. Martin and P. Wild). In Proceedings of 19th Computer Security Foundations Workshop, 98-111, 2006.

Delegation in role-based access control (with H. Khambhammettu). International Journal of Information Security, 7(2), 123-136, 2008.

On spatio-temporal constraints and inheritance in role-based access control (with L. Chen). In Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS 08), 205-216, 2008.

Cryptographically-enforced hierarchical access control with multiple keys. Journal of Logic and Algebraic Programming, 78, 690-700, 2009.

Set cover problems in role-based access control (with L. Chen). In Proceedings of 14th European Symposium on Research in Computer Security, 689-704, 2009

To appear

Authorization recycling in RBAC systems (with K. Beznosov, M. Ripeanu and Q. Wei). To appear in ACM Transactions on Information and System Security

	e-Mail address
	Postal address	Information Security Group Royal Holloway, University of London Egham Surrey TW20 0EX
	Office phone	+44 (0)1784 443117
	Departmental fax	+44 (0)1784 430766

This is a short list of selected and forthcoming publications. A complete list of publications is available here or from DBLP.
Selected publications
Administrative scope: A foundation for role-based administrative models (with G. Loizou). ACM Transactions on Information and System Security, 6(2), 201-231, 2003.
Specifying and enforcing constraints in role-based access control. In Proceedings of 8th ACM Symposium on Access Control Models and Technologies (SACMAT03), 43-50, 2003.
On permissions, inheritance and role hierarchies. In Proceedings of 10th ACM Conference on Computer and Communications Security (CCS 2003), 85-92, 2003.
Understanding and developing role-based administrative models. In Proceedings of 12th ACM Conference on Computer and Communications Security (CCS 2005), 158-167, 2005.
On key assignment for hierarchical access control (with K. Martin and P. Wild). In Proceedings of 19th Computer Security Foundations Workshop, 98-111, 2006.
Delegation in role-based access control (with H. Khambhammettu). International Journal of Information Security, 7(2), 123-136, 2008.
On spatio-temporal constraints and inheritance in role-based access control (with L. Chen). In Proceedings of ACM Symposium on Information, Computer and Communications Security (ASIACCS 08), 205-216, 2008.
Cryptographically-enforced hierarchical access control with multiple keys. Journal of Logic and Algebraic Programming, 78, 690-700, 2009.
Set cover problems in role-based access control (with L. Chen). In Proceedings of 14th European Symposium on Research in Computer Security, 689-704, 2009
To appear
Authorization recycling in RBAC systems (with K. Beznosov, M. Ripeanu and Q. Wei). To appear in ACM Transactions on Information and System Security