Staff Profile

I'm a Reader in the School of Computing at Newcastle University. I joined the School in 2013, as a Senior Research Associate working with Aad van Moorsel and got my Lectureship in 2016, Senior Lectureship in 2019 and Readership in 2023. I was Director of Postgraduate Studies for the School of Computing from January 2020 to January 2023. 

I'm currently Director of the SAgE Digital Skills Lab, Acting Head of the SRS Group and a member of Senate.

I have been involved with many research projects over the years. I'm currently looking into two main topics:

• Security of Smart Infrastructure, which includes with my involvement in the PETRAS Centre, within which I'm leading two projects directly related to the security and privacy of smart buildings. My main collaborators include Lilian Edwards (Law School), Luke Smith (Engineering), John Mace (Computing) and Rima Alaeedine (Computing). I've also done some with Carsten Maple (Warwick) within PETRAS on risk assessment for smart buildings. As part of this topic, I'm also involved in a Security work-package in the Active Building Centre, working with Sara Walker (Engineering) and Ricardo Czekster (Computing), as well as John Clark (Sheffield) and Walter Bassage (Sheffield). Finally, I'm leading a Security work-package in the e4Future project, working with Myriam Neaimeh (Engineering) and Roberto Metere (Computing) on vehicle-to-grid systems.

• Access Control, which was my PhD topic and on which I have had many collaborations over the years, including notably Nicola Zannone (TU Eindhoven) and Jason Crampton (Royal Holloway). Our initial paper on PTaCL has established a formal semantics for attribute-based access control (ABAC and introduced the problem of attribute hiding attacks (when an attacker gains access control privilege by hiding some attributes). We have recently developed a formal framework for the efficient evaluation of ABAC policies, with the collaboration of Tim Willemse. This framework uses Binary Decision Diagrams to make tractable the problem of evaluation policies with missing information.

• I've been involved with many modules for teaching Cyber Security in the School of Computing. I'm currently leading CSC3632 System and Network Security.

• Articles

  • Arnaboldi L, Czekster RM, Morisset C, Metere R. Modelling Load-Changing Attacks in Cyber-Physical Systems. Electronic Notes in Theoretical Computer Science 2020, 353, 39-60.
  • Morisset C, Willemse TAC, Zannone N. A framework for the extended evaluation of ABAC policies. Cybersecurity 2019, 2(1), 6.
  • Yevseyeva I, Morisset C, van Moorsel A. Modeling and analysis of influence power for information security decisions. Performance Evaluation 2016, 98, 36-51.
  • Mallios Y, Bauer L, Kaynar D, Martinelli F, Morisset C. Probabilistic cost enforcement of security policies. Journal of Computer Security 2015, 23(6), 759-787.
  • Yevseyeva I, Turland J, Morisset C, Coventry L, Gross T, van Moorsel A. Addressing consumerization of IT risks with nudging. International Journal of Information Systems and Project Management 2015, 3(3), 5-22.

• Book Chapters

  • Czekster RM, Morisset C, Moorsel A, Mace JC, Bassage WA, Clark JA. Cybersecurity Roadmap for Active Buildings. In: Vahidinasab V; Mohammadi-Ivatloo, B, ed. Active Building Energy Systems Operation and Control. Cham, Switzerland: Springer, 2022, pp.219-249.
  • Mace JC, Morisset C, van Moorsel A. Resiliency Variance in Workflows with Choice. In: A Fantechi and P Patrizio, ed. Software Engineering for Resilient Systems. Springer International, 2015, pp.128-143.
  • Mace JC, Morisset C, van Moorsel A. Impact of policy design on workflow resiliency computation time. In: J Campos and B.R Haverkort, ed. Quantitative Evaluation of Systems. Springer International, 2015, pp.244-259.

• Conference Proceedings (inc. Abstracts)

  • Taher R, Mehrnezhad M, Morisset C. "I feel spied on and I don't have any control over my data": User Privacy Perception, Preferences and Trade-offs in University Smart Buildings. In: Socio-Technical Aspects in Security, STAST2022. 2022, Copenhagen, Denmark: STAST, University of Luxemburg.
  • Mace JC, Czekster RM, Morisset C, Maple C. Smart Building Risk Assessment Case Study: Challenges, Deficiencies and Recommendations. In: 16th European Dependable Computing Conference (EDCC). 2020, Munich, Germany: IEEE.
  • Mace JC, Morisset C, Smith L. A Socio-Technical Ethical Process for Managing Access to Smart Building Data. In: Living in the Internet of Things: Realising the socioeconomic benefits of an interconnected world. 2019, London: IET.
  • Mace JC, Morisset C, Smith L. A socio-technical ethical process for managing access to smart building data. In: Living in the Internet of Things (IoT 2019). 2019, London: IET.
  • Morisset C, Sanchez D. VisABAC: A Tool for Visualising ABAC Policies. In: ICISSP 2018 - 4th International Conference on Information Systems Security and Privacy. 2018, Funchal, Maderia, Portugal: SciTePress.
  • Carmichael P, Morisset C. Learning Decision Trees from Synthetic Data Models for Human Security Behaviour. In: Software Engineering and Formal Methods (SEFM 2017). 2018, Trento, Italy: Springer Verlag.
  • Arnaboldi L, Morisset C. Generating synthetic data for real world detection of DoS attacks in the IoT. In: STAF: Federation of International Conferences on Software Technologies: Applications and Foundations. 2018, Toulouse, France: Springer.
  • Morisset C, Willemse TAC, Zannone N. Efficient extended ABAC evaluation. In: Proceedings of the 23rd ACM Symposium on Access Control Models and Technologies (SACMAT'18). 2018, Indianapolis, Indiana, USA: ACM.
  • Mansfield M, Morisset C, Gamble C, Mace JC, Pierce K, Fitzgerald J. Design Space Exploration for Secure Building Control. In: 16th Overture Workshop. 2018, Oxford University, UK.
  • Mace JC, Morisset C, Pierce K, Gamble C, Maple C, Fitzgerald J. A multi-modelling based approach to assessing the security of smart buildings. In: Living in the Internet of Things: Cybersecurity of the IoT. 2018, London, UK: Institution of Engineering and Technology.
  • Alrajeh O, Forshaw M, Thomas N. Machine Learning Models for Predicting Timely Virtual Machine Live Migration. In: 14th European Workshop on Performance Engineering (EPEW). 2017, Berlin, Germany: Springer Verlag.
  • Mace JC, Thekkummal N, Morisset C, Van Moorsel A. ADaCS: A Tool for Analysing Data Collection Strategies. In: 14th European Workshop on Performance Engineering (EPEW 2017). 2017, Berlin, Germany: Springer Verlag.
  • Mace JC, Thekkummal N, Morisset C, VanMoorsel A. ADaCS: A tool for Analysing Data Collection Strategies. In: 14th European Performance Engineering Workshop (EPEW 2017). 2017, Berlin, Germany: Springer.
  • Mace JC, Morisset C, van Moorsel A. WRAD: Tool Support for Workflow Resiliency Analysis and Design. In: 8th international workshop on Software Engineering for Resilient Systems (SERENE 2016). 2016, Gothenburg, Sweden: Springer International Publishing.
  • Crampton J, Morisset C, Zannone N. On Missing Attributes in Access Control: Non-deterministic and Probabilistic Attribute Retrieval. In: 20th ACM Symposium on Access Control Models and Technologies (SACMAT '15). 2015, Vienna: ACM.
  • Mace JC, Morisset C, van Moorsel A. Modelling user availability in workflow resiliency analysis. In: HotSoS '15 Symposium and Bootcamp on the Science of Security. 2015, Urbana-Champaign, IL, USA: ACM.
  • Mace JC, Morisset C, Van Moorsel A. Modelling user availability in workflow resiliency analysis. In: Proceedings of the 2015 Symposium and Bootcamp on the Science of Security, HotSoS '15. 2015, Urbana, Illinois, USA: Association for Computing Machinery.
  • Morisset C, Zannone N. Reduction of access control decisions. In: 19th ACM Symposium on Access Control Models and Technologies. 2014, Shanghai, China: ACM.
  • Mace JC, Morisset C, van Moorsel A. Quantitative Workflow Resiliency. In: 19th European Symposium on Research in Computer Security: Computer Security - ESORICS 2014. 2014, Wroclaw, Poland: Springer.
  • Ciancia V, Martinelli F, Ilaria M, Morisset C. Quantitative evaluation of enforcement strategies position paper. In: 6th International Symposium on Foundations and Practice of Security (FPS 2013). 2014, La Rochelle, France: Springer.
  • Iliasov A, Lopatkin I, Romanovsky A. Practical formal methods in railways - The SafeCap approach. In: 19th Ada-Europe International Conference on Reliable Software Technologies. 2014, Paris, France: Springer.
  • Satvat K, Forshaw M, Hao F, Toreini E. On the privacy of private browsing - A forensic approach. In: 8th International Workshop on Data Privacy Management and Autonomous Spontaneous Security (DPM 2013). 2014, Egham, UK: Springer.
  • Emmerich MTM, Deutz AH, Yevseyeva I. On reference point free weighted hypervolume indicators based on desirability functions and their probabilistic interpretation. In: CENTERIS 2014 / ProjMAN 2014 / HCIST 2014. 2014, Troia, Portugal: Elsevier BV.
  • Morisset C, Gross T, vanMoorsel A, Yevseyeva I. Nudging for Quantitative Access Control Systems. In: Second International Conference on Human Aspects of Information Security, Privacy, and Trust.Held as Part of HCI International 2014. 2014, Heraklion, Crete, Greece: Springer.
  • Morisset C, Gross T, van Moorsel A, Yevseyeva I. Nudging for quantitative access control systems. In: Second International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS 2014). 2014, Crete, Greece: Springer.
  • Crampton J, Morisset C. Monotonicity and Completeness in Attribute-Based Access Control. In: 10th International Workshop on Security and Trust Management (STM 2014). 2014, Wroclaw, Poland: Springer.
  • Crampton J, Morisset C. Monotonicity and completeness in attribute-based access control. In: 10th International Workshop on Security and Trust Management (STM 2014). 2014, Wroclaw, Poland: Springer Verlag.
  • Coopamootoo KPL, Gross T. Mental models for usable privacy: A position paper. In: Second International Conference on Human Aspects of Information Security, Privacy, and Trust (HAS 2014). 2014, Crete, Greece: Springer Verlag.
  • Sinmai K, Andras P. Mapping on surfaces: Supporting collaborative work using interactive tabletop. In: 20th International Conference on Collaboration and Technology (CRIWG 2014). 2014, Santiago, Chile: Springer Verlag.
  • Osorio C, Papagiannidis S. Main factors for joining new social networking sites. In: First International Conference on HCI in Business (HCIB 2014). 2014, Crete, Greece: Springer Verlag.
  • Modesti P. Efficient Java Code Generation of Security Protocols Specified in AnB/AnBx . In: 10th International Workshop on Security and Trust Management (STM). 2014, Switzerland: Springer, Cham.
  • Yevseyeva I, Morisset C, Turland J, Coventry L, Gross T, Laing C, van Moorsel A. Consumerisation of IT: Mitigating risky user actions and improving productivity with nudging. In: CENTERIS 2014: 6th Conference on ENTERprise Information Systems. 2014, Troia, Portugal: Elsevier BV.
  • Yevseyeva I, Morisset C, Turland J, Coventry L, Gross T, Laing C, van Moorsel A. Consumerisation of IT: Mitigating risky user actions and improving productivity with nudging. In: CENTERIS 2014 / ProjMAN 2014 / HCIST 2014. 2014, Troia, Portugal: Elsevier BV.
  • Freitas L, Jones CB, Velykis A, Whiteside I. A Model for Capturing and Replaying Proof Strategies. In: VSTTE 2014: Verified Software: Theories, Tools and Experiments. 2014, Vienna, Austria: Springer, Cham.
  • Morisset C, Yevseyeva I, Gross T, van Moorsel A. A Formal Model for Soft Enforcement: Influencing the Decision-Maker. In: 10th International Workshop on Security and Trust Management. 2014, Wroclaw, Poland: Springer.
  • Morisset C, Yevseyeva I, Gross T, van Moorsel A. A Formal Model for Soft Enforcement: Influencing the Decision-Maker. In: 10th International Workshop on Security Trust and Management (STM 2014). 2014, Wroclaw, Poland: Springer.
  • Morisset C, Yevseyeva I, Gross T, van Moorsel A. A formal model for soft enforcement: Influencing the decision-maker. In: STM 2014: Security and Trust Management. 2014, Wroclaw, Poland: Springer Verlag.
  • Yevseyeva I, Morisset C, Gross T, vanMoorsel A. A Decision Making Model of Influencing Behavior in Information Security. In: 11th European Workshop on Performance Evaluation, EPEW 2014. 2014, Florence, Italy: Springer.
  • Yevseyeva I, Morisset C, Gross T, Van Moorsel A. A Decision Making Model of Influencing Behavior in Information Security. In: EPEW 2014: Computer Performance Engineering. 2014, Florence, Italy: Springer, Cham.
  • Hao F. Verifiable classroom voting: Where cryptography meets pedagogy. In: Cambridge International Workshop on Security Protocols. 2013, Cambridge, UK: Springer Verlag.
  • Hao F, Clarke D, Shepherd C. Verifiable classroom voting: Where cryptography meets pedagogy. In: Cambridge International Workshop on Security Protocols. 2013, Cambridge, UK: Springer Verlag.
  • Dietrich D, Whiteside I, Aspinall D. Polar: A framework for proof refactoring. In: LPAR: International Conference on Logic for Programming Artificial Intelligence and Reasoning. 2013, Stellenbosch, South Africa: Springer.
  • Alsuhibany SA, Alonaizi A, Morisset C, Smith C, van Moorsel A. Experimental investigation in the impact on security of the release order of defensive algorithms. In: CD-ARES: International Conference on Availability, Reliability, and Security - 2013 Workshops. 2013, Regensburg, Germany: Springer.
  • Alsuhibany SA, Morisset C, Van Moorsel A. Detection of attack strategies. In: 2013 International Conference on Risks and Security of Internet and Systems, CRiSIS 2013. 2013, La Rochelle, France: IEEE Computer Society.

• Report

  • Ebrahimy R, Morisset C, Patsios H, Pourmirza Z. Report on Smart Energy Systems and Cyber Security. Newcastle upon Tyne: School of Computing, Newcastle University, 2018.