Mahmoud Abdelgawad

PhD Student, Computer Science
Colorado State University

About

My current research focuses on NIST Next Generation Access Control (NGAC). I am investigating several issues related to policy extraction from natural language and legacy systems, policy engineering (mining and optimization), policy evaluation, and policy migration. I am working under the supervision of Professor Indrakshi Ray and collaborating with amazing colleagues at Ray's Cyber Research Lab, Department of Computer Science, Colorado State University. Our objective is to find practical solutions and develop methods and tools that align with modern access control models across various platforms and dynamic environments. If you are interested, please join us. There is much work to be done!!!

Email: m.abdelgawad@colostate.edu
Computer Science Department
Colorado State University
Fort Collins, CO 80523

Education

Ph.D. in Computer Science (Cybersecurity focus) — Colorado State University (Current)

M.S. in Computer Science (Cybersecurity focus) — Colorado State University (2025)

M.S. in Computer Science (Software Engineering focus) — Libyan Academia (2006)

B.S. in Computer Science — Benghazi University (1998)

Interests

Areas I have worked in: Software Testing, Formal Methods, Security Analysis, Access Control
Techniques I have used: Automata, Model Checking, Theorem Proving, Large Language Models (LLMs)
Domains I have contributed to: Robotics, Cyber-Physical Systems (CPS), Security Systems, Mission-Critical Systems, Research Collaborative Infrastructures (RCI), Android Security

Selected Publications

Journals:

Correctness and Security Analysis of the Protection In Transit (PIT) Protocol. Journal of Systems and Software, 2025.
Model‑based Testing of a Real‑time Adaptive Motion Planning System. Advanced Robotics, 2017.

Conferences:

Access Control Policies Specification and Analysis for Multi-Institutional Collaborative Projects. IEEE 11th International Conference on Collaboration and Internet Computing (CIC), 2025.
Securing Android Inter-Process Communication (IPC) Using NGAC. IEEE 22nd Annual International Conference on Privacy, Security and Trust (PST), 2025.
Safety Analysis in the NGAC Model. 30th ACM Symposium on Access Control Models and Technologies (SACMAT), 2025.
Securing Virtual Reality Apps Inter‑process Communication. International Conference on Information Systems Security and Privacy (ICISSP), 2025.
Methodology for Resiliency Analysis of Mission‑Critical Systems. ACM/SIGAPP Symposium on Applied Computing (SAC), 2024.
Assets Criticality Assessment of Industrial Control Systems: A Wind Farm Case Study. IEEE International Conference on Software Quality, Reliability and Security (QRS), 2024.
Synthesizing and Analyzing Attribute‑Based Access Control Model Generated from Natural Language Policy Statements. 28th ACM Symposium on Access Control Models and Technologies (SACMAT), 2023.
Security Hardening of Industrial Control Systems through Attribute‑Based Access Control. Annual Computer Security Applications Conference (ACSAC), 2023.
Model‑based Testing of Real‑time Adaptive Motion Planning. IEEE Conference on Simulation, Modeling, and Programming for Autonomous Robots (SIMPAR), 2016.

See full list on Google Scholar.

Awards & Honors

Best Paper Runner-up Award — 30th ACM Symposium on Access Control Models and Technologies (SACMAT 2025)
Best Paper Award — IEEE Int'l Conference on Simulation, Modeling, and Programming for Autonomous Robots (SIMPAR 2016)

Funding (Awards & Grants)

I gratefully acknowledge the support of the following agencies and institutions:

NSF IUCRC — National Science Foundation Industry — University Cooperative Research Centers
NIST — National Institute of Standards and Technology
American Megatrends Inc.
Cyber Risk Research Inc.
Colorado State University
State of Colorado

You can find details about the funded projects on my ORCID page.