Adrian (Shuai) Li

Address: The Lawson Computer Science Building
IPA for my first name: [ʂu̯aɪ̯]

I am a Ph.D. student in computer science at Purdue University. Previously, I obtained my Master's in computer science at University of Calgary, where I was fortunate to be advised by Professor Rei Safavi-Naini . I did my undergraduate studies at Wuhan University.

I am interested in identity management, IoT S&P and distributed system authorization.


A Capability-based System to Enforce Context-aware Permission Sequence
  • Shuai Li
  • Master's thesis, University of Calgary, January 2020
Secure Logging with Security against Adaptive Crash Attack
  • Sepideh Avizheh, Reihaneh Safavi-Naini, Shuai Li
  • The 12th International Symposium on Foundations & Practice of Security (FPS 2019), October 2019
Towards a Resilient Smart Home
  • Tam Thanh Doan, Reihaneh Safavi-Naini, Shuai Li, Sepideh Avizheh, Muni Venkateswarlu K.,Philip W. L. Fong
  • ACM SIGCOMM 2018 Workshop on IoT Security and Privacy (IoT S&P), August 2018
  • Best Paper Award


Griffin System

We proposed a capability-based system that provides efficient refined (conditional) access to resources. It allows a sequence of permissions to be enforced, each with their own specific context. We further proved the safety property of the system for these conditions, then showed how it could be incorporated in the OAuth framework. We also developed Griffin, which is an implementation of this system. We implemented Griffin with ABAC access control model and various HTTP back-end techniques (node.js, Express, MongoDB), and evaluated the performance with naive OAuth framework. To achieve high usability, Griffin provides two reusable components, an authorization server and a Middleware. The authorization server is a reusable, policy-content independent which can be easily configured to different application scenarios (e.g., Payment, Health Care). The Middleware can be added into any resource server restful API to enable Griffin compliant resource server. The developers only need to focus on writing codes for their specific resource server service functionality without dealing with policy enforcement.

* More details of the theoretical work will be released soon.


We considered an insider adaptive adversary who can see the file content as new log operations are performed. This is a powerful adversary who can attempt to rewind the system to a past state. We showed that existing secure logging schemes are insecure in this setting. We proposed a novel mechanism that, in its basic form, uses a pair of keys that evolve at different rates, and employed this mechanism in an existing logging scheme (SLiC) that has forward integrity to obtain a system with provable security against adaptive crash attack. We implemented our scheme on a desktop computer and a Raspberry Pi, and showed in addition to higher security, a significant efficiency gain over SLiC logging scheme. We developed a Python event logging and log file recovery tool based on the proposed mechanism, which can be found here.



Principles of Computer Security [CPSC 525]
Teaching Asistant, University of Calgary, Winter 2019
Information Theory and Security [CPSC 530]
Teaching Asistant, University of Calgary, Fall 2018
Explorations in Information Security and Privacy [CPSC 329]
Teaching Asistant, University of Calgary, Winter 2018
Introduction to Problem Solving using Application Software [CPSC 203]
Teaching Asistant, University of Calgary, Fall 2017

University Service

Vice President Communication of Computer Science Graduate Society, University of Calgary, May 2018 -present.

Local Arrangement Co-Chair of the SecRETs2018, May 2018