The Department of Computer Science and Engineering (CSE) at Qatar University is proud to highlight a significant research achievement by its faculty members Dr. Khaled Khan and Dr. Noora Fetais and their team, who have been awarded a U.S. patent for their innovative work in cloud security systems.
The patented work, titled “Quantifying Satisfaction of Security Features of Cloud Software Systems,” has been granted under Patent No. US 12579277 B2 (2026). This achievement reflects the department’s continued commitment to impactful research and innovation at the intersection of cybersecurity, software engineering, and advanced computational methods.
The invention is the result of a collaborative effort with Dr. Armstrong Nhlabatsi from the KINDI Research Centre, further demonstrating interdisciplinary collaboration within Qatar University.
This patented research introduces a novel approach to evaluating the effectiveness of security countermeasures in cloud software systems. Traditionally, the satisfaction of security requirements has been expressed using binary Boolean values—either satisfied (true) or not satisfied (false). However, such a simplistic representation often fails to capture the complexity and nuanced nature of real-world security systems. To address this limitation, the research team developed a method that quantifies the satisfaction of security features on a continuous scale ranging from 0.0 to 1.0. Drawing inspiration from financial systems and economic modeling, the proposed approach considers multiple interacting factors, including defense strength, system vulnerabilities, exploitability, and attack severity. Furthermore, the research extends the concept of entailment relationships—commonly used in requirements engineering—to the domain of security satisfiability. This enables a more sophisticated and mathematically grounded representation of how security requirements are fulfilled in complex systems. The patented method establishes an algebraic relationship that models the satisfaction of a security requirement as a function of both defensive mechanisms and potential attack vectors. This allows security administrators to make precise, data-driven decisions regarding the adjustment of security countermeasures. As a result, organizations can achieve optimal security configurations while avoiding unnecessary costs associated with over-engineering or ineffective implementations.
By moving beyond binary evaluation methods, this innovation provides a more accurate, flexible, and actionable framework for managing cloud security. It represents a significant advancement in the field and has strong potential for real-world application in securing modern software systems.
For more details about the patent, please visit:
https://patents.google.com/patent/US12579277B2/en