Mohsin Khan

Security Architectures for IoT and Distributed Systems

Systems Security and Applied Security Research

I design resilient security for distributed systems.

Cybersecurity architect and researcher focused on trust architectures, vulnerability operations, and detection engineering across distributed systems.

Trusted Domains of Work

Last reviewed: February 22, 2026

IEEE Access / IEEE FMEC / NordSec Springer / LNCS / SECRYPT IoT and Lightweight Crypto Distributed Systems Security and Resilience SOC / Vulnerability / Incident Response IAM / Zero Trust / Security Architecture

CV Snapshot

Concise highlights from research, engineering, and credentials.

Security Engineering Impact

  • PhD Research Fellow, UiT (2021-2025): designed Zero Trust and IAM security architectures for distributed IoT and cloud systems.
  • Built a benchmarking and taxonomy framework for ~130 lightweight cryptographic primitives on constrained platforms.
  • Data Engineer, Blackbuck Insight (2021): migrated data pipelines to AWS with IAM controls and security-focused monitoring.

Education and Credentials

  • PhD in Cybersecurity, UiT - The Arctic University of Norway.
  • MBA in Operations Management, Indira Gandhi National Open University.
  • M.Tech in Computer Science and Engineering, Central University of Jammu.
  • 2025 credentials: IBM security tracks, Qualys VMDR, and Deloitte Cyber Job Simulation.

Research and System Design

BlockCap - Blockchain Capability Authorization for IoT

Challenge: Secure authorization for constrained IoT nodes while preserving auditability across distributed trust boundaries.

Approach: Implemented blockchain-governed token lifecycle controls and enforced least privilege with threat-model-driven policy rules.

Outcome: Delivered verifiable access decisions, stronger accountability, and practical governance for distributed IoT communication.

Smart-contract authorization layer Token lifecycle governance Threat-model-based policy design

Security Benchmarking

Lightweight Hash Benchmarking with ChipWhisperer

Challenge: Generate practical evidence for selecting cryptographic primitives on deeply constrained embedded IoT platforms.

Approach: Benchmarked lightweight hash candidates on AVR using reproducible measurement workflows and comparative evaluation criteria.

Outcome: Produced a decision-ready reference balancing security strength, performance cost, and deployment feasibility.

130+ primitives benchmarked Reproducible AVR pipeline Security-performance trade-off matrix

Industry Security Ops

Datacom Cyber Security Operations Simulation

Challenge: Assess a ransomware scenario and produce defensible risk decisions across technical and business contexts.

Approach: Mapped attack evidence, quantified impact, prioritized risks, and translated findings into operational control actions.

Outcome: Demonstrated SOC-ready triage, clear stakeholder communication, and actionable response planning for operations.

Ransomware impact analysis Risk-prioritization workflow Executive decision reporting

Model Threats

Define assets, adversaries, and trust boundaries.

Prioritize Risks

Rank attack paths by likelihood and impact.

Design Controls

Map risks to least-privilege and segmented architecture.

Implement + Detect

Deploy controls with telemetry, detections, and runbooks.

Validate + Improve

Test outcomes, tune decisions, and iterate continuously.

Open to Security Engineering and Research Collaboration

I collaborate on applied cybersecurity research, architecture reviews, and security engineering initiatives where distributed systems and real-world threat models matter.

Featured Research

Performance Evaluation of Lightweight Cryptographic Ciphers on ARM Processor for IoT Deployments (SciSec, Springer LNCS 15441, 2024).