Log in
Professor Sasse created, developed and delivered the user-centric perspective that now underpins security thinking in both corporate and public-sector domains. This perspective shaped the UK government's Identity Assurance Programme (IDAP), a federated identity solution that will provide access to all e-government services in the UK. HP has incorporated the compliance budget model into its Security Analytics product, which enables companies to calculate the impact of a given security mechanism on individual and corporate productivity. Sasse's work also underpins new and improved security products, including First Cyber Security's SOLID and Safe Shop Window tools, which protects over 70% of UK online shopping revenue; GrIDSure's one-time PIN system (now part of the SafeNet Authentication Service); and iProov's authentication service.
Work conducted at UEL in the area of secure software systems engineering has had impacts on both the private and public sectors, in the UK and abroad. Through its application to financial pre-employment screening it has enabled an award-winning UK company to improve its security processes and become a world leader with respect to secure systems in their sector. This has, in turn, allowed the company to develop a competitive advantage in the market and attract more and larger multinational clients. In the public service sector our work has enabled a Greek governmental department — the National Gazette — to analyse the security implications of fully automating their processes and identify security mechanisms that enhance the security of their new systems. This has improved their service delivery, with significant impacts on Greek society.
The Network & Information Security Technology Lab (NISTL) at Liverpool John Moores University (LJMU) conducts research in securing networked systems against the growing threat of cyber crime. The research has generated a correlated set of new security protocols, novel system composition methods and efficient digital forensic analysis schemes for more effective layered security protection. Their main impacts for the period 01/2008 - 07/2013 are highlighted below:
In addition to the above direct impacts, our work is also beneficial to other organisations and even the general public, as they all require security techniques for information protection.
This case study highlights the research at Plymouth University into the development of a specialist security thread in banknotes which has been commissioned and adopted by De La Rue, the world's largest commercial currency printer and papermaker. The system has provided quality assurance for over five billion banknotes, including the Euro, and improved the performance of a worldwide business through the introduction of new technology. Potential future losses through counterfeit have been mitigated by the improved quality assurance systems.
Terrestrial Trunked Radio (TETRA) is a very well known, international specification for secure mobile radio and `walkie-talkie' communication, that is extensively used and relied upon by emergency and public safety services such as police, ambulance and fire services, as well as governmental and private bodies. The European Telecommunications Standards Institute (ETSI) began standardising TETRA in the 1990s and it is now widely used throughout the world. Foundations of its success include resilience and reliability, but security is a major feature, being underpinned by expert cryptographic design. In particular the authentication and key generation mechanisms in TETRA rely on a block cipher (HURDLE) which was designed by a team of cryptographers at Royal Holloway.
The work carried out at Royal Holloway underpins the integrity and security of TETRA safety- critical networks throughout the world to the present day. A secure design for emergency service communications minimises both the amount of disruption criminals can cause to service operations, and the amount of operational information such criminals can glean from eavesdropping, contributing to the safety and security of society as a whole as well as the economic benefits to manufacturers of TETRA-based equipment.
Research examining the vulnerabilities in electronic payment systems conducted by Professor Ross Anderson and his research team at the University of Cambridge since 1995 has had profound impact on the current generation of payment systems. Research outcomes have (i) led existing businesses to redesign application programming interfaces (APIs) used by hardware security modules; (ii) created a new company, Cronto; (iii) convinced authorities to review certification systems so that products are more secure; and (iv) fuelled public awareness of, and discourse about, the security of electronic payment systems.
By default, Internet traffic is vulnerable to eavesdropping and modification. TLS is a protocol that has become the de facto method for securing application-layer messages. TLS is implemented in all major web browsers and servers and is used daily by hundreds of millions of people for applications such as e-commerce, social networking and Internet banking. Royal Holloway researchers identified flaws in the way in which TLS encrypts data, resulting in practical attacks that compromised the security goals of TLS. The researchers also helped major vendors, such as Google, Microsoft and Oracle, to assess and develop countermeasures to the attacks.
Professor Mary Kaldor convened a study group that proposed a new human security doctrine for the European Union at the request of its High Representative for Common Foreign and Security Policy. This doctrine defined a new approach for EU involvement in situations requiring a security and defence response, with special attention to conflict and disaster in developing countries. It has influenced security and defence policy at the EU and country member levels, and has proved to dramatically reduce violence and contribute to peacekeeping efforts and a return to civil society when applied in conflict-ridden contexts such as Chad, Somalia, Iraq and Libya.
This case study refers to the REF-period impact achieved by Michael J. Williams, who joined the Unit in 2008. His research comprises a number of projects that bring new understandings of risk to bear on the evolution and development of the North Atlantic Treaty Organization (NATO) since 1949, the conceptualization of security in the post-9/11 world and NATO's role in promoting security in the transatlantic area via `out of area' missions such as the International Security Assistance Force (ISAF) in Afghanistan. Williams combined advisory roles and a strong public profile developed over the period to bring his research to politicians, policymakers and publics both nationally and internationally, engagements that supported the achievement of non-academic impacts of his work. His research has informed the thinking of policy-makers, military officials, international organizations and development actors dealing with security and development, contributed to policy formation at national and international levels, and raised public awareness of the difficulties of policy coordination in conflict and development initiatives.
Cyber security and situational awareness research has impacted organisations' strategy, policy and practice. Impact was delivered through nuWARP (Northumbria University Warning, Advice and Reporting Point) registered as part of the UK Government's Centre for the Protection of National Infrastructure. International impact: direct contribution to EU Cyber Security Strategy; improved practices at the Nigerian Economic and Financial Crimes Commission; redeveloped business model at Star Spreads (online gambling company) leading to safer practices for customers. National impact: contributed to improved business models and policies in SMEs (Washington Metalworks, Shared Interest, SRM Ltd), which have improved data security and online practice.