Log in
The Network & Information Security Technology Lab (NISTL) at Liverpool John Moores University (LJMU) conducts research in securing networked systems against the growing threat of cyber crime. The research has generated a correlated set of new security protocols, novel system composition methods and efficient digital forensic analysis schemes for more effective layered security protection. Their main impacts for the period 01/2008 - 07/2013 are highlighted below:
In addition to the above direct impacts, our work is also beneficial to other organisations and even the general public, as they all require security techniques for information protection.
Professor Ross Anderson's (University of Cambridge) research in security economics has had considerable impact on public policy and industry practice. Through two reports for ENISA, his work has directly influenced European Commission policy on combatting cyber-crime and on protecting the internet infrastructure. Through his membership of a Blackett Review and appearances before parliamentary committees, he has influenced UK government policy on cyber- security. Personally, and through the positions to which members his research team have moved, his research has influenced a range of organisations, including the US government, the European Union, Google, and Microsoft.
By default, Internet traffic is vulnerable to eavesdropping and modification. TLS is a protocol that has become the de facto method for securing application-layer messages. TLS is implemented in all major web browsers and servers and is used daily by hundreds of millions of people for applications such as e-commerce, social networking and Internet banking. Royal Holloway researchers identified flaws in the way in which TLS encrypts data, resulting in practical attacks that compromised the security goals of TLS. The researchers also helped major vendors, such as Google, Microsoft and Oracle, to assess and develop countermeasures to the attacks.
The development of any substantial security system is informed by international standards. In particular, system designers refer to these standards when deciding which cryptographic primitives and what key sizes to use. Thus it is essential that the guidelines and best practice published in standards are accurate and robust. Of the official standards bodies concerned with security, the most influential is ISO. Prof. Chris Mitchell has been a UK representative expert to ISO since 1992. His research has led to a number of important amendments to ISO standards and he has played a major role in drafting (and maintaining) those standards.
This case study highlights the research at Plymouth University into the development of a specialist security thread in banknotes which has been commissioned and adopted by De La Rue, the world's largest commercial currency printer and papermaker. The system has provided quality assurance for over five billion banknotes, including the Euro, and improved the performance of a worldwide business through the introduction of new technology. Potential future losses through counterfeit have been mitigated by the improved quality assurance systems.
Cyber security and situational awareness research has impacted organisations' strategy, policy and practice. Impact was delivered through nuWARP (Northumbria University Warning, Advice and Reporting Point) registered as part of the UK Government's Centre for the Protection of National Infrastructure. International impact: direct contribution to EU Cyber Security Strategy; improved practices at the Nigerian Economic and Financial Crimes Commission; redeveloped business model at Star Spreads (online gambling company) leading to safer practices for customers. National impact: contributed to improved business models and policies in SMEs (Washington Metalworks, Shared Interest, SRM Ltd), which have improved data security and online practice.
Terrestrial Trunked Radio (TETRA) is a very well known, international specification for secure mobile radio and `walkie-talkie' communication, that is extensively used and relied upon by emergency and public safety services such as police, ambulance and fire services, as well as governmental and private bodies. The European Telecommunications Standards Institute (ETSI) began standardising TETRA in the 1990s and it is now widely used throughout the world. Foundations of its success include resilience and reliability, but security is a major feature, being underpinned by expert cryptographic design. In particular the authentication and key generation mechanisms in TETRA rely on a block cipher (HURDLE) which was designed by a team of cryptographers at Royal Holloway.
The work carried out at Royal Holloway underpins the integrity and security of TETRA safety- critical networks throughout the world to the present day. A secure design for emergency service communications minimises both the amount of disruption criminals can cause to service operations, and the amount of operational information such criminals can glean from eavesdropping, contributing to the safety and security of society as a whole as well as the economic benefits to manufacturers of TETRA-based equipment.
The commercialisation of Quantum Cascade Lasers (QCL) and the associated novel fabrication processes developed at the University of Glasgow has provided Compound Semiconductor Technologies Global Ltd (CSTG) with a new foundry product supplying quantum cascade lasers for gas sensing, safety and security, and military applications. This resulted in 40% turnover growth from 2010-2012 and the company is now recognised as a global leader in QCLs and their fabrication. Based on University of Glasgow research, the company has created a manufacturing toolbox for the production of a wide variety of QCL chip designs. CSTG has also achieved a world first, manufacturing QCLs for systems that detect explosives at a safe distance and can counter heat-seeking missile attacks on aircraft.
Pioneering research into Inductive Logic Programming in the UOA led to the creation of Secerno Ltd. From 2008 Secerno attracted investment of approximately $20m and successfully released several updated versions of its product DataWall, based on this Oxford research. In May 2010 Oracle Corporation bought Secerno specifically to gain access to this technology, which now forms a core part of Oracle's database protection and compliance products. Oracle continues to develop the software, which is used across the globe by public entities and private companies to protect databases from internal and external attack and to ensure that they comply with relevant legislation. Customers include major businesses such as T-Mobile, which uses Database Firewall to protect 35 million users.
Work conducted at UEL in the area of secure software systems engineering has had impacts on both the private and public sectors, in the UK and abroad. Through its application to financial pre-employment screening it has enabled an award-winning UK company to improve its security processes and become a world leader with respect to secure systems in their sector. This has, in turn, allowed the company to develop a competitive advantage in the market and attract more and larger multinational clients. In the public service sector our work has enabled a Greek governmental department — the National Gazette — to analyse the security implications of fully automating their processes and identify security mechanisms that enhance the security of their new systems. This has improved their service delivery, with significant impacts on Greek society.