Skip to navigation Skip to content

Oxford University – Cyber Security Oxford

Menu

Creating of a safe, secure and prosperous cyberspace through internationally leading research and educational programmes

About
 

ACE Conference

We’re off to the ACE conference today: looking forward to seeing colleagues from across the country!

Ethics workshop @ Turing

We are hosting a workshop at the Alan Turing Institute on 24 May: “Towards Smarter Research Ethics in Data Science” (details here).

We are aiming to bring together people from academia, industry and major UK funding bodies (EPSRC, ESRC, Dstl, NCSC etc.) to talk about research ethics: not so much “what is ethical” but “what are the processes you have in place for making decisions about what research you will or will not do.”  Anecdotal evidence suggests most organisations are struggling to incorporate this into existing systems, so questions related to cyber security and data science are only being addressed piecemeal.  We’d like to see if maybe we could work together to develop something useful together.

 

Workshop: Cybersecurity and Internet Governance in perpetual motion

2 June 2017

13:15-16:00

Tony Hoare Room, Robert Hooke Building, Parks Road.

 

“Cybersecurity and Internet Governance in perpetual motion”

 

Cyber Security Oxford, in partnership with ICANN (the Internet Corporation for Assigned Names and Numbers), is pleased to invite you to a discussion around Cybersecurity and Internet Governance on Friday 2 June.

 

John Crain, Chief Security, Stability and Resiliency Officer for ICANN, the international body in charge of maintaining the Internet’s Domain Name System (DNS) will open the workshop with a short talk covering the latest developments and trends in the world of cybersecurity, and his perspective on the challenges ahead, both on the technical and on the policy sides.

 

He will be joined by other experts including Emily Taylor, co-chair of the global DNS Security & Stability Review, for a discussion and an exchange with the audience.

 

Expanding to wider considerations, ICANN’s Vice President Europe Jean-Jacques Sahel will kick off the second part of the workshop with a short talk on the latest evolutions in Internet Governance, from ICANN becoming independent from government oversight to the ongoing efforts to improve governance and accountability which are happening across the Internet ecosystem. He will be joined by the other key participants for a discussion of these issues with the audience.

 

Participants will be expected to join in actively in the discussion, so we look forward to seeing you!

 

Please register at https://goo.gl/forms/qZ24jmCyrcZWpZ1H2.

 

If you have any questions, please contact laurin.weissinger@nuffield.ox.ac.uk (academic content) or katherine.fletcher@cs.ox.ac.uk (logistics).

 

Oxford cyber security research is ACE!

NCSC-ACE-EPSRC logo

The University of Oxford has been recognised for a second time as an Academic Centre of Excellence in Cyber Security Research (ACE-CSR). Oxford is one of 14 universities recognised by the National Cyber Security Centre (NCSC) and the Engineering and Physical Sciences Research Council (EPSRC), based on review by a panel of experts.  This was announced by the Minister for the Cabinet Office, the Rt Hon. Ben Gummer MP, on 3rd April.

The University of Oxford was first recognised as an ACE-CSR in 2012.  In that first round, the work of ten academics was included; but since then the activity in Cyber Security at Oxford has grown and developed so that nineteen were in the recent submission.

Professor Andrew Martin, who is the lead for the ACE-CSR in Oxford, said: “In Oxford we have embraced an inter-disciplinary approach to Cyber Security.  Our research network is centred on Computer Science, but embraces many in the social sciences, including the Department of Politics and International Relations, the Oxford Internet Institute, and the Saïd Business School.  Many perspectives are needed if we are to make progress in solving Cyber Security problems.”

The Centre of Excellence gives the University a great platform from which to engage with the world beyond academia:  a variety of Cyber Security research projects are engaged with industrial, government and civil society partners (see e.g. https://oxfordcyber1.wpengine.com/research/projects). Two of our experts received Oxford Impact Awards in 2017: Professor Ivan Martinovic for his research into the security and privacy aspects of the communications technologies used in air traffic control and surveillance in civil aviation, and Professor Cas Cremers for his work on the Transport Layer Security Protocol, which has led to significant improvements in the next generation of internet security.  In 2016 Professor Bill Roscoe was given a lifetime award for external engagement and promoting impact of his pioneering work applying formal verification tools in industry.

There are a number of large initiatives within the University that contribute to the Cyber Security Oxford network: the EPSRC/DCMS-funded Centre for Doctoral Training in Cyber Security, the EU-funded Cyber Studies Programme in the Department of Politics and International Relations and the Global Cyber Security Capacity Centre, funded by the UK Foreign Office, and the Governments of Norway and the Netherlands.  Oxford Cyber Security researchers are also involved with national flagship projects like the PETRAS Internet of Things hub and the Alan Turing Institute.  Cyber Security research in the University spans topics as diverse as cryptography, wireless security, formal verification, situational awareness and analytics, online identity, and understanding how countries and communities interact with (and through) technology.

Minister for the Cabinet Office Ben Gummer said:

“Britain has to stay one step ahead of the often invisible cyber wars taking place on our networks, in our homes, and across our infrastructure.

“We can only do that with truly ground-breaking research. It is critical that the entire UK maintains its strength in this area, from London to Lancaster and from Belfast to Edinburgh.”

A Digital Wildfire we’re happy to spread

Today, a new report is out from the House of Lords Communications Committee, on which Marina Jirotka was an advisor: “Growing up with the internet

This morning, Baroness Beeban Kidron gave a great interview on the Today programme, where she namechecked the Digital Wildfires project led in Oxford by Professor Jirotka.

Listen here to the interview (scrub to 1h20 minutes in).

Read a BBC News summary of the report here.

See also this news story on the Department of Computer Science website.

Novae and the University of Oxford’s white paper highlights deficiencies in cybersecurity controls

The white paper, entitled ‘The Relative Effectiveness of widely used Risk Controls and the Real Value of Compliance’, was launched at The Old Library, Lloyd’s of London, on 21 February.

The paper discusses the findings of the second phase of a collaborative research programme, sponsored and funded by Novae Group, which draws upon the expertise of academics at the University of Oxford both in the Department of Computer Science (Professor Sadie Creese, Professor Michael Goldsmith, Dr Ioannis Agrafiotis and Dr Jason R.C. Nurse) and at the Saïd Business School (Professor David Upton).

Professor Sadie Creese commented: “Instead of simply working to comply with standards, organisations must look carefully at the vulnerabilities inherent in the assets that they want to protect. Cyber-attackers are creative and aggressive. Both the changing threat and the attack-surface of an organization must be modelled in order to ensure that cyber-controls offer adequate protection from harm.”

Training: the Modern Information Society

The Cyber Studies Programme is holding its third training session on the Modern Information Society on April 22-24, 2016, at Tallinn University of Technology in Estonia. The theme of the three-day course will be: “The State and Citizens in the Cyber Age: Security, Diplomacy, and Public Policy”. While specifically designed for university students working in non-technical fields such as the political and social sciences, the course will also engage with a wider audience from both industry and government.  See http://egov.ee/oxford2 for details.

​Dr Lucas Kello, Senior Lecturer in International Relations and Programme Director, serves as faculty chair of the training sessions. The Oxford teaching staff also includes Dr Ivan Martinovic from the Department of Computer Science and Jamie Collier, a DPhil candidate in Cyber Security.

See Ivan’s new Working Paper for the Cyber Studies Programme here.  Jamie has also been live-tweeting the event @jscollierCSR, #OxfordCyberAge.

Security and Privacy Impacts of a Unique Personal Identifier

The Cyber Studies Programme has just produced a new Working Paper, as part of burgeoning collaborations with the Department of Computer Science: Security and Privacy Impacts of a Unique Personal Identifier, by Andrew Martin and Ivan Martinovic

National Identity Schemes are highly complex socio-technical systems in which many competing requirements from diverse stakeholders must be balanced. From a technical systems perspective, we review the objectives of such schemes, along with the resulting requirements, particularly the strong need to ensure appropriate levels of privacy and security. These objectives and requirements are addressed within the context of the broad range of threats against the system. Considering available technologies and ideas, we explore the design choices that must therefore be made in designing such a scheme and illustrate these choices by discussing a number of existing identity schemes. The Estonian scheme is considered in a greater level of detail, evaluating it against the requirements and design choices of other nations as well as drawing on empirical data where possible to explore whether the issues of theoretical or hypothetical importance emerge as realistic concerns in a large deployed system.

Download a copy from http://www.politics.ox.ac.uk/publications/security-and-privacy-impacts-of-a-unique-personal-identifier.html