Academic Experts
From Blindside
This is a list of the key information assurance academic experts working on the threats identified in this wiki. It has a bias towards UK academics and those involved in research with a public policy component.
[edit] Ross Anderson
Prof. Ross Anderson is professor of security engineering at Cambridge University. He has led research across the information assurance spectrum, including defining work on security economics, the safety and privacy of goverment databases on children, ATM fraud, Tempest, security in clinical information systems and many other areas. He's founder and chair of the Foundation for Information Policy Reseach, a virtual think tank on issues about IT and society.
[edit] James Backhouse
Dr. James Backhouse is director of the Information Systems Integrity group at the London School of Economics. He is currently researching the modelling of risk in public key infrastructures, financial regulation and money laundering. This has included publications on a market approach to the rating of Certification Authorities and suspicious transaction reporting in Mexico. Backhouse was also signatory to an open letter to the Health Select Committee highlighting problems with the NHS National Programme for IT.
[edit] Steve Bellovin
Prof. Steve Bellovin is a distinguished network security researcher at Columbia University and winner of the 2007 NIST/NSA National Computer Systems Security Award. He co-authored the book Firewalls and Internet Security: Repelling the Wily Hacker and many technical articles such as Virtual Machines, Virtual Security and A Clean-Slate Design for the Next-Generation Secure Internet. Bellovin was IETF security area co-director from 2002-2004 and a member of the Science and Technology Advisory Committee of the Department of Homeland Security from 2005-2006.
[edit] Mike Bond
Dr. Mike Bond was until recently a researcher at Cambridge University, where he successfully attacked a range of secure processors used in ATMs and showed how PINs could be obtained from supposedly secure chip and PIN terminals.
[edit] Caspar Bowden
Caspar Bowden is Chief Privacy Advisor for Microsoft EMEA. He was formerly Director of the Foundation for Information Policy Research (1998-2002). He is a specialist in data protection policy, privacy enhancing technology research, identity management and authentication.
[edit] Stefan Brands
Dr. Stefan Brands is the founder and president of Credentica, a Montreal-based startup that delivers innovative software products for digital identity and access management. Stefan is an Adjunct Professor in modern cryptology at McGill's School of Computer Science, in which capacity he co-supervises M.Sc. and PhD students researching identity and privacy. He is also a principal member of two academic consortiums investigating identity and privacy: On The Identity Trail and ADAPID. Stefan has served on the external advisory committee of the Federal Privacy Commissioner of Canada and has authored a book on secure authentication published by The MIT Press. Stefan maintains a personal blog on identity and privacy.
[edit] Bob Briscoe
Bob Briscoe is Chief Researcher in BT's Networks Research Centre, where he focuses on reducing denial of service attacks and related Internet architecture issues. Recent publications include Using Self-Interest to Prevent Malice and an introduction to multicast source authentication.
[edit] Ian Brown
Dr. Ian Brown is a senior research fellow at University College London's Department of Computer Science. He runs the Communications Research Network's Critical Infrastructure Protection working group. Brown's recent publications include work on the security problems of remote voting (including postal voting), global anti-circumvention law, the safety of government databases on children and law enforcement use of personal data. He is also researching the security and privacy of clinical information systems with the Clinical E-science Framework project.
[edit] Kim Cameron
Kim Cameron is Identity Architect at Microsoft Corporation, and the author of Identity Blog. His seven laws of identity have been highly influential in the development of identification and authorisation technology, including the CardSpace digital identity system that is likely to become a key part of online interaction due to its gradual integration into the Windows operating system.
[edit] David Chaum
Dr. David Chaum is one of the world's most distinguished cryptographers, well-known for his work on inventing anonymous electronic cash and numerous other privacy-protective cryptographic protocols. More recently he has worked on cryptographically assured elections.
[edit] Richard Clayton
Dr. Richard Clayton is a research associate at Cambridge University and a long-time consultant to the Internet industry. He has recently worked on weaknesses in the Great Firewall of China, complexities in criminalising DoS attacks and problems with BT's net censorship system Cleanfeed.
[edit] Brian Collins
Prof. Brian Collins is deputy principal of Cranfield University's information systems department and vice president of the British Computer Society. He was previously director of science and technology at GCHQ. His main research interests are in the design and engineering of dependable information systems. He advised the DTI's cybertrust foresight project and the Home Affairs Select Committee on identity cards.
[edit] George Danezis
Dr. George Danezis is a postdoctoral visiting fellow at K.U. Leuven where he work on privacy, anonymity and traffic analysis. His recent publications include an introduction to traffic analysis and the economics of mass surveillance.
[edit] John Daugman
Dr. John Daugman is a lecturer at Cambridge University Computer Laboratory and the key developer of iris biometrics. He has published a wide range of research on iris recognition and its statistical properties.
[edit] Simon Davies
Simon Davies is a visiting fellow in the London School of Economics Information Systems and Innovation Group and director of Privacy International. He was project mentor for the LSE's Identity Project and has written numerous newspaper articles and books on the impact of technology on society.
[edit] Yvo Desmedt
Prof. Yvo Desmedt is BT Chair of Information Security at University College London. His research interests include cryptography, computer and network security. Recent publications include methods to find critical infrastructure vulnerablities and vulnerabilities of public-key infrastructures.
[edit] Itiel Dror
Dr. Itiel Dror is a cognitive neuroscientist at Southampton University. He carries out research into biometrics, particularly fingerprint and facial recognition, and has recently published articles on why experts make errors and the impact of emotion on fingerprint recognition.
[edit] Mel Dubnick
Mel Dubnick is Professor of Political Science and directs the public administration program at the University of New Hampshire (US). He is also a former full-time and now intermittent affiliate with the Institute of Governance at Queen's University, Belfast. He claims to be an e-government skeptic and curmudgeon, but open to conversion.
[edit] Lilian Edwards
Prof. Lilian Edwards is chair of Internet Law at Southampton University and co-director of the AHRC Centre for IP and Technology Law at Edinburgh University. She has published extensively on privacy in e-commerce, zombies and intermediary liability.
[edit] Ben Fairweather
Dr. Ben Fairweather carried out research on the UK 2003 e-voting trials as a research fellow at De Montfort University's Centre for Computing and Social Responsibility.
[edit] Ed Felten
Prof. Ed Felten is director of the Center for Information Technology Policy at Princeton University. He is well-known for his research into operating systems, Java security and Digital Rights Management systems. He writes the popular Freedom To Tinker blog. Felten was a lead expert witness in the antitrust case against Microsoft, and famously threatened with legal action by the record industry after breaking their candidate secure digital music systems.
[edit] Dan Geer
Dr. Dan Geer is a leading security researcher who has worked at Harvard University, MIT and a number of technology start-ups. He has written influential articles on the problems of operating system monopolies, risk management and a range of other topics.
[edit] Brian Gladman
Dr. Brian Gladman is a retired senior scientist at the Ministry of Defence and NATO, where he ran numerous high-profile security projects. Since the 1980s he has been deeply involved from inside and outside government in the development of public policy on cryptography, and in reducing the privacy and security risks of new technology. His recent publications include work on key escrow, liability and digital signatures and cryptography export controls.
[edit] Peter Gutmann
Dr. Peter Gutmann is a researcher at the University of Auckland, where he investigates and fixes a wide range of security problems -- including the many problems of X.509 certificates, the complex mess that is Window Vista Content Protection and the convergence of Internet security threats.
[edit] Steve Hailes
Dr. Steve Hailes is deputy head of UCL's department of computer science. He runs several projects on security for ubiquitous computing technologies, and has recently published articles on detection of misbehaving sensors and anonymous trusted authentication.
[edit] Tom Heydt-Benjamin
Tom Heydt-Benjamin is a Ph. D. candidate at the Swiss Federal Institute of Technology (ETH), and a pre-doctoral researcher at IBM Zürich Research Labs. Tom started hacking at age 6 when first exposed to assembler programming in the IBM PC. His recent research has shown the vulnerability of RFID credit cards to skimming and other fraud, and has investigated vulnerabilities in implantable medical devices. Tom also studies applications of e-cash and anonymous credentials to problem domains such as transit ticketing and national ID cards. He has also contributed to the field of anonymous communications.
[edit] Gus Hosein
Dr. Gus Hosein is a Visiting Fellow at the London School of Economics Information Systems and Innovation Group, a senior fellow at Privacy International and a visiting scholar at the Americal Civil Liberties Union. He was project mentor for the LSE Identity Project and has written extensively on the policy impact of technology and terrorism and privacy and freedom.
[edit] Ari Juels
Dr. Ari Juels is a principal research scientist at RSA Labs. His recent work includes security and privacy for RFID tags, coercion-resistant e-voting and denial of service puzzles.
[edit] Angelos Keromytis
Prof. Angelos Keromytis is director of the Network Security Lab at Columbia University. He has recently published articles on blocking zero-day worms, countering DDoS attacks and dealing with system monocultures.
[edit] Jason Kitcat
Jason Kitcat is a DPhil researcher at Sussex University and an e-democracy consultant and campaigner. He runs ORG's e-voting project and an e-voting blog, and has published articles on issues such as the security of open source e-voting systems, the government role in developing ICT standards and problems with postal ballots.
[edit] Douwe Korff
Douwe Korff is Professor of International Law at the London Metropolitan University Department of Law, Governance & International Relations. He contributed the legal sections to the FIPR report on "Children's Databases - Safety and Privacy" and the Council of Europe Handbook on Article 2 of the European Convention on Human Rights (right to life).
[edit] Markus Kuhn
Dr. Markus Kuhn is a lecturer at Cambridge University Computer Laboratory and specialises in computer security, including tamper-resistant hardware, Tempest attacks and watermarking. Related recent work includes the security of RFID tags and satellite navigation systems.
[edit] Adam Laurie
Adam Laurie is a director of The Bunker Secure Hosting and an expert on computer and Bluetooth security. Recently he has demonstrated security vulnerabilities in new UK passports and Bluetooth-enabled mobile phones. He was involved in the development of Apache-SSL, the widely used secure webserver software.
[edit] Ben Laurie
Ben Laurie is a security researcher at Google, a core member of the OpenSSL team and director of security at The Bunker Secure Hosting. He has recently published articles on identity management, anti-spam technology and compelled disclosure. He is a developer of Apache-SSL, the widely used secure webserver software.
[edit] Chris Marsden
Chris Marsden is a Fellow at Essex University law school and a visiting fellow at the universities of Cambridge and Oxford. He has carried out several studies into government actions on cybercrime, Internet regulation and the EU broadcasting regulatory framework.
[edit] Rebecca Mercuri
Dr. Rebecca Mercuri has been researching e-voting since 1989 and is perhaps the world's best known e-voting expert. She has participated in numerous investigations into and challenges of e-voting elections in the US. She has held positions at Harvard University and Bryn Mawr College, and is now an independent forensic computing consultant.
[edit] Steven Murdoch
Steven J. Murdoch is a research assistant at Cambridge University where he has recently published work on the efficacy of Internet censorship and attacks on Internet-accessible services based on server clock skew.
[edit] Peter Neumann
Dr. Peter Neumann is principal scientist at SRI International, where he has worked on trustworthy and dependable systems since 1971. He is chair of the ACM Committee on Computers and Public Policy and the US National Committee for Voting Integrity, and moderates the widely-read ACM Risks Forum. His recent work includes Computer-Related Risks (1995), Cryptography's Role in Security the Information Society (1996) and Improving Cybersecurity for the 21st Century: Rationalizing the Agenda (2007).
[edit] Vern Paxson
Dr. Vern Paxson is a researcher at the ICSI Center for Internet Research and an adjunct professor at the University of California at Berkeley. He is currently working on projects on network intrusion detection (including hardware support) and worm detection and defence (including using organisational sharing of information to repel coordinated attacks). Paxson was chair of the Internet Research Task Force from 2001-2005.
[edit] Andy Phippen
Dr. Andy Phippen is a lecturer in socio-technical studies at the Network Research Group, University of Plymouth . He researches issues of public engagement of ICT, in particular eDemocracy and Security. He has authored a number of papers regarding public perceptions of security and trust relationships between citizens and ICT, and recently co-authored the Trustguide report with Dr Hazel Lacohee from BT Group Chief Technology Office.
[edit] Brian Randell
Prof. Brian Randell has been researching software dependability at Newcastle University since 1971. His recent publications have included work on trust in voting technologies, basic concepts in secure and dependable computing and facing up to software faults. Randell was a signatory to an open letter to the Health Select Committee highlighting problems with the NHS National Programme for IT.
[edit] Marek Rejman-Greene
Marek Rejman-Greene is head of the Home Office's Biometrics Centre of Expertise and was formerly a senior consultant at BT Exact specialising in identity management. He has published articles on security requirements for biometrics devices and real identities for a virtual world.
[edit] Ron Rivest
Prof. Ron Rivest is one of the world's leading cryptographers, most notable as co-inventor of the RSA public-key algorithm that is used in almost all secure communications systems on the Internet. He is a computer science professor at MIT and has recently been researching the security of e-voting systems.
[edit] Avi Rubin
Prof. Avi Rubin is Technical Director of John Hopkins University's Information Security Institute, and the director of the NSF ACCURATE center for Correct, Usable, Reliable, Auditable and Transparent Elections. He is the author of Brave New Ballot: The Battle to Safeguard Democracy in the Age of Electronic Voting, and has identified numerous flaws in e-voting elections in the US.
[edit] Peter Ryan
Prof. Peter Ryan is an information assurance specialist at Newcastle University's School of Computing Science, and previously worked at GCHQ and a number of research centres. He is designing cryptographically assured e-voting systems such as Prêt à Voter and has organised a number of e-voting workshops such as the Workshop on Trustworthy Elections in 2006. He was also signatory to an open letter to the Health Select Committee highlighting problems with the NHS National Programme for IT.
[edit] Angela Sasse
Prof. Angela Sasse is professor of human-centred technology at UCL, where she leads research in a number of areas including the design of usable and effective security. She has published research into the role of trust in system design, improving password usability and privacy in multimedia systems. She is also researching the security and privacy of clinical information systems with the Clinical E-science Framework project.
[edit] Bruce Schneier
Bruce Schneier is a world-renowned cryptographer and security expert. He has written several best-selling books including Applied Cryptography, Beyond Fear and Secret and Lies. His security monitoring company Counterpane was recently acquired by British Telecom.
[edit] Berry Schoenmakers
Dr. Berry Schoenmakers is an associate professor at the Technical University of Eindhoven specialising in cryptography, e-voting and related areas. He was part of the EU-funded CyberVote project.
[edit] Barbara Simons
Dr. Barbara Simons is an e-voting expert, former President of the Association for Computing Machinery (the world's largest professional organisation for computer scientists) and previously a researcher at IBM's San Jose Research Center. She co-authored the 2004 SERVE report that identified serious security flaws in the Pentagon's e-voting programme and led to its cancellation. Simons is on the Board of Directors of VerifiedVoting.org and the Advisory Board of the Oxford Internet Institute.
[edit] Fabrizio Smeraldi
Dr. Fabrizio Smeraldi is a lecturer in computer science at Queen Mary, University of London. His research interests are in pattern recognition and machine learning, and he has recently carried out research into facial features recognition and face authentication.
[edit] Simon Weston Smith
Dr Simon Weston Smith is a Consultant Haematologist at Conquest Hospital, Hastings. He has demonstrated across three hospitals one of the few privacy-enhancing clinical information systems in the NHS.
[edit] Peter Sommer
Peter Sommer is a senior research fellow at the LSE and also holds a similar position at the Open University. He is a member of the EU FIDISconsortium and a member of the Reference Group for the EU PRIME research activity. He sits on a number of UK government advisory panels and acts as an expert witness in many cases concerning digital evidence. Instructions have included cases involving murder, terrorism, large-scale software piracy, Internet-related defamation, and phishing. His recent publications include advice on evidence in Internet paedophilia cases, a Guide to Digital Evidence and Investigations, and computer forensics education. He is a Joint Lead Assessor for the computer evidence speciality at the Council for the Registration of Forensic Practitioners.CRFP
[edit] Frank Stajano
Dr. Frank Stajano is a lecturer at Cambridge University's Computer Laboratory and works on security and privacy in pervasive computing systems. His recent publications include RFID is X-ray vision and Location Privacy in Bluetooth.
[edit] Latanya Sweeney
Prof. Latanya Sweeney is director of the Data Privacy Lab at Carnegie Mellon University. She is currently investigating the sharing of pharmacogenetic data with privacy guarantees. Sweeney has published widely on the anonymisation of personal data, including on privacy-enhanced linking and privacy-preserving surveillance.
[edit] Paul Syverson
Dr. Paul Syverson is a mathematician at the US Naval Research Laboratory, where he works on secure systems design and anonymity. He has played a major role in the development of anonymous IP communications and the widely used onion routing system, funded by both the US Department of Defense and the Electronic Frontier Foundation. He has also published articles on the value and economics of privacy and anonymity.
[edit] Martyn Thomas
Prof. Martyn Thomas is a visiting professor of software engineering at Oxford University and a consultant on safety critical systems. He has recently published articles on software safety assessment and alternatives to Software Integrity Levels. Thomas gave oral evidence on the problems of ID cards to the Home Affairs Select Committe and was also a signatory to an open letter to the Health Select Committee highlighting problems with the NHS National Programme for IT.
[edit] David Wagner
Prof. David Wagner is an associate professor in computer science at the University of California at Berkeley. His research is focused on the security of large-scale systems and networks, including security and privacy issues in e-passports and security and privacy issues of statewide voter registers. He co-authored the 2004 SERVE report that led the Pentagon to withdraw its proposed e-voting system.
