The University of Southampton has a leading role in cyber security research and education and this research group brings together expertise and excellence in this field.
RBAC simplifies policy specification and the management of user rights using a two tier management, it groups users into roles and assigns permissions to each role. Administrative role-based access control (ARBAC) is a policy mechanism for controlling how changes can be made to the RBAC policy by various administrators.
Risk Management research focuses on risk analysis and decision-making using quantitative modelling and real-time Big data techniques applies to FinTech and Cyber-Risk research fields, via state-of-the-art high performance computing facilities.
Distributed Ledger Technology aka blockchain, is a main focus and research direction of ours. The fascinating properties of decentralisation, data control and integrity make blockchain a disruptive technology for a variety of application domains, from distributed and cloud computing, to the Internet-of-Things. Through the work we are carrying out, Southampton is quickly emerging as an international knowledge centre on DLT, entertaining new collaborations with industry in the UK and public administrations in Europe and beyond.
FAAS is a main application of blockchain to cloud computing is to underpin the Federation-as-a-Service solution. It is an innovative solution to federate cloud systems ensuring privacy-preserving management of service/data, optimised resource utilisation, decentralised and democratic federation governance. Blockchain offers decentralised computational infrastructure to build cloud federations upon with trust-less data integrity and availability guarantees. This line of research was to address problems in the public administration space, because some of the specific requirements of demonstrable data custody and service/data sharing governance normally imposed on governments, typically point directly to the key properties of integrity for data and code offered by blockchains.
Provenance is the foundation of data quality, capturing the trace of data manipulation over space, time and actors. Provenance becomes critical in application domains such as healthcare where patient safety can be endangered. Based on blockchain technologies, we are focussing on decentralised storage and computation of data provenance to prevent by-design loss and corruption of healthcare data across geographically distributed medical institutions.
Internet-of-Things(IoT), the focus of project Block-IT is a key enabler of new computing systems, but it lacks of a reliable underlying computation infrastructure. Our focus is on using blockchain to underpin distributed IoT devices enabling accountable data storage and management. This line of research targets smart-energy and home automation scenarios aiming at offering blockchain-empowered energy marketplace and autonomous home controllers.
Cyber and the Law works on data situation models relying in part on anonymisation and pseudonymisation practices, and their implications for data protection obligations. The Horizon 2020 FutureTrust project on interoperability of electronic identification and trust services and the interplay between with the General Data Protection Regulation (GDPR) and key data protection principles, such as data protection by design.
Identity and Access Management research focusses on the design of privacy-preserving identity and access management systems that are resilient to cyber attacks. We explore the use of blockchain technology and Intel SGX trusted hardware to guarantee the integrity of users’ digital identities and access control policies and of the identity verification and access control protocols. These guarantee both data immutability and integrity and confidentiality of the policy enforcement process.
Health-I focuses on integrating humans into the IoT ecosystem. The project investigates how and where crowdsourcing can be used within an IoT ecosystem to improve trust and user-driven privacy, and provide better human-driven data sharing mechanisms. By using the crowd we build up trust, privacy, & data sharing capabilities in an open and transparent way.
CASTLE is a project funded by the Higher Education Academy to enhance both students’ cyber security skills and the University’s cyber security posture through supervised penetration testing and a responsible disclosure policy.
Software Verification & Validation in cyberspace is the focus of project ADVANCE. This is developing a unified tool-based framework for automated formal verification and validation of cyber-physical systems.
GDPR research explores the applicability of GDPR in real terms, with reference to the currently known anonymisation techniques. Our conclusion is that new algorithms are needed if we need to be GDPR compliant. Specifically, we explore advanced indexing to endow differential privacy with resilience to attacks based on repeated queries, through our new notion of context controls.
Government related activities consist of working with government agencies across Europe and beyond to address privacy and security requirements in the public administration. Our current efforts centre on distributed ledgers as computational infrastructure to provide data integrity guarantees.
In the recent past worked with the government on the cyber security of the Internet-of-Things, of the UK Smart Metering Programme as well as the effectiveness of Cyber Essentials. We have established solid working relationships with several agencies including the Cabinet Office, the Foreign and Commonwealth Office, the Information Commissioner’s Office, the Italian Ministry of Economy and Finance and the National Crime Agency.
Colleagues within CyberSecurity Southampton lead research projects of over £18million.
A number of funded projects are active and involve colleagues from across the Centre, including: