There seems to be two types of open innovation being discussed and it is not always clear what is being referred to. One is the sort described and promoted by Henry Chesborough in his book ‘Open Innovation’. This refers to the concept that corporate technology research should be far more open to external sources and destinations for innovations. The second type, not covered here, is the use of customer feedback, crowd sourcing, social media etc. to provide open inputs into the commercial innovation process. This latter form is much closer to marketing, new product development and consumer issues, whereas the first type has the potential to radically improve the flow of knowledge and research between industry and universities. This is what particularly interests me.
Tuesday, 29 November 2011
Sunday, 20 November 2011
The aim of information security research, it seems to me, is to understand, and thereby directly or indirectly improve security. There are five main objectives of security research:
1) To improve security in an organisational context;
2) To improve security at a particular point, or component, of technology;
3) To quantify, assess or manage security;
4) To integrate security into an otherwise insecure system, process or architecture;
5) To break security.
Monday, 14 November 2011
Monday, 7 November 2011
Replacing passwords has become a bit of a holy grail for cyber security startups. About 5 years ago I first came across a company proposing typing characteristics as a biometric login, and there seem to be a number of companies attempting something like that still. At VentureFest Bristol I came across PixelPIN who use images to replace passwords, and earlier this year I became aware of GridSure who use a pattern embedded in a varying grid of characters, as a one time password. I am not sure why technologies like these latter two have not taken off. They would seem to be potentially more secure than passwords and have lower maintenance costs - the costs of helping users who forget their passwords.
Saturday, 17 September 2011
The sophistication of new malware attacking control systems includes targeted zero-days attacks, rootkits created for control systems, and software signed by trusted certificate authorities. This paper shows how to incorporate knowledge of the physical system under control to detect attacks that change the behavior of the targeted control system.
Monday, 11 April 2011
Security issues for cloud computing are rightly high on the cyber security agenda. How can you be sure your cloud provider is doing enough about security? A number of new technologies are also emerging which claim to focus on the risks of cloud computing. In the long term, the market for cloud computing could be a great boon for security. Cloud providers will have to compete on their security status, which means they will have to be transparent and judged on their security merits. This will lead to stronger security all round. There is still too much confusion, obscurity and obfuscation in the security market at the moment.
Thursday, 13 January 2011
I have been fascinated to see the developments in robotics technologies over the last few years. It seems to me that their is a tipping point approaching, where advances in areas such as video analytics, autonomy and intelligence, robotic dexterity, and manouevrability will lead to highly useful robots with the potential for wide ubiquity in society. A trend definitely worth tracking. Science fiction could become fact faster than we think! I have linked to some interesting companies and research, to whet your appetite.
Tuesday, 4 January 2011
The gradual improvement in the effectiveness of attacks on the GSM network has progressed ever since the encryption algorithm used became open, and weaknesses were identified. Improvements in processing power have allowed faster key searches, and now new research breaks further aspects of the GSM architecture to crack the encryption using simple hardware. It wont be long before commercial eavesdroppers will be available cheaply. My guess is that new security and encryption will have to be added to GSM, somehow, and soon.