Founded a consultancy and R&D company Smart Architects in August 2010. The company hopes to announce the first product in February or March 2011.
I spent nine months developing complete software architecture for wireless sensing platform using GSM network. The main feature of our sensors was long up time on a single AA battery and ver low stand-by current (in the region of 200-300nA - one actually needs a very good energy meter to measure this current).
I signed up with Deloitte in April 2008, after work in the WINES II project came to its end. So far, I've been mostly working on security projects in large banks.
I joined Security Group at the Computer Laboratory in January 2007. I worked with Frank Stajano on security issues relevant for wireless sensor networks when used for infrastructure monitoring. This is part of WINES II project sponsored by EPSRC.
I spent two years (2005-2006) at my "home" university - Brno University of Technology, where I became an associate professor.
I was working on a project called SECURE, which was an EU funded project researching possible use of trust-based (reputation) access control for mobile and disconnected clients, from August 2003 till December 2004.
Education | |
1992 - 1997 | Brno University of Technology, title M.Sc. |
Master thesis: The Public Key Payment Protocol of Electronic Purse (Petr Hanacek) | |
1997 - 2001 | Brno University of Technology, title PhD. |
dissertation thesis: Authorization Model for Strongly Distributed Information Systems (Tomas Hruska) | |
2007 | Brno University of Technology, associate professor (passed habilitation) |
habilitation thesis: The Role of Contextual Information in Security and Privacy | |
Professional Experience | |
2010 - now | Smart Architects - a founder of this consultancy and development company based in Cambridge UK. The company focus on consulting in the area of IT security and cryptography. Product design and development is driven by usability of security and cryptography. |
2009 - 2010 | Apoideas UK - responsible for design and development of a complete software solution in a start-up company. The software included code for sensing and communication platform using a 16-bits' microcontroller as well as a robust back-end system for handling and processing of data. |
2008 - 2009 | Deloitte UK, Security, Privacy and Resiliency team - Senior consultant, mainly subject matter expert in cryptography related projects for major UK banks: cryptographic standards, attestations / validations (VISA, Bacstel), cryptographic systems architectures (Faster Payments, PIN processing systems, SWIFT, CHAPS, PKI based systems), deployment of public key infrastructures. |
2007 - 2008 | University of Cambridge, Computer Laboratory - Post doctoral researcher working with Dr Frank Stajano on the project WINES (Wired and Wireless Intelligent Networked Systems) Infrastructure, responsible for the security analysis of hardware and software platforms for sensor networks. The analysis covered cryptographic mechanisms, routing algorithms, reverse engineering and code quality assesment, and practical issues related to deployment of the networks in London Underground, and at Humber Bridge. |
2003 - 2004 | University of Cambridge, Computer Laboratory - Post-doctoral research position with Dr Ken Moody and Prof. Jean Bacon in the Opera Group (distributed systems). Reseach into reputation and trust-based systems within EU funded project SECURE (Secure Environments for Collaboration among Ubiquitous and Roaming Entities). The work focused mainly on dynamics of trust and sensitivity of contextual data. |
1998 - 2000 | AEC, Ltd. Brno, development of C-PKI (proprietary certification authority) |
Teaching | |
1997 - 2000 | BUT in Brno, course Algorithms and Data Structures |
2001 | Military Academy in Brno, course Data Security |
2001 - 2003 | BUT in Brno, courses Information systems, Programming languages, Algoritms and data structures. |
2005 - 2006 | BUT in Brno, courses Cryptography and information security, Security of information systems. |
Activities | |
2005 | co-founder of security laboratory BUSLab, (see also our news service) |
The paper reviews current strategies to counter Internet threats in the light of the classic strategy literature. It often advocates proactive action, and dominance of the (virtual, in our case) battlefield, which is the opposite from what we see defenders to deploy today. Their actions are instead reactive and exclusively defensive. We propose strategies for defenders to regain the initiative and push security solutions far beyond the reach of current security tools. Yet those strategies start mirroring actions and technologies of the bad guys, and confront us with important technical,legal and moral dilemmas.
Security Protocols Workshop, Cambridge, UK, May 2008 [ paper (PDF 90K) ]
This is a presentation for a talk I gave in March 2007 at the Computer Lab. The talk overviewed design and implementation of a reputation system (let's call it this way) in WiFi networks. The implementation is collecting data from a real network with about 250 users.
Talk given at the Computer Lab in March 2007 [ slides (PDF 1200K) ]
When we turn the table we will find out the other side of the game that is becoming important in mobile and ubiquitous computing. There is a strong research effort in the areas of large distributed systems, ubiquitous computing, and peer-to-peer networks with the main goal to make communication and computation as effective as possible. To reach this goal, we need substantial amount of information about system components as well as about users. Of course, it is a clear threat unquestionably deteriorating privacy of users beyond today's reality. Shortly, the surge in ubiquitous computing is bringing in new security challenges.
The paper introduces results of a study into the value of location privacy for individuals using mobile devices. We questioned a sample of over 1200 people from five EU countries, and used tools from experimental psychology and economics to extract from them the value they attach to their location data. We compare this value acress national groups, gender and technical awareness, but also the perceived difference between academic use and commercial exploitation. We provide some analysis of the self-selection bias of such a study, and look further at the valuation of location data over time using data from another experiment.
Workshop on Privacy in the Electronic Society, Alexandria, USA, 2006 [ paper (PDF 266K) | slides (PDF 320K)]
Wireless sensor networks represent an interesting environment for a number of problems related to distributed systems. They have got specific restrictions (power consumption), unusual routing requirements (nodes/motes have no idea about the network topology when deployed), and the information produced by nodes gains value when aggregated, a space for new security protocols exist.
We have put some effort into simulating security of key agreement protocols against an attacker controlling only a fraction of the network (key infection, secrecy amplification). The talk will briefly survey several existing key management schemes and highlight some interesting results we have obtained for key infection protocols.
A talk given at the Computer Lab in April 2005 [ slides (PPT 1.51M) ]
We describe our experiences reverse engineering the Chrysalis-ITS Luna CA3 a PKCS#11 compliant cryptographic token. Emissions analysis and security API attacks are viewed by many to be simpler and more efficient than a direct attack on an HSM. But how difficult is it to actually "go in the front door"? We describe how we unpicked the CA? internal architecture and abused its low-level API to impersonate a CA? token in its cloning protocol ? and extract PKCS#11 private keys in the clear. We quantify the effort involved in developing and applying the skills necessary for such a reverse-engineering attack. In the process, we discover that the Luna CA? has far more undocumented code and functionality than is revealed to the end-user.
Technical Report UCAM-CL-TR-592, University of Cambridge, Computer
Laboratory, June 2004.
[ paper (PDF 344K) |
source code (85K) ]
This position paper discusses the relation of privacy, namely pseudonymity, to evidence-based trust (or rather reputation). Critical concepts of evidence-based trust/reputation systems are outlined first, followed by an introduction to the four families of the Common Criteria (for security evaluation) Privacy Class: Unobservability, Anonymity, Unlinkability, and Pseudonymity. The paper then discusses the common problem of many papers that narrow the considerations of privacy to anonymity only, and elaborates on the concept of pseudonymity through aspects of evidence storing, attacks and some of their implications, together with other related issues like use of mixes.
Security Protocols Workshop, Cambridge, UK, 23-25 May 2004.
[ paper (PDF 102kB) ]
The paper reviews several models of privacy with the main focus toward unlinkability. The Common Criteria defintions are scrutinized and uncovered definitions of unlinkability are identified. Properties of one model covering a problem of context information - the Freiburg Privacy Diamond - are also discussed.
Ubicomp Privacy Workshop, Nottingham, UK, 7 September, 2004.
To enforce security without user enrollment, trust/reputation systems were proposed to use experience as crucial information for cooperation as well as security enforcement mechanisms. However, use of trust brings in very hard-to-solve problems that still distract many people from exploitation of trust for security mechanisms. Its ability to change and react to changes in environment and user behaviour is profound for usability of mechanisms built on top of it. Dempster-Shafer theory was proposed as a suitable theoretical model for trust computation. Here, we define general requirements for reputation dynamics and demonstrate that Dempster-Shafer theory properties are not as good as is widely thought. On the other side, simple formulae work.
NordSec 2004, Helsinki, Finland, proceedings, pp. 1-7, 4-5 November 2004.
[ paper (PDF 215K) ]
Many papers and articles attempt to define or even quantify privacy, typically with a major focus on anonymity. A related research exercise in the area of evidence-based trust models for ubiquitous computing environments has given us an impulse to take a closer look at the definition(s) of privacy in the Common Criteria, which we then transcribed in a more formal manner. This lead us to a further review of unlinkability, and revision of another semi-formal model allowing for expression of anonymity and unlinkability -- the Freiburg Privacy Diamond. We propose new means of describing (obviously only observable) characteristics of a system to reflect the role of contexts for profiling -- and linking -- users with actions in a system. We believe this approach should allow for evaluating privacy in large data sets.
Privacy and Security Aspects of Data Mining workshop, IEEE ICDM, Brighton, UK, 1 November 2004.
[ paper (PDF 183 kB) ]
The novel idea of evidence-based reputation (or trust) systems is that such systems do not rely on an objective knowledge of user identity. One has instead to consider possible privacy infringements based on the use of data (evidence) about the previous behaviour of entities in the systems. We elaborate on the concept of pseudonymity through aspects of evidence storing and processing. Journal of Computer Standards & Interfaces, Elsevier, pp 533-545, Vol 27, Issue 5 (June 2005)