Skip to main content

Research Repository

Advanced Search

Outputs (42)

Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform (2022)
Journal Article
Ali, H., Ahmad, J., Jaroucheh, Z., Papadopoulos, P., Pitropakis, N., Lo, O., …Buchanan, W. J. (2022). Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform. Entropy, 24(10), Article 1379. https://doi.org/10.3390/e24101379

Historically, threat information sharing has relied on manual modelling and centralised network systems, which can be inefficient, insecure, and prone to errors. Alternatively, private blockchains are now widely used to address these issues and impro... Read More about Trusted Threat Intelligence Sharing in Practice and Performance Benchmarking through the Hyperledger Fabric Platform.

Electromagnetic Side-Channel Attack Resilience against PRESENT Lightweight Block Cipher (2022)
Conference Proceeding
Gunathilake, N. A., Al-Dubai, A., Buchanan, W. J., & Lo, O. (2022). Electromagnetic Side-Channel Attack Resilience against PRESENT Lightweight Block Cipher. In 2022 6th International Conference on Cryptography, Security and Privacy (CSP). https://doi.org/10.1109/CSP55486.2022.00018

Lightweight cryptography is a novel diversion from conventional cryptography that targets internet-of-things (IoT) platform due to resource constraints. In comparison, it offers smaller cryptographic primitives such as shorter key sizes, block sizes... Read More about Electromagnetic Side-Channel Attack Resilience against PRESENT Lightweight Block Cipher.

GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture (2022)
Journal Article
Lo, O., Buchanan, W., Sayeed, S., Papadopoulos, P., Pitropakis, N., & Chrysoulas, C. (2022). GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture. Sensors, 22(6), Article 2291. https://doi.org/10.3390/s22062291

E-governance is a process that aims to enhance a government’s ability to simplify all the processes that may involve government, citizens, businesses, and so on. The rapid evolution of digital technologies has often created the necessity for the esta... Read More about GLASS: A Citizen-Centric Distributed Data-Sharing Model within an e-Governance Architecture.

PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching (2022)
Conference Proceeding
Abramson, W., Buchanan, W. J., Sayeed, S., Pitropakis, N., & Lo, O. (2022). PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching. In 14th International Conference on Security of Information and Networks. https://doi.org/10.1109/SIN54109.2021.9699138

The spread of COVID-19 has highlighted the need for a robust contact tracing infrastructure that enables infected individuals to have their contacts traced, and followed up with a test. The key entities involved within a contact tracing infrastructur... Read More about PAN-DOMAIN: Privacy-preserving Sharing and Auditing of Infection Identifier Matching.

GLASS: Towards Secure and Decentralized eGovernance Services using IPFS (2022)
Conference Proceeding
Chrysoulas, C., Thomson, A., Pitropakis, N., Papadopoulos, P., Lo, O., Buchanan, W. J., …Tsolis, D. (2022). GLASS: Towards Secure and Decentralized eGovernance Services using IPFS. In Computer Security. ESORICS 2021 International Workshops. https://doi.org/10.1007/978-3-030-95484-0_3

The continuously advancing digitization has provided answers to the bureaucratic problems faced by eGovernance services. This innovation led them to an era of automation, broadened the attack surface and made them a popular target for cyber attacks.... Read More about GLASS: Towards Secure and Decentralized eGovernance Services using IPFS.

A Privacy-Preserving Platform for Recording COVID-19 Vaccine Passports (2022)
Conference Proceeding
Barati, M., Buchanan, W. J., Lo, O., & Rana, O. (2022). A Privacy-Preserving Platform for Recording COVID-19 Vaccine Passports. In UCC '21: Proceedings of the 14th IEEE/ACM International Conference on Utility and Cloud Computing Companion. https://doi.org/10.1145/3492323.3495626

Digital vaccination passports are being proposed by various governments internationally. Trust, scalability and security are all key challenges in implementing an online vaccine passport. Initial approaches attempt to solve this problem by using cent... Read More about A Privacy-Preserving Platform for Recording COVID-19 Vaccine Passports.

Electromagnetic Analysis of an Ultra-Lightweight Cipher: PRESENT (2021)
Conference Proceeding
Gunathilake, N. A., Al-Dubai, A., Buchanan, W. J., & Lo, O. (2021). Electromagnetic Analysis of an Ultra-Lightweight Cipher: PRESENT. In 10th International Conference on Cryptography and Information Security (CRYPIS 2021) (185-205)

Side-channel attacks are an unpredictable risk factor in cryptography. Therefore, continuous observations of physical leakages are essential to minimise vulnerabilities associated with cryptographic functions. Lightweight cryptography is a novel appr... Read More about Electromagnetic Analysis of an Ultra-Lightweight Cipher: PRESENT.

Privacy-Preserving Passive DNS (2020)
Journal Article
Papadopoulos, P., Pitropakis, N., Buchanan, W. J., Lo, O., & Katsikas, S. (2020). Privacy-Preserving Passive DNS. Computers, 9(3), Article 64. https://doi.org/10.3390/computers9030064

The Domain Name System (DNS) was created to resolve the IP addresses of web servers to easily remembered names. When it was initially created, security was not a major concern; nowadays, this lack of inherent security and trust has exposed the global... Read More about Privacy-Preserving Passive DNS.

Wi-Fi Channel Saturation as a Mechanism to Improve Passive Capture of Bluetooth Through Channel Usage Restriction (2019)
Journal Article
Lowe, I., Buchanan, W. J., Macfarlane, R., & Lo, O. (2019). Wi-Fi Channel Saturation as a Mechanism to Improve Passive Capture of Bluetooth Through Channel Usage Restriction. Journal of Networking Technology, 10(4), 124-155. https://doi.org/10.6025/jnt/2019/10/4/124-155

Bluetooth is a short-range wireless technology that provides audio and data links between personal smartphones and playback devices, such as speakers, headsets and car entertainment systems. Since its introduction in 2001, security researchers have s... Read More about Wi-Fi Channel Saturation as a Mechanism to Improve Passive Capture of Bluetooth Through Channel Usage Restriction.

Identifying Vulnerabilities Using Internet-wide Scanning Data (2019)
Conference Proceeding
O'Hare, J., Macfarlane, R., & Lo, O. (2019). Identifying Vulnerabilities Using Internet-wide Scanning Data. In 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3) (1-10). https://doi.org/10.1109/ICGS3.2019.8688018

Internet-wide scanning projects such as Shodan and Censys, scan the Internet and collect active reconnaissance results for online devices. Access to this information is provided through associated websites. The Internet-wide scanning data can be used... Read More about Identifying Vulnerabilities Using Internet-wide Scanning Data.

System and method for management of confidential data (2018)
Patent
Buchanan, B., Lo, O., Macfarlane, R., Penrose, P., & Ramsay, B. (2018). System and method for management of confidential data. GB2561176A

This application is for a method of data management to identify confidential digital content on a database by first receiving a management request 302 from a system 304 to carry out data management operations. These include the identification of data... Read More about System and method for management of confidential data.

Method for identification of digital content (2018)
Patent
Buchanan, B., Lo, O., Penrose, P., Ramsay, B., & Macfarlane, R. (2018). Method for identification of digital content. World Intellectual Property Organization

Many areas oi investigation require searching through data that may be oi interest. One example oi data that may be involved in an investigation is copyrighted material that may be suspected of having been obtained or reproduced illegally by a third... Read More about Method for identification of digital content.

Correlation Power Analysis on the PRESENT Block Cipher on an Embedded Device (2018)
Conference Proceeding
Lo, O., Buchanan, W. J., & Carson, D. (2018). Correlation Power Analysis on the PRESENT Block Cipher on an Embedded Device. In ARES 2018 Proceedings of the 13th International Conference on Availability, Reliability and Security. https://doi.org/10.1145/3230833.3232801

Traditional cryptographic techniques have proven to work well on most modern computing devices but they are unsuitable for devices (e.g. IoT devices) where memory, power consumption or processing power is limited. Thus, there has been an increasing a... Read More about Correlation Power Analysis on the PRESENT Block Cipher on an Embedded Device.

Applications of Blockchain Within Healthcare. (2018)
Journal Article
Bell, L., Buchanan, W. J., Cameron, J., & Lo, O. (2018). Applications of Blockchain Within Healthcare. Blockchain in Healthcare Today,

There are several areas of healthcare and well-being that could be enhanced using blockchain technologies. These include device tracking, clinical trials, pharmaceutical tracing, and health insurance. Within device tracking, hospitals can trace their... Read More about Applications of Blockchain Within Healthcare..

Distance Measurement Methods for Improved Insider Threat Detection (2018)
Journal Article
Lo, O., Buchanan, W. J., Griffiths, P., & Macfarlane, R. (2018). Distance Measurement Methods for Improved Insider Threat Detection. Security and Communication Networks, 2018, 1-18. https://doi.org/10.1155/2018/5906368

Insider threats are a considerable problem within cyber security and it is often difficult to detect these threats using signature detection. Increasing machine learning can provide a solution, but these methods often fail to take into account change... Read More about Distance Measurement Methods for Improved Insider Threat Detection.

Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA) (2016)
Journal Article
Lo, O., Buchanan, W. J., & Carson, D. (2016). Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA). Journal of Cyber Security Technology, 1(2), 88-107. https://doi.org/10.1080/23742917.2016.1231523

This article demonstrates two fundamental techniques of power analysis, differential power analysis (DPA) and correlation power analysis (CPA), against a modern piece of hardware which is widely available to the public: the Arduino Uno microcontrolle... Read More about Power analysis attacks on the AES-128 S-box using differential power analysis (DPA) and correlation power analysis (CPA).

Secret shares to protect health records in Cloud-based infrastructures (2016)
Conference Proceeding
Buchanan, W. J., Ukwandu, E., van Deursen, N., Fan, L., Russell, G., Lo, O., & Thuemmler, C. (2016). Secret shares to protect health records in Cloud-based infrastructures. In 2015 17th International Conference on E-health Networking, Application & Services (HealthCom). https://doi.org/10.1109/HealthCom.2015.7454589

Increasingly health records are stored in cloud-based systems, and often protected by a private key. Unfortunately the loss of this key can cause large-scale data loss. This paper outlines a novel Cloud-based architecture (SECRET) which supports keyl... Read More about Secret shares to protect health records in Cloud-based infrastructures.

RESCUE: Resilient Secret Sharing Cloud-based Architecture. (2015)
Conference Proceeding
Ukwandu, E., Buchanan, W. J., Fan, L., Russell, G., & Lo, O. (2015). RESCUE: Resilient Secret Sharing Cloud-based Architecture. In 2015 IEEE Trustcom/BigDataSE/ISPA Vol. 1 (872-879). https://doi.org/10.1109/Trustcom.2015.459

This paper presents an architecture (RESCUE) of a system that is capable of implementing: a keyless encryption method; self-destruction of data within a time frame without user’s intervention; and break-glass data recovery, with in-built failover pro... Read More about RESCUE: Resilient Secret Sharing Cloud-based Architecture..

The future internet: a world of secret shares (2015)
Journal Article
Buchanan, W. J., Lanc, D., Ukwandu, E., Fan, L., Russell, G., & Lo, O. (2015). The future internet: a world of secret shares. Future Internet, 7(4), 445-464. https://doi.org/10.3390/fi7040445

The PKI infrastructure is crumbling, especially due to the lack of a strong understanding of how encryption actually works, and in threats around its implementation. This paper outlines an Internet storage using secret sharing methods, and which coul... Read More about The future internet: a world of secret shares.

Heart data analysis, modelling and application in risk assessment (2015)
Thesis
Lo, O. Heart data analysis, modelling and application in risk assessment. (Thesis). Edinburgh Napier University. Retrieved from http://researchrepository.napier.ac.uk/id/eprint/8833

The heart is a fundamental aspect of the human body. Significant work has been undertaken to better understand the characteristics and mechanisms of this organ in past research. Greater understanding of the heart not only provides advances in medicin... Read More about Heart data analysis, modelling and application in risk assessment.

Modelling of integrated trust, governance and access safi.re: Information Sharing Architecture. (2013)
Conference Proceeding
Buchanan, W. J., Uthmani, O., Fan, L., Burns, N., Lo, O., Lawson, A., …Anderson, C. (2013). Modelling of integrated trust, governance and access safi.re: Information Sharing Architecture. In M. Felici (Ed.), Cyber Security and Privacy (91-101). https://doi.org/10.1007/978-3-642-41205-9_8

We live in a world where trust relationships are becoming ever more important. This paper outlines how an architecture which abstracts these relationships between domains, organisations and units, into a formal definition, and then implement these as... Read More about Modelling of integrated trust, governance and access safi.re: Information Sharing Architecture..

Conducting Performance Evaluation of an e-Health Platform (2013)
Book Chapter
Lo, O., Fan, L., Buchanan, W. J., & Thuemmler, C. (2013). Conducting Performance Evaluation of an e-Health Platform. In T. Issa, P. Isaías, & P. Kommers (Eds.), Advances in Business Information Systems and Analytics; Information Systems and Technology for Organizations in a Networked Society (295-315). IGI Global Publishing. https://doi.org/10.4018/978-1-4666-4062-7.ch016

For increased awareness and adoption of e-Health implementations, results from evaluation must be catered towards three primary perspectives: organizational, end-user and technical perspective. This chapter addresses the issue of conducting performan... Read More about Conducting Performance Evaluation of an e-Health Platform.

A scaleable and trusted e-Health eco-system: safi.re (2013)
Presentation / Conference
Buchanan, W. J., Burns, N., Lo, O., Lewis, R., Uthmani, O., & Fan, L. (2013, April). A scaleable and trusted e-Health eco-system: safi.re. Paper presented at Cyber Security and Privacy EU Forum 2013

At present most health and social care systems do not have extendable trust and governance. This presentation outlines the safi.re architecture which uses three main components: a trust framework; governance rules; and strong access controls. The sys... Read More about A scaleable and trusted e-Health eco-system: safi.re.

SPoC: Protecting Patient Privacy for e-Health Services in the Cloud (2012)
Conference Proceeding
Fan, L., Buchanan, W. J., Lo, O., Thuemmler, C., Lawson, A., Uthmani, O., …Khedim, A. S. (2012). SPoC: Protecting Patient Privacy for e-Health Services in the Cloud. In eTELEMED 2012 (99-104)

The use of digital technologies in providing health care services is in general subsumed under the term e-Health. The Data Capture and Auto Identification Reference (DACAR) project provides an open e-Health service platform that reinforces the integr... Read More about SPoC: Protecting Patient Privacy for e-Health Services in the Cloud.

Technical evaluation of an e-health platform. (2012)
Conference Proceeding
Lo, O., Fan, L., Buchanan, W. J., & Thuemmler, C. (2012). Technical evaluation of an e-health platform. In M. Macedo (Ed.), Proceedings of the IADIS International Conference e-Health 2012

Methodologies for evaluation of e-Health platforms are still lacking. We propose an e-Health evaluation framework that aims to provide a concise methodology for the evaluation of e-Health platforms under three main categories: usability evaluation, l... Read More about Technical evaluation of an e-health platform..

E-Health: chances and challenges of distributed, service oriented architectures (2012)
Journal Article
Thuemmler, C., Fan, L., Buchanan, W. J., Lo, O., Ekonomou, E., & Khedim, A. S. (2012). E-Health: chances and challenges of distributed, service oriented architectures. Journal of cyber security and mobility, 37,

Societies are undergoing unprecedented demographic and socio-economical changes on a pace that has never been experienced before. Health care models are in transition to remain affordable for governments and individuals. Mobile technology and cloud c... Read More about E-Health: chances and challenges of distributed, service oriented architectures.

Towards simulation of patient data for evaluation of E-health platform and services. (2012)
Presentation / Conference
Lo, O., Fan, L., Buchanan, W. J., Thuemmler, C., & Lawson, A. (2012, June). Towards simulation of patient data for evaluation of E-health platform and services. Paper presented at 13th Annual Post Graduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting

This paper presents the design and implementation of the Patient Simulator, a software application used for the simulation of patient data. The simulator aims to evaluate e- Health platforms and services in regards to efficiency, reliability, securit... Read More about Towards simulation of patient data for evaluation of E-health platform and services..

Information sharing around child protection. (2012)
Presentation / Conference
Buchanan, W. J., Uthmani, O., Lewis, R., Steyven, A., Fan, L., Thuemmler, C., …Lawson, A. (2012, June). Information sharing around child protection. Paper presented at Information Sharing in the Public Sector

Background This presentation focuses on creating a scaleable, robust and secure information architecture for social and health care. At its core is the sa.FIRE (Secure Analysis and FIltering Risk Engine) architecture, which uses SPoC (Single Point of... Read More about Information sharing around child protection..

Cloud4Health. (2012)
Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., & Lo, O. (2012, May). Cloud4Health. Paper presented at Symposium on the Future of e-Health

The cloud4health platform focuses on creating a next generation infrastructure which aims to integrate assisted living with primary and secondary health care, in order to reduce patient risks. This presentation outlines how it integrates assisted liv... Read More about Cloud4Health..

Integrating assisted living with primary and secondary health care. (2012)
Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., Uthmani, O., & Thuemmler, C. (2012, May). Integrating assisted living with primary and secondary health care. Paper presented at Data Handling in Health and Social Care: Striking the balance between confidentiality, security and information sharing

This presentation outlines the Cloud4Health platform.

Case Study: moving towards an e-health platform to store NHS patient Information in the cloud. (2012)
Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., & Thuemmler, C. (2012, February). Case Study: moving towards an e-health platform to store NHS patient Information in the cloud. Paper presented at Cloud Computing in the Public Sector: The Way Forward

Case Study: Moving Towards an e-health Platform to Store NHS Patient Information in the Cloud The NHS pilot scheme to store patient information in the Cloud How can the health sector can gain greater value from its infrastructure by moving services i... Read More about Case Study: moving towards an e-health platform to store NHS patient Information in the cloud..

Patient centric health care: an integrated and secure, cloud-based, e-Health platform. (2012)
Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., & Thuemmler, C. (2012, February). Patient centric health care: an integrated and secure, cloud-based, e-Health platform. Paper presented at BCS Branch Meeting

There are many issues related to health care infrastructure within the UK, including the lack of integration of data between the different parts of the health and social care system, and around an aging population. This presentation outlines a new Cl... Read More about Patient centric health care: an integrated and secure, cloud-based, e-Health platform..

The UK’s eHealth cloud project: EHR and the cloud: assessing the benefits and mitigating the risks. (2012)
Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., Thuemmler, C., & Lawson, A. (2012, January). The UK’s eHealth cloud project: EHR and the cloud: assessing the benefits and mitigating the risks. Paper presented at Arab Health 2012 (Electronic Healthcare Records)

This presentation focuses on: - Using the Cloud to provide geographical flexibility and facilitate information exchange to enable the effective treatment of patients across boundaries. - How the Cloud can improve clinical workflow and provide better... Read More about The UK’s eHealth cloud project: EHR and the cloud: assessing the benefits and mitigating the risks..

DACAR platform for eHealth services cloud. (2011)
Conference Proceeding
Fan, L., Buchanan, W. J., Thuemmler, C., Lo, O., Khedim, A. S., Uthmani, O., …Bell, D. (2011). DACAR platform for eHealth services cloud. . https://doi.org/10.1109/CLOUD.2011.31

The use of digital technologies in providing health care services is collectively known as eHealth. Considerable progress has been made in the development of eHealth services, but concerns over service integration, large scale deployment, and securit... Read More about DACAR platform for eHealth services cloud..

Formal security policy implementations in network firewalls. (2011)
Journal Article
Macfarlane, R., Buchanan, W. J., Ekonomou, E., Uthmani, O., Fan, L., & Lo, O. (2012). Formal security policy implementations in network firewalls. Computers and Security, 31(2), 253-270. https://doi.org/10.1016/j.cose.2011.10.003

Network security should be based around security policies. From high-level natural language, non-technical, policies created by management, down to device and vendor specific policies, or configurations, written by network system administrators. Ther... Read More about Formal security policy implementations in network firewalls..

Cloud-based e-Health System. (2011)
Presentation / Conference
Buchanan, W. J., Fan, L., Thuemmler, C., Lo, O., & Ekonomou, E. (2011, September). Cloud-based e-Health System. Paper presented at BCS Health Informatics

This paper presents the future of health care system, which uses the newly developed security infrastructure.

Information sharing framework: next generation e-Health cloud. (2010)
Conference Proceeding
Buchanan, W. J., Thuemmler, C., Fan, L., Lo, O., & Khedim, A. S. (2010). Information sharing framework: next generation e-Health cloud.

This presentation outlines the novel e-Health Cloud. See: http://www.soc.napier.ac.uk/~bill/e_presentations/healthcloud01/healthcloud01.html

An e-Health cloud. (2010)
Conference Proceeding
Buchanan, W. J., Thuemmler, C., Fan, L., Lo, O., & Khedim, A. S. (2010). An e-Health cloud.

A significant weakness within cloud-based systems is often their security. This presentation shows how a health care cloud has been created which preserves the rights of the patient to control access to their captured data, and then how this is used... Read More about An e-Health cloud..

Towards a framework for the generation of enhanced attack/background network traffic for evaluation of network-based intrusion detection systems (2010)
Conference Proceeding
Lo, O. C. W., Graves, J. R., & Buchanan, W. J. (2010). Towards a framework for the generation of enhanced attack/background network traffic for evaluation of network-based intrusion detection systems. In J. Demergis (Ed.), Proceedings of 9th European Conference on Information Warfare and Security (190-200)

There are a multitude of threats faced in computer networks such as viruses, worms, trojans, attempted user privilege gain, data theft and denial of service attacks. To combat such threats, multiple lines of defence are applied to a network including... Read More about Towards a framework for the generation of enhanced attack/background network traffic for evaluation of network-based intrusion detection systems.

Framework for network IDS evaluation (2009)
Thesis
Lo, O. (2009). Framework for network IDS evaluation. (Thesis). Edinburgh Napier University. Retrieved from http://researchrepository.napier.ac.uk/id/eprint/3981

There are a multitude of threats now faced in computer networks such as viruses, worms, trojans, attempted user privilege gain, data stealing and denial of service. As a first line of defence, firewalls can be used to prevent threats... Read More about Framework for network IDS evaluation.

Who would you trust to identify you in accessing your health record?
Presentation / Conference
Buchanan, W. J., Anderson, C., Smales, A., Varga, J., Burns, N., Uthmani, O., …Lawson, A. Who would you trust to identify you in accessing your health record?

Within health and social care there is a strong need to provide access to highly sensitive information, and one which requires high levels of identity assurance. This paper outlines a joint project between Edinburgh Napier University and miiCard [10]... Read More about Who would you trust to identify you in accessing your health record?.