Alexander Hicks Wins ACE-CSR Pitch Competition

We are delighted to announce that Alexander Hicks recently won the PhD student pitch competition at the annual ACE-CSR conference. Hicks’s winning pitch was on the topic of his research into verifiable auditing of access to confidential data.

The Academic Centres of Excellence in Cyber Security Research (ACE-CSR) scheme continues to play a key role in the Government’s approach to maintaining and enhancing the UK’s reputation as a global leader in cyber security research. The annual conference provides a platform for Government, its delivery partners and researchers in the field of cyber security to discuss and augment their joint work to enhance the UK’s academic capability in all areas relating to cyber security.

Alexander Hicks, who is in the second year of his PhD supervised by Dr. Steven Murdoch, is part of the Information Security research group within UCL Computer Science. His current work is related to evidence and systems that produce evidence. “My research in evidence is related to building transparent and accountable systems, “said Hicks. “This is of particular importance for systems that involve many parties and components, such as human decisions and actions that cannot always be constrained or trusted.”

“The usual goal in security is to build systems that avoid failure in the first place, but that isn’t always realistic. Systems that produce evidence handle the problem by improving transparency and making sure the right parties are liable for failures, which also disincentivises causing failures."

Hicks’s pitch focused on recent work, a system named VAMS that allows verifiable auditing of access to confidential data. The sharing of personal data has the potential to bring substantial benefits both to individuals and society, but these can be achieved only if people have confidence their data will not be used inappropriately. The VAMS system produces evidence of some data being requested and allows data requests to be audited by a general auditor, as well as individuals, who can check how their own data is requested. Auditors can also produce statistics that can be released in a manner that preserves privacy and allows them to be publicly verified. The result is that it is no longer necessary for individuals to trust those requesting the data, those providing the data and those auditing data requests, as each step can be publicly verified.

“We designed this system with two motivational examples in mind. The first of these was law enforcement access to telecommunications data, which I focused on during my pitch at the conference. The second is access to medical records. The system is flexible, so it could be applied to other forms of data sharing.”

Please join us in congratulating Alexander for this prestigious recognition!

You can read Alexander’s full biography on his personal page here.

Read the paper pre-print online here (joint work with Vasilios Mavroudis, Mustafa Al Bassam, Sarah Meiklejohn and Steven Murdoch), for further information on the VAMS system. There is also a blog post here.

Find out more about ACE-CRS here.