Rastrick Grammar School (1962-69). Salford University (1969-1976)
BSc (Hons) Chemistry, PhD (Physical Chemistry)
VSO teacher in Ghana (76-78). Manchester University Regional Computer Centre (78-80), Shell UK (80), Salford University (80-2004), University of Kent (04-now)
Professor of Information Systems Security
University of Kent, Canterbury
Favourite thing to do in my job: Talking to people all over the world via the Internet
I am an early Internet pioneer, and was developing Email and File Transfer programs before the Internet was invented.
I am a grandfather with 3 daughters and 3 small grandchildren, with another granddaughter due later this year. My wife and I live in Kent, which is hundreds of miles away from our families, so we regularly do 500 mile journeys to see them all (not good for the environment I know, but video conferencing just isn’t the same as actually being with your grandchildren:-).
I love computer science, which is why, when I reached 65, I did not fully retire. I now work 2 days a week on research projects, which center around Internet security and privacy.
I am a keen cyclist and rode from Paris to Canterbury as part of the University’s 50th anniversary. I also rode the London-Surrey 100 mile ride a few years ago. This year I will be attempting the more modest 60 mile Kent Castle ride for Action Medical Research.
I also enjoy skiing in the Alps. The scenery is spectacular.
At home I like growing my own fruit and vegetables, and singing in the church choir.
Developing user friendly Internet security and privacy systems
You are obviously wondering why I am in the relationship zone, as I am not a psychologist, but rather a computer scientist. The answer is simple. Many of our relationships today take place over the Internet, in chat rooms, on social media like Facebook, and not face to face in the physical world. This causes us many problems. One of them is that you often do not know who you are talking to electronically, as people can lie about their names, ages, gender, etc. This is the problem that my research is attempting to solve.
My research centers around designing systems and software for improving the security of the Internet. This work involves sociologists, psychologists, economists as well as computer scientists. I am currently working with the World Wide Web Consortium (W3C) to standardise Verifiable Credentials, the subject of my talk with you.
Verifiable Credentials are the electronic equivalent of the plastic cards you carry around in your wallet today, such as a bus pass, student ID card, driving license, bank card etc. In the future, you will be able to carry Verifiable Credentials around on your mobile phone, and present them electronically whenever you are asked for them. Verifiable Credentials offer you a lot of advantages over plastic cards, such as: more secure, privacy preserving, less bulky, more difficult to steal (I will describe more about their advantages during the next two weeks).
Below are some screen shots from my mobile phone for a demonstration system that we built for the NHS. These show the use of a Verifiable Credential to access a NHS hospital system in order to book and cancel appointments and re-order repeat prescriptions. It is obviously vitally important that the hospital knows who is accessing the system, as it would not want you to get someone else’s prescription drugs, or vice versa.
The first step is to register your phone with the NHS, and to get the Verifiable Credential installed on your phone.
This is the registration screen, in which you register with the NHS to get an “NHS Patient” Verifiable Credential onto your mobile phone. You have to provide your NHS number and a one time password that was sent to your home in a letter from the NHS.
In order to register your phone, you have to prove that you are the owner of the phone, and that your phone has not been stolen. This is done via the phone’s fingerprint reader, shown above.
Now the NHS asks you to confirm that you want to add your “NHS Patient” credential to your phone, as shown below.
Once you have your NHS patient credential on your phone, it is envisaged you will be able to use it to login to any NHS web site, or in fact, any European Health site, as this credential could replace the plastic EHIC cards that we currently have to take with us on holiday in Europe.
Below is a screen shot from the login screen of a University Hospital Southampton demonstration app that we built. When you click on Patient Sign In, you will not be asked for a username and password, but rather for your NHS Patient credential….
as shown in the screen shot below:
You will again have to swipe your fingerprint on the phone, to confirm that it is you accessing the hospital system, and not someone who has stolen your phone.
Now you have secure access to the hospital system, as you have proved that you are a genuine NHS patient. Note that you did not tell the hospital your name, your age or any other personal details. You just confirmed that you are an NHS patient, which is all that was needed in this demostration. If the NHS had wanted you to confirm any other personal details, such as your NHS number, then they would have asked for these Verifiable Credentials as well.
I look forward to answering your questions about how Verifiable Credentials can help you in your online relationships.
My Typical Day
Eat, work, play, sleep. Repeat.
My typical day always consists of processing incoming emails (I usually get over 100 a day, but many of these are Spam and unwanted junk email that need to be deleted).
I might then have a meeting with my research staff to review their progress.
On one day a week I have a teleconference with the W3C Verifiable Credentials working group during which we progress our standardisation work.
At least one day a week I have a video conference with a group of researchers throughout Europe who are working on an EC Horizon 2020 security project with me.
Since I now only work part time, I typically work for 2 or 3 hours each day (usually 7 days a week) but some days for considerably longer (up to 12 hours if I am away at a meeting).
What I'd do with the prize money
Paying for school kids to travel to the university
I know that schools are desperately short of money. So if I won the prize I would use it to pay for the transportation costs of school pupils to the University, so that they could look around our department, and the university, and see how science is working in real life. We could arrange this adjacent to an Open Day, when many demonstrations have already been set up to attract sixth formers to apply to the university.
How would you describe yourself in 3 words?
Old, fortunate, ex-hippie
What's the best thing you've ever done in your career?
Switched from Chemistry to Computing after my PhD
What or who inspired you to follow your career?
Nobody. I just loved writing programs. It was like playing chess everyday.
What was your favourite subject at school?
What did you want to be after you left school?
Were you ever in trouble at school?
Lots of times. I got suspended just before my A Levels.
If you weren't doing this job, what would you choose instead?
Engineering or perhaps Law
Who is your favourite singer or band?
Pink Floyd followed by Jimi Hendrix
What's your favourite food?
Thai Green Curry
What is the most fun thing you've done?
250 mile charity bike ride in India where I met my wife
If you had 3 wishes for yourself what would they be? - be honest!
Good health, long life, instantaneous travel
Tell us a joke.
This one is OK for here. "Why was the sand wet?" Ans. "Because the seaweed"