Robert Rowlingson

Bio: Robert Rowlingson is an academic researcher from BT Research. The author has contributed to research in topics: Cloud computing & Cloud computing security. The author has an hindex of 5, co-authored 6 publications receiving 300 citations.

A Ten Step Process for Forensic Readiness.

Abstract: A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organisation may benefit from an ability to gather and preserve digital evidence before an incident occurs. Forensic readiness is defined as the ability of an organisation to maximise its potential to use digital evidence whilst minimising the costs of an investigation. The costs and benefits of such an approach are outlined. Preparation to use digital evidence may involve enhanced system and staff monitoring, technical, physical and procedural means to secure data to evidential standards of admissibility, processes and procedures to ensure that staff recognise the importance and legal sensitivities of evidence, and appropriate legal advice and interfacing with law enforcement. This paper proposes a ten step process for an organisation to implement forensic readiness.

From Ill-defined Problems to Informed Decisions

Abstract: Decision makers such as military leaders and security analysts are increasingly being asked to make decisions on ill-defined problems. These problems may contain uncertain or incomplete data, and are often complex to piece together. Consequently, decision makers rely heavily on intuition, knowledge and experience. We argue for rich narratives that encapsulate both explicit data and implicit knowledge, supported by three levels of provenance: data, analytical and reasoning. Our hypotheses is that visual analytics tools and methods can help to provide a valuable means to make sense of these complex data, and to help make this tacit knowledge explicit, to support the construction and presentation of the decision.

Integrating Security Services in Cloud Service Stores

Abstract: Protecting systems, applications and data hosted on a Cloud environment against cyber-threats, and accounting for security incidents across the Cloud estate are prerequisites to Cloud adoption by business, and a fundamental element of both national and corporate cyber-security and Cloud strategies. Yet, Cloud IaaS and PaaS providers typically hold Cloud consumers accountable for protecting their applications, while Cloud users often find that protecting their proprietary system, application and data stacks on public or hybrid Cloud environments can be complex, expensive and time-consuming. In this paper we describe a novel Cloud-based security management solution that empowers Cloud consumers to protect their systems, applications and data in the Cloud, whilst also improving the control and visibility of their Cloud security operations. This is achieved by enhancing the security policy management of commercial technologies, and via their integration with multiple Cloud-based hosts and applications. The result of this integration is then offered as a re-usable service across multiple Cloud platforms through a Cloud service store.

Managed security service distribution model

Abstract: Whilst security budgets in the private sector have been fairly static, the public sector is being forced to scrutinize any spending. Migrating services to public or private cloud infrastructure not only requires security compliance expectations to be met, but also financial discipline. This paper proposes a solution for migrating enterprise security capabilities when adopting Cloud based infrastructures including IaaS and PaaS environments. In this paper, we demonstrate how security applications can be migrated as managed capabilities using our ‘horizontal services’ deployment framework. This approach and its associated SDK allow customers to implement and enforce security policies in private, public, or hybrid clouds. This allows customers to leverage existing licenses or simply engage more security vendors and stimulate vendor competition.

Knowledge Generation Model for Visual Analytics

Abstract: Visual analytics enables us to analyze huge information spaces in order to support complex decision making and data exploration. Humans play a central role in generating knowledge from the snippets of evidence emerging from visual data analysis. Although prior research provides frameworks that generalize this process, their scope is often narrowly focused so they do not encompass different perspectives at different levels. This paper proposes a knowledge generation model for visual analytics that ties together these diverse frameworks, yet retains previously developed models (e.g., KDD process) to describe individual segments of the overall visual analytic processes. To test its utility, a real world visual analytics system is compared against the model, demonstrating that the knowledge generation process model provides a useful guideline when developing and evaluating such systems. The model is used to effectively compare different data analysis systems. Furthermore, the model provides a common language and description of visual analytic processes, which can be used for communication between researchers. At the end, our model reflects areas of research that future researchers can embark on.

Review of Visualizing argumentation: software tools for collaborative and educational sense-making by Paul A. Kirschner, Simon J. Buckingham Shum and Chad S. Carr Springer-Verlag, 2003

Abstract: Paul A. Kirschner, Simon J. Buckingham Shum and Chad S. Carr (Eds) Published by Springer-Verlag, 2003, xxvi + 216 pages. ISBN 1–85233–664–1

Forensic-by-Design Framework for Cyber-Physical Cloud Systems

Abstract: As businesses continue to offer customers and employees increased access, improved software functionality, and continued improvements in supply chain management opportunities, it raises the risk of cyber-physical attacks on cyber-physical cloud systems (CPCS). In this article, the authors discuss the challenges associated with a CPCS attack and highlight the need for forensic-by-design, prior to presenting their conceptual CPCS forensic-by-design model. The six factors of the framework are discussed, namely, risk management principles and practices, forensic readiness principles and practices, incident handling principles and practices, laws and regulation, CPCS hardware and software requirements, and industry-specific requirements. Future research topics are also identified.