Identity-based encryption (IBE) was first proposed by Adi Shamir over 25 years ago, developed by Dan Boneh and Matt Franklin in one scheme, and Clifford Cocks in another. If these names don't mean much to you, Adi Shamir is the S in RSA (Rivest and Adleman being the R and ... Read More

I'm constantly amazed at how little strategy there is in most organisations. It doesn't matter how big or how small, I have rarely come across an organisation that has a fully joined up security strategy, which makes sense.If you think you are one of these people, please set me straight, ... Read More

No sooner do I start up on the old blog again than Mike pitches in and pushes me off my training wheels. Thanks Uncle Mike. No, I'm not really being a whining limey/pom bastard or whatever you call us these days. But Mike, you aren't in the UK, and, with ... Read More

I think so, for a number of reasons:The Government is handing down mandates.After a number of high profile incidents, including an MoD laptop left on a train, the rules are being tightened across government departments. Despite the NHS being told that they have to strip budgets back to the bare ... Read More

Always good to pad out a post with a bit of Wikipedia:De facto is a Latin expression that means 'concerning fact'. Inlaw, it is meant to mean 'in practice but not necessarily ordained by law' or 'in practice or actuality, but without being officially established'.Basically, it's stuff which happens because ... Read More

I once heard someone describe network tools as 'pitchforks in sheds' - the basic premise being that although the tools themselves were all incredibly useful, without someone to use them, they are essentially useless.I've looked at a lot of security tools in my time, and have seen some great ones ... Read More

I had an interesting security conversation today, about network architecture. Hmm... don't run away just yet.I think we'd all be agreed that it is safest to put your production networks away from your testing networks, and to make sure the data in your test areas is not live sensitive data ... Read More

It's funny, I keep getting invited to dinners, phone calls, webinars, etc... by people who have done surveys, created documents, got an expert in, etc... and I keep on politely turning things down. Not because I don't want to speak to people, far from it, I'd love to talk all ... Read More

I had lunch a couple of months back with David Lacey, one of the thought leaders of the Jericho Forum, (who I STILL think have the right idea, in case anyone was wondering). We talked about literally hundreds of different topics, but one which has stuck in my mind was ... Read More

I've been ignoring the usual slew of mails I get telling me that RSA Europe is just around the corner, not because I don't care about the shows any longer, but because I can't see myself going this year due to work commitments. Not that I don't want to go ... Read More