Ross J. Anderson (professor)
   HOME

TheInfoList



OR:

Ross John Anderson (born 15 September 1956) is a researcher, author, and industry consultant in
security engineering Security engineering is the process of incorporating security controls into an information system so that the controls become an integral part of the system’s operational capabilities. It is similar to other systems engineering activities in tha ...
. He is Professor of Security Engineering at the Department of Computer Science and Technology, University of Cambridge where he is part of the University's security group.


Education

Anderson was educated at the High School of Glasgow. In 1978, he graduated with a Bachelor of Arts in mathematics and
natural science Natural science is one of the branches of science concerned with the description, understanding and prediction of natural phenomena, based on empirical evidence from observation and experimentation. Mechanisms such as peer review and repeatab ...
from the University of Cambridge where he was an undergraduate student of Trinity College, Cambridge, and subsequently received a qualification in
computer engineering Computer engineering (CoE or CpE) is a branch of electrical engineering and computer science that integrates several fields of computer science and electronic engineering required to develop computer hardware and software. Computer engineers ...
. Anderson worked in the avionics and banking industry before moving back to the University of Cambridge in 1992, to work on his doctorate under the supervision of Roger Needham and start his career as an academic researcher.Curriculum Vitae – Ross Anderson
May 2007
He received his PhD in 1995, and became a lecturer in the same year.


Research and career

Anderson's research interests are in security, cryptology, dependability and technology policy. In cryptography, he designed with Eli Biham the
BEAR Bears are carnivoran mammals of the family Ursidae. They are classified as caniforms, or doglike carnivorans. Although only eight species of bears are extant, they are widespread, appearing in a wide variety of habitats throughout the Nor ...
,
LION The lion (''Panthera leo'') is a large Felidae, cat of the genus ''Panthera'' native to Africa and India. It has a muscular, broad-chested body; short, rounded head; round ears; and a hairy tuft at the end of its tail. It is sexually dimorphi ...
and Tiger
cryptographic Cryptography, or cryptology (from grc, , translit=kryptós "hidden, secret"; and ''graphein'', "to write", or '' -logia'', "study", respectively), is the practice and study of techniques for secure communication in the presence of adve ...
primitives, and co-wrote with Biham and Lars Knudsen the
block cipher In cryptography, a block cipher is a deterministic algorithm operating on fixed-length groups of bits, called ''blocks''. Block ciphers are specified cryptographic primitive, elementary components in the design of many cryptographic protocols and ...
Serpent Serpent or The Serpent may refer to: * Snake, a carnivorous reptile of the suborder Serpentes Mythology and religion * Sea serpent, a monstrous ocean creature * Serpent (symbolism), the snake in religious rites and mythological contexts * Serp ...
, one of the finalists in the Advanced Encryption Standard (AES) competition. He has also discovered weaknesses in the FISH cipher and designed the stream cipher
Pike Pike, Pikes or The Pike may refer to: Fish * Blue pike or blue walleye, an extinct color morph of the yellow walleye ''Sander vitreus'' * Ctenoluciidae, the "pike characins", some species of which are commonly known as pikes * ''Esox'', genus of ...
. Anderson has always campaigned for computer security to be studied in a wider social context. Many of his writings emphasise the human, social, and political dimension of security. On online voting, for example, he writes "When you move from voting in person to voting at home (whether by post, by phone or over the internet) it vastly expands the scope for vote buying and coercion", making the point that it's not just a question of whether the encryption can be cracked. In 1998, Anderson founded the
Foundation for Information Policy Research The Foundation for Information Policy Research is a UK-based think tank that studies the interaction between information technology and government, business and civil society. It has been described by academics as "the leading think-tank on inform ...
, a think tank and lobbying group on information-technology policy. Anderson is also a founder of the UK-Crypto mailing list and the
economics of security The economics of information security addresses the economic aspects of privacy and computer security. Economics of information security includes models of the strictly rational “homo economicus” as well as behavioral economics. Economics of se ...
research domain. He is well-known among Cambridge academics as an outspoken defender of academic freedoms, intellectual property and other matters of university politics. He is engaged in the "Campaign for Cambridge Freedoms" and has been an elected member of Cambridge University Council since 2002. In January 2004, the student newspaper '' Varsity'' declared Anderson to be Cambridge University's "''most powerful person''". In 2002, he became an outspoken critic of trusted computing proposals, in particular Microsoft's Palladium operating system vision. Anderson's TCPA FAQ has been characterised by IBM TC researcher David R. Safford as "full of technical errors" and of "presenting speculation as fact." For years Anderson has been arguing that by their nature large databases will never be free of abuse by breaches of security. He has said that if a large system is designed for ease of access it becomes insecure; if made watertight it becomes impossible to use. This is sometimes known as ''Anderson's Rule''. Anderson is the author of ''Security Engineering'', published by Wiley in 2001. He was the founder and editor of ''Computer and Communications Security Reviews''. After the vast
Global surveillance disclosure Global means of or referring to a globe and may also refer to: Entertainment * ''Global'' (Paul van Dyk album), 2003 * ''Global'' (Bunji Garlin album), 2007 * ''Global'' (Humanoid album), 1989 * ''Global'' (Todd Rundgren album), 2015 * Bruno ...
leaked by
Edward Snowden Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
beginning in June 2013 Anderson suggested one way to begin stamping out the British state's unaccountable involvement in this NSA spying scandal is to entirely end the domestic secret services. Anderson: "Were I a legislator, I would simply abolish MI5". Anderson notes the only way this kind of systemic data collection has been made possible was through the business models of private industry. The value of information-driven web companies such as Facebook and Google is built around their ability to gather vast tracts of data. It was something the intelligence agencies would have struggled with alone. Anderson is a critic of
smart meter A smart meter is an electronic device that records information such as consumption of electric energy, voltage levels, current, and power factor. Smart meters communicate the information to the consumer for greater clarity of consumption beha ...
s, writing that there are various privacy and energy security concerns.https://www.fipr.org/100110smartmeters.pdf


Awards and honours

Anderson was elected a Fellow of the Royal Society (FRS) in 2009. His nomination reads: Anderson was also elected a Fellow of the Royal Academy of Engineering (FREng) in 2009. He is a fellow of
Churchill College, Cambridge Churchill College is a constituent college of the University of Cambridge, England. It has a primary focus on science, engineering and technology, but still retains a strong interest in the arts and humanities. In 1958, a trust was establish ...
.


References

{{DEFAULTSORT:Anderson, Ross J. British technology writers Modern cryptographers Fellows of the Institute of Physics Fellows of Churchill College, Cambridge Computer security academics Copyright scholars Alumni of Trinity College, Cambridge Members of the University of Cambridge Computer Laboratory Living people Fellows of the Royal Society 1956 births People from Sandy, Bedfordshire