We conduct world-class research into all areas of information and cyber security and boasts a world-leading group of academics and industrial contacts.
Our research profile takes advantage of the group's interdisciplinary nature to tackle major challenges in many different areas of information security. Our current research interests include, but are not limited to, the following areas:
- Cryptography and its applications
- Security of systems and technologies
- The application of socio-technical and organisational theory to cyber security
- The application of economics and game theory to cyber security
- Smart cards, tokens and IoT Security
- Critical infrastructure protection
- Authentication, identity management and authorisation
Information Security Group
The research of the Information Security Group led to Royal Holloway being recognised as an original Academic Centre of Excellence in Cyber Security Research (ACE-CSR) in Cyber Security. There are now 17 ACEs in the UK, forming part of the Government’s National Cyber Security Strategy, which is making the UK the safest place to be online and helping to support the country’s thriving digital economy.
The ISG has more than 15 permanent research-active members of academic staff, a number of distinguished visiting professors and consultants, as well with as a large group of postdoctoral research assistants and a large PhD research student community. Our visiting professors and consultants include:
- Professor Whitfield Diffie, co-inventor of public-key cryptography
- Professor Paul Dorey, co-founder of the Jericho forum
- Professor Dieter Gollmann, co-founder of the ISG
- Professor Fred Piper, former Director and co-founder of the ISG
- Professor Richard Walton, former Director of CESG
This exciting research environment is supported by a range of research seminars and working groups. We also boast exceptional research facilities, including the dedicated Smart Card Centre, initally formed as a joint venture between Giesecke and Devrient, Vodafone and Royal Holloway in October 2002, and ASECOLab, which opened in 2012 to study how game theory, economics and algorithmic complexity can be used to develop novel security technologies.
Our breadth of coverage, coupled with our size, distinguished educational and academic track record, and long-standing and deep engagement with industry, makes the ISG a unique research group in the UK. The research tradition of the ISG was validated in an ESPRC review of mathematical sciences in the UK which stated that 'UK researchers remain world leaders in information security (Royal Holloway)'.
For a more detailed overview of our research, see the ISG Research White Paper.
Systems and Software Security Research Lab
The Systems and Software Security Research Lab (S3 Lab) was founded in June 2018.
The research carried out in the lab focuses on devising novel techniques to protect systems from a broad range of threats, including those perpetrated by malicious software. In particular, we aim at building practical tools and provide security services to the community at large. Our research, kindly sponsored by the UK Engineering and Physical Sciences Research Council (EPRSRC) and the European Union's Horizon 2020 (H2020) Research and Innovation programme, crosses the boundaries of a number of different Computer Science related topics, such as operating systems, computer architecture, program analysis and machine learning, making our challenging journey always exciting.
The Smart Card and Internet of Things Security Centre
We have our own dedicated research centre, the Smart Card and IoT Security Centre. This centre (previously known as the smart card centre) was founded in 2002 as a world-wide centre of excellence for training and research into security issues associated with smart cards, tokens and mobile devices. Topics studied with the group now include Radio Frequency ID (RFID), Near Field Communication (NFC), mobile devices and general embedded/ implementation system security. As research activity also focuses on devices with relatively limited processing and memory resources but with direct network connectivity – the Internet of Things (IoT) – the group’s name changed to “The Smart Card and Internet of Things Security Centre” in December 2015.
Centre for Doctoral Training in Cyber Security
The Centre for Doctoral Training in Cyber Security (CDT) at Royal Holloway was established in 2013, with funding from the UK Engineering and Physical Sciences Research Council (EPSRC) and the Department for Business, Innovation and Skills. The CDT's main objective is to develop a cohort of highly-trained researchers with a broad understanding of cyber security, and an appreciation of the increasingly important interplay between theoretical, technical and human factors in this field.
The establishment of Centres for Doctoral Training in Cyber Security is one of a number of recent initiatives supported by the UK Government as part of the UK Cyber Security Strategy, which states that one of the fundamental goals for the UK is “to have the cross-cutting knowledge, skills and capability it needs to underpin all our cyber security objectives". A specific aim of the CDT programme is to increase the number of doctoral-level cyber security professionals with a breadth of skills relevant to the national need.