Tag Archives: blockchain

From the old to the new in tackling information security

Haydn Tarr
IT Service Development Manager
The University of Chichester
Report provided to colleagues at the University of Chichester’s IT, Library and Customer Service departments

InfoSecurity Europe Conference 2018

Overview

UCISA offer a bursary to attend conferences in fields relevant to HEI support staff. I have always held a strong interest in attending InfoSec Europe and the bursary presented a perfect opportunity to attend this year. InfoSec Europe is an annual conference which holds a strong focus on cyber security technology developments. This report will disseminate my findings from the conference and draw relevance to the University of Chichester.
InfoSec was split into two formats:
My visit to InfoSec Europe focussed on the sessions it offered and discussing these topics with other visitors concerned with cyber security. There were a number of themes which were touched on regularly.

Theme 1: Cyber security prevention and training

There are varying techniques used for protecting company data from cyber-attacks. I found at the conference that commercial organisations have mainly focussed on preventative measures, e.g. firewalls, email protection, blocking users, etc. These measures do help to mitigate the risk of data breach and infection, but paradoxically reduces this workforce’s awareness of the type of threats and techniques used by attackers to exfiltrate sensitive data.
Organisations are now becoming increasingly aware that this is no longer enough, and the focus is now on training and building awareness amongst the workforce in a bid to reduce the likelihood of a data breach by exposing potential threats to staff. A general message surfaced from the seminars I attended, which was that the workforce can be the biggest asset in preventing cyber-attacks. Some organisations harness this by raising awareness and sustaining a culture where staff are encouraged to report breaches. From the opposite end of this view, other antiquated strategies are in place to prevent the workforce from even coming into contact with potential viruses and untrusted emails in the first place.
A personal takeaway is that a balance needs to be struck between the two, in which I personally feel that the University has an advantage. I observed in other organisations that training initiatives tend to be a temporary notion. Both prevention and training are a continuous development, which will adapt with emerging security vulnerabilities.

Theme 2: Blockchain

Many tech vendors in attendance at InfoSec Europe are associating themselves with Blockchain, and building this into their research and development plans for future protection technologies. In recent months we have witnessed the rise and fall in media coverage (and value!) of Bitcoin. Blockchain, which Bitcoin transactions operate upon, is a transferrable technology which can be adapted to other types of digital transactions in making them more secure.
One technology I found interesting and could offer some value in the future was the use of Blockchain to provide an improved assurance of personal identity. By using Blockchain as a way of decentralising identity, more control can be put into the hands of the individual in how they share their information with other individuals and organisations. These parties can then have more confidence that the holder of this identity, is who they say they are. This could also offer the individual complete power in what specific information that they share throughout various online services, institutions, government portals, etc.

Theme 3: The old tricks still work

Traditional exploitation techniques such as email phishing, SQL Injection and other attacks have been used for almost two decades and are continuing to grow in adoption by adversaries. The rise of IoT (Internet of Things) is partially to blame for this as the surface area of potential vulnerabilities continues to grow. These vulnerabilities could be considered as older consumer electronics, connected to the internet but using old software and firmware, are unlikely to be updated. This becomes particularly problematic in the critical infrastructure industry where I witnessed a live hack on a maritime GPS navigation system. Bringing this back to the local environment, the necessity to maintain a patching programme across the University estate with a growing number of connected devices, has never been more critical.

The University is protected in every area on the network by various prevention solutions. Despite these, there is still a risk of infection or data loss due to persistent attacks which could circumnavigate these techniques such as email phishing or social engineering. These methods are still the oldest trick in the book, and at the University with a growing number of staff, this problem continues and is generally acknowledged throughout commercial and other organisations.

Theme 4: Artificial Intelligence and Machine Learning

These terminologies are often used to describe the next generation of learning ability in computer software. We are yet to reach the state where artificial intelligence achieves its true meaning. Machine learning, however has a big part to play in some of the advances in cyber security. Vast amounts of logging data is collected on a daily basis at the University and throughout other organisations. This logging data can be used for troubleshooting isolated technical issues and security events. Cyber security vendors are beginning to respond to this accumulation of logging data positively, by investing in machine learning R&D. Future developments could enable security technologies to learn behaviours and trends from the accumulation of collected logging data. This could help an organisation’s security posture to evolve in a more effective way to prevent and mitigate cyber-attacks. Vendors are advising that the sheer volume of data that is collected now, can be useful in the future – however, everyone needs to be mindful of GDPR.
Interviews with the keynote speakers from the conference are available along with presentations from the event.
Interested in finding out more about a UCISA bursary, then visit UCISA Bursary Scheme.

Planning to get the most out of FORCE2018

Alice Gibson
Research Publications Officer
Library & Archives Service
London School of Hygiene and Tropical Medicine

Preparations for attending FORCE2018

With under a week until I set off, I am greatly looking forward to attending FORCE2018 in Montreal as a UCISA bursary winner for 2018.
FORCE2018 is organised by FORCE11, a community of scholars, librarians, archivists, publishers and research funders that has arisen organically to help facilitate the change toward improved knowledge creation and sharing. Working individually and collectively, their aim is to bring about a change in modern scholarly communication through the effective use of information technology, and to maximise efficiency and accessibility to the communication.
I will be attending pre-conference workshops on 10th October hosted at Concordia University, including participating in Springer Nature’s roundtable discussion, to discuss metrics for open access books. From 10th – 12th October, I will be at McGill University attending sessions and presenting a poster.

Engagement

The theme of FORCE2018 is ‘engagement’, so as an attendee I wanted to set myself the task of organising an event on my return, where I can utilise the new knowledge and skills I hope to acquire while the event is fresh in my memory. The fruits of this labour will be an event for LSHTM’s extended open access week (#LSHTMopenaccessweek), running through October: our ‘Creative Commons Workshop’.
LSHTM’s Creative Commons Workshop’ builds on a blog post ‘Creative Commons outside of Academia’ that in turn expands on the poster that I will be presenting during the poster sessions at FORCE2018. My poster takes up the theme of ‘engagement’ and merges this with the intricacies of open access policies, specifically those concerning what licences scholarly works should be made available under. In doing this, I seek to suggest that encouraging active participation with projects that utilise Creative Commons licences outside of academic life can serve to demonstrate the purpose of some of the licences required within in it.

My Schedule

There are a wide range of sessions available across the three days and having been through the programme, I have already planned which ones to attend.
Of course, as a PhD student studying Philosophy and working in research support, I could not miss the opportunity to attend a talk concerning using Wittgenstein’s thought to consider how we can appeal to theory to help us overcome some of the challenges we face in scholarly communication, an event which will be happening in the morning on Thursday.
I am also particularly looking forward to attending the session run by the cofounders of Impactstory, Heather Piwowar and Jason Priem, on Friday. Their Simple Query Tool has made tasks that would be endless if done manually, straightforward and manageable in my daily role, and filled the void left by the closure of Lantern, the service that Cottage Labs ran to facilitate checking the open access status of articles.
The entire conference is full of fantastic opportunities to address my professional and personal interests and I expect some other highlights to be the workshop on blockchain in scholarly communication, the talk on open access journals in Latin America, and the workshop run by Jeroen Bosman and Bianca Kramer concerning envisaging optimal workflows.
Between all of these sessions, talks and workshops, I hope to have the opportunity to meet with some people who I have come across already in my work in open access, and to meet new colleagues and learn of innovative projects and initiatives to bring back to our team at London School of Hygiene & Tropical Medicine. As a note-making mechanism, I will record ideas and resources that I come across throughout the conference on the online tool, Padlet, which will be available for anyone to read here.
On a more personal note, I am very excited to explore the city having never been to Montreal (or Canada) before, and intend to make the most of the wonderful opportunity made available to me.
Interested in finding out more about a UCISA bursary, then visit UCISA Bursary Scheme.

Bitcoin: trust and technology


 

 

 

 

Ed Stout
Support Services Manager
Leeds Beckett University 

EUNIS 2017

Ed Stout was funded to attend this event as a 2017 UCISA bursary winner

The final keynote session of the EUNIS 2017 conference from Nikolas Guggenberger, RWTÜV Foundation Assistant Professor of IT Law at University of Münster School of Law, took on an interesting look at ‘Trust by technology from a legal perspective’ in the form of a deeper investigation into public Blockchain, the technology behind crypto-currencies such as Bitcoin. Very early in the presentation, Nikolas had us asking ourselves “what causes us to trust something or someone?” which seemed quite an intriguing question as it isn’t one that I had particularly spent time thinking about before. My initial thought was simply that it is something I personally build through experience but is that really an option in the anonymous world of virtual currencies?

Nikolas gave a number of us less educated on the workings of public Blockchain, an insight into what it is and how it functions. Blockchain is a distributed, decentralised database, which particularly came into the public domain since the origin of the most successful crypto-currency, Bitcoin. It uses maths, cryptography and a network of distributed users (PCs) to ensure the authenticity of a transaction that can be verified by the whole community. The members of the community that verify this authenticity can take a small transaction fee for playing their part in the process (this is known as mining).

 

 

 

 

 

 

 

The huge potential of a public Blockchain is yet to be fully unlocked but the principle in use removes the need to trust third parties such as banks during transactions and instead relies on the trust of the Blockchain itself. The scope of trust by Blockchain was illustrated by Nikolas in the diagram below:

 

 

 

 

 

 

 

Nikolas offered us a very interesting insight into the potential of Blockchain and some of the legal considerations from his professional view point. It became evidently clear that there is a huge scope for benefits to be realised beyond that currently using Blockchain and that these could become a standard in our future. I found it a highly interesting keynote and one to investigate further in the coming weeks and months.

This blog post first appeared on http://www.edstout.co.uk/2017/06/27/day-3-reflections/

Interested in finding out more about a UCISA bursary, then visit UCISA Bursary Scheme.

UK vs. US HE – Blockchain and student engagement

liz_ellis

 

 

Elizabeth Ellis
Product Development Manager
Learning Innovation, Learning and Teaching Solutions,
The Open University

Cross-pond impressions from EDUCAUSE 2016

EDUCAUSE 2016 in Anaheim was a really valuable and thought provoking experience, especially as a stranger in a strange land.  I’ve wanted to attend this conference for a long time – having been to ALT C a number of times and attended EDEN, this felt like it would provide me with a trifecta. Because of my role as a product development manager in Technology Enhanced Learning Innovation, I often find myself with a foot in both the technology camp and the pedagogy camp of learning and teaching (I don’t actually think they’re camps – I think they’re symbionts and crucial to students being successful in their higher education careers, but I digress).

I have attended other US-based conferences, and it’s always a bit of a culture shock. The sheer scale of EDUCAUSE was quite unnerving: 8000 colleagues from 1800 institutions across 46 countries. The queue for lunch was terrible.

The conference hashtag provided an invaluable backchannel for discussion and arguments, and is worth a visit (#EDU16). If you would like to see the day by day account of my experience, then do feel free to grab my notes. But this article is more a personal reflection on the three things that stood out for me from EDUCAUSE – where the US Higher Education sector is ahead, where the UK Higher Education sector is ahead, and where we are about level.

Where the US Higher Education sector is ahead

One of the most attended and talked about sessions was on ‘Why the blockchain will revolutionise credentials’. One of the speakers was Chris Jager from Learning Machine. A transcript is available from the link.

It struck me that the presentation and ensuing conversation about blockchain certifications was far more developed than the conversations that have happened locally to me at The Open University, or from what I have gathered in the UK sector. The work that the Knowledge Media Institute at the OU has been doing on blockchain is still in the realms of research and innovation, whereas the HE sector in the US appears to be already beginning to tackle the cultural shifts of implementation. The temperature on blockchain credentials in the sector is still lukewarm in places, with some claiming there is a fear that giving students control of their credentials may undermine those credentials. A more mercenary view is that HEIs are loathe to transition to blockchain certification as there is a market for transcripts and money to be made when students request theirs.

MIT’s Open Standards for Blockchain Certificates are being used, and the advent of interoperable standards represents a shift from idea to reality, and a new infrastructure of trust between students, institutions and employers. This is interesting when compared with criticism of the Open Badges movement, which employers have been fairly sceptical about. UK HEIs have made more use of badges, but predominantly in informal learning spaces or for soft skills.

Blockchain certification could be more compelling within the US HE sector, by virtue of its legacy of for-fee qualifications, and also the high degree of transfer between community, state and private colleges.

In the UK, with the recent advent of tuition fees, the onus has perhaps been less for more mainstream HEIs. However, The Open University has always charged a fee, and is also seeing an increase in student transfers both in and out of the institution. OU students are also more unconventional in routes through education and employment, and blockchain certifications could be a valuable string to the University’s bow.

In an article in the Times Higher Education magazine, Martin Hall points out that blockchain certifications ‘could be an effective way of providing Britain’s Advanced Apprenticeships, for which components of the programme have to be delivered by a number of organisations’. (THE, 28 November 2016)

In The Open University’s Innovating Pedagogy 2016 horizon scan, Blockchain has been identified as High Impact but with a long timescale (4 plus years). The US feels ahead in this particular game.

Full disclosure: I have become borderline obsessed with student engagement, partnership and co-creation this year. I have been co-administering and organising a student consultation and engagement panel, running Hack Days to get students involved in future developments, and generally trying to find ways to not only give our students more direct access to the creation of learning and teaching content and tools, but also to give the Open University’s academic and academic related staff more direct access to students eager to be involved in practical ways.

My colleague David Vince and I published a paper on our work on this in September, outlining our approach to involving students in Technology Enhanced Learning Innovation, referring to the key frameworks that underpin ‘student as partners’ and ‘students as change agents’ in UK HEIs, from Jisc, the Higher Education Academy, and covered in the Teaching Excellence Framework.

‘The Teaching Excellence Framework (TEF) is a catalyst to rethink the role of the student in modern Higher Education Institutions. The Higher Education Academy in the selection criteria for the National Teaching Fellowship defined personal excellence as ‘evidence of enhancing and transforming the student learning experience’ (HEA, 2015).

Part of teaching excellence should therefore be the proactive engagement of students in matters relating to their learning experience, beyond assessment outcomes. More recently within the higher education sector, engagement initiatives such as ‘students as partners’ and ‘students as change agents’ have emerged.

Students as partners is characterised by active student engagement and collaboration ‘[…] in which all involved – students, academics, professional services staff, senior managers, students’ unions and so on – are actively engaged in and stand to gain from the process of learning and working together. Partnership is essentially a process of engagement, not a product. It is a way of doing things, rather than an outcome in itself.’ (Healey et al., 2014)

Students as change agents sees students being actively involved in the change process. In 2015, Jisc launched the ‘Change Agents’ Network’ which is a ‘highly active community of staff and students working in partnership to support curriculum enhancement and innovation’. (Jisc, 2015)’

In two sessions during the conference where I would have expected a robust argument for the involvement of students in the design and implementation of educational technology, there was no mention from presenters, and even the floor seemed largely truculent about the idea when it was brought up.

Design Thinking Process: Edtech Adoption’, an otherwise useful session from Edsurge, didn’t refer at all to the importance of testing new tools and technologies with students in implementation, much less involve them during ideation.

It was a similar experience in the ‘Trends Spanning Education’ session, despite having a great quote – ‘Democratisation of education innovation, it’s starting to happen with people rather than to people’ – people in this sense appeared to be academic and institutional staff rather than students.

Several comments that emerged during out of conference conversations and the Twitter backchannel featured the kneejerk reaction of students not knowing what they need, a conversation that has evolved now in the UK to understanding the balance between need, want and institutional responsibility towards them.

Some US colleagues talked about consultancy processes that include students, but there does not appear yet to be the drive to formalise student partnership as an approach. The emphasis is on institutional collaboration and partnership for student success, rather than partnership in the sense of student engagement as co-creators and co-owners of their learning experiences.

Where the UK and US Higher Education sectors are about level

Almost as soon as I hit the pre-meetings and the Twitter backchannel at EDUCAUSE the term NGDLE started to permeate. Not a new term, certainly, but Next Generation Digital Learning Environments as a concept suddenly seemed to be everywhere. And then I returned home and almost immediately fell in with an online consultation activity being coordinated by Lawrie Phipps, senior co-design manager at Jisc, using a combination of Twitter and blogs, on what NGDLEs and by extension co-creation could mean for the future of learning and teaching.

It also corresponds closely with my work, which is focused heavily on digital learning environments, as well as student engagement in learning and teaching tools and platforms development.

The UK and US higher education sectors appear to be level on this concept, as the discussion moves further way from current vendors and current platforms and tools, and more towards the use of technology in its purest sense for the furthering of learning and teaching, and how students are both key users and contributors in that space.

The key questions for me around this important and innovative concept are:

  • What does next generation mean for online and distance education, and what does it require of it?
  • How can NGDLEs be a vehicle for the best parts of online and distance education: the open web, co-creation, student engagement, technology, and digital capability?
  • What does student success look like in a NGDLE?
  • What do NGDLEs signify about innovation in online education?
  • How is the Teaching Excellence Framework creating a space for NGDLEs and how is it restricting it?

None of which I have any answers for yet, but I’m enjoying the conversation, and it’s allowing me the space to stop and consider the opinions of colleagues, the layering of experiences over my own, and generally the ongoing realisation of that best part of attending conferences: being part of a community.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

A version of this blog post originally appeared on the Learning Innovation blog