Advancing development in information security and management
Over 50 professionals from the IT sector heard the presentations by Dr Cheng Lee-ming of the Department of Electronic Engineering (EE), and Dr Liu Wen-yin and Dr Kwok Lam-for of the Department of Computer Science (CS). The forum demonstrates that CityU researchers are making valuable contributions to information security and management in Hong Kong. The aims of the forum, which was organized by CityU’s Technology Transfer Office (TTO), were to promote information security projects currently underway at CityU and create a platform for communication between industry and the University.
“The technology transfer process of our applied research projects will not be complete without your participation,” said Mr H Y Wong, TTO Director, kicking off the forum. He encouraged collaboration from the industry sector to help fine-tune university research projects to the needs of society.
In his presentation, Dr Cheng introduced the technological capabilities and ongoing projects undertaken at the Smart Card Design Centre, which he heads. The Centre is funded by the HKSAR government to support local industry on chip operating systems, crypto-engines and smart card technologies. The Centre is housed at CityU.
Citing RFID as a significant technology to enhance IT security, Dr Cheng introduced a RFID reader development project. The Centre has obtained $5 million from the Innovation and Technology Fund to work on in collaboration with the CityU’s Research Centre of Wireless Communication.
Dr Cheng, an EE associate professor with special research interests in systems integrity and security, has obtained six patents and has five patent applications awaiting approval. He is also the CEO of MaCaPS International Ltd, a subsidiary company of CityU that specializes in smart card design and security applications.
In his talk, Dr Liu discussed common tricks used in fake webpages to “steal” personal information and a system he has devised to tackle such activity. These tricks, he said, are known as “phishing”. He has devised an anti-phishing system which runs on a local email server and monitors emails with keywords and suspicious URLs. The system then compares the potential phishing sites against the genuine ones and assesses visual similarities between them in terms of key regional, page layout and overall style. The system had been designed as part of an enterprise anti-phishing solution, Dr Liu said.
Since phishing is increasing at an astonishing speed, he encouraged the audience to report any suspicious sites to him at report@antiphishing.cs.cityu.edu.hk
An assistant professor of CS, Dr Liu was awarded the International Conference on Document Analysis and Recognition Outstanding Young Researcher Award by the International Association for Pattern Recognition. He is a senior member of IEEE.
In his presentation entitled “Information Security: Whose Responsibilities?”, Dr Kwok discussed the challenges faced by the business sector today operating in an increasingly global and complicated IT environment. He said: “It is always important to ask the question, what do we want, business or security?”
Drawing reference to recent incidents of data leakage in the local community, he said information security is not only a technical problem but also a management problem. He urged companies to treat information security as a board-level issue and to build an organizational information security model to integrate and facilitate all information security management activities.
An associate professor of CS, Dr Kwok obtained his Ph D in Information Security from the Information Security Research Centre, Queensland University of Technology, Australia. His research interests include information security models for risk analysis and web-based learning.