Dennis Longley

POSITION: Emeritus Professor Information Security Institute Queensland University of Technology.
QUALIFICATIONS: 
1953 BSc(Hons) Physics (Manchester)
1963 MSc(Tech) UMIST
1967 PhD Leicester
1975 Ceng
 
PROFESSIONAL MEMBERSHIPS:
FIET (Fellow Institute of Engineering and Technology (UK)
PROFESSIONAL EXPERIENCE:
2002 Visiting Professor - Department of Computer Science City, University of Hong Kong
2001 Visiting Professor - Department of Computer Science City, University of Hong Kong
2001 - Present Emeritus Professor & Adjunct Professor - School of Software Engineering and Data Communications,  Queensland University of Technology
1997 – 2001 Professor - Information Security Research Centre, Queensland University of Technology
1996 - 1997 Director Information Security Research Centre, Queensland University of Technology
1984 - 1995 Dean - Faculty of Information Technology, Queensland University of Technology
1970 - 1984: Head - Department of Computing and Cybernetics, Brighton Polytechnic.
1967 - 1970 Lecturer - Leicester University.
1959 - 1967 Lecturer - Loughborough University of Technology.
1958 - 1959 Engineer - English Electric - Whetstone.
1957 - 1958 Engineer - Armstrong Siddeley Motors - Coventry.
1953 - 1957 Flying Officer - Tech/Sigs Branch RAF.
 
DATA SECURITY ACTIVITIES:
CONSULTANCY AND RESEARCH
Date Details of Consultancy
1985-1987 Development of an Expert System to seek security loopholes in a cryptographic network; in conjunction with ERACOM and supervision of a Master's degree on this topic
1986 Consultancy study of key management in a proposed Australian Banking EFT Network
1987 Consultancy study of proposed Secure Unix Development
1988 Consultancy study of Golden Casket Cryptographic Key Management System
1988-1989 Consultancy study of security of Royal Hong Kong Jockey Club EFT Network
1990 Consultancy study of security of Royal Hong Kong Jockey Club secure terminal system
1991-1992 Consultancy study for security of cryptographic module (Australian Bank)
1992-1993 Consultancy study of Royal Hong Kong Jockey Club networks security
1992 Consultancy study for risk analysis in Sparkassen Organisation, Germany
1992 Consultancy standard on key management standards for Royal Hong Kong Jockey Club.
1991-1992 Consultancy study for Golden Casket terminal system
1993-1994 Consultancy study on key management in a Royal Hong Kong Jockey Club Network
1993-1994 Consultancy study on security in an object oriented environment for Sparkassen Organisation, Germany
1993-1994 Consultancy study of security in gaming networks for NSW Government, with CSMP&F
1994-1995 Consultancy study on smart card and secure terminal
1995-1996 Consultancy study on Microsoft Office Products Security for Sparkassen Organisation, Germany
1995-1996 Coordinator for Information Security Short Course Program offered by ISRC to Attorney General’s Department, Canberra
1995-1996 Consultancy study on smart card security for Pan Malaysian Pools, Kuala Lumpur
1995-1996 Consultancy study on Internet Banking for Advance Bank
1995-1996 Consultancy study on Internet Banking for Commonwealth Bank
1995-1996 Consultancy study on risk management for Comalco Smelting
1996 Consultancy study on Firewalls for Queensland Treasury
1996 Consultancy study on network security for CITEC
1996-1997 Consultancy study on key management for Austraclear
1997 Consultancy study on organisational security for Powerlink
1997 Consultancy study on Network Security for Queensland TAB
1997 Consulancy study of Internet Home Loan Application Scheme for Metway/SunCorp Bank
1997 Consultancy study of proposed Internet Scheme for Queensland Cotton.
1998 Consultancy study of Internet Banking Scheme for St Georges Bank.
1998 Consultancy study to develop IT Strategic Plan for Hong Kong Futures Exchange
1998 Consultancy study to Northern Territory Gaming Board on network security for on line gaming – subcontracted by Ernst and Young
1998 Consultancy study to ACT Government on security of on line gaming – subcontracted by Ernst and Young.
1998 Consultancy study to Westrail on security of TCP/IP protocols.
1999 Consultancy to Rabbobank Sydney on Information Security Policy.
1999 Development of a Discussion Paper on  PKI in the Hong Kong Jockey Club.
1999 Consultancy Study to Hong Kong Jockey Club on development of Enterprise and Betting System Security Architecture
2001 Consultancy Study on Smart cards for Mass Transit Rail, Hong Kong
2002 Consultancy Study on Mobile Wireless e_Commerce for Hong Kong Jockey Club
2003 Consultancy Study on Secure Betting Systems for Hong Kong Jockey Club
2003 Consultancy Study on AS 17799 Conformance for Golden Casket Pty Ltd Brisbane
2004 Review of Hong Kong Jockey Club Security Architecture 
2006 Defining Encryption Requirements Hong Kong Jockey Club
RESEARCH GRANTS
1990 ARC Grant in key management
1995 RC Collaborative Grant for Risk Management with NAB Melbourne
2004 Defence Signals Directorate Risk Management
2004 ARC Trusted Systems
SEMINARS AND PRESENTATIONS:
Conference/Seminar Date
Data Security for Australian Telecom Staff September 1987
IEEE Hong Kong Branch Seminar on Data Security December 1988
Applications of Cryptography, EDP Auditors Association, Hong Kong February 1989
One Day Data Security Seminar - Holiday Inn Hotel Hong Kong March 1989
Presentation on Data Security to Hong Kong Stock Exchange March 1989
One Day Seminar on Data Security - Regent Hotel, Bangkok April 1989
3 Day Systems Security Course, Unisys Education Centre, Hong Kong April 1989
Seminar in Computer Viruses, Regent Hotel Bangkok September 1989
Seminar on Security Evaluation RAU Johannesburg October 1990
Grad Certificate in Data Security, QUT March 1991
Data Security Course Singapore and Kuala Lumpur November 1991
Data Security Course City Polytechnic Hong Kong January 1992
Grad Certificate in Data Security, QUT March 1992
Seminar on Cryptography Royal Hong Kong Jockey Club April 1992
Seminar of Network Security Royal Hong Kong Jockey Club May 1995
Seminar on Information Security - China PTT – Hainan October 1995
Presentation to Government Security Conference Canberra November 1995
Presentation on Internet Developments - OECD Conf. Canberra January 1996
Seminar on University Information Security - Unimutual Workshop, Adelaide August 1996
Seminar on Internet Security and Commerce, Kuala Lumpur October 1996
Seminar on Internet Security and Commerce, Hong Kong Jockey Club November 1996
Seminar on Key Escrow, University of Waterloo, Canada  June 1997
Seminar on Internet Security and Commerce, Kuala Lumpur July 1997
Seminar on Future of the Internet, University of Indonesia July 1997
Seminar on Key Escrow, University of Waterloo, Canada  June 1997
Paper and Workshop on Risk Assessment, IIR Conference, Canberra April 1998
Seminar on PKI – Hong Kong Jockey Club Management June 1999
Seminar on E Commerce Security NetComm 99 E Commerce, Le Meridien Hotel, Dehli October 1999
Seminars on E-Commerce Security – Kuala Lumpur, Mumbai, Dehli, Shimla, Harare, Penang April - June 2000
Keynote Speaker –Computer Virus Conference Hong Kong December 2001
Keynote Speaker Information Warfare and Information Security Conference Adelaide November 2003
Invited Speaker Hong Kong Information Security Summit November 2004
Seminar on Risk Management RAAF  Canberra May 2009
PUBLICATIONS:
1986 Use of Expert Systems in the Analysis of Key Management Schemes,(with S Rigby), IFIP Sec 86 Monte Carlo 
1987 Expert Systems Applied to Analysis of Key Management Schemes - Computers and Security, Vol 6 No Feb 
1989 Information Security - Hong Kong Computer Conference 
1992 An Automatic Search for Security Flaws in Key Management Schemes, (with S Rigby) Computers and Security, Vol 11 No 1 March 1992 pp. 75-89 
1992 A Language for Describing Information and Physical Security Architectures, (with W Caelli and A Tickle), proceedings of the IFIP Sec'92 Conference, Singapore 
1993 Complementarity Attacks and Control Vectors, (with S M Matyas) publication in IBM Systems Journal Vol 32, No 2   
1993 Risk Data Repository: A Novel Approach to Security Risk Modelling (with A Anderson and A Tickle) Proceeding IFIP Sec 1993 
1994 Effect of Key Generators on the Automatic Search for Flaws in Key Management Schemes (with S Vasudevan)  Computers and Security,Vol 13 No.4,  pp 335 - 347
1994 Security Modelling for Organisations (with A Anderson and L F Kwok), 2nd ACM Conference on Computer and Communications Security, Fairfax, Virginia, USA.
1995 The Electronic Office: A Strategic Approach to Managing the Risk  Government Security ‘95 Conference, Canberra   1995
1997 A Security Officer’s Workbench, (with LF Kwok), Computers and Security, Vol 15, No 8, 1996
1997 Information Security Management Standards, (with LF Kwok), IFIP Sec  ‘97, Cophenhagen
1997 Implementation of Key Escrow with Key Vectors to Minimise Potential Misuse of Key, (with W Caelli) Awarded Best Paper Prize, National Information Systems Security Conference, Baltimore.
1999 Information Security Management and Modelling (with LF Kwok) Information Security Management and Computer Security Vol 7, No. 1 1999
2003 Electronic Information Security Documentation (with LF Kwok and P Fung) Australasian Information Security Workshop, Adelaide.
2004 Security Modelling for Risk Analysis (with LF Kwok) IFIP Sec Conference, Toulouse
2006 Security Risk Analysis for Complex Systems (with M Branagan and R Dawson) ISSAC Johannesburg
2008 Feasibility of  Automated Information Security Compliance Auditing (with W Caelli, M Branagan and LF Kwok) IFIP Sec Milan
2010 A Business Continuity Management (BCM) Simulator (with W Caelli,and  LF Kwok) IFIP Brisbane
2012 A Model and a Simulator for Disaster Recovery (with W Caelli, and LF Kwok) International Journal for Risk Management and  Business Continuity.
BOOKS:
1986 Dictionary of Personal Computing and Communication  (with M Shain), MacMillan Publishers
1987 Dictionary of Data and Computer Security, (with M Shain), MacMillan Publishers 
1988 Dictionary of Information Technology  (3rd edition), (with M Shain)
1989 Information Security for Managers, (with W Caelli and M Shain), (Editors), Macmillan Publishers Ltd (UK)  ISBN 0-333-46203-3
1990 Data Security, Chapter 14 of textbook Information Security and the Law edited by C Edwards and I Walden, Macmillan Publishers Ltd (UK) 
1991 Information Security Handbook, (with W Caelli and M Shain), (Editors), Macmillan Publishers Ltd (UK)  ISBN 0-333-51172-7 
1992 Dictionary of Information Security, (with M Shain and W Caelli), (Editors), Macmillan Publishers Ltd (UK)
 
NIATEC National Science Foundation Information Assurance Directorate Department of Homeland Security CISSE Scholarship For Service