In 2006, I completed an MSc Information Security at Royal Holloway University of London. I undertook a project entitled: "A comparative analysis of common threats, vulnerabilities, attacks and countermeasures within smart card and wireless sensor network node technologies." A large title and an equally large project!

The fundamental part of my research was regarding how to assess and compare the security issues between these two distinct yet similar technologies to establish what actual security similarities and differences existed between them.

My work led me to produce an assessment tool and methodology in the form of a Threat, Vulnerability, Attacker and Countermeasure (TVAC) Table. Data is recorded within the TVAC table and then a comparative assessment can be made from one technology to the other using a Comparative Threat Analysis Assessment Matrix (CTAAM).

Within this research I have also created a method of categorising high level security goals. CRIPAL is an acronym I have established to cover the following high level 'primary' security goals:

C = Confidentiality, R = Reliability, I = Integrity, P = Privacy, A = Availability and L = Legitimate Use.

In 2007 I developed this work from my MSc dissertation and produced a paper which was published for the Workshop in Information Security Theory & Practices 2007 (WISTP 2007) conference winning an innovation award.

I am currently developing the CRIPAL approach and it has been enhanced. More details will follow soon on how this work has developed.