Owen Lo

Owen Lo

Dr Owen Lo

Research Fellow

Biography

Dr Owen Lo is a Research Fellow at Edinburgh Napier University. Owen graduated obtained a 1st Honours (Class Medal Award) degree in Computer Networks and Distributed Systems at Edinburgh Napier University before continuing to complete a PhD at the same institute on the topic of e-Health. Some awards Owen has received include: Young Software Engineer of the Year Award (Lumison Prize)(2010), Team Prize Raytheon Cyber Challenge Award (2011) and Student of the Year ENU Award (2012).

During his PhD, Owen contributed to the Data Capture and Auto Identification Reference (DACAR) Project – a project funded in part by EPSRC and TSB – which aimed to create a secure cloud-based information sharing platform for patient data in healthcare environments. His work on the DACAR project includes the development of a Patient Simulator and an electronic version of the Early Warning Score system used to perform risk assessment on patients. The Patient Simulator was designed to simulate the vital physiological signs of a human patient (heart rate, blood pressure, respirator rate, oxygen levels and breath rate) while the electronic EWS allowed for automated risk assessment based on the parameters observed in a patient. The Patient Simulator and electronic EWS system proved instrumental in demonstrating and evaluating the capabilities of the DACAR e-Health platform in the context of secure input, processing and output of clinical data.

Following on from the DACAR project, Owen also worked on the development of a consumer transaction simulator which was designed to evaluate a secret sharing engine used by the company Payfont. The secret sharing engine used by Payfont had capability of applying numerous sharing algorithms including Shamir’s Secret Sharing (SS), Perfect Secret Sharing (PSS), Information Dispersal Algorithm (IDA) and Computational Secret Sharing (CSS). The simulator developed for this work allowed one to create different scenarios to determine which algorithm was most functional relative to the performance of data to be fragmented.

During his time as a researcher at Edinburgh Napier University, Owen has also contributed to the successful spin-out of two companies: Symphonic Software and Cyan Forensics. For Symphonic Software, Owen helped develop an information sharing engine used for the secure and trusted sharing of information between different sectors including finance, healthcare, social care and law enforcement. His work on Symphonic Software also involved research on the OAuth 2.0 protocol used by digital identity providers (e.g. Facebook, Google, LinkedIn and so on). His work on Cyan Forensics included the development of a fully-featured contraband detection software used to rapidly determine if an individual is suspected of storing illegal data on a computer. The contraband detection software was designed specifically to be used by digital forensics experts within the law enforcement sector.

More recently, Owen has successfully worked on collaboration projects with business and industry partners including Morgan Stanley and Keysight Technologies. His collaboration with Morgan Stanley focused on insider threats and investigated machine learning techniques to assess how one may determine if an employee was a threat to the organisation. In his most recent work, his collaboration with Keysight Technologies has involved research on the topic of side channel analysis and vulnerabilities related to IoT devices. His work on side channel analysis involved applying a technique known as power analysis to block based cryptographic algorithms including Advanced Encryption Standard (AES) and PRESENT. His results has shown that both algorithms are susceptible to information leakage (i.e. the private key may be revealed) under certain conditions which results in the compromised security of both algorithms. Lastly, Owen’s research into IoT security has demonstrated numerous vulnerabilities with consumer ready devices including network service vulnerabilities and Bluetooth Low Energy vulnerabilities.

Esteem

Fellowships and Awards

  • Edinburgh Napier University Student of the Year Award
  • Young Software Engineer of the Year Award (3rd Place)
  • Institute Researchers win prize at Raytheon Security Challenge event

 

Invited Speaker

  • CENSIS 5th Technology Summit
  • SICSA Cybernexus Workshop on Cybersecurity and the Internet of Things
  • The Cyber Academy Big Data Conference
  • Blockpass Identity Lab Conference on Digital Identity, Blockchain and Advanced Cryptography
  • CEED-Scotland Forensics of IT and Data Analytics Workshop
  • The Cyber Academy Conference of Ransomware, Cryptography and Pseudo-Identity
  • The Cyber Academy Big Data Conference
  • The Cyber Academy International Conference on Cryptography and High Performance Computing

 

Media Activity

  • Research on IoT security vulnerabilities featured in The Scotsman article (https://www.scotsman.com/business/companies/tech/edinburgh-napier-and-glasgow-s-censis-partner-in-cybersecurity-drive-1-4765948)
  • Research on side channel analysis featured in Edinburgh Napier University Impact 2017 magazine (https://www.napier.ac.uk/~/media/images/impact-case-studies-september-2017/impact-magazine-2017.pdf)
  • Edinburgh Napier University writes news article on side channel analysis research (https://www.napier.ac.uk/about-us/news/can-your-device-be-hacked-by-tapping-its-power-supply)

 

Reviewing

  • Invited reviewer for Journal of Cyber Security Technology
  • Inivited reviewer for IEEE Technology and Society Magazine

 

Date


33 results

Holistic healthcare within dynamic information infrastructures-the cloud based eHealth platform.

Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Thuemmler, C., & Lo, O. (2012, February)
Holistic healthcare within dynamic information infrastructures-the cloud based eHealth platform. Paper presented at eHealth 2012, Dynamic Earth, Edinburgh

Case Study: moving towards an e-health platform to store NHS patient Information in the cloud.

Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., & Thuemmler, C. (2012, February)
Case Study: moving towards an e-health platform to store NHS patient Information in the cloud. Paper presented at Cloud Computing in the Public Sector: The Way Forward, London
Case Study: Moving Towards an e-health Platform to Store NHS Patient Information in the Cloud The NHS pilot scheme to store patient information in the Cloud How can the health...

The UK’s eHealth cloud project: EHR and the cloud: assessing the benefits and mitigating the risks.

Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., Thuemmler, C., & Lawson, A. (2012, January)
The UK’s eHealth cloud project: EHR and the cloud: assessing the benefits and mitigating the risks. Paper presented at Arab Health 2012 (Electronic Healthcare Records), Dubai, United Arab Emirates
This presentation focuses on: - Using the Cloud to provide geographical flexibility and facilitate information exchange to enable the effective treatment of patients across bo...

Towards a framework for the generation of enhanced attack/background network traffic for evaluation of network-based intrusion detection systems

Conference Proceeding
Lo, O. C. W., Graves, J. R., & Buchanan, W. J. (2009)
Towards a framework for the generation of enhanced attack/background network traffic for evaluation of network-based intrusion detection systems. In J. Demergis (Ed.), Proceedings of 9th European Conference on Information Warfare and Security, 190-200
There are a multitude of threats faced in computer networks such as viruses, worms, trojans, attempted user privilege gain, data theft and denial of service attacks. To combat...

Towards simulation of patient data for evaluation of E-health platform and services.

Presentation / Conference
Lo, O., Fan, L., Buchanan, W. J., Thuemmler, C., & Lawson, A. (2012, June)
Towards simulation of patient data for evaluation of E-health platform and services. Paper presented at 13th Annual Post Graduate Symposium on the Convergence of Telecommunications, Networking and Broadcasting, Liverpool
This paper presents the design and implementation of the Patient Simulator, a software application used for the simulation of patient data. The simulator aims to evaluate e- H...

Patient centric health care: an integrated and secure, cloud-based, e-Health platform.

Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., Lo, O., & Thuemmler, C. (2012, February)
Patient centric health care: an integrated and secure, cloud-based, e-Health platform. Paper presented at BCS Branch Meeting, University of Edinburgh Informatics Forum
There are many issues related to health care infrastructure within the UK, including the lack of integration of data between the different parts of the health and social care ...

Conducting Performance Evaluation of an e-Health Platform

Book
Lo, O., Fan, L., Buchanan, W. J., & Thuemmler, C. (2012)
Conducting Performance Evaluation of an e-Health Platform. In T. Issa, P. Isaías, & P. Kommers (Eds.), Advances in Business Information Systems and Analytics; Information Systems and Technology for Organizations in a Networked Society, 295-315. IGI Global Publishing. doi:10.4018/978-1-4666-4062-7.ch016
For increased awareness and adoption of e-Health implementations, results from evaluation must be catered towards three primary perspectives: organizational, end-user and tech...

Cloud4Health.

Presentation / Conference
Buchanan, W. J., Fan, L., Ekonomou, E., & Lo, O. (2012, May)
Cloud4Health. Paper presented at Symposium on the Future of e-Health, Edinburgh Napier University, Edinburgh
The cloud4health platform focuses on creating a next generation infrastructure which aims to integrate assisted living with primary and secondary health care, in order to redu...

Cloud-based e-Health System.

Presentation / Conference
Buchanan, W. J., Fan, L., Thuemmler, C., Lo, O., & Ekonomou, E. (2011, September)
Cloud-based e-Health System. Paper presented at BCS Health Informatics, Edinburgh
This paper presents the future of health care system, which uses the newly developed security infrastructure.

SPoC: Protecting Patient Privacy for e-Health Services in the Cloud

Conference Proceeding
Fan, L., Buchanan, W. J., Lo, O., Thuemmler, C., Lawson, A., Uthmani, O., …Khedim, A. S. (2011)
SPoC: Protecting Patient Privacy for e-Health Services in the Cloud. In eTELEMED 2012, 99-104. ISBN 978-1-61208-179-3
The use of digital technologies in providing health care services is in general subsumed under the term e-Health. The Data Capture and Auto Identification Reference (DACAR) pr...

Current Post Grad projects

Previous Post Grad projects