Professor of Cyber Security Shujun Li from the School of Computing says the government’s decision to approve the use of Huawei equipment in the construction of new 5G networks is to be welcomed.<\/p>\n
\u2018As a cyber-security researcher, I welcome the UK government\u2019s decision on Huawei\u2019s involvement in building future 5G networks in the UK. I urge the governmental officials, politicians and the general public to look at the Huawei \u201crisks\u201d from a technical angle, not a political one<\/strong>.<\/p>\n \u2018Technically speaking, banning any particular vendor will never work as a real solution to cyber security as the supply chain is very complicated and there are simply too many potential risks one has to consider. I would therefore argue that if the UK\u2019s national security depends on a single company (Huawei or any other firm) always doing the \u201cright\u201d thing,<\/strong>then we have failed the cybersecurity assurance in the first place.<\/p>\n \u2018What should be looked at more is how a technical solution or product can be scrutinised and verified by independent experts and automated tools, which can detect not only risks from a particular vendor like Huawei but also those caused by any malicious parties in the supply chain.<\/strong><\/p>\n \u2018In addition, in the cyber security research community, the widely-accepted Kerckhoffs\u2019s principle<\/a> and Shannon\u2019s maxim tell us that the security of a system should not depend on hiding details of how the system works (as the attacker will learn the system)<\/strong> but other things (e.g., a secret password chosen by the user). Applying these rules to the Huawei case, it would be strange if Huawei were to base their system\u2019s security on hiding details of how it operates (and therefore not being detected doing something it should not).\u2019<\/strong><\/p>\n The University\u2019s Press Office provides the media with\u00a0expert comments<\/a>\u00a0in response to topical news events. Colleagues who would like to learn more about how to contribute their expertise or how the service works should contact the Press Office on 3985 or\u00a0pressoffice@kent.ac.uk<\/p>\n","protected":false},"excerpt":{"rendered":"