Nexor

Last updated
Nexor
Type Private
Industry Computer security
Founded1989;34 years ago (1989) (as X-Tel Services Limited)
U.K.
FounderHugh Smith, Graeme Lunt, Julian Onions
Headquarters Nottingham, England
Key people
Stephen Kingan (CEO)
ProductsNexor Sentinel, Nexor Guardian, Nexor Merlin, Nexor Data Diode, Nexor Border Gateway, MMHS
ServicesCyberShield Secure
OwnerStephen Kingan
Website www.nexor.com

Nexor Limited is a privately held company based in Nottingham, providing products and services to safeguard government, defence and critical national infrastructure computer systems. It was originally known as X-Tel Services Limited.

Contents

History

Nexor Limited [1] was founded in 1989 as X-Tel Services Limited out of the University of Nottingham and UCL, following research into X.400 and X.500 systems for the ISODE project. In 1992 Stephen Kingan joined the business as CEO. [2] In 1993 X-Tel Services Limited was renamed Nexor Limited. In 1996 3i invested in the business to launch Nexor Inc. In 2004 Kingan and Nigel Fasey acquired the business. In 2008 Colin Robbins was appointed to the board as CTO. In 2012 Kingan acquired 100% ownership of Nexor. In October 2013, the company moved its headquarters from Nottingham Science Park to the NG2 Business Park. [3]

Nexor customers include NATO, [4] [5] European Defence Agency, [6] [7] UK MoD, [8] [9] US DOD, [10] Canadian DND, [11] Foreign and Commonwealth Office [12] and Met Office. [13] [14] Nexor designed and deployed the first public Internet search engine ALIWEB and the associated robots exclusion standard. Nexor is a contributor to the Internet Engineering Task Force, having worked on Internet RFCs 1086, [15] 1165, [16] 1488, [17] 1606 [18] and 1778. [19] Nexor developed a Microsoft Exchange Client for Unix. [20] Nexor was the first organisation to be awarded the Intellect Best Practice Certificate. [21] Nexor has run regular demonstrations at the Coalition Warrior Interoperability Demonstration. [22] [23] Nexor was the first organisation to achieve TickItPlus [24] a quality-management certification program for software development. Nexor has strategic partnerships with Boldon James [25] and QinetiQ. [26] Nexor's Data Diode product is supplied via an OEM relationship with Fox-IT. Nexor is a supplier of the UK Government G-Cloud Cloudstore, [27] and an Official cyber security supplier to the UK Government. [28] Nexor won 2013 DSEi innovation challenge. [29]

Nexor is a contributor to Cyber Champions a community initiative to promote best practices in digital literacy and online safety awareness to schools, youth organisations and interest groups across the UK. [30] Nexor sponsors the Cyber Security Challenge designed to promote careers in cyber security. [31] Nexor was in the first batch of companies to achieve the UK’s Cyber Essential standard [32] and a contributor and industry launch partner to the PAS754 software development standard led by the Trustworthy Software Initiative. In 2015 Nexor launched a consulting arm - Qonex [33] [34] [35] [36]

Products and services

Nexor is primarily focused on Secure Information Exchange for defence, governments and critical infrastructure.

Products and services include:

Assurance

Several Nexor products have been evaluated under the Common Criteria scheme to obtain independent verification of their claimed functionality, including:

Collaborative research and development

Nexor has been a contributor on the following collaborative research and development projects:

Paradise

Paradise (1989-2002) (Piloting aResearch Directory in an OSI Environment) was part of the ESPRIT COSINE [41] project to establish a pan-European computer-based network infrastructure that enabled research workers to communicate with each other using OSI. It was later prefixed NameFlow-Paradise. [42] Paradise implemented a distributed X.500 systems, across over 700 DSAs in over 30 countries. The project is documented in the NameFLOW archive [43] Quipu was the major X.500 implementation used in Paradise. Implementations also came from Inria [44] led by Christian Huitema and Siemens DirX, [45] originating from the Thorn [46] project, implementing the ECMA TR32 [47] standard. David Goodman [48] was the project manager.

MAITS (Multilingual Application Interface for Telematic Services [49] ) developed multilingual interfaces for X.400 and X.500 on top of Paradise.

Password

Password [50] [51] [52] (1993-1995) (Piloting aSecure Service Within OSI R&D) was a European Community-sponsored VALUE program, [53] comprising consortia from France (Inria), Germany (GMD Darmstadt) and the UK (UCL and Nexor), to establish a pilot security infrastructure for network applications for the European research community. The consortium developed secured applications based on X.509, including the OSISEC PKI. The primary application was PEM, a forerunner of S/MIME and SEEOTI. Goodman of UCL was the project manager, and Joerg Reichelt [54] was the Nexor lead engineer.

Eurocoop and Eurocode

Eurocoop (1991-1992) [55] (Esprit III Project 5303) [56] and the follow on project Eurocode (1992-1995) [57] (Esprit III Project 6155) [56] aimed to develop powerful and effective systems for supporting distributed collaborative work. Partners included Aarhus University, GMD Darmstadt, Rank Xerox and ICL. The approach adopted was to integrate components from a number of existing systems and to develop new collaborative tools based on the study of a large-scale technical application that encompasses many collaboration problems. Single components tools were developed that can be integrated with existing tools and that are able to interoperate with each other. ICW [58] was a closely related DTI funded project. Pippa Hennessy [59] was the Nexor project manager.

Regis and Renaissance

Regis [60] [61] (1995–1998) was a collaborative project with Diamond Cable Communications and University of Sheffield to investigate problems inherent in providing regional business communities with low-cost, high-speed access to local information services. Robbins was the Nexor project manager.

The EU ACTS Project Renaissance [60] [62] [63] (1995–97) was led by Fretwell Downing to develop a virtual vocational training environment, with the University of Sheffield, Diamond Cable Communications and Yorkshire Cable and delivered to the UK National Centre for Popular Music. Harold Combs [64] was the Nexor project manager.

iGRC

The iGRC [65] project (2010-2012), was a collaborative project with HP, Assuria, Infogov, Cranfield University, Loughborough University and Birkbeck, University of London to automate threat level and control status changes for real-time management of the complexity, risk and resilience of secure information infrastructure.

CloudFilter

CloudFilter [66] [67] (2012–13) was an EPSRC collaborative project with Imperial College to explore novel methods for exercising control over sensitive data propagation across multiple cloud providers.

Cross Domain Tactical Service Bus

A project led by 2iC to deliver a proof-of-concept demonstration for a Cross Domain Tactical Service Bus, [68] winning the DSEI Innovation Award 2013. [69]

KTP

Project with De Montfort University to research, develop and implement the use of hardware, as a robust alternative to software in high assurance network security devices. [70]

CSIIS

The Defence Science and Technology Laboratory (Dstl) on behalf of the UK Ministry of Defence established a programme to realise the potential benefits from novel technology to front line forces. A consortium, led by QinetiQ (called Sirius, comprising over 40 organisations) provides the experience and research capability for CSIIS. [71] In September 2014, Nexor won the best research poster at the Annual Symposium of the UK Information Assurance Advisory Council (IAAC) based on CSIIS work. [72]

CAPRI

An innovate UK funded consortium to lead R&D in connected and autonomous CAVs on-road implementation, in which Nexor provided cyber security services. [73]

Personnel and alumni

Many Nexor employees (current and former) have made notable contributions to the Internet or business community, including:

Related Research Articles

<span class="mw-page-title-main">Computer security</span> Protection of computer systems from information disclosure, theft or damage

Computer security, cybersecurity, or information technology security is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, theft of, or damage to hardware, software, or data, as well as from the disruption or misdirection of the services they provide.

European Strategic Programme on Research in Information Technology (ESPRIT) was a series of integrated programmes of information technology research and development projects and industrial technology transfer measures. It was a European Union initiative managed by the Directorate General for Industry of the European Commission.

The Internet protocol suite, commonly known as TCP/IP, is a framework for organizing the set of communication protocols used in the Internet and similar computer networks according to functional criteria. The foundational protocols in the suite are the Transmission Control Protocol (TCP), the User Datagram Protocol (UDP), and the Internet Protocol (IP). Early versions of this networking model were known as the Department of Defense (DoD) model because the research and development were funded by the United States Department of Defense through DARPA.

<span class="mw-page-title-main">OSI model</span> Model of communication of seven abstraction layers

The Open Systems Interconnection model is a conceptual model that 'provides a common basis for the coordination of [ISO] standards development for the purpose of systems interconnection'. In the OSI reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.

The Secure Shell Protocol (SSH) is a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.

A virtual private network (VPN) is a mechanism for creating a secure connection between a computing device and a computer network, or between two networks, using an insecure communication medium such as the public Internet.

<span class="mw-page-title-main">Network Time Protocol</span> Standard protocol for synchronizing time across devices

The Network Time Protocol (NTP) is a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use. NTP was designed by David L. Mills of the University of Delaware.

An application layer is an abstraction layer that specifies the shared communications protocols and interface methods used by hosts in a communications network. An application layer abstraction is specified in both the Internet Protocol Suite (TCP/IP) and the OSI model. Although both models use the same term for their respective highest-level layer, the detailed definitions and purposes are different.

Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible.

QinetiQ is a multinational defence technology company headquartered in Farnborough, Hampshire. It operates primarily in the defence, security and critical national infrastructure markets and run testing and evaluation capabilities for air, land, sea and target systems.

In computing, security-evaluated operating systems have achieved certification from an external security-auditing organization, the most popular evaluations are Common Criteria (CC) and FIPS 140-2.

The ISODE software, more formally the ISO Development Environment, was an implementation of the OSI upper layer protocols, from transport layer to application layer, which was used in the Internet research community to experiment with implementation and deployment of OSI during the late 1980s and early 1990s.

<span class="mw-page-title-main">Department of the Air Force Office of Special Investigations</span> Department of the Air Force federal law enforcement agency

The Department of the Air Force Office of Special Investigations (OSI) is a U.S. federal law enforcement agency that reports directly to the Secretary of the Air Force. OSI is also a U.S. Air Force field operating agency under the administrative guidance and oversight of the Inspector General of the Department of the Air Force. By federal statute, OSI provides independent criminal investigative, counterintelligence and protective service operations worldwide and outside of the traditional military chain of command. Proactively, OSI identifies, investigates, and neutralizes serious criminal, terrorist, and espionage threats to personnel and resources of the Air Force, Space Force, and the U.S. Department of Defense, thereby protecting the national security of the United States.

Datagram Transport Layer Security (DTLS) is a communications protocol providing security to datagram-based applications by allowing them to communicate in a way designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP or SCTP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet. Because DTLS uses UDP or SCTP rather than TCP, it avoids the "TCP meltdown problem", when being used to create a VPN tunnel.

<span class="mw-page-title-main">Safelayer Secure Communications</span>

Safelayer Secure Communications S.A. is a Spanish private company founded in May 1999. It develops software products on the public key infrastructure area. Safelayer's technology is part of the three major certification and digital identity projects in Spain: Fábrica Nacional de Moneda y Timbre, the Spanish ID card DNI electrónico and the Spanish E-passport. Safelayer's technology also secures the NATO X400 messaging system.

<span class="mw-page-title-main">Rapiscan Systems</span>

Rapiscan Systems is an American privately held company that specialises in walk-through metal detectors and X-ray machines for screening airport luggage and cargo. The company is owned by OSI Systems.

Colin Robbins is a network protocol and software engineer credited for research work in distributed directory systems and a co-inventor of LDAP. Educated at Alleyn's School, he holds a BSc, Computer Science & Electronic Engineering, with first class honours, from University College London.

The cyber security community in the United Kingdom is diverse, with many stakeholders groups contributing to support the UK Cyber Security Strategy. The following is a list of some of these stakeholders.

SWIPSY was a firewall toolkit produced by the Defence Evaluation and Research Agency in the UK. The SWIPSY toolkit was an ITSEC E3 evaluated product that allowed additional code to be added to its security ‘compartments’ without affecting the evaluation status of the toolkit itself.

A long-running debate in computer science known as the Protocol Wars occurred from the 1970s to the 1990s when engineers, organizations and nations became polarized over the issue of which communication protocol would result in the best and most robust computer networks. This culminated in the Internet–OSI Standards War in the late 1980s and early 1990s, which was ultimately "won" by the Internet protocol suite ("TCP/IP") by the mid-1990s and has since resulted in most other protocols disappearing.

References

  1. "Companies House".
  2. "Stephen Kingan". LinkedIn.
  3. "Nexor moves to NG2". Nottingham Post.
  4. "Nato Contract". Press Dispensary. Retrieved 22 December 2012.
  5. "ANWI Contract". NATO. Archived from the original on 22 August 2013.
  6. "EDA".
  7. "EDA" . Retrieved 22 December 2014.
  8. "UK MoD".
  9. "Uk MoD Accreditation".
  10. "US DoD".
  11. "Canadian Department of National Defense". PR newswire. Retrieved 22 December 2012.
  12. "FCO". Fox.
  13. "Met Office (Slide 5)".
  14. "Met Office".
  15. 1 2 "RFC 1086".
  16. 1 2 "RFC 1165".
  17. "RFC 1488".
  18. 1 2 "RFC 1606".
  19. "RFC 1778".
  20. "Microsoft". Federal Computer Weekly. Retrieved 22 December 2012.
  21. "BPC Case Study". Intellect UK. Archived from the original on 4 October 2013. Retrieved 22 December 2012.
  22. "CWID".
  23. "CWID 07".
  24. "TickItPlus Certification". TickitPlus. Archived from the original on 7 July 2013. Retrieved 22 December 2012.
  25. "Nexor / Boldon James Press Release" (PDF). Boldon James. Retrieved 22 December 2012.
  26. "Nexor / QinetiQ Press Release". QinetiQ. Retrieved 22 December 2012.
  27. "G-Cloud".
  28. "Official Supplier to HMG". UK Government.
  29. "DSEi innovation award". Archived from the original on 26 September 2013. Retrieved 21 September 2013.
  30. "Cyber Champions".
  31. "Cyber Security Challenge". Archived from the original on 2013-02-17.
  32. "Cyber Essentials". Computer World.
  33. "Qonex Launch". Nexor. Archived from the original on 17 April 2015. Retrieved 17 April 2015..
  34. "Company Nexor News, Employees and Funding Information, Nottingham". www.topionetworks.com. Retrieved 2020-09-08.
  35. ""It is vital to address cyber security from the ground up," says Qonex | Automotive World". www.automotiveworld.com. 29 May 2015. Retrieved 2020-09-08.
  36. "About". Once Upon a Camayoc. 2014-09-27. Retrieved 2020-09-08.
  37. "CyberShield Secure" . Retrieved 28 December 2012.
  38. "Nexor Sentinel 3E CC Certification" (PDF). TÜV Rheinland Nederland B.V.
  39. "Data Diode CC Certification (Figure 3, Page 7)" (PDF). TNO.
  40. "Nexor MMHS CC EAL2 Certification" (PDF). NIAP.
  41. "COSINE". Cordis. Retrieved 24 December 2012.
  42. "NameFLOW Paradise". Archived from the original on 20 August 2008. Retrieved 24 December 2012.
  43. "NameFLOW Document Library". DANTE. Archived from the original on 2007-10-27.
  44. "Strangers in Paradise" (PDF). Dante. Archived from the original (PDF) on 19 November 2008. Retrieved 31 December 2012.
  45. "DirX". ATOS. Archived from the original on 18 July 2011. Retrieved 24 December 2012.
  46. "Thorn Project".
  47. "OSI Directory Access Service and Protocol (December 1985)" (PDF). ECMA. Retrieved 24 December 2012.
  48. Goodman, David. "LinkedIn Profile". LinkedIn. Retrieved 24 December 2012.
  49. "MAITS". Archived from the original on June 26, 1997.
  50. "Password Annual Report". Archived from the original on 4 March 2016. Retrieved 24 December 2012.
  51. Kirstein, Peter; Peter Williams (November 1992). "Piloting authentication and security services within OSI applications for RTD information (PASSWORD)". Computer Networks and ISDN Systems. 25 (4–5): 483–490. doi:10.1016/0169-7552(92)90044-Q.
  52. "Password Project". Archived from the original on 2016-03-04.
  53. "EC Value Programme".
  54. Reichelt, Joerg. "LinkedIn Profile". LinkedIn.
  55. "EUROCOOP - IT Support for Distributed Cooperative Work". CORDIS. Retrieved 24 December 2012.
  56. 1 2 "ESPRIT Projects" (PDF).
  57. "ESPRIT Project 6155 – EuroCODE" (PDF).
  58. "ICW". Archived from the original on February 8, 1997.
  59. Hennessy, Pippa. "LinkedIn Profile". LinkedIn.
  60. 1 2 "Telemetics for Learning" (PDF).
  61. "Regis Project". Wayback Machine. Archived from the original on January 28, 1999.
  62. "Renaissance". Wayback Machine. Archived from the original on April 27, 1999. Retrieved 27 December 2012.
  63. "Renaissance Web Site". Wayback Machine. Archived from the original on July 12, 1997. Retrieved 24 December 2012.
  64. Combs, Harold. "LinkedIn Profile". LinkedIn.
  65. "iGRC Consortium". Archived from the original on 15 October 2013. Retrieved 24 December 2012.
  66. "CloudFilter". EPSRC.
  67. "CloudFilter". Imperial College. Archived from the original on 2012-12-30.
  68. "Tactical Service Bus" (PDF). Retrieved 21 September 2013.
  69. "DSEi Innovation Award". Archived from the original on 2013-11-09.
  70. "KTP" . Retrieved 21 September 2013.
  71. "Sirius". Qinetiq.
  72. "CSSIS" (PDF). IAAC.
  73. "CAPRI: Aimsun wins new role in UK Government-funded consortium to lead R&D in connected and autonomous POD on-road implementation". Aimsun. 2017-04-24. Retrieved 2021-02-25.
  74. "Investors in People". IIP. Archived from the original on 2013-04-12.
  75. "RISC Council". Intellect. Archived from the original on 2013-06-14. Retrieved 2013-01-03.
  76. "Martijn Koster".
  77. Lunt, Graeme (1989). The XUA Visual Interface. Communications Research Group, Nottingham Univ. Retrieved 2 January 2013.
  78. Howes, Tim. "LDAP History" (PDF). Open LDAP. Retrieved 3 January 2013.
  79. "Hugh Smith, CRG" . Retrieved 2 January 2013.
  80. "EIBS".
  81. "Hugh Smith Funeral".

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.