Security gets framed
Despite millions of dollars spent by IT companies, digital security still contains more holes than a Swiss cheese. One European project plans to plug those holes by creating a virtual security framework independent of both devices and the networks they are trying to access.
SEINIT, the Security Experts Initiative, offers the promise of seamless security regardless of hardware, software or access protocol, whether its mobile phones, bluetooth, WiFi, ethernet or broadband connection. And they achieved this pervasive security without sacrificing privacy.
“We set ourselves and the almost paradoxical goal of reconciling security and freedom,” says Mr Andre Cotton, coordinator of the IST-funded SEINIT project and Head of the Advanced Information Technologies Laboratory at Thales Communication in France.
The project created a framework for security that negotiates between users and the service they are trying to access.
“Users decide at the beginning what level of information they want to reveal to the service. The framework then negotiates with the service and applies the appropriate security component or protocol,” says Mr Cotton.
Users dont have to reveal more information than they want. It may not be possible to set up a secure connection in the way the user wants. Either the device cant cope with the protocols required, say a light PDA, or the user isnt willing to divulge a vital piece of information.
“For example, trying to access a bank account without disclosing the user’s name or identifier,” says Mr Cotton. “In this case the framework alerts the user that the connection is not possible, and suggests alternatives.”
Vitally, control of privacy is left with the user while the framework applies the appropriate level of security.
Deploying a system like this means that security is by its very nature hardware and software independent. Its governed by a framework rather than a particular piece of encryption or a specific programme.
Whats more, SEINIT designed the framework security protocols and technologies as components. “So when new security components or technologies emerge, they can be added to the framework. This means the system is sustainable,” says Mr Cotton.
The project team are finalising a demonstrator for the framework on Windows and popular Unix system Linux and across LANs, Internet, and wireless networks.
“But the framework has a small footprint and as of right now it could be implemented in a mobile phone. We simply want to demonstrate the principle,” says Mr Cotton.
The next stage is the development of a user interface and that will take place in a separate project, called DISCREET, and due to start in January next year.
Ultimately, though, Mr Cotton hopes the SEINIT approach will be adopted as a formal security standard. “This is a demonstrator, but we hope to show the advantages of this approach,” he says.
If deployed, Mr Cotton believes a security system like SEINIT could have a profound impact on society.
“If we had the capability for any platform, hard or soft, to be involved in a security agreement with any requirement and standard it would truly unlock the potential and promise of the information age,” he says.
Media Contact
More Information:
http://istresults.cordis.lu/All latest news from the category: Information Technology
Here you can find a summary of innovations in the fields of information and data processing and up-to-date developments on IT equipment and hardware.
This area covers topics such as IT services, IT architectures, IT management and telecommunications.
Newest articles
Compact LCOS Microdisplay with Fast CMOS Backplane
…for High-Speed Light Modulation. Researchers from the Fraunhofer Institute for Photonic Microsystems IPMS, in collaboration with HOLOEYE Photonics AG, have developed a compact LCOS microdisplay with high refresh rates that…
New perspectives for material detection
CRC MARIE enters third funding period: A major success for terahertz research: Scientists at the University of Duisburg-Essen and the Ruhr University Bochum have been researching mobile material detection since…
CD Laboratory at TU Graz Researches New Semiconductor Materials
Using energy- and resource-saving methods, a research team at the Institute of Inorganic Chemistry at TU Graz aims to produce high-quality doped silicon layers for the electronics and solar industries….