Information Centric Security

Period of Performance: 07/01/2003 - 04/30/2004

$70K

Phase 1 STTR

Recipient Firm

Securboration, Inc.
MELBOURNE, FL 32901
Principal Investigator
Firm POC

Research Institution

Florida Institute of Technology
150 West University Boulevard
Melbourne, FL 32901
Institution POC

Abstract

Computer security research has historically dealt with technology to secure the perimeter of computing infrastructures. This is the case despite the general agreement that the most numerous and damaging attacks have been carried out by "insiders", those individuals that are trusted to operate inside perimeter defenses such as employees or guests. The insider threat forces us to look to new technologies that operate inside of established perimeter defenses. This offering will define the needs and scope of such defenses, and then specify (Phase I) and prototype (Phase II) security infrastructures that serve to protect existing operating systems. The end result will be a system that is capable of protecting both data and applications (particularly those which process sensitive data) from malicious insiders. We will protect media while at rest (resident on disk) and during use. In addition, the system we design will also be highly resistant to direct attacks from insiders. Our objectives are to closely study potential inside attack vectors and implement a tool that serves to neutralize such attacks and provide forensic evidence of attacks in progress. There is a desperate need in both the public and private sectors for tools and techniques that mitigate the threat of rouge insiders. The market potential is staggering, as malicious insiders represent the most significant and costly losses to both corporate entities and government agencies. Our aim is to create a tool which will allow institutions to protect information against users who we must assume have console access to the machines on which sensitive documents reside. This tool will be designed to retrofit existing operating systems and network infrastructures and will not require proprietary hardware. This means that our solution will be relatively inexpensive to implement on existing infrastructures which creates a massive potential customer base.