Mapping Trusted Systems Technologies to E-security Requirements. A new software based approach, strongly guided by national and international security standards based upon mandatory access control, is required to simplify for management the protection of their information infrastructure. This will be in the form of a security definition toolset aligned to trusted systems technologies currently under consideration internationally. No such trusted system has been developed to address current comme ....Mapping Trusted Systems Technologies to E-security Requirements. A new software based approach, strongly guided by national and international security standards based upon mandatory access control, is required to simplify for management the protection of their information infrastructure. This will be in the form of a security definition toolset aligned to trusted systems technologies currently under consideration internationally. No such trusted system has been developed to address current commercial IT product environments. The safety and security of information systems against attack and illicit usage form an essential component of ?National Information Infrastructure Protection (NIIP)?, a move to better ?e-security?. Existing commercial (untrusted) operating systems lack the critical security bases for e-security making e-applications vulnerable to tampering and bypass which can cause failures in overall system security.Read moreRead less
Special Research Initiatives - Grant ID: SR0567386
Funder
Australian Research Council
Funding Amount
$98,000.00
Summary
Mechanisms for Ultra-secure Access to Large Repositories of Sensitive Data over the Grid. Large repositories of data that are typically geographically distributed and are subject to varying degrees of legal and ethical constraints are not available for open scientific research due to the sensitive and private nature of the information they contain, e.g. personal health records offer significant value for medical research, but are not readily available due to privacy legislation and the requireme ....Mechanisms for Ultra-secure Access to Large Repositories of Sensitive Data over the Grid. Large repositories of data that are typically geographically distributed and are subject to varying degrees of legal and ethical constraints are not available for open scientific research due to the sensitive and private nature of the information they contain, e.g. personal health records offer significant value for medical research, but are not readily available due to privacy legislation and the requirement to maintain end-user’s trust in healthcare information system. This project will build a demonstrator, based upon advanced cryptographic and information research and technologies to provide ultra-secure and sanitized access to this data via a data network grid.Read moreRead less
Formally-Based Security Evaluation Procedures. Guaranteeing information security is of critical national importance, especially in the current political climate. Devices intended to safeguard Australia's electronic communications must be proven secure using leading-edge techniques. Currently, evaluation of such devices relies on informal procedures and the experience of individuals. This project will introduce more rigour into security evaluations by adapting techniques from the fields of saf ....Formally-Based Security Evaluation Procedures. Guaranteeing information security is of critical national importance, especially in the current political climate. Devices intended to safeguard Australia's electronic communications must be proven secure using leading-edge techniques. Currently, evaluation of such devices relies on informal procedures and the experience of individuals. This project will introduce more rigour into security evaluations by adapting techniques from the fields of safety analysis and formal methods. In particular, mathematical concepts will be introduced using notations suitable for use by security personnel with no prior formal methods experience. The outcomes of this project will enable more efficient and effective information security evaluations.Read moreRead less