Information security in an acquisition, reception, data recording and elaboration system
Research Area:
Research Lines:
Research Lines:
Responsible:
Research
-
Start date: 2004-01-01
Length: 24 months
Project abstract
The topics treated within the project area of security of computer systems treating massive and complex data regarded data reception and storage protection against possible intrusions and unauthorized modifications, as well as system robustness.
Considering the functionalities required from the system, security problems have been identified in:
The main security aspects considered in this research project were the following:
The research aimed at studying methods to increase the security level of data reception, storage, and computation, in particular facing the following topics:
Considering the functionalities required from the system, security problems have been identified in:
- data reception, especially when the net infrastructure is public or implemented via wireless technologies;
- data recording and subsequent use through net diffusion;
- ensurance of data security level during computation, against improper use of applications running to produce the expected outputs.
The main security aspects considered in this research project were the following:
- information security regarding espionage (intentional attacks);
- information security in case of accidental attacks (due to thefts, or losses of hardware supports or password and hardware access keys);
- information security in case of intentional or accidental damage (disasters, viruses, worms, Trojan horses).
The research aimed at studying methods to increase the security level of data reception, storage, and computation, in particular facing the following topics:
- description of possible attacks in the phase of data reception, storing, and elaboration and in the related subsystems;
- analysis of both current and innovative techniques of data coding/decoding, of user and machine authentication, and control of accesses to computer systems during management of large quantities of data (data bases);
- analysis of security solutions available on the market, regarding the stated requirements. Since today unique standards and/or products do not exist, the research extrapolated and adapted the most interesting features available from the solutions currently available at the commercial and prototype levels.
Project results
- Selection criteria and composition of security solutions (based on use of cryptographic techniques), out of existing standards and techniques.
- Proposals of actual solutions for the studied system, at various security levels, with respect to the cost parameter.
The project outcome was a detailed solution at both functional and architectural levels,, able to guarantee the mentioned security aspects for the studied system.