CURRENT RESEARCH SUPPORTING FAA May 2003

spotlessstareSecurity

Nov 29, 2013 (3 years and 11 months ago)

102 views




CURRENT RESEARCH SUPPORTING FAA


May 2003





Dr. Cynthia E. Irvine, Director

irvine@cs.nps.navy.mil

May 2003

2

Topics


CISR Research Capabilities and Initiatives


Biometrics for Continuous Authentication of Flight Deck Personnel


In
-
Flight Backup of Black Box Data to Ground Stations

May 2003

3


Nationally Recognized Center of Excellence



NSA Citation 2003



NSTISSC Citation for Courses
-

Five Certifications (2003)




NSF Award for Scholarship for Service Program



Combines


Research and Academics


Depth in Assurance and Security Engineering


Collaboration with DoD/DoN/Universities/Industry


Large, Experienced Faculty and Research Group (20)


NSF Scholarship for Service (Cyber Corps) Program


DoD Information Assurance Scholarship Program

CISR: A National Center of Excellence

May 2003

4

Educational Program


Jan02
-
Jun02


Enrolled in IA Concentration Degree Program: 79


Graduated with IA Concentration:



20


Enrolled in Certificate Program



108


Graduated with Certificate




27


Fall Quarter Enrollments in IA Classes: 160


Introduction to Computer Security:

85


Secure Management of Systems:

50


Secure Systems (Advanced course)

30



Similar numbers each quarter


潶敲o㘰〠捬慳sr潯洠s敡es⽹敡/


Note: NPS total enrollment is approximately 1250

May 2003

5

Research Initiatives:

Network Security Architectures and Prototypes


High Assurance Server
-
Centric Security Architectures using COTS
Components


Supports Architectures for Coalitions and Dynamic Collaboration
Environments


High Assurance Network Authentication


Trusted Path for the Road Warrior Problem


Quality of Security Service


Security Costing Framework


Security in Transport & Data Link Layers


IPSec Support for Distributed System Capabilities

May 2003

6

Advanced Multilevel Security Prototypes &
Technologies

Multilevel Secure (MLS) Client/Server Architecture

High Assurance of National Policy Enforcement (EAL5/7)

Ergonomic Security with Popular Commercial Applications

High Assurance Authentication of Clients and Users

Trusted Application Integrity Framework

Components

High Assurance MLS Server


Distributed Authentication and Session Services


Application Services: HTTP, SMTP, NFS, etc.

Trusted Path Extension Appliance Prototype


Ultimate Base: High Assurance Separation Kernel

Commercial Workstations and Applications



Current and Potential Partners


DigitalNet: High Assurance System Vendor


OSD: Cross Domain Security Working Group


Protection Profile: National Security Agency


Navy Partners

More Information


Monterey Security Enhanced Architecture


http://cisr.nps.navy.mil/projectmysea.html

MLS Supports:


ISR, Networks, COP, & CTP

Manage Classified/Unclassified Data

MLS & Coalition Interoperability


NATO; Homeland; Intelligence

User
-
Friendly

Protection from Information Leakage & Corruption

Assurance against Subversion and Malicious Software

Enabling Technologies

Integrity for Trusted Applications


Trustworthy XML
-
based Document Management


Confidence for Guards, Sanitizers & Regraders

Advanced Protocols: IPv6 and IPv4 compatible

Harnessing Multilevel Security

for Coalition & Interoperability Solutions

Integrity

Authenticity

MYSEA: Monterey Security Architecture

May 2003

7

Trusted Computing

Exemplar Project

Integrated Activities



Create Framework for Rapid High Assurance Development


Develop High Assurance Security Components


Separation Kernel


Model Application


Evaluate Components for High Assurance


Disseminate Results & Deliverables via Open Methodology

May 2003

8

Keeping the Network Alive


in the Face of

Vandals & Motivated Professional Attackers

May 2003

9

Research Initiatives: Emerging Issues


Security for Small
-
Footprint Operating Systems


Windows XP Embedded


First School with source code relationship


Wireless Security Issues


Constructive Threat and Vulnerability Analysis


CISR student developed a demonstration of code insertion
attack on Linux


Classified Challenge Project


Collaboration with DoE Labs and Intelligence Community


8 months


Demonstration August 02


PKI Analysis and Development


Policy Enhanced Linux and OpenBSD

May 2003

10

Aviation Biometrics Thesis Research



Biometrics for Continuous Authentication of Flight Deck Personnel


9/11 highlights need for flight deck security



Question: Are the right people flying the plane?


What do you do with this information?


Need answer even if situation response doctrine not clear


Investigate biometrics to provide flight deck situation awareness


Survey of applicable current technology and trends


Develop high level recommendations and design

May 2003

11

Aviation Biometrics Thesis Research



Biometrics: identification based on individual characteristics


You are always identified as you


No one else is identified as you


Wide range of approaches


Morphology
-

facial, cranial, hand geometry


Physical behavior
-

stride, signature, keyboard entry rhythm


Epidermal configuration
-

fingerprint, vein patterns


Vocal
-

aural, spectrographic


Ocular
-

iris, retina


Chemical
-

blood, saliva


Genetic
-

cellular samples

May 2003

12

Aviation Biometrics Thesis Research




Common Biometric Concepts


User
registration

produces numerical
registration

template


Registration template storage


User
identification

produces numerical
identification template


Matching

of registration and identification templates produces
score


Threshold

identifies acceptable scores.


May 2003

13

Aviation Biometrics Thesis Research



Goals


“Continuous” authentication of key flight deck personnel


Notification to situation assessment personnel


Secure data transmission and storage


Confidentiality


Integrity


Availability


Initial Investigative Focus


Understand accuracy/reliability factors of different biometric
approaches


Determining practicality of In
-
fight operation


Commercial Biometric Tool Availability


Prototype high level authentication system design


Flight deck operating scenarios

May 2003

14

Aviation Biometrics Thesis Research




Issues and Challenges


Requirements Definition


System Design


Architecture


Allocation of components


Ground


On
-
board


Location of on
-
board equipment


Distributed Storage and retrieval of registration templates


Secure handling of templates


Registration, Storage, Distribution, identification, matching


Equipment Performance and Cost


Use of multiple biometrics
-

paradoxical results


Additional use of Biometrics for flight deck entry

May 2003

15

Aviation Data Preservation Thesis
Research



In
-
Flight Backup of Black Box Data to Ground Stations


Black Boxes record various flight parameters


Flight Data Recorder (FDR)


Cockpit Voice Recorder (CVR)


Provide valuable information for analysis of flight incidents


Black box data may not be available post facto


Physical damage


Cannot locate


Transient recording window


Investigate means to supplement Black Boxes


Survey of applicable current technology and trends


Develop high level recommendations and design

May 2003

16

Black Box Data Preservation Thesis
Research



Goals


Preserve valuable information


Secure data transmission and storage


Confidentiality


Integrity


Availability


Privacy


Prevent misuse of data


Initial Investigative Focus


Transmit FDR/CVR data to ground stations


Use of existing communication channels


VHF, UHF, Satcom, ACARS, ACMS, Airphone, etc.


Archival extention of data lifetime


Preservation of current paradigm for appropriate use

May 2003

17

Black Box Data Preservation Thesis
Research




Issues and Challenges


Requirements Definition


System Design


Architecture


Coordination/synchronization among ground stations


Distributed Storage and retrieval


Transmission methods


Security


Equipment Performance and Cost


Applicability to older and smaller aircraft


Global coverage area


Personnel/privacy concerns


Airline

Pilots

Association

(ALPA)


Aircraft

Owners

and

Pilots

Association

(AOPA)


Regulatory Process


Federal

Aviation

Administration


National

Transportation

Safety

Board


May 2003

18

Corporate Information




Dr. Cynthia E. Irvine, Code CS/Ic

Naval Postgraduate School

Monterey, CA 93943

Irvine@nps.navy.mil

831 656
-
2461