News

Kansas State Researches Information Exchange Security

• By Dian Schaffhauser
• 01/08/10

Researchers at Kansas State University are studying how to keep sensitive information safe when it's "aggressively" exchanged among systems. Computer scientists at the Manhattan-based university are developing high-level policy languages and verification techniques to strengthen the security and integrity of exchange mechanisms.

The ability to guarantee secure information flow is becoming more critical as government and industry push toward increasingly complex information systems, said John Hatcliff, professor of computing and information sciences. "Whether it's healthcare or military information, what people really want is the ability to push information out rapidly to anyone who needs it. You may have a doctor trying to make a diagnosis or a platoon leader trying to coordinate a maneuver in the context of a larger battlefield operation. In either case, more information leads to better decision making and better outcomes. However, you have to make sure as you're aggressively pushing information to decision makers that you don't inadvertently leak sensitive information to someone who shouldn't be seeing it."

Hatcliff is the head of the university's Specification, Analysis and Transformation of Software laboratory. Researchers at the lab do work in security, software engineering, programming language semantics, and automatic analysis of computer software.

Funding for the research came from a five-year, $3 million grant from the Air Force Office of Scientific Research and donations from Rockwell Collins, a company that creates communications and aviation electronics for the defense and aerospace industries. Kansas State is collaborating with researchers at Princeton University on the work.

Currently, the focus is on developing mathematical and logical models to enable designers and analysts to precisely state what information is allowed to flow from one point to another and under what conditions, Hatcliff said. "Then we're building tools to help people use those mathematical techniques to verify that their systems are correct."

The researchers are also creating tools to provide graphical images of information flowing through a system so that designers and auditors can more quickly understand a system's information flow behavior. The research focuses on systems where high levels of assurance are required and where the systems must prove conformance to information flow policies during a certification phase before being deployed.