Cylab News
Information Security Magazine Highlights CyLab’s Lead in Vital Research
"Mimoso describes CyLab as “a think tank addressing tomorrow's information security concerns, a brainy conglomerate set against the brawny landscape that is the city of Pittsburgh.”
Information Security’s Michael Mimoso has written an interesting piece drawing attention to Carnegie Mellon CyLab’s leading role in the conduct of vital research.
Mimoso describes CyLab as “a think tank addressing tomorrow's information security concerns, a brainy conglomerate set against the brawny landscape that is the city of Pittsburgh.” In the story, he features the work of Mario Savvides on biometrics, Dawn Cappelli on the insider threat and Adrian Perrig on Seeing is Believing (SiB) and the SecVisor.
Here are brief excerpts, with a link to the full text:
With most of the projects at Savvides' biometrics lab funded by the National Science Foundation (NSF), a government agency that sponsors research at educational institutions such as CMU, it's no surprise that most of this work is earmarked for use by certain three-letter government agencies. Savvides is a purposeful man who directs the movements of his students with the precision of an orchestral conductor. At one station, iris recognition cameras and software are being tuned so iris information can be captured while a subject is on the move. At another station, detailed images of a human iris are digitally rolled flat on a screen; the plateau-like image is then thoroughly mapped so data can be stored for forensic matching later on.
Savvides is also managing his charges toward the perfection of facial matching, essentially taking two-dimensional images--for example, newspaper photos or subway surveillance images--and translating them into three-dimensional computer models...
"If you look at the people you work with, there are the one or two people who don't get along well with others, cause problems, can't take criticisms, and people walk on eggshells around them," Capelli says. "Those are the people who commit IT sabotage. We don't have a single case where people said, 'He was such a nice guy, I can't believe he did it.'"
While that narrows your field of potential risky insiders, there are still conditions that cause these situations to manifest, such as a withheld promotion or lower than expected pay raise. While these conditions usually aren't exclusive to the insider, some aren't able to overcome them psychologically and they become disgruntled.
"We've validated this with all our cases," Capelli says, noting that CERT/CC has a database of 150 actual cases from which it builds and refines its models. "This is a distinct pattern." ...
"I approach security by thinking about my family and how they deal with it. I have friends of mine who have Ph.D's in computer science taking three hours to install their 802.1 access point security. We're just trying to create security that's easy to use."
One such project, developed by Perrig and CMU colleagues Michael K. Reiter (who has since left CMU) and Jonathan M. McCune, is the Seeing is Believing (SiB) protocol, which enables secure communication between mobile devices that have no contextual relationship. The protocol employs two-dimensional barcodes that serve as the devices' respective public encryption keys. The barcode is photographed by the other SiB-enabled device, which decodes the barcode, then contacts the other device via Bluetooth to obtain another copy of the public key. If the two match, the devices are authenticated and secure communication can happen without the need for a certificate authority.
"Whenever we need to use encrypted email, we need to trust certificates. There are a lot of problems with certificates," Perrig says. "With this system, you get rid of the certificate authority and essentially create your own."