Areas

Health and food management

More and more information about health and well-being is processed in information systems. These include homecare systems, electronic patient files, and monitoring of children. As health data is generally considered privacy-sensitive information, such systems need to be carefully designed in order to protect the confidentiality of information. Integrity is also a concern, as one would rather not have the wrong medicine given to a patient.

Also in food supply information is key. RFID and similar technologies promise full tracking of a product between farm and supermarket, but this is not trivial. Many quality aspects of food (expiry date, production types such as biological) can increase or decrease the value of the food, and are as such attractive targets for manipulation. Assuring the integrity of food information is therefore a topic of research.

Techniques developed by the DIES group on data and network security, as well as risk management, are applied in projects in the healthcare and food domains. In this way we aim to contribute to securing basic preconditions for human health and well-being.

Critical Control Systems

ICT is applied more and more to control the operation of systems where failure or malfunction can have critical consequences. Examples include SCADA systems, transportation and traffic systems of all kinds, but also health-care. While dependability is a general concern in those systems and encompasses also strategies for enhanced robustness in the face of unintentional failure, the work of the DIES research group focuses on prevention and mitigation of intentional attacks.

Examples of our work include securing SCADA systems where we focus, e.g. on access control technology, new techniques to analyze system event logs and to correlate logged events, and network intrusion detection and response platform specific for SCADA systems.

In the area of traffic systems, we look at security and privacy protection mechanisms of future vehicular communication systems, focusing, e.g. on reactive and adaptive security mechanisms that allow to provide a flexible level of security based on current situation and context of vehicles. Other work addresses protection of privacy and personal information in Intelligent Transportation Systems based on enforcement of privacy policies.

Social and enterprise networks

Current society is characterised by increased connectivity between people, and also between companies. People share their lives with people all over the world via Facebook, and companies specialise on small parts of the production chain, outsource their IT and cooperate in projects. In these social and enterprise networks, security becomes an increasingly important concern.

Privacy in social networks demands a simple solution, as complicated privacy settings will only be used by a small group of digitally smart citizens. Therefore, the DIES group tries to increase privacy by private matching, in which data is only shared if people have things in common.

For enterprise networks, it is important to measure the security risks when cooperating or outsourcing. We work on tools for confidentiality risk modelling to increase security in cloud computing. We develop conceptual frameworks comparing physical and virtualised security, and threat models that do not rely on the old-fashioned idea of a security perimeter and the associated notion of containment. We also investigate new access control models, where the performance bottleneck of a trusted third party is eliminated.