Skip to content

Welcome Library News Events contact info FAQ Search

  You are not logged in Log in

You are here: Home » Library » Sentinels research program text » node12.html

A A A

Navigation  Sentinels    General info    House style    Library      Sentinels research    Links    Projects    Related programs    Workshops Search site Please enter your search text: Contact info Sentinels Program Office, Technology Foundation STW (details).

node12.html (Partial) solutions to security problems Presently there are a number of well-established methods and tools that contribute to IT-security in design and implementation: Cryptography is a body of mathematical methods for encoding messages for the purpose of making them unreadable for outsiders except for the legitimate receiver or for the purpose of adding proof of authenticity or integrity. Cryptoanalysis is concerned with breaking the encryption provided by cryptography. Collectively cryptoanalysis and cryptography are called cryptology. Security policy models describe succinctly the protection properties that a system must have, especially how security properties are linked to security objectives. Software engineering is concerned with the design and implementation of software systems. Within this setting SENTINELS concentrates on the design of system security. Formal methods are concerned with formal mathematical specification and analysis of software and hardware systems; SENTINELS particularly focuses on the specification, validation and verification of security properties and protocols. Smart cards are tamper resistant small computers, which are often used to carry secret personal information. Biometrics provide a capability to link the physical identity of a person to a digital identity. Risk analysis is the process of analyzing potential losses from a given hazard using knowledge about aspects that are understood, and judgments about aspects that are not well understood. The increasing vulnerability and dependability of industrial and other (safety) critical processes of ICT requires increased research into the field of ICT safety and security. The list above provides solutions, though in most cases only partial solutions to solving security problems. To provide more complete solutions is a significant problem. An even bigger problem is that there is no single, comprehensive framework or design methodology that helps the security engineer to design and build an adequately secure system. This is a severe obstacle to building secure systems. It is one of the ambitions of the SENTINELS program to contribute to the creation of such a comprehensive framework for secure systems engineering. Considering that security impinges on every aspect of system design, the realization of this ambition is a long-term goal, extending over 10 years or more. This comprehensive framework should be sufficiently flexible and open to be applicable in concrete situations and to address individual needs and requirements.

Sentinels: a Dutch research program on security in ICT, networks and information systems. It is being financed by the Ministery of Economic Affairs, the Netherlands Organization for Scientific Research Governing Board (NWO-AB), and the Technology Foundation STW.

This website (c) Technology Foundation STW. All usual disclaimers apply. This site is powered by Plone, CMF and Zope. The technical design and implementation is by www.aramara.nl and www.waarwordjijgelukkigvan.nl.