Security-Oriented Research in Information Technology 2007 - 2013

Subject and goal of the research plan

A knowledge-based society, which utilizes modern information technology (IT) in everyday life, is and will be increasingly endangered by intentional as well as involuntary misuse of that technology. In this context, the requirement of security has become of the same importance as the functionality, cost or maintainability even for ordinary applications and systems. Simultaneously, a proper use of information technology offers a great potential for the protection of society against various kinds of threats, including terrorism. Hence the research in information technology from the perspective of security covers a wide spectrum of problems, ranging from solving fundamental issues of mathematically formal nature (e.g., in cryptography) to applied research (e.g., face recognition) utilizing knowledge from diametrically opposite fields (e.g., anthropology). Novel methods and approaches are being investigated and developed in order to protect systems against attackers, to detect and identify attackers, to monitor the behavior of attackers, to collect sensitive information, to eliminate threats, etc.

The significance of security research and security engineering is growing in the world as well as in the Czech Republic. In the EU, such projects are financed by the IST program as a part of the sixth framework program (FP6), in the Program of Work for the Preparatory Action in the Field of Security Research (PASR-2005, 2006), E-SAFE 2005-2008 (secure internet); in the US, DARPA and others finance those programs. In the seventh framework program, security together with information technology is among the priorities. In the Czech Republic, this research direction was identified as crucial by the government resolution in June 1, 2005, in paragraph 661 on Long-term priorities in the research.

The outstanding scientific and research work of the Department of Computer Science and Engineering at the former Faculty of Electrical Engineering and Computer Science of Brno University of Technology (BUT) in conjunction with the growing importance of information technology in the society led, among others, to the transformation of this department into a new faculty of BUT specialized in information technology. The new Faculty of Information Technology (FIT) declares in its Long-term plan that the research in information technology with respect to security is its long-term priority. In this area, the faculty has achieved original scientific results, participates in accepted and submitted EU research projects (FP6, PASR) and successfully cooperates with commercial companies and security authorities of the Czech Republic.

In accordance with the Long-term plan of the FIT, the subject of this research plan is the security-oriented research in information technology. This is the only research plan of the FIT. According to the expected growing importance of security in the context of information technology, the proposed research plan is scheduled for seven years. The main goals of the research plan are:

• to systematically develop the concept of the "design for security" in the area of information technology (i.e. development of IT with respect to its safety and security)
• and to explore possible applications of information technology in order to strengthen the security of society.

A no less important goal is to strengthen and integrate those research activities in the areas of security of information technology and the utilization of information technology for enhancement of security that the research groups of the FIT have performed separately up to now. In the time scale of the research plan, the goal is to establish the FIT as a leading research and consultation institution in the areas of security of the IT and the utilization of the IT for enhancement of security in the Czech Republic and as a recognized institution in these areas within the EU.

The research plan will mainly be oriented to the following areas of information technology:

• speakers recognition and keyword spotting in various languages (e.g., as a terrorist attack prevention),
• search of video sequences for specific objects and persons (e.g., for airport monitoring systems),
• intelligent data mining of sensitive information in databases,
• biometric authentication,
• computer network monitoring,
• smart card security,
• safe, fault tolerant and attack tolerant circuit platforms,
• formal verification and simulation (to ensure safety and security of systems),
• secure communication protocols and cryptography, and
• concepts of secure applications and systems design.

As a part of basic research, a proper theoretical framework for the above mentioned areas will systematically be developed, in particular, based on algebra, formal languages theory, system modeling and signal processing.

The results of the project will have the form of new knowledge published in prestigious journals and at international conferences, techniques applicable in computer engineering and demonstration applications in the mentioned areas of information technology that will contribute to solving the current security issues of our society. A complex approach will continually be developed to the design, implementation, installation and maintenance of secure information technology for individuals, objects, institutions, government and business companies.

Sub-goals of the research plan

The following sub-goals were defined on basis of the analysis of the state of the art:

• SG1. To research deliberate attacks on the security of information systems (including distributed and mobile ones) and to design appropriate countermeasures, namely in the areas of applied cryptography, secure hardware, and biometric authentication. An integral part of the research would be the design and verification of techniques for evaluation of information system security.
• SG2. To propose, implement and verify methods and techniques of knowledge discovery in complex data that will be applicable for security enhancement.
• SG3. To investigate methods of raster image analysis with focus on recognition, identification, and tracking of objects, video-sequence processing, and multimodal processing of audio/video sequences, 3D-scene processing, and acceleration of image processing through programmable hardware.
• SG4. To design, specify and evaluate prototypes of application-oriented architectures, components and protocols of computer networks, networks of embedded devices, interconnection networks and networks on the chip. To show and verify their properties including reliability, safety, security and quality of the services.
• SG5. To design, specify and investigate statistical and grammatical models with the aim of using such models for detection and following extraction of defined information from a database or stream of text and/or speech data.
• SG6. To develop, simulate, implement and verify application-specific circuit architectures that are utilizable for the applications in which a certain level of reliability, security and adaptability is required in case of malfunction or in case of a change in the specification or environment in which they operate.
• SG7. To propose and explore methods and tools for formal verification and simulation that will allow - as automatically and efficiently as possible - detect a broad spectrum of design flaws and vulnerable (i.e. usable for an attack) points in secure applications that would otherwise be easy to miss by the designers due to the high complexity of the systems being developed.