By Anantha Krishnan M
Express News Service
Express News Service
Bangalore: Every relationship survives on trust. In the virtual world, it's trust that builds security. And in military, it is security and trust that probably acts as a trump-card to triumph. World over, the most common techniques for achieving security in the physical world are signature-based and gate-keeper mechanisms. Equivalently, in the space of computer systems, anti-virus software is an example of signature-based mechanisms for achieving security. It possesses signatures of known viruses, and the signature database needs to be continually updated to incorporate the signature of new viruses. Most anti-virus systems also have heuristic-based mechanisms to detect potentially malicious behavior of software or an external agent. Firewalls are examples of gate-keeper mechanisms.
The crucial aspect in security is the notion of trust. “In the human space, the trust is achieved by various mechanisms. First roots of trust can be defined (Eg: A close friend, a family member etc.) Another strategy to achieve trust could be deterrence. The third strategy is that of containment. In this strategy, the untrustworthy entity is assumed to exist and a context is created that prevents the entity from performing untrusted actions,” sources at the Centre for Artificial Intelligence and Robotics (CAIR), told Express while explaining the complex concepts of Secure Operating Environment, in layman's terms.
The notion of trust is important, as merely having an anti-virus or firewall is not adequate. It is equally important to be able to trust them for their claimed functionality. Realizing this, the CAIR launched an effort to create an secure operating environment called Secure Operating System (SecOS), based on the third approach. “Our efforts in creating SecOS are based on strong containment strategies. The central theme of the effort is to create strong strategies with respect to the operating system that would allow only the operations or actions that are permitted as per policy. The SecOS is a collection of containment enablers that can be combined for a particular role,” sources said, refusing to give out numbers, OS details and predicted deployment areas.
SecOS is a mature product with CAIR carrying unique security capabilities. There has been a strong interest in SecOS from Defense and Government bodies for widespread deployment. For the benefit of Express readers, a senior Army official puts the role of SecOS in simple terms. “Most senior military and government officials use laptops and connect them to their organizational networks. These laptops potentially contain classified information that is intentionally stored on the hard disk, or unintentionally stored as part of the cached files. When these laptops are connected to the organizational network from inside the organization, they are protected by the information security infrastructure of the organization,” the official said.
However, the role of SecOs comes when the official travels and connect it to organizational network over the Internet, which substantially increases the attack exposure. “In this context, SecOS can provide an environment that isolates the hard disk completely, and yet provides full capability of an operating system, inclusive of Internet access. Today, SecOS is a mature product with CAIR that has been evaluated and found suitable for defense usage” the official said.
The crucial aspect in security is the notion of trust. “In the human space, the trust is achieved by various mechanisms. First roots of trust can be defined (Eg: A close friend, a family member etc.) Another strategy to achieve trust could be deterrence. The third strategy is that of containment. In this strategy, the untrustworthy entity is assumed to exist and a context is created that prevents the entity from performing untrusted actions,” sources at the Centre for Artificial Intelligence and Robotics (CAIR), told Express while explaining the complex concepts of Secure Operating Environment, in layman's terms.
The notion of trust is important, as merely having an anti-virus or firewall is not adequate. It is equally important to be able to trust them for their claimed functionality. Realizing this, the CAIR launched an effort to create an secure operating environment called Secure Operating System (SecOS), based on the third approach. “Our efforts in creating SecOS are based on strong containment strategies. The central theme of the effort is to create strong strategies with respect to the operating system that would allow only the operations or actions that are permitted as per policy. The SecOS is a collection of containment enablers that can be combined for a particular role,” sources said, refusing to give out numbers, OS details and predicted deployment areas.
SecOS is a mature product with CAIR carrying unique security capabilities. There has been a strong interest in SecOS from Defense and Government bodies for widespread deployment. For the benefit of Express readers, a senior Army official puts the role of SecOS in simple terms. “Most senior military and government officials use laptops and connect them to their organizational networks. These laptops potentially contain classified information that is intentionally stored on the hard disk, or unintentionally stored as part of the cached files. When these laptops are connected to the organizational network from inside the organization, they are protected by the information security infrastructure of the organization,” the official said.
However, the role of SecOs comes when the official travels and connect it to organizational network over the Internet, which substantially increases the attack exposure. “In this context, SecOS can provide an environment that isolates the hard disk completely, and yet provides full capability of an operating system, inclusive of Internet access. Today, SecOS is a mature product with CAIR that has been evaluated and found suitable for defense usage” the official said.
(Copyright@The New Indian Express)
Part VII Tomorrow: Brainy women behind smart systems.