|
|
|
|
SCARI: Security, Confidentiality, Availability, Reliability and Integrity Research area synopsis: UTD will research “best practices” in the area of system security to ensure that the current (maximum) level of security that is guaranteed under E-Plan is maintained (and enhanced, if possible) during its nationwide expansion. In conjunction with the Security Analysis and Information Assurance Laboratory, it will perform a systematic vulnerability assessment of E-Plan and put in place mechanisms to minimize these vulnerabilities. Research team: Professors Raghavachari (team leader), Gupta, Krishnan. Research description: E-Plan ensures the highest levels of security currently. As it is expanded nationwide however, the sources of vulnerabilities will increase if only because of the vastly increased number of “entry points” into the system for those with less than noble intentions. Additional aggravating factors include multiple sources of failures, multiple network hops, connections and network elements, multiple physical facilities requiring protection, multiple sources of data and multiplicity of users. This compounded problem of providing scalable security will be addressed with special attention to: 1) Confidentiality and Integrity: It is especially important in the case of hazardous agents to maintain the confidentiality and integrity of data due to the potential for catastrophic misuse – several layers of security mechanisms (spanning the gamut from multiple authorizations to strict user rule enforcement to bad-behavior tracking via audit logs and trails) currently ensure minimal E-Plan vulnerability. These principles will be extended to support a vastly scaled nationwide E-Plan implementation. 2) Availability and Reliability: E-Plan caters to the emergency information needs of first responders during emergencies – thus the usual 5-9’s (99.999% availability) standard takes on added significance. Fault-tolerant, redundant network design principles will be applied to ensure that E-Plan at least meets this criterion. Multiple web servers with redundant synchronized data will be placed at strategic and appropriate numbers of sites (dictated by good network design guidelines). University partners of UTD will play a significant role in assisting with the logistical support necessary to install and maintain these clusters. |
|
|
