CIS Research Thrusts
Critical Infrastructure Protection
This project is devising strategies for protecting
Oklahoma's information and telecommunications assets.
The effort integrates technological, legal and policy
solutions to coherently address critical infrastructure
protection.
Telecommunications Security
This project is developing techniques and systems for
securing public telephone networks. The effort, specifically
focusing on SS7 and VoIP protocol attacks, involves
significant collaboration with federal researchers.
Network Attack Modeling and Visualization
This project uses distributed agents to synthesize
vulnerability models and real time information from
network discovery and intrusion detection systems. The
prototype integrates the Starlight visualization system
developed at Pacific Northwest National Laboratories
to support interactive data association and model manipulation.
Network Vulnerability Analysis
This research is developing tools for scanning converged
(IP-telephone) networks. The scanned information is
integrated with an attack model database to support
real-time vulnerability analysis.
Digital Forensics
This project is developing state-of-the-art forensics
tools and techniques, including network scanners, IP
profilers, chat room monitors and evidence preservation
systems. In addition, hardware and software tools for
recovering and analyzing digital evidence are being
developed.
Policy Mediation
This project uses formal logic and mediator technology
to implement meta policies for access control in federated
database environments. This project involves collaboration
with NIST scientists who have developed universal policy
machines for generic authorization services.
Cryptographic Protocol Verification
This research has developed a formalism that integrates
logic and process calculus components to support formal
proofs about the knowledge and behavior of communicating
principals, and about the properties of cryptographic
protocols. The formalism also has applications to modeling
and verifying security properties of distributed systems.
Programmable Security
This research is developing programming languages with
constructs for programmable security. A primitive ticket
based model is used to implement a spectrum of access
control models (DAC, MAC, RBAC and TBAC), while supporting
efficient security checking at compile time and run
time. The Java language has been augmented with constructs
for programmable security at the package, class and
object levels. The project is also developing a coordination
language with programmable mechanisms for orchestrating
secure interoperation of software components, including
legacy systems.
Security Enhanced Linux (SELinux)
This project investigates strategies for
effective SELinux access control policy management. Tools are
under development to support SELinux system installation and administration.
One effort engages information flow theory to establish techniques for
access control policy configuration analysis. Another supports SELinux
application development through syntax directed analysis of source
code to derive complementary SELinux policy expressions.
