CURRENT RESEARCH SUPPORTING FAA

1

• CURRENT RESEARCH SUPPORTING FAA
• May 2003
• Dr. Cynthia E. Irvine, Director
• irvine_at_cs.nps.navy.mil

2
Topics

• CISR Research Capabilities and Initiatives
• Biometrics for Continuous Authentication of
  Flight Deck Personnel
• In-Flight Backup of Black Box Data to Ground
  Stations

3
CISR A National Center of Excellence

• Nationally Recognized Center of Excellence
  
• NSA Citation 2003
• NSTISSC Citation for Courses - Five
  Certifications (2003)
• NSF Award for Scholarship for Service
  Program
• Combines
• Research and Academics
• Depth in Assurance and Security Engineering
• Collaboration with DoD/DoN/Universities/Industry
• Large, Experienced Faculty and Research Group
  (20)
• NSF Scholarship for Service (Cyber Corps) Program
• DoD Information Assurance Scholarship Program

4
Educational Program

• Jan02-Jun02
• Enrolled in IA Concentration Degree Program 79
• Graduated with IA Concentration 20
• Enrolled in Certificate Program 108
• Graduated with Certificate 27
• Fall Quarter Enrollments in IA Classes 160
• Introduction to Computer Security 85
• Secure Management of Systems 50
• Secure Systems (Advanced course) 30
• Similar numbers each quarter ? over 600 classroom
  seats/year
• Note NPS total enrollment is approximately 1250

5
Research Initiatives Network Security
Architectures and Prototypes

• High Assurance Server-Centric Security
  Architectures using COTS Components
• Supports Architectures for Coalitions and Dynamic
  Collaboration Environments
• High Assurance Network Authentication
• Trusted Path for the Road Warrior Problem
• Quality of Security Service
• Security Costing Framework
• Security in Transport Data Link Layers
• IPSec Support for Distributed System Capabilities

6
MYSEA Monterey Security Architecture
MLS Supports ISR, Networks, COP,
CTP Manage Classified/Unclassified Data MLS
Coalition Interoperability NATO Homeland
Intelligence User-Friendly Protection from
Information Leakage Corruption Assurance
against Subversion and Malicious
Software Enabling Technologies Integrity for
Trusted Applications Trustworthy XML-based
Document Management Confidence for Guards,
Sanitizers Regraders Advanced Protocols IPv6
and IPv4 compatible

• Advanced Multilevel Security Prototypes
  Technologies
• Multilevel Secure (MLS) Client/Server
  Architecture
• High Assurance of National Policy Enforcement
  (EAL5/7)
• Ergonomic Security with Popular Commercial
  Applications
• High Assurance Authentication of Clients and
  Users
• Trusted Application Integrity Framework
• Components
• High Assurance MLS Server
• Distributed Authentication and Session
  Services
• Application Services HTTP, SMTP, NFS, etc.
• Trusted Path Extension Appliance Prototype
• Ultimate Base High Assurance Separation
  Kernel
• Commercial Workstations and Applications

Current and Potential Partners DigitalNet
High Assurance System Vendor OSD Cross Domain
Security Working Group Protection Profile
National Security Agency Navy Partners More
Information Monterey Security Enhanced
Architecture http//cisr.nps.navy.mil/pro
jectmysea.html
7
Trusted Computing Exemplar Project

• Integrated Activities
• Create Framework for Rapid High Assurance
  Development
• Develop High Assurance Security Components
• Separation Kernel
• Model Application
• Evaluate Components for High Assurance
• Disseminate Results Deliverables via Open
  Methodology

8

• Keeping the Network Alive in the Face of
  Vandals Motivated Professional Attackers

9
Research Initiatives Emerging Issues

• Security for Small-Footprint Operating Systems
• Windows XP Embedded
• First School with source code relationship
• Wireless Security Issues
• Constructive Threat and Vulnerability Analysis
• CISR student developed a demonstration of code
  insertion attack on Linux
• Classified Challenge Project
• Collaboration with DoE Labs and Intelligence
  Community
• 8 months
• Demonstration August 02
• PKI Analysis and Development
• Policy Enhanced Linux and OpenBSD

10
Aviation Biometrics Thesis Research

• Biometrics for Continuous Authentication of
  Flight Deck Personnel
• 9/11 highlights need for flight deck security
• Question Are the right people flying the plane?
• What do you do with this information?
• Need answer even if situation response doctrine
  not clear
• Investigate biometrics to provide flight deck
  situation awareness
• Survey of applicable current technology and
  trends
• Develop high level recommendations and design

11
Aviation Biometrics Thesis Research

• Biometrics identification based on individual
  characteristics
• You are always identified as you
• No one else is identified as you
• Wide range of approaches
• Morphology - facial, cranial, hand geometry
• Physical behavior - stride, signature, keyboard
  entry rhythm
• Epidermal configuration - fingerprint, vein
  patterns
• Vocal - aural, spectrographic
• Ocular - iris, retina
• Chemical - blood, saliva
• Genetic - cellular samples

12
Aviation Biometrics Thesis Research

• Common Biometric Concepts
• User registration produces numerical registration
  template
• Registration template storage
• User identification produces numerical
  identification template
• Matching of registration and identification
  templates produces score
• Threshold identifies acceptable scores.

13
Aviation Biometrics Thesis Research

• Goals
• Continuous authentication of key flight deck
  personnel
• Notification to situation assessment personnel
• Secure data transmission and storage
• Confidentiality
• Integrity
• Availability
• Initial Investigative Focus
• Understand accuracy/reliability factors of
  different biometric approaches
• Determining practicality of In-fight operation
• Commercial Biometric Tool Availability
• Prototype high level authentication system design
• Flight deck operating scenarios

14
Aviation Biometrics Thesis Research

•  Issues and Challenges
• Requirements Definition
• System Design
• Architecture
• Allocation of components
• Ground
• On-board
• Location of on-board equipment
• Distributed Storage and retrieval of registration
  templates
• Secure handling of templates
• Registration, Storage, Distribution,
  identification, matching
• Equipment Performance and Cost
• Use of multiple biometrics - paradoxical results
• Additional use of Biometrics for flight deck entry

15
Aviation Data Preservation Thesis Research

• In-Flight Backup of Black Box Data to Ground
  Stations
• Black Boxes record various flight parameters
• Flight Data Recorder (FDR)
• Cockpit Voice Recorder (CVR)
• Provide valuable information for analysis of
  flight incidents
• Black box data may not be available post facto
• Physical damage
• Cannot locate
• Transient recording window
• Investigate means to supplement Black Boxes
• Survey of applicable current technology and
  trends
• Develop high level recommendations and design

16
Black Box Data Preservation Thesis Research

• Goals
• Preserve valuable information
• Secure data transmission and storage
• Confidentiality
• Integrity
• Availability
• Privacy
• Prevent misuse of data
• Initial Investigative Focus
• Transmit FDR/CVR data to ground stations
• Use of existing communication channels
• VHF, UHF, Satcom, ACARS, ACMS, Airphone, etc.
• Archival extention of data lifetime
• Preservation of current paradigm for appropriate
  use

17
Black Box Data Preservation Thesis Research

•  Issues and Challenges
• Requirements Definition
• System Design
• Architecture
• Coordination/synchronization among ground
  stations
• Distributed Storage and retrieval
• Transmission methods
• Security
• Equipment Performance and Cost
• Applicability to older and smaller aircraft
• Global coverage area
• Personnel/privacy concerns
• Airline Pilots Association (ALPA)
• Aircraft Owners and Pilots Association (AOPA)
• Regulatory Process
• Federal Aviation Administration
• National Transportation Safety Board

18
Corporate Information

• Dr. Cynthia E. Irvine, Code CS/Ic
• Naval Postgraduate School
• Monterey, CA 93943
• Irvine_at_nps.navy.mil
• 831 656-2461