The project aims at achieving results that put out, among others, the following innovations:
- Application of Blockchain technology to improve the management of data sovereignty, solving the problem of data custody and management in an effective way, while going beyond the traditional approach of focusing only on the functional aspects of data exploitation.
- Research and use of algorithms and non-conventional techniques of data encryption, such as the elliptic curve cryptography and the concept of contextual challenges, to develop or enhance the security of protocols and file systems.
- Application of AI techniques as a mechanism to complement continuous multi-factor authentication systems, anomaly detection, attack patterns and concept changes that can be identified with some reliability as threats, so that the operation on the data (the algorithms) are protected.
- Development of technology to provide solutions that allow training staff, both qualified and non-qualified, in techniques of attack and defence, as well as improve the systems themselves to facilitate the interpretation and interaction with them..
The use of Blockchain technology allows to comply with the five pillars of security, which are: confidentiality, integrity, availability, authentication and non-repudiation. Although the confidentiality of the data is not achieved by combining it with the use of encryption algorithms. One of the fundamental characteristics of Blockchain technology is Smart Contracts (programs that run internally on the Blockchain), which allow the business logic to be handled impartially.
Confidentiality of data, content and services
The innovation of the project in this regard is fundamentally in the research and use of unconventional data encryption algorithms and techniques, such as, for example, elliptic curve cryptography.
Another area of the project is to ensure communications in an Internet of Things environment. Nowadays is common that they do not present the level of security that they should.
Research into advanced techniques for file protection is also innovative. This approach is completely different from the existing systems today. This orientation facilitates the creation of new transparent data access control mechanisms for sharing files in the cloud with third-party companies.
Data Analytics for Governance and Logical Security
The project is also innovative in the use of AI techniques to detect anomalies and attack patterns. Although these types of techniques are already being used today, they represent a differentiation from most existing solutions and a further step in intrusion detection techniques.
The fact of using AI as a mechanism to complement continuous multifactor authentication systems is quite innovative, so that the system will learn from the use that the user makes of it to manage their authentication.
Finally, different unsupervised techniques will be analyzed to detect recurrent concept changes that can be detected with some reliability.
Training of People
The main innovation of the project in this area is the development of an autonomous platform that allows training both qualified and non-qualified personnel in attack and defense techniques in the field of security. This platform will work automatically without the supervision of third parties, which represents a turning point with the existing platforms today. The platform is expected to behave dynamically, adapting daily to the new knowledge acquired by the student to increase or decrease its difficulty.