CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
CERIAS Logo
Purdue University
Center for Education and Research in Information Assurance and Security

CICI: Secure Data Architecture: Collaborative Research: Assured Mission Delivery Network Framework for Secure Scientific Collaboration

Research Areas: Network Security

Principal Investigator: Elisa Bertino

ollaborative, multi-disciplinary and multi-institutional research projects require secure and resilient cyberinfrastructure in order to efficiently support data sharing, access to remote scientific instruments, video-conferencing and on-line discussions. The underlying network plays a crucial role in supporting these needs in that it must provide assurance about the security of data and collaborative activities. This project addresses such requirement by designing and developing a network architecture to securely share data among groups of scientists. A community of scientists sharing a common interest and supporting resources is called a mission. This project will design and prototype the architecture of the Assured Mission Delivery Network (AMDN), which will enable collaboration among scientific communities involving multiple independent organizations with varying levels of trust. They novelty of AMDN lies in the notion of network-level Mission Assurance Services (MAS); these services allows mission directors to specify actions to be taken by the network to deal with attacks and anomalies and to quickly reconfigure the network to best assure the successful completion of the mission. Security is the key part of the AMDN design, and addresses essential functionality such as authentication, integrity, accountability and privacy. AMDN also includes Collective Anomaly Detection, in which intra- and inter-cloud networking alarms and anomalies indicative of attacks are combined and used for mission assurance strategies. The detected anomalies and alarms are correlated over the whole system in order to detect sophisticated attacks that might be undetectable at the single node level. The security of the entire system is flexible and programmable depending on the nature of collaborations, computing resources needed, and various requirements of scientists. In addition to scientific use, AMDN can be used for commercial applications such as financial data sharing among banks or health data sharing among hospitals and between critical infrastructures such as Smart Grids. Although AMDN is primarily designed for wide-area network usage, it can be used for services and clients residing inside a single cloud or data center.

Keywords: scientific cyberinfrastructures, security, software defined networks