RESEARCH POSTER WIN AT UK INFORMATION ASSURANCE CONFERENCE
We have won the award for the best research poster at this year’s Annual Symposium of the UK Information Assurance Advisory Council (IAAC). The poster showed how a future Information Based Security paradigm could be applied and also recommended activities to enable the realisation of it.
The poster is a summary of a scoping study report from a cross-sector research project that Nexor is a partner in. CSIIS was established by the Defence Science and Technology Laboratory (Dstl) on behalf of the UK Ministry of Defence.
A consortium led by QinetiQ, called Sirius, that comprises over 40 organisations provides the experience and research capability for CSIIS. The selected Sirius members who worked collaboratively on this particular research project were Airbus Defence and Space, BAES, HW Comms, Nexor, QinetiQ and Thales.
The research considered how currently, when sharing information between secure systems, security is currently implemented on a system by system basis.
This is partially within the system and partially at the boundary of the system. Modern working environments include devices that do not belong to the organisation (so called Bring Your Own Device – BYOD); application servers that are outside the organisation’s control (the cloud); and the need to directly access partner systems (coalition interoperability).
Existing boundary controls, while the best on offer today, are limited in this scenario. Although they are effective in what they do, they provide a very coarse level of access control with security properties that are managed at the system level.
With today’s systems a much finer grain approach is needed with security managed at the information object level, as defined by the information owner, not the system owner.
A copy of the poster showing the current scenario and the proposed solution is available on the IAAC website.
You can also find out more about Nexor’s involvement in CSIIS by reading this case study.
RECENT BLOG POSTS
Nexor are pleased to announce that our Guardian solution has been enhanced with a number of key features in a new release 3.1 of the guard application which is now available: Increased Reliability: Deploy as an active -passive High-Availability ("HA") application...
One year on from our introductory blog on Zero Trust Architecture, what has changed and what friction points have started to appear for organisations after implementation? Crucially, where does Zero Trust fit within the to-do list, or the essential security risk...
What does Cyber Essentials cover? Cyber Essentials is a UK Government backed scheme that helps protect your business against a range of the most common cyber-attacks. Cyber-attacks can come in many forms and may be carried out against businesses of any size of...
Be the first to know about developments in secure information exchange