The IT Security group (ISM-Sec) of the department IT Security und Service Management (ISM) performs strategic and tactical cross-section tasks both within SCC and for the entire KIT. Therefore, its activities in research and development are very diverse and arise from a wide range of projects.
ISM-Sec mainly supports a number of SCC projects by offering analysis and consulting on all relevant aspects of IT security. At the moment, ISM-Sec is involved in the following projects:
OpenCirrus: The OpenCirrus project aims at creating and operating resources for multi-national cloud-computing cooperations. This project poses challenges to IT security in terms of identification, authentication and authorization of users and resources.
KITe: Within the KITe project, an open environment for the operation of heterogeneous compute clusters is designed and developed. The project aims at integrating the entire software stack of cluster systems; its challenges to IT security are accordingly wide-ranged. ISM-Sec has been involved since the earliest design phases of the project to make sure that all aspects of IT security are given due consideration.
KIT IDM: ISM-Sec is involved in this project as well. The project is concerned with introducing a KIT-wide identity management system. Its core security requirements are secure identification, authentication, and authorisation of KIT members, but also include privacy and data protection issues. ISM-Sec helps to develop secure procedures for user management and similar processes.
bwIDM: The bwIDM project aims at providing a federation of identity providers for all universities in the State of Baden-Wuerttemberg. As with the KIT IDM project, ISM-Sec is responsible for issues of IT security as well as privacy and data protection.
In addition to projects outlined above, which are strategically oriented, ISM-Sec is working on research and development in tactical areas that are mainly motivated and guided by operational issues of KIT-CERT and KIT-CA, which are both operated by ISM-Sec. The following activities are examples for tactical research and development:
- Development of a unified secure, but also easy-to-maintain operating system platform for the operation of internal servers. Due to the high sensitivity of data processed on the systems of KIT-CERT, particular focus is on issues of data protection and data integrity. Complete encryption of all attached storage devices and the secure and reliable authentication and authorisation of members of KIT-CERT are essential.
- Design and development of a central Security Incident Event Management (SIEM) system to enable KIT-CERT members to access log data created on SCC systems quickly and securely. This is essential when investigating security incidents. At the same time, privacy and data protection laws must be taken into account to establish operations within legal boundaries.
- Design and development of a scalable solution for providing KIT users with X.509 user certificates. The KIT-CA has become operational as of October 1st, 2009, and so far has been able to meet the demand for user and server certificates. However, it is expected that the demand will increase rapidly in the near future, so methods to issue certificates more efficiently are evaluated and developed.
- In case of incidents, ISM-Sec develops procedures on demand permitting on an organizational and technical level to react quickly and efficiently without compromising legal requirements.
- On the technical level, ISM-Sec designs and develops methods to manage incidents quickly and securely. As an example, efficient mechanisms to lock IP addresses are developed and deployed that enable KIT-CERT to quarantine computer systems that are identified as being malware-infected.