JUCS - Journal of Universal Computer Science 30(5): 563-589, doi: 10.3897/jucs.112790
Towards a single device for multiple security domains
expand article infoFlorian Skopik, Arndt Bonitz, Daniel Slamanig, Markus Kirschner§, Wolfgang Hacker|
‡ AIT Austrian Institute of Technology, Vienna, Austria§ MUSE Electronics GmbH, Vienna, Austria| Ministry of Defence, Vienna, Austria
Open Access
Abstract
Military field operations place high demands on information and communication technology (ICT) devices, both in terms of reliability and security. These requirements include robustness against environmental influences such as vibrations, water, and humidity as well as protection against physical attacks and cyber-attacks. Attempts to compromise a device must be detected immediately, and if necessary, trigger automated countermeasures such as alarms, partial deactivation or emergency wiping of all data. In this work, we specifically focus on cyber security issues and aim to deliver a concept for a device that can be used in multiple security domains, isolating mission-specific data from each other without the risk of data spillover. For that purpose, we outline a high-level concept for a resilient single device concept that is able to withstand common intrusion attempts. We identify threat agents, misuse cases and the risks of a single device concept for multiple security domains and evaluate the most pressing issues. Based on the identified risks, we determine additional mitigation measures and discuss their applicability. We foresee our work to provide valuable insights into the requirements on and design decisions of highly secure mobile device solutions.
Keywords
cyber security, hardened tablet, rugged device, risk analysis