It sometimes feels like the entire planet is working on some sort of security technology to protect the networked world from insiders, outsiders and just plain nasty ne'er do wells.
The researchers at the government's "high-risk, high-payoff research" group, Intelligence Advanced Research Projects Activity (IARPA) want to go beyond the mundane security research and development and get right to the groundbreaking stuff.
Does it exist? We'll see.
Specifically IARPA put out a call this week for what it calls Safe and Secure Operations (SSO), which is research that "explores or demonstrates the feasibility of revolutionary concepts in computation, trust establishment and maintenance, and detecting and deflecting hostile intent."
IARPA said examples of what it is looking for include:
- Approaches to operating securely with imperfect equipment, error-prone users and/or a compromised network. Constructing systems that can perform reliable and secure computations when some fraction of their components is unreliable or insecure.
- Computational methods based on architectures other than digital Turing machines whose attributes are matched to efficient or secure solution of intelligence problems (like optical, analog, biological, brain-based, quantum, or hybrid computing systems).
- New algorithms and protocols that take advantage of quantum entanglement to perform tasks that are inefficient with classical algorithms.
- New approaches to secure transmission of information using optical, electromagnetic, digital packet, chemical, or biological signals. Domains include synchronous and asynchronous communications, bandwidth-constrained digital transmission, and triage of large data flows.
- Methods (including compilers and programming languages) for performing complicated computations securely, e.g. multi-party secure functional computation and full homomorphic encryption, but with low overhead.
- Detection, classification, and mitigation of attempts by adversaries to compromise safety and security, including, but not limited to penetration and manipulation of electronic infrastructure.
- Novel ideas for technologies enabling energy-efficient computation beyond the efficiency projected for end-of-roadmap silicon, as well as strategies for using existing computing technologies to compute with lower power budgets.
Interestingly the group IARPA is modeled after, the Defense Advanced Research Projects Agency which has its own ideas about revolutionary security will this month announce the second phase of its identity program known as Active Authentication.
More on security: Who really sets global cybersecurity standards?
The program looks to develop technology that goes way beyond today's use of hard to remember password protection and determine identity through "use of software applications that can determine identity through the activities the user normally performs," DARPA said. Such new systems might look at the unique words a user types or examine length of sentences and use of punctuation to determine user authenticity.
DARPA said the current standard method for validating a user's identity for authentication on an information system requires humans to do something that is inherently difficult: create, remember, and manage long, complex passwords.
"Moreover, as long as the session remains active, typical systems incorporate no mechanisms to verify that the user originally authenticated is the user still in control of the keyboard. Thus, unauthorized individuals may improperly obtain access to information system resources if a password is compromised or if a user does not exercise adequate vigilance after initially authenticating," DARPA stated.
The Active Authentication program has two primary development points. The first is focused on expanding research in the area of the computational behavioral traits that can be observed through how a computer user interacts with the world without requiring them to do anything different from their normal work functions. The second focus of the Active Authentication program is on developing an application ("Biometric Platform") that can integrate all biometrics available on a single device to allow for the most accurate validation of the identity of the individual using the device, whether the biometrics collected are behavioral, cognitive, or physical. In this respect, the application is trying to identify you by looking at all available aspects of you, not just a single sensor connected to the computer, DARPA stated.
Check out these other hot stories: