The lab provides a unified environment for running experiments, testing the effectiveness of security controls, and designing security practices. In education, the Lab is also a great tool for students to learn about information security requirements. Students do their lab work and learn about state-of-art information security approaches, methods, and algorithms.
Examplary areas of research:
Corporate biometric technology. Biometric technology assigns individuals identities according to the physiological traits (fingerprint, face, palmprints and iris patterns), or the behavioral traits (gait, signature, handwriting and keystroke dynamics). Biometrics technologies are a promising trend in information security that compensates some problems of the tradition techniques, and provides a high-security level. Due to the huge demands on biometrics systems deployments, several challenges keep arising with respect to data acquisition, pre-processing, feature extraction and matching. It can be easily combined with the traditional information security techniques in order to achieve much stronger security levels.
Risk management. Contemporary methods for assessing information security risks have adopted mainly technical views on information and technology assets. Organizational dynamics of information management and knowledge sharing have gained less attention. Our research is geared towards organization- and knowledge-centric identification and analysis of security risks. For example, our researchers have operationalized a genre-based approach; we suggest the use of a genre-based analytical method for identifying organizational communication patterns through which organizational knowledge is shared. The genre-based method was then complemented with tasks and techniques from the risk assessment method (OCTAVE Allegro). With the combined approach, organization can capture informal business practices that are not documented and exist within people’s minds and communication habits.
Corporate network security. Network security concerns different facilities such as routers, switches, firewalls, and clients. In addition, the traffic passing across the network facilities is a valuable source of information not only about network security, but also about the entire network performance. Network security module will provide tests of all network facilities, and stresses network traffic investigation from information security point of view.
Online information security pedagogy. In order to assist students, information security pedagogy is included as a module of the platform. It is designed to provide both training and empirical design, and experimental evaluation capabilities. The goal of the online pedagogy is to bring a new generation of approaches,which permit to endow beyond the state-of-the art of information security laboratory technology.