DHS Supports Technology to Enhance Internet Authentification

DHS Supports Technology to Enhance Internet Authentification

This post is also available in: heעברית (Hebrew)

An academic team has been developing a web authentication middleware tool that would significantly upgrade the current Internet website authentication process and improve online security. The financing for the project came from the US Department of Homeland Security (DHS) Science and Technology Directorate (S&T).

The $527,112 award given to the Brigham Young University (BYU) in Utah is part of the Homeland Security Advanced Research Projects Agency Cyber Security Division’s (CSD) Internet Measurement and Attack Modeling (IMAM) project, that works with researchers in academia and the cybersecurity community to develop solutions in the areas of resilient systems, modeling of Internet attacks and network mapping and measurement.

According to the DHS website, recent studies have documented many problem areas within the current certificate-based authentication system. This situation means users often encounter website certificate warnings they may not know how to handle safely or which they may ignore at the risk of exposing their computers and mobile devices to malware, botnets, phishing scams and an array of other cyber threats.

“We need a better solution to web authentication that will increase Internet security and decrease the vulnerability of individuals and businesses to cyberattacks,” said DHS Under Secretary for Science and Technology Dr. Reginald Brothers. “The BYU authentication middleware tool will create a new and enhanced Internet certification authentication system that will jumpstart movement toward this important objective.”

To address the weaknesses of the certificate-based authentication system, the BYU team is developing TrustBase, an open-source middleware that will support mobile and desktop operating systems including Windows and Linux and authenticate websites using local and cloud-based services. TrustBase would be used to subscribe to authentication services through an app store interface, which may include ratings of services by trusted security and privacy organizations. The user interface will be seamless; a computer or device’s operating system will enable TrustBase to notify the user of untrustworthy sites independent of the application in use, providing enhanced online security.

“Too frequently Internet users are exposed to significant online security flaws because they do not know which websites to trust,” said Dr. Ann Cox, IMAM program manager. “TrustBase will empower individual users to decide what websites to trust by authenticating certificates from reliable, trusted sources. Users also will be able to customize TrustBase authentication to their typical browsing habits.”

The IMAM project is aligned with the 2016 Federal Cyber Security Research and Development Strategic Plan to develop realistic experimental data that emulates external adversarial activities and defensive behavior. It also is aligned with the S&T Strategic Plan’s goals for CSD to develop new tools and techniques for mapping several layers of the Internet to detect and mitigate malicious behavior.