US flag signifying that this is a United States Federal Government website   Official website of the Department of Homeland Security

Homeland Security

Tailored Trustworthy Spaces

Cyberspace—and the computer networks and critical cyber infrastructure that comprise it—have been unable to establish and maintain secure conditions with a consistent, high degree of confidence. Consequently, the security of environments used for exchanging data and to store information or applications needs to be verified constantly.

Approach

CSD’s Tailored Trustworthy Spaces (TTS) project comprises five separate efforts that investigate different approaches toward ensuring the trustworthiness of networks, rather than their security. These five efforts are grouped into two complementary areas: Digital Provenance and Nature-inspired Cyber Health—technical topic areas that were called out for research in the 2009 White House-led Comprehensive National Cybersecurity Initiative (CNCI).

Digital Provenance

The term "Digital Provenance" signifies the authenticity or source of an object or, as in the cyber realm, a digital object. Provenance means that the object has not been altered or manipulated and that the user or recipient of the data or code is certain about its origin and previous users. In other words, the user knows whether or not the data or code can be “trusted.” The efforts below are being funded in the area of Digital Provenance.

  • Evidentiary integrity – a response tool for cyber incidents that ensures evidence collection and management are controlled and that a chain of custody (analogous to that used for crime-scene evidence) can be established for digital data associated with a cyberattack.
  • Controlled access to medical records – a method for tracking, logging and blocking access by authorized or unauthorized persons to digital information on disks, in memory or across a network.
  • Auditing of cell phone locations – an application that protects the integrity and confidentiality – and preserves the privacy - of location data collected by mobile devices.

Nature Inspired Cyber Health

The two efforts in the nature-inspired cyberhealth area are more complex. They both attempt to use protective behaviors adopted by biological systems as analogues for detecting anomalous (or “unknown”) software code or network intrusions. The draft Cybersecurity Framework being developed by the National Institute of Standards and Technology (NIST) in response to Executive Order 13636, Improving Critical Infrastructure Cybersecurity, has specifically identified “detection” of anomalous code or network behavior as one of the five essential approaches to mitigating cyber threats.

Program Highlights and Successes

  • Demonstrated an evidence integrity prototype to three law enforcement agencies in New York and established agreements to begin piloting the beta version of the prototype by the end of 2014.
  • Demonstrated a capability to track the chain of custody for digital records and log any and all accesses to those records across a network. The system will be piloted at the Carolina Data Warehouse for Health as part of North Carolina’s Secure Medical Research Workspace project.
  • Successfully demonstrated a smartphone application and location-proof server as part of a secure location provenance effort.

Contact

Program Manager: Dr. Joseph Kielman - Biography

Email: SandT-Cyber-Liaison@hq.dhs.gov

Performers

Prime: Exelis Inc.

Prime: Rutgers University

Prime: Pacific Northwest National Laboratory (PNNL)

Was this page helpful?

Back to Top