New data security technology recognised by Eureka Prize

New simple, secure and trustworthy technology that keeps data safe while simultaneously allowing Internet access has received a prestigious Australian Museum Eureka Prize.

Computing and Information Systems researchers have been recognised at this year’s Eureka Prize awards.

Associate Professor Toby Murray and Dr Robert Sison were recognised for their role in developing the Cross Domain Desktop Compositor (CDDC), which safeguards sensitive data while allowing instant access to online content.

The prize-winning team also included researchers from the University of New South Wales (UNSW) and Defence Science and Technology (DST) Group.

Until now, highly secure computer systems (like those used by Defence) have kept sensitive information on secure networks that are physically separate from Internet-connected computers. While this keeps sensitive data safe, it can be challenging for analysts and researchers who need to access both, often at the same time.

The CDDC solves this challenge by keeping sensitive data physically separate while allowing it to be displayed on-screen alongside everyday Internet applications like web browsers or e-mail. And it does so without the kinds of vulnerabilities that plague mainstream software.

“The system has the rock-solid security of hardware enforcement with the usability we expect from modern software systems,” says Associate Professor Murray.

“Even better, the CDDC is orders of magnitude simpler than competing solutions. Simplicity is key for security in a world in which complexity breeds vulnerabilities.”

To achieve this, the team combined a world-class secure operating system with novel hardware architecture. This required the software team, led by Associate Professor Kevin Elphinstone at UNSW, to work closely with the hardware team, led by Mark Beaumont at DST Group.

The role of Associate Professor Toby Murray and his team, which included Dr Robert Sison and Dr Kai Engelhardt, was to mathematically prove the system to be secure.

They did this by developing a series of new methods for reasoning about the security of so-called concurrent software, which performs multiple tasks at the same time, and is notoriously difficult to reason about.

“When we started our research in 2015 there were no methods to state what it would mean for the CDDC’s software to be secure, let alone prove it to be secure,” says Associate Professor Murray.

However, by 2018 the team had achieved a major breakthrough, developing the COVERN logic, which enables concurrent software (like that which powers the CDDC) to be proved secure.

The team has since developed reasoning methods an order of magnitude more powerful than COVERN. They hope these will facilitate the development of many more highly secure computer systems in the future.

The Defence Science and Technology Eureka Prize for Outstanding Science in Safeguarding Australia is the latest innovation award for the CDDC, which has been recognised by a number of other awards including two iAwards in 2017 for Research and Development Project of the Year and Infrastructure and Platforms Innovation of the Year.