Open Security
Open Security increases the IT security for your organisation. It offers not only a tool to impede data transfer, but at the same time builds a barrier for employees, which prevents them from sharing data deliberately and protects them from sharing data unintentionally and unknowingly.
Project Description
Protection of personal and sensitive data finally came to the centre of attention when numerous internal and secret documents attesting the extent of surveillance practices by the United States National Security Agency (NSA) as well as the rest of the worldwide data espionage community were published. OpenSecurity offers its stakeholders not only a tool to impede data transfer, but at the same time builds a barrier for employees, which prevents them from sharing data deliberately and protects them from sharing data unintentionally and unknowingly (e.g. by means of malware infected USB-sticks, malware, insecure internet usage, or loss or theft of insecure media).
Open Security points out that not all personal data and its interconnections should be freely accessible. Sensitive data as well as inferences from that data related to individuals and their preferences, characteristics, etc. must be safeguarded.
Secure USB
Secure Web Browsing
Open Security Version 1.0 Beta Software
The current version of OpenSecurity allows data import from both unencrypted and encrypted USB memory sticks (Secure USB). Imported data is automatically (and potentially centrally, if so configured) virus- and malware scanned. If a potential virus or malware is detected by the system, access to the data is denied. Potential viruses/rootkits that automatically activate upon access, can – if they are able to run on a Linux-system at all – only harm the used disposable SecureVirtualMachine, and not the user workstation.
Secure Web Browsing enables user to start a "secire" browser by clicking the desktop- or tray-icon. In OpenSecurity Version 1.0 the open browser Chromium is being used. The browser is executed within a SecurityVirtualMachine, which is graphically integrated with the Windows interface. It opens as a standard browser window in the usual desktop environment.
Both the results of the survey and the interviews, which have been conducted with IT-experts from the Linz City Administration and the Austrian Federal Ministry of Internal Affairs in the context of OpenSecurity, suggest distinctly that security aspects of IT-infrastructure in the public sector have gained momentum during the last years. To introduce OpenSecurity to the international market the consortium plans to pursue the project on an EU level. The aim is to create a unified EU-standard for the public area as well as for offices and authorities.
Implementation
Open Security makes an unobtrusive integration into existing infrastructures possible. Smooth transfer and migration of single use cases on a large scale is possible during on-going operations. The administrative effort for migrating to Open Security, or for a first installation of the Open Source solution is not more laborious than the change to a similar proprietary product.
Economical benefits: The software is available Open Source and can be downloaded for free from the website www.opensecurity.at. The public sector can profit from savings mainly related to no licensing fees and low costs for further development. Open Security can be fully integrated with existing IT-structures independently from the operating system, and can be adapted to existing usability and accustomed workflows. This means that for training only low or no costs can be expected.
Project partners
The research project Open Security is organised in a cooperation with the following companies and institutions:
- AIT Austrian Institute of Technology GmbH
- Bundesministerium für Landesverteidigung und Sport
- IKARUS Security Software GmbH
- IKT Linz Infrastruktur GmbH
- Linzer Institut für qualitative Analysen
- X-Net Services GmbH
Key data of the project
Project start: November 2012
Project duration: 24 months
Funding framework: KIRAS
The project OpenSecurity has received funding by the Austrian security research programme KIRAS of the Federal Ministry for Transport, Innovation and Technology (bmvit).