Journal of Universal Computer Science (May 2024)

Towards a single device for multiple security domains

  • Florian Skopik,
  • Arndt Bonitz,
  • Daniel Slamanig,
  • Markus Kirschner,
  • Wolfgang Hacker

DOI
https://doi.org/10.3897/jucs.112790
Journal volume & issue
Vol. 30, no. 5
pp. 563 – 589

Abstract

Read online Read online Read online

Military field operations place high demands on information and communication technology (ICT) devices, both in terms of reliability and security. These requirements include robustness against environmental influences such as vibrations, water, and humidity as well as protection against physical attacks and cyber-attacks. Attempts to compromise a device must be detected immediately, and if necessary, trigger automated countermeasures such as alarms, partial deactivation or emergency wiping of all data. In this work, we specifically focus on cyber security issues and aim to deliver a concept for a device that can be used in multiple security domains, isolating mission-specific data from each other without the risk of data spillover. For that purpose, we outline a high-level concept for a resilient single device concept that is able to withstand common intrusion attempts. We identify threat agents, misuse cases and the risks of a single device concept for multiple security domains and evaluate the most pressing issues. Based on the identified risks, we determine additional mitigation measures and discuss their applicability. We foresee our work to provide valuable insights into the requirements on and design decisions of highly secure mobile device solutions.

Keywords