Do you handle sensitive and confidential digital data? Improve security by implementing location based encryption, precisely restricting where your data can be extracted.
The handling of digital data is becoming increasingly important in today’s society for individuals, businesses and governments. Advances in technology and its usage has led to the storage of a vast amount of varied personal information on computers and associated storage devices; information that may related to personal banking, business transactions, business trade secrets and security and safety, either of a civilian or military nature. The solution is called Sky Eye Spy.
Sky Eye Spy is a project that is part financed by an ARTES 4 grant through the ESA Telecommunications Start-up Initiative programme and partly through internal company R&D investment at Nottingham Scientific Ltd (NSL). The project builds on NSL’s expertise and experience in critical satellite navigation systems to develop a robust and secure system for protecting digital content.
click for larger image
click for larger image
Sky Eye Spy (nicknamed SKISPI) comprises three major components: the manager software, a terminal and the client software. The Manager Software is the entity that encrypts original content for extraction only in permitted geographical regions. The Client Software is the decryption tool and the Terminal is the device that calculates the symmetric encryption key. The Client and Manager hosts are connected over the internet and, depending on application, may use satellite communications for this process.
The Sky Eye Spy project began in December 2004 and was finished in August, 2008. During this time SKISPI, the colloquial name for the project, has resulted in a fully function demonstrator comprising both hardware and software. The hardware comprises a GPS receiver and accompanying processor. The software comprises advanced GPS processing algorithms and algorithms to uniquely define geographical areas as well user friendly software programmes to permit users encrypt and decrypt data.
The demonstration system is capable of either permitting or refusing access to digital data dependent on the location of the person, or system that is making the request for access. All types of digital data can be secured; for example, word processing files, database files, emails, visual and audio media, and digital communications.
The system has been demonstrated to key clients interested in the security of government data showing the potential to add an additional level of security to government-related records. This is seen as a major future market for SKISPI as there have been a number of high profile losses of data during the latter parts of this project (2007 onwards). If SKISPI was implemented on this data, the data would be secured to pre-defined geographical areas and SKISPI’s advanced features would mitigate the impact of the loss, such as destroying the data after a number of unsuccessful decryption attempts. Following the demonstrations, this market will be pursued as part of the future product commercialisation.
The Key Issues for the SKISPI project were:
- Development of a novel encryption method that utilises GPS technology,
- The development of a suite of easy to use, attractive, software to allow the encryption and decryption of digital data,
- To develop robust techniques to determine symmetric encryption keys based on geographical information,
- To prevent tampering and spoofing of the GPS based location device.
The key benefits of the SKISPI solution are seen as.
- The implementation of an additional level of security on top of existing encryption techniques,
- SKISPI uses robust, standard, AES encryption methods with the key being dependent on the users’ location,
- The encryption key generation uses novel techniques that do not infringe on existing patents,
- Advanced algorithms help protect the solution from intentional tampering such as spoofing,
- Multiple applications in business and government.
The project is completed.
Following the completion of the project, the solution is being further developed to add functionality, reduce risk of attack, and produce a prototype system for potential commercialisation. Funding for this is part internal and part through HARRISON, a European GNSS Supervisory Authority’s Framework 6 Programme project.
As part of HARRISON, the added functionality is to add a time element to the concept; data is encrypted on a “where and when” basis. The reduction of risk of attack is being implemented through the development of the prototype system in which the Terminal has been produced solely in software incorporated within the Client Software suite. This includes the GPS receiver, implemented as a software defined radio (SDR), and the only additional hardware for the complete system is now the Radio Frequency front end of the SDR as shown below.
click for larger image
Last Update: 13 Oct 2008