Aim. CASCAde investigates whether one can certify an interconnected dynamically changing system in such a way that one can prove its security properties to another without disclosing sensitive information about the system's blueprint.
We call this paradigm confidentiality-preserving security assurance.
Hypotheses. CASCAde set out to answer the following hypotheses:
- New cryptographic techniques for graph signatures and proof systems can be developed
- We can achieve soundness that holds for graph signatures as well as the represented systems
- Graph signatures and topology certification scale to large-scale systems
- The topology certification can accommodate rapidly changing and evolving systems.
- Confidentiality-preserving security assurance is usable by users and will increase human trust in the overall system
- Confidentiality-preserving security assurance can offer new approaches to architectural design of dependable and secure system.
Objectives. Our hypotheses translate into multiple objectives:
- Cryptography - to develop primitives to certify and proof properties of graphs.
- Soundness - to bind graph signatures to underlying system configurations.
- Scale and Change - to perform well in large-scale dynamically changing systems.
- Usability - to be trustworthy and usable by end users.
- Architecture - to establish an architecture for next-generation security assurance.
- Prototypes - to pilot the technique in realistic application scenarios.