Technical Objectives

This page gives an overview of the project technical objectives

Technological Objectives

1. Implementation of an EU High Grade Encryption algorithm

SUPHICE will precipitate a specification for an EU algorithm that may be used to protect classified data.

2. Definition of Work Package to Increase Scope of EU Certification to High Grade

The work required to upgrade the crypto and its certification status will be defined. Note that execution of this upgrade work is not part of this Preparatory Action, but will be conducted in a later programme.

3. Demonstration of Cryptographic Services Repository

SUPHICE will demonstrate an ad-hoc networking solution including web-based discovery and publication of cryptographic services by a “cryptographic services repository” appropriate for High Assurance IP networks.

4. Demonstration of an Authorisation Server

In the SUPHICE demonstration, a request for user services will be relayed to a web-based authorisation server for action. Here, the request is either handled automatically according to a pre-configured set of rules, or relayed to a delegated human operator to authorise the release of the requested service.

5. Demonstration of a Policy-Based Management System for Crypto Deployment

The authorisation server will utilise a policy-based management system that is able to automatically authorise or reject some service requests based on the user’s attributes (e.g. role, name, IP address).

6. Demonstration of Distribution Server for Cryptographic Parameters

SUPHICE will demonstrate the automated provision of necessary cryptographic parameters – typically keys and algorithms - to cryptos, in response to an authorised service request.

7. Specification of Standard Interfaces for Web-Based Security Servers

As a part of SUPHICE, interfaces for the cryptographic services repository, authorisation server and cryptographic parameters distribution server previously discussed will be defined using WSDL.

8. Demonstration of Automated Re-Configuration of Cryptos

SUPHICE will deliver an EU-certified, fully soft-loadable IP crypto. A demonstration version of the crypto will allow automatic re-configuration according to output from a policy-based management system. Note that security certification of the demonstrated ad-hoc support elements will take place outside of the Preparatory Action.

9. Definition of Work Package to Increase Scope of EU Certification to Demonstrated Ad-hoc Elements

A work package will be defined that will increase the scope of the crypto’s certification status to cover the stated ad-hoc demonstration elements of the project. Note that execution of this certification work is not part of this Preparatory Action, but will be conducted in a later programme.

Security Policy Objectives

1. Specification of an Agreed EU High Grade Encryption Algorithm

SUPHICE will precipitate a specification for an EU algorithm that is agreed by the national authorities of several member states and may be used to protect classified data by all those states.

2. EU Security Certification of an IP Cryptographic Device

SUPHICE will prove the EU dual certification process by adding to the crypto’s existing primary certification by a EU member state, with an audit of that evaluation by a second EU member state. Realisation of this process will test acceptance of the policy by the member states, and proof of concept of an EU-wide certification, i.e. by all National IA Authorities.

3. Development of a European Information Security Roadmap based on the outputs from the SUPHICE Programme

The project will facilitate the generation of an EU information security roadmap that is agreed by several EU member states, based on the output of the SUPHICE programme.