SEINIT, the Security Experts Initiative, is promising seamless security for
all hardware and software systems independent of which access protocol
you're using. In other words, they reckon that whether you're on a mobile
phone connection, using bluetooth, WiFi, good-old ethernet or a broadband
internet connection, there is protection from hackers, crackers, viruses and
worms that will be pervasive without sacrificing privacy.
"We set ourselves the almost paradoxical goal of reconciling security and
freedom," explains team leader Andre Cotton, "Users decide at the beginning
what level of information they want to reveal to the service. The framework
then negotiates with the service and applies the appropriate security
component or protocol." If a user doesn't reveal "enough" information, to
access a bank account from a PDA for instance, then the framework will alert
the user that a secure connection is not possible, and offer alternatives.
In other words, privacy is left in the hands of the user, while the
framework itself applies the appropriate level of security.
The SEINIT approach is intrinsically hardware and software independent
because it is governed by a framework rather than a particular encryption
system or software. Moreover, the framework security protocols and
technologies are components so that as new security components are developed
they can be incorporated into the framework easily.
The project team are finalising a demonstrator for the framework on Windows and Linux, across LANs, the Internet, and WiFi connections. "The framework has a small footprint and as of right now it could be implemented in a mobile phone. We simply want to demonstrate the principle," adds Cotton. The next stage is the development of a user interface and that will take place in a separate project, called DISCREET, and due to start in January next year.