Research Student Profile

Home People Profile...

Dr Joseph P Morrissey PhD

Brief biographical information

josephm@lucent.com

Access thesis on-line

The extension and hardware implementation of the Comprehensive Integrated Security System concept

The current strategy to computer networking is to increase the accessibility that legitimate users have to their respective systems and to distribute functionality. This creates a more efficient working environment, users may work from home, organisations can make better use of their computing power. Unfortunately, a side effect of opening up computer systems and placing them on potentially global networks is that they face increased threats from uncontrolled access points, and from eavesdroppers listening to the data communicated between systems. Along with these increased threats the traditional ones such as disgruntled employees, malicious software, and accidental damage must still be countered.

A comprehensive integrated security system ( CISS ) has been developed to provide security within the Open Systems Interconnection (OSI) and Open Distributed Processing (ODP) environments. The research described in this thesis investigates alternative methods for its implementation and its optimisation through partial implementation within hardware and software and the investigation of mechanismsto improve its security.

A new deployment strategy for CISS is described where functionality is divided amongst computing platforms of increasing capability within a security domain. Definitions are given of a: local security unit, that provides terminal security; local security servers that serve the local security units and domain management centres that provide security service coordination within a domain.

New hardware that provides RSA and DES functionality capable of being connected to Sun microsystems is detailed. The board can be used as a basic building block of CISS, providing fast cryptographic facilities, or in isolation for discrete cryptographic services. Software written for UNIX in C/C++ is described, which provides optimised security mechanisms on computer systems that do not have SBus connectivity.

A new identification/authentication mechanism is investigated that can be added to existing systems with the potential for extension into a real time supervision scenario. The mechanism uses keystroke analysis through the application of neural networks and genetic algorithms and has produced very encouraging results.

Finally, a new conceptual model for intrusion detection capable of dealing with real time and historical evaluation is discussed, which further enhances the CISS concept.

Dr Joseph P Morrissey

Director of studies: Prof Peter Sanders
Other supervisors: Dr Colin T. Stockel

Journal papers

Increased domain security through application of local security and monitoring
Morrissey JP, Sanders P, Stockel CT
Expert Systems, vol. 13, no. 4, pp296-305, 1996
More details | Download PDF

1 Journal papers

Conference papers

Non-Intrusive Security Arrangements to support Terminal and Personal Mobility
Furnell SM, Green M, Hope S, Morrissey JP, Reynolds PL
Proceedings of EUROMEDIA 96, London, UK, pp167-171, 19-21 December, 1996
More details | Download PDF

Applications of keystroke analysis for improved login security and continuous user authentication
Furnell SM, Morrissey JP, Sanders P, Stockel CT
Proceedings of 12th International Conference on Information Security (IFIP SEC ?96), Island of Samos, Greece, 21-24 May, 1996
NB paper has been scanned from printed copy. We apologise for the screen quality of this paper.
More details | Download PDF

2 Conference papers

3 publication(s) - all categories.