Posted on

UBITECH coordinates the PERSONAS National Research Project on multi-mode secure virtualization personas

UBITECH participates in the kick-off meeting, in Nicosia, Cyprus (October 24, 2018) of the PERSONAS Cypriot research project, officially started on October 2nd, 2018. The project is co-funded by the “Research in Enterprises” action of the multi-annual development framework of Programmes RESTART 2016-2020 for the support of Research, Technological Development and Innovation in Cyprus  (Grant Agreement No. ENTERPRISES/0916/0063) and spans on the period October 2018 – September 2020. The PERSONAS project leverages virtualization for offering additional security to the end-user, providing a device independent, user-centric and self-adaptive security system, able to cope with the concept of seamless working experience on different devices, in which a user may start a session on a device and location and follow up the process on different devices and locations, without corporate or personal digital asset loss – delivering an agile personalized system, which, based on the context, enables different features for increased security on individuals and corporate devices.

Main features include: (i) enable automation of software virtualization for protecting different types of corporate and personal data based on an active context, and (ii) assist individual users and organizations manage data security processes and related policies more effectively while maintaining a sufficient level of user awareness and control of any automated decisions made by computing devices. The key technological concepts and artefacts comprising the proposed PERSONAS framework and constituting its unique selling points are described below:

(1) Context-aware User-centric Adaptation. PERSONAS incorporates a set of algorithms that process output of context information (location, network, etc.) and determine the executing context of a client based on some predefined user profiles. For example, a PERSONAS’s device can distinguish the corporate from the home environment. When there is a switch, i.e., the user leaves his/her office for work, PERSONAS provides the end-user with recommendations on possible adjustments of the device and realizes end-user’s decision.

(2) Secure Multi-Mode Virtualization. PERSONAS applies state-of-the-art techniques for virtualizing an Operating System, a process, and shared native code. Virtualized entities are isolated with each other, and therefore PERSONAS can utilize different pseudo-devices (Personas) giving the user the feeling that they own several devices for different contexts, but, in fact, users have one physical device with many virtual ones.

(3) Situational Awareness, Governance and Control. PERSONAS allows users to switch between several virtual devices and thus contains threats that manifest in different contexts. Each time the device is entering a new context, the system instantiates the appropriate virtual device, and the user is alarmed.

Within PERSONAS, UBITECH undertakes the overall project coordination, consortium management, risk management and quality assurance, and drives the conceptualization, modelling and implementation of the context-aware security and privacy policies that should be enforced when a virtualized instance is executing once the device enters a particular context, as well as of the PERSONAS user-centric context-aware platform that helps individual end-users to use their device securely in multiple environments providing lightweight OS virtualization, adopting hardware-based (i.e. OpenSGX) and software-only (i.e. Cells and Qubes OS) virtualization techniques and operating systems.