This project focuses on the theoretical foundation and the protocols that facilitate a survivable information infrastructure that meets the critical requirements of a national emergency response system. Specifically, the project will address the following challenges: (1) expand the existing theoretical framework to analyze the behavior of malicious and colluding participants; (2) design and construct a scalable survivable messaging system that operates correctly under a strong adversarial model that includes insider threat and denial of service attacks; (3) design and construct information access protocols that protect against compromised database servers providing incorrect data or servers that deny access to legitimate users; and (4) prevent malicious users from learning unauthorized information. The domain of application for this work is the Clinicians' Biodefense Network (CBN), a nationwide Internet-based information exchange system designed to provide clinicians with critical information in the aftermath of a bioterrorist attack. The CBN is designed to mitigate benign Internet faults and to resist a physical attack on one location. However, it is not able to correctly operate under a stronger threat model that includes insider attacks. Solutions for this stronger threat model are not currently available and present a major research challenge. This project will construct a prototype survivable system based on the CBN, and from it draw general principles. It will develop a solid theoretical foundation and novel system tools to facilitate building national emergency networks that are resilient against cyber-attacks in crisis situations, when those networks are most urgently needed.
