Situational Awareness, Control and Security Policies Enforcement on Multiple Virtualization Personas of Personal Devices

Host Organisation: UBITECH Ltd
Partner Organisation(s): PA 1: University of Cyprus PA 2: CY.R.I.C Cyprus Research and Innovation Centre Ltd
Project Budget: 262.303,20 €
IDEK Funding: 200.000,00 €

We propose the PERSONAS framework, which protects users against advanced cyberattacks. We follow a quite different approach compared to any of the common strategies currently employed for dealing with software exploitation. We do not deliver a product with no vulnerabilities or software that fixes the bugs of other programs. Quite the opposite, we assume that the user’s device is eventually compromised, but we aim at effectively neutralizing the exploit. We prevent threats originating from one world (e.g. the workplace) to another (e.g. the social world) and vice versa. For example, consider a user that browses the web through an open access point of a coffee shop. If their web browser is compromised, any sensitive information related to their work should not be affected. For a second example, consider a company that requires all the employees to install a plug-in that logs their actions performed by their web browser (for security purposes). This software should not be able to track actions that are performed by the employee's web browser outside their working environment. PERSONAS virtualization framework enforces strict isolation of sensitive data used in a workplace from data used in the social world, and vice versa, ensuring that on a particular device different virtualized instances of the same system can co-exist. A PERSONAS-enabled web browser, for example, has two different instances, the corporate and the social one. The corporate instance and the social instance share the same configuration (e.g., cookies, site history, plug-ins, and passwords), however each instance has strict access to particular data. Each instance is activated based on location and network access. Both instances can be compromised, however threats that originate from the coffee shop can only affect the social instance, and vice versa. Finally, both virtualized instances run interchangeably in a transparent fashion, without the user taking notice of which instance is actually used.