Cybersecurity for Research Institutes

About AIGIS

Academic institutions are a target of cybercriminals. In 2022 alone, more than a dozen colleges and universities, as well as several non-university research institutions, were successfully attacked. Most of these institutions spent months restoring their operational capabilities. Many were blackmailed, demanding ransoms for the decryption of data. There was even double blackmail, meaning the additional demand for ransom to prevent the stolen data from being published and offered for sale on the dark web. In isolated cases, this is precisely what happened: datasets from research institutions and their employees are offered on the dark web in exchange for cryptocurrency.

Research institutions face particular challenges because they have a large number of institutes with diverse IT infrastructures. An open culture prevails; for example, researchers enjoy considerable freedom in conducting their work, and students are allowed to use their own devices. However, individual computers belonging to researchers and students can be hacked. It is therefore not sufficient to secure an entire system against external attacks, as it cannot be guaranteed that security standards are maintained within the system. Furthermore, the spread of an intrusion via a compromised internal system must be contained.

Modern cybersecurity architectures that implement zero-trust principles have the potential to almost completely solve this problem.

The "Real-World Lab for Modern Cybersecurity in Research Institutions" (AIGIS) project will demonstrate, using two research institutions as examples, what such a modern cybersecurity architecture could look like.

In the AIGIS project, funded by the German Federal Ministry of Research, Technology and Space (BMFTR) and supported by ATHENE, real-world labs for modern cybersecurity in research institutions are being set up at Goethe University Frankfurt and the Fraunhofer Institute for Secure Information Technology (SIT) in Darmstadt. The developed reference architectures and implementations will demonstrate how to set up and secure an IT infrastructure while observing data protection and other requirements, largely preventing further undetected spread of cyberattacks. The fundamental principle here is Zero Trust.

What is Zero Trust?

Zero Trust means that every subsystem, every network segment, and every application is secured separately from the others. Users and subsystems are only granted the privileges absolutely necessary at any given time and must verify their identity and privileges each time they access another subsystem. Passwords are replaced by more secure login methods, particularly those that are phishing-resistant and, if possible, passwordless. All data and messages are encrypted. Everything is monitored and examined for signs of an attack wherever possible.

Zero Trust pursues a data-centric approach and abandons the outdated principle of defining the institution and all its participants as trustworthy and protecting them externally through perimeter firewalls, VPNs, or coarse network segmentation. Accordingly, all users must authenticate each time they access institution data. This requires device validation and extensive encryption. Depending on the sensitivity of the data, authentication and validation can be dynamically adjusted. Authorizations are granted according to the principle of "as much as necessary, as little as possible." Because all access is reduced to a necessary minimum and continuously validated, the damage in the event of a compromise remains minimal – the spread of an attacker within the network is contained by a zero-trust architecture.

Similar approaches have been known for decades in other areas, such as the bulkhead principle in shipping or fire protection.

The essential elements of a zero-trust architecture include:

  • Identity Management

    Hardened and flexible identity management and strict access control significantly increase security. Measures include strict and phishing-resistant multi-factor authentication, hardened single sign-on solutions with enforced authentication, and policy verification for each authorization process. Access to services is strictly regulated. All connection setups are authenticated and authorized for each individual service. Users are routed directly and exclusively to the authorized service. This also includes access monitoring, including anomaly detection, which must be carried out in compliance with data protection regulations.

  • Microsegmentation

    Assets requiring particular protection are further secured through microsegmentation of the network and are connected exclusively via security gateways or next-generation firewalls. Microsegments receive dedicated, high-level protection mechanisms.

  • Encryption

    To protect data, encryption is used throughout, even to secure data that a potential attack steals from the system. Only services that allow encryption are used.

  • Hardening

    The IT systems involved are protected against attacks by various measures. These include secure hardware, hardening of installed operating systems, and effective patch management of installed software. This requires up-to-date asset management and an up-to-date inventory of the software in use (SBOM = Software Bill of Materials). The use of an Extended Detection and Response solution, which detects attacks on IT systems and prevents further spread through automatic network isolation, is also essential.

  • Monitoring

    All security components generate logs that must be evaluated, especially for security gateways and next-generation firewalls. They are used as sensors and continuously provide data to a system for detecting anomalous behavior, enabling the rapid identification of unauthorized services or individuals on the network and early detection of attacks.

Project Goals

AIGIS is creating a zero-trust reference architecture for research institutions. The architecture aims to achieve three goals:

  1. To largely defend against cyberattacks, i.e., to meet all security requirements and maintain all functions of the research institution despite ongoing cyberattack attempts;
  2. To meet the research institution's essential security requirements at all times, while maintaining all critical functions, despite partially successful cyberattacks;
  3. To largely limit the negative impact of successful cyberattacks and restore the research institution's operational capability as quickly as possible.

Approach

The zero-trust architecture in AIGIS is being designed and implemented as a real-world laboratory. The project addresses the requirements analysis for establishing a zero-trust architecture at German research institutions (particularly quantity frameworks). Operational challenges lie in the necessary and extensive procurements that must be completed within a short period of time and evaluated against various criteria (particularly transferability to other scientific institutions). The research activities of the real-world laboratory to be established include research questions related to hardware installation with innovative zero-trust components, zero-trust identity management, the introduction of programmable network devices in the data plane, infrastructure access, access via externally hosted services, and the integration of external project partners. During the project, the issue of digital sovereignty will be addressed, and scientifically sound recommendations will be made on how this could be further increased.

Institutions

The project's coordinator is Goethe University Frankfurt am Main. The project is led by Prof. Haya Schulmann, who holds a LOEWE top professorship at the Chair of Computer Science at GU and is a member of the ATHENE Board.

Cooperation

Goethe University Frankfurt

Die Goethe-Universität Frankfurt am Main (GU) ist seit dem 1.1.2022 eine der an ATHENE mitwirkenden Forschungseinrichtungen. Die GU ist eine Volluniversität und gemessen an der Anzahl Studierender eine der fünf größten Universitäten Deutschlands. 493 / 5.000 Goethe University Frankfurt am Main (GU) has been one of the research institutions participating in ATHENE since January 1, 2022. GU is a comprehensive university and, measured by student numbers, one of the five largest universities in Germany. This makes it one of the most suitable universities for transferable research results on the development of a zero-trust infrastructure. Findings obtained at GU can be generalized to universities in Germany.

Fraunhofer Institute for Secure Information Technology

The Fraunhofer Institute for Secure Information Technology SIT is one of the world's leading research institutions for cybersecurity and privacy protection. The institute is involved in the National Research Center for Applied Cybersecurity ATHENE.

At Fraunhofer SIT, real-world laboratory projects can be carried out as pioneering projects, as its size and agility make this possible. With around 220 employees, the institute is roughly the same size as a department or faculty at a university.

Chair

Prof. Dr. Haya Schulmann
Goethe University

Project Funding

The Federal Ministry of Research, Technology and Space (BMFTR) is providing funding totaling €8.91 million. The project runs from November 2022 to October 2026.