Galois NSTIC pilot: Creating secure data storage and access for the IoT

SecureID News

Galois focuses on cyber security, primarily serving the U.S. government, and with its NSTIC pilot funding the company will pilot a project to build a tool that can enable the storing and sharing of private information online. The data storage system will rely on biometric authentication. Project partners also plan to develop transit ticketing on smartphones and integrate the secure system into an Internet of Things (IoT) enabled smart home.

PERMALINK

Rob Wiltbank of Galois: Maintaining a Singular Focus on High-Assurance Systems

WashingtonExec

Making systems as they were intended – that’s been the focus of Portland-based tech company Galois from the very beginning. For the past 15 years, the company has focused on research and development of technologies that protect networks, systems, devices and vehicles. That critical work has translated into sizable contract wins, most recently, with the award […]

PERMALINK

David Archer: The unrealized potential of interagency total information sharing

Government Computer News

Significant events tend to trigger significant reactions. In the immediate aftermath of 9/11, fingers pointed to the lack of information sharing among government agencies at every level as the root of our inability to predict the attack, which unsurprisingly led to calls for total information sharing (TIS). Then, on the heels of a string of […]

PERMALINK

Making mobile phones the authentication hubs for smart homes

Government Computer News

“[…] people who have tried to deploy authentication devices for smart homes have had a lot of trouble getting them to work, and they’re kind of expensive,” said Isaac Potoczny-Jones, computer security research lead at Galois.“Since a mobile phone can do cryptography, and because we can build beautiful and easy-to-use interfaces on mobile phones, we […]

PERMALINK

Isaac Potoczny-Jones: IoT Security & Privacy – Reducing Vulnerabilities

Network Computing

“In a recent 2015 cybersecurity report, AT&T charted a 458% increase in Internet of Things (IoT) vulnerability scans of devices. This is just the latest indication that hyper-growth of IoT devices, sensors and systems across business, consumer and government sectors puts users’ information privacy and security at risk.” In this Network Computing piece, Galois’ Isaac Potoczny-Jones discusses why the Internet of Things are very often vulnerable today, and what vendors can do to built IoT devices with security and privacy in mind.

PERMALINK

How the Federal Government is Attempting to Protect the Internet of Things

NextGov

NIST is also developing standards aimed at protecting consumer privacy in the Internet of Things, noted Isaac Potoczny-Jones, research lead for computer science at Galois, a company working with NIST on consumer privacy. “A lot of the Internet has this financial basis around making the user into the product, not the consumer,” he told Nextgov. “The user’s private data is really the product and that product is sold elsewhere — we see a potential for that happening on the Internet of Things.” Galois is working with NIST on a pilot in which consumers’ information, culled from smart-home services, could be integrated into a “privacy preserving data store,” Potoczny-Jones said.

PERMALINK

Podcast: Galois using biometrics to secure private data

SecureID News

Isaac Potoczny-Jones, Galois Identity Research Lead and CEO of Galois authentication spin-off Tozny, talks about the new NSTIC pilot in a recent re:ID podcast episode. Galois, a Portland-based company that focuses on cyber security primarily for the U.S. government, is the final winner of the fourth round of NSTIC pilots. Galois and its partners will build […]

PERMALINK

Secure Computation and The Right to Privacy: Guest blog post by David Archer

The State of Security

While there are straightforward encryption solutions for data in transit and data at rest, data is usually unencrypted while it is being computed on, leaving it exposed to sophisticated attackers. In this guest blog post on Tripwire’s The State of Security blog, David Archer, research lead at Galois, explores a few methods of computing on data while it remains encrypted that are emerging from academic research and slowly becoming practical.

PERMALINK

NSTIC commits $3.7 million to new round of identity pilot programs

ZDNet

Galois will build a tool that allows users to store and share private information online. The user-centric personal data storage system relies on biometric-based authentication and will be built securely from the ground up. As part of the pilot, Galois will work with partners to develop just-in-time transit ticketing on smart phones and to integrate […]

PERMALINK