MIT Lincoln Laboratory software technologies have aided in improving cloud computing security and speeding up video surveillance analysis. Keylime has improved the security and privacy of data and services in the cloud by utilising a trusted platform module for ongoing verification checks in cloud machines (TPM).
Forensic Video Exploitation and Analysis (FOVEA) employs video analytics to identify critical moments. Both inventions have recently been recognised with Federal Laboratory Consortium (FLC) Northeast regional honours for the 2023 Excellence in Technology Transfer and R&D 100 Awards.
Cloud computing services enable businesses to rent computer resources from a cloud provider, who manages and secures the rented workstations. But customers need help verifying the security of cloud machines. As a result, companies with sensitive data, such as US government agencies and financial institutions, are hesitant to reap the benefits of commercial cloud providers’ flexibility and low cost.
“We are honoured that the Keylime team, our partners, and open-source developers have been recognised with this national FLC award for their hard work and commitment. We look forward to sustaining and expanding valuable collaborations and assisting the Keylime open-source community in its further growth,” Munson, one of the Lincoln Laboratory’s Keylime developers, explained.
TPM as Keylime’s critical point
Keylime is an open-source software developed by MIT that allows customers with sensitive data to continuously evaluate the security of cloud machines, edge devices, and internet-of-things (IoT) devices. The software performs constant security checks by utilising a piece of hardware known as a trusted platform module (TPM).
When data is tampered with, the TPM generates a hash (a string of characters representing data) that changes considerably. Keylime was created to make TPMs compatible with cloud technologies, and it reacts in seconds to a TPM hash change to shut down a compromised machine. Keylime also allows customers to securely bootstrap secrets (upload cryptographic keys, passwords, and certificates onto rented computers) without disclosing them to the cloud provider.
Lincoln Laboratory made Keylime available to the public through an open-source licence and distribution plan that included several partnerships. More than 50 open-source developers worldwide are already contributing to Keylime, and huge IT companies are implementing the technology on their cloud machines.
Video footage smart analysis
While significant investments have improved camera coverage and video quality, the pressure on video operators to analyse and extract relevant insights from surveillance material — which is still primarily manual — has increased significantly. Large-scale closed-circuit television systems that patrol public and commercial locations can have hundreds or thousands of cameras, making everyday investigation jobs difficult.
FOVEA significantly shortens the time required for forensic video analysis. Security staff can use FOVEA to evaluate hours of footage in minutes and conduct complicated investigations in hours rather than days, resulting in shorter response times to ongoing incidents and a more robust overall security posture.
“It’s amazing to see the software team’s efforts recognised with this prize,” said DeAngelus, the inventor of the FOVEA technology. “I am grateful to the many helpful people at Lincoln Laboratory and MIT who helped make this move possible, particularly the licencing, contracts, and communications offices.”
There is no need for pre-analysis video curation or proprietary server infrastructure; the on-demand suite of video analytic capabilities may be used for any video stream and assist daily investigations and unforeseen or catastrophic events such as terrorist threats.
This suite includes capabilities for the jump back, video summarisation, multicamera navigation and path reconstruction and on-demand person search. Jump back will automatically rewind the video to critical times and detects general scene changes. Video summarisation condenses all motion activity from long raw video into a short visual summary. Multicamera navigation and path reconstruction allows users to track activity over place and time and camera to camera in chronological order. Users can scan neighbouring cameras for persons of similar appearance for on-demand person search.