IT security and quality

Head of programme: Dr. Károly Kondorosi, associate professor, BME IIT

As IT systems are increasingly becoming part of all walks of life, information security is becoming more and more important. The security of current IT systems is not satisfactory, while security solutions are difficult and over-complicated. International standards and regulations are being drafted to classify security systems and to certify compliance with standards (e.g. Common Criteria). Hungary accepts these standards and intends to apply them (c.f. MIBÉTS). Besides technical approaches, organisational level approaches are also gaining ground (COBIT, BS7799). Quality and quality assurance are no exception to this, as in addition ISO certifications CMM-rooted certifications are also becoming increasingly popular. The ultimate purpose of the programme is the creation of an IT security and quality attesting laboratory which by the end of the project could become an IT certification laboratory. A university organisational unit is ideal for such purposes, owing to its independency of market participants. Our particular research topics include analysis of new threats, techniques of identification and attestation; secure payment protocols, audit methodologies and their computerised support, as well as determination of quality attributes, metrics and measurement methods of products, resources and processes.

Considering that security and quality requirements arise in almost every project of the Knowledge Centre, and knowing that meeting these requirements is by no means trouble-free, we seek solutions to the actual problems of the projects within the frameworks of the programme as well.