A feasibility study of a data security software product adopting Digital Security by Design (DSbD) technology

The Anzen data archive and storage product is a software innovation that allows organisations to store their data in the public cloud with an increased level of assurance that it will not be leaked or compromised. It achieves this by data anonymisation via clustering, followed by splitting it into four separate data shards which may individually stored in different locations. This solution means that without compromising each of the four storage locations it is impossible to return the data to its original form and therefore massively multiplying the amount of effort required in order to compromise the data.

The key project objective is to confirm whether adopting DSbD security is viable. We therefore require to understand whether our product's functionality behaves the same and whether we have the requisite have the skills and resources that is both practical and achievable for DSbD technology adoption. The study deliverables therefore will be framed to answer this question through research and design of feasibility experiments; the execution/testing of these; and the analysis of both the quantitative and qualitative results.

Our investigation of the work required in order to move an existing piece of software (in this case our core processing code) will act as guide for other software projects and our own future works as to the viability of supporting CHERI.

The investigation will focus on determining the technical and knowledge challenges encountered when migrating an application in the middleware of the software stack. This investigation will evaluate not only the CHERI architecture itself but also the supporting documentation, operating system support and the LLVM/clang compiler for CHERI.