Finished Projects
Secure Execution Environments
Agility
In rapidly changing environments, software components must be able to respond flexibly and quickly to changing resource availabilities and security policies. To provide uninterrupted service for critical processes, these responses must be accomplished without restarting key components.
Under DARPA funding, this research investigated and developed techniques and toolkits that provide a framework for engineering security-agile software components that have built-in knowledge of security policies, models, and mechanisms and that reconfigure dynamically in response to authorized security policy change requests. Initially, this research leveraged our Domain and Type Enforcement (DTE) technology, to provide validated security policy tools, including the ability to dynamically change the operating system's security policy. However, we also developed an application-level policy model, referred to as the Access Decision Function (ADF), to provide a security policy model for toolkit development on non-DTE systems, including FreeBSD and Red Hat Linux.
For more information:
The
DARPA/ITO Project Summary provides more information on recent
accomplishments and plans for this project. Also, feel free to send
questions to Dave Balenson at 443-430-8000 (David.Balenson@SPARTA.com),
or visit our
Web page.