Finished Projects
Security Infrastructure
SVE Project
Secure Virtual Enclaves (SVE) is a research project exploring the development and use of security technology to enable collaborative computing between organizations using distributed applications on open networks with COTS OS's and COTS middleware.
Summary
The SVE project's principal objective is to develop and prototype
technology that allows organizations to dynamically create and modify
secure virtual enclaves, collections of computing resources that are
protected from general use, but selectively available to collaborators
from multiple organizations. The SVE project has three principal
technology goals:
- Develop security mechanisms for protecting the resources that an enclave exports to SVEs.
- Develop security policy sharing mechanisms that allow SVE security policies to change dynamically and securely.
- Use the security mechanisms to enforce these policies on distributed applications of various kinds (e.g., DCOM, CORBA, DCE, WWW and other networked applications) using middleware security mechanisms of various kinds (e.g., SSL, DCE security, Sesame, SPKM
The resulting security technology will enable organizations to define partial trust relationships, to collectively state and enforce SVE security policies within the constraints of those relationships, and to share resources while retaining control over access to them.
The Big Picture
The above figure illustrates our conceptual architecture for SVE-based
interaction between enclaves. Each enclave has a set of resources that
are protected from the outside world at large. Some of these resources
may be shared with specifically authorized collaborators in other
organization. In case of a shared resource or service, some or all of it
may be accessible to collaborators, by being "exported" to the SVE
shared by the organization and its collaborators. Thus, each SVE is the
union of the several subsets of services of several enclaves. Each
enclave has a partial trust relationship with the others, so that the
other can access the exported resources but no others. Principals in an
SVE can access the SVE resources of another enclave, but are prevented
by those other enclaves from accessing any other resources in that
enclave. An SVE security policy is a speciciation of which principals
can access which resources in the SVE. Each enclave shares in the
enforcement of this policy by denying unauthorized access to the
services or resources that it exports to the SVE. Policies may change
dynamically, and the enforcement mechanisms adapt to each policy update.
New Ideas
- Dynamic security mechanisms for control of collaborative computing between enclaves using distributed applications over open networks.
- Unified support for heterogeneous kinds of distributed application technology and security technology on COTS platforms.
- Federated security policy for collaborations, where each collaborator maps local policy into jointly enforced common policy.
- Autonomous reconfiguration of authorization and authentication, in response to dynamic changes in resource allocation and trust relationships.
Impact
- Organizations will be able to securely provide limited access to internal computing resources for selected collaborating organizations.
- Scalable fine-grained controls over what resources are shared with which other organizations' principals/roles.
- Support for the high degree of dynamism of computing in JTFs and distributed collaborative planning and warfighting.
- Collaborating organizations protect shared resources without being involved in each others' security policies.
The ITO Project Summary Form provides more information on recent accomplishments and plans.
Credits:
Sigma is funded by DARPA's
Information Technology Office (ITO) and funded and managed by
Rome Laboratories.