• About ISSO
• Research Areas
• Projects
• Finished Projects and Archive
• Opensource Projects

Finished Projects

Security Infrastructure

SVE - DARPA/ITO Project Summary

Objective:
Develop technology that enables multiple enterprises to engage in controlled collaborative computing using distributed applications over open networks. Deploy the technology on COTS platforms to support COTS middleware and distributed applications. Support heterogeneous applications (e.g., DCOM, CORBA, WWW and other network applications) and middleware security technology (e.g., SSL, DCE-security, SPKM).

Approach:
An enclave is a collection of computers and networks managed by the same organization, and subject to the same security policy. Collaborative computing is interoperation between enclaves, where an enclave allows selected other enclaves to access some resources that are not accessible to the outside world. To perform such collaborative computing in a secure manner, each enclave requires controls that ensure that only valid collaborators get access to resources that are protected from unrestricted access by outsiders. Collaborative computing takes the form of a virtual enclave when a group of collaborators' real enclaves jointly share services/resources with the group.

This kind of sharing in virtual enclaves is based on limited trust relationships between enclaves, and corresponding limits on shared resources. For each virtual enclave that an enclave participates in, the enclave specifies which internal resources are accessible by the collaborators in that virtual enclave. A secure virtual enclave (SVE) is a virtual enclave where each participating real enclave exports services and resources to the virtual enclave, and where each export is: logically segregated from internal-use-only services/resources; protected from access by the outside world; access-controlled to permit access defined by an SVE security policy. Furthermore, each SVE policy and the security mechanisms that enforce it must have dynamic qualities to accommodate changes in SVE membership, resources, and policy.

Flexible access controls for dynamic policies and SVEs are needed to meet agile distributed computing requirements in a variety of areas: military joint task forces and distributed collaborative planning; civilian disaster/incident response teams and crisis management; aerospace joint projects of teamed contractors that are also competitors; commercial outsourcing, contractor/customer limited access to corporate resources.

Recent Accomplishments:
The project has not yet begun. However, we did present an overview of the project at the New OS Paradigm Workshop following the IEEE Security Symposium this year.

Current Plan:
In the project's first year, we will perform analysis, design, and specification activities, as well as early prototyping efforts. We will define a language for stating SVE security policy in terms of what is exported from enclaves, and who can access it. We will define communication protocols for enclave gateways to exchange SVE policy elements. We will design and begin prototyping authorization mechanisms to enforce SVE security policies. These mechanisms will be placed in enclave gateways which will review exported-service requests from other enclaves, and permit or deny them as specified by SVE policy. We will design and begin prototyping the integration of support for heterogeneous distributed authentication technologies, for the authorization mechanism to determine the security attributes of SVE members. We will begin prototype implementation of SVE policy exchange protocols, and design the integration of network security mechanisms to ensure that only authorized enclave gateways can make changes to an SVE security policy.