Award Abstract #0430425
CT:Securing Untrusted Software with Interposition
NSF Org: |
CNS
Division of Computer and Network Systems
|
|
|
Initial Amendment Date: |
September 20, 2004 |
|
Latest Amendment Date: |
September 15, 2005 |
|
Award Number: |
0430425 |
|
Award Instrument: |
Continuing grant |
|
Program Manager: |
Karl N. Levitt
CNS Division of Computer and Network Systems
CSE Directorate for Computer & Information Science & Engineering
|
|
Start Date: |
September 15, 2004 |
|
Expires: |
May 31, 2006 (Estimated) |
|
Awarded Amount to Date: |
$1300000 |
|
Investigator(s): |
David Mazieres dm-mail-support2@scs.stanford.edu (Principal Investigator)
M. Frans Kaashoek (Co-Principal Investigator) Robert Morris (Co-Principal Investigator) Edward Kohler (Co-Principal Investigator)
|
|
Sponsor: |
New York University
70 WASHINGTON SQUARE S
NEW YORK, NY 10012 212/998-2121
|
|
NSF Program(s): |
, ITR-CYBERTRUST, CYBER TRUST
|
|
Field Application(s): |
0000912 Computer Science
|
|
Program Reference Code(s): |
HPCC,9218,7254
|
|
Program Element Code(s): |
V842,T221,7456,7371
|
ABSTRACT
Proposal: NSF-0430425
Title: Securing Untrusted Software with Interposition
PI: David Mazieres
Abstract
The principles for building secure computer systems have been known for decades. Yet violating them---by assuming elevated privilege, for example---makes application development so much easier on conventional operating systems that it's doubtful the principles will ever be broadly followed there. This research program investigates a new operating system design, Asbestos, that allows applications to be completely secured by third parties, such as system administrators, without help from application authors themselves. The fundamental Asbestos security primitive is interposition, whereby programs can easily interpose upon, monitor, and control any or all interactions between an application and the rest of the system. Unlike previous systems, this includes interactions with other applications as well as system services. Interposers correspond to security policies, or per-application firewalls. They can block or virtualize undesired accesses, so that legacy applications that demand inappropriately high privilege can run in a less-privileged setting. Design challenges include making system interactions easy for interposers to understand, and developing a convenient library of security policies built from interposition components. A successful Asbestos design has the potential to significantly improve the security of critical systems, even those running insecure applications. Source code will be released publicly under an open-source license.
Please report errors in award information by writing to: awardsearch@nsf.gov.
|