USA flag logo/image

An Official Website of the United States Government

End to End Trusted Path for Embedded Devices and Applications

Award Information

Agency:
Department of Defense
Branch:
Air Force
Award ID:
Program Year/Program:
2012 / STTR
Agency Tracking Number:
F11B-T15-0283
Solicitation Year:
2011
Solicitation Topic Code:
AF11-BT15
Solicitation Number:
2011.B
Small Business Information
Cummings Engineering Consultants, Inc.
145 S. 79th St., Suite 26 Chandler, AZ -
View profile »
Woman-Owned: No
Minority-Owned: No
HUBZone-Owned: No
 
Phase 1
Fiscal Year: 2012
Title: End to End Trusted Path for Embedded Devices and Applications
Agency / Branch: DOD / USAF
Contract: FA8750-12-C-0141
Award Amount: $99,942.00
 

Abstract:

ABSTRACT: Smartphones are powerful computing devices that manipulate, store and transmit sensitive data and are becoming increasingly popular for malware attacks as a result. In order to use them for military purposes, a mesh of security techniques are needed in order to contain sensitive data and prevent it from leaving the device in an unapproved manner. Data separation primarily relies on address spaces defined by the operating system and enforced by the MMU of the processor, as well as permissions applied to data stored in files. Writing a new kernel in a secured development environment, or virtualizing the kernel and device drivers to run under a hypervisor, is the most direct way to increase the strength of data separation. However, it has technical limitations, it requires a handset-specific software solution, and it requires support of the handset manufacturer to build a custom system image. Rather than try to isolate all applications from each other, our solution is to isolate just the secure applications. Applying the proposed advanced platform integrity mechanisms along with our secure data transformation for storage and transmission provides a complete solution against the adverse effects of intentional malware or accidental mishaps. BENEFIT: Applying the advanced platform integrity techniques and secure data transformation methods described in this proposal would provide the framework for data protection, integrity, isolation, and authentication for secure applications running on mobile platforms. It ties together a number of both standard and novel security techniques in an easy to use, scalable, and trustworthy manner that has yet to be seen for an enterprise security model. Whether the enterprise is commercial, government, or military, secure communication among them is made possible through disparate networks providers and complex network topologies. The software-only solution can be quickly installed and provisioned for use, remotely updated and managed, as well as remotely uninstalled and wiped clean. The key component of continuous auditing and monitoring of the platform provides the requisite integrity we need to robustly counteract today"s adversarial conditions.

Principal Investigator:

Ty B. Lindteigen, CISSP
Chief Information Assurance Arch.
(480) 779-7859
Ty.Lindteigen@cummings-inc.com

Business Contact:

Darren Cummings
President
(480) 203-7559
darren.cummings@cummings-inc.com
Small Business Information at Submission:

Cummings Engineering Consultants, Inc.
145 S. 79th St., Suite 26 Chandler, AZ -

EIN/Tax ID: 208923401
DUNS: N/A
Number of Employees:
Woman-Owned: Yes
Minority-Owned: No
HUBZone-Owned: No
Research Institution Information:
University of Advancing Technology
2625 W. BASELINE RD.
Tempe, AZ 85283-5283
Contact: Shelley Keating
Contact Phone: (480) 650-5481