AESOP - Automatic Extraction and verification of Security features Of Programs
Agency / Branch:
DOD / OSD
To address the threat of malicious third party software modules, ATC-NY, Professor Dexter Kozen, Cornell University, and Architecture Technology Corporation, will create AESOP, a static analysis tool that automatically extracts a digest of the security-relevant behavior of a software module at compile-time, which can be verified at load-time for accuracy and for compliance with a security policy. This digest will act as a code pedigree guaranteeing the trustworthiness of the program. Examples of policies that will be supported include the specification of proper I/O behavior and restrictions on the access to system operations and resources.
Small Business Information at Submission:
ATC - NY
33 Thornwood Drive, Suite 500 Ithaca, NY 14850
Number of Employees: