Aspen: Analyzing the compatibility of security policies in a system of systems
Agency / Branch:
DOD / MDA
Complex applications are, increasingly, constructed by networking and integrating computer systems and services, each with its own stakeholders and security policy. Developers can find it difficult to understand how those policies mediate interactions among the component systems. Access decisions at some internal interface can have profound and unanticipated consequences, affecting both the functionality and security of the whole. The architecture of a system supplies the context in which these interactions occur and imposes constraints in addition to those enforced by individual security policies. ATC-NY, in collaboration with Architecture Technology Corporation and Professor Andrew Myers of Cornell University, will develop Aspen, a tool to specify, design, model, and analyze the interactions of security policies and architecture in a system of systems. Aspen will extend a systems modeling language (such as SysML) with rich interface descriptions that include security annotations and specifications of the protocols by which components interact. Annotations and specifications are based, ultimately, on security type systems, which can be used to analyze security properties by a form of type checking. These type systems can also guide implementation of the inter-component protocols so that they do not introduce new security flaws.
Small Business Information at Submission:
ATC - NY
33 Thornwood Drive, Suite 500 Ithaca, NY 14850
Number of Employees: