Data Integrity and Confidentiality Resilient Operating System Environment for Multi-Level Security

Award Information
Agency: Department of Defense
Branch: Navy
Contract: M67854-18-C-6511
Agency Tracking Number: N172-105-0421
Amount: $124,998.00
Phase: Phase I
Program: SBIR
Solicitation Topic Code: N172-105
Solicitation Number: 2017.2
Timeline
Solicitation Year: 2017
Award Year: 2018
Award Start Date (Proposal Award Date): 2017-11-30
Award End Date (Contract End Date): 2018-10-01
Small Business Information
591 Camino de la Reina, San Diego, CA, 92108
DUNS: 010681380
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 John Geddes
 (619) 398-1410
 jgeddes@ramlabs.com
Business Contact
 Ms. Sullivan
Phone: (619) 398-1410
Email: msullivan@ramlabs.com
Research Institution
N/A
Abstract
One of the largest threats to multi-level secure operating systems are zero-day privilege escalation attacks that allow an adversary to gain root privileges and break out of any sandbox environment. To combat these challenges RAM Laboratories is proposing a secure dual-classification operating system with kernel integrity modules that prevent this style of attacks. First, instead of simultaneously running two classification levels in virtual environments, we have two versions of the operating system installed on the device, each encrypted with separate keys. This means that an adversary, at any privilege level, will be unable to gain access to the other classification level, as the proper key would be needed to decrypt and access the other classification level. However, even if an adversary cannot access the other classification level, we still want to prevent them from gaining root privileges at all. To this end, we use the ARM TrustZone to enforce kernel integrity, with modules executing in a Trusted Execution Environment (TEE) offering a much smaller Trusted Computing Base (TCB) than typical hypervisors or full-fledged kernels. By enforcing a few security properties, the modules are able to prevent any adversary from executing user-space code with kernel privileges, preventing any privilege escalation attack.

* Information listed above is at the time of submission. *

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government