Policy Guided Isolation and Strategically Shielded Exposure: A Novel Approach to Secure Applications

Award Information
Agency:
Department of Defense
Branch
Air Force
Amount:
$750,000.00
Award Year:
2012
Program:
STTR
Phase:
Phase II
Contract:
FA8750-12-C-0273
Award Id:
n/a
Agency Tracking Number:
F10B-T18-0228
Solicitation Year:
2010
Solicitation Topic Code:
AF10-BT18
Solicitation Number:
2010.B
Small Business Information
15400 Calhoun Drive, Suite 400, Rockville, MD, -
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
Y
Duns:
161911532
Principal Investigator:
Peng Xie
Lead Scientist
(301) 294-5218
pxie@i-a-i.com
Business Contact:
Mark James
Director, Contracts and Proposals
(301) 294-5221
mjames@i-a-i.com
Research Institution:
Purdue University
Dongyan Xu
305 N. University Street
West Lafayette, IN, 47907-2107
(765) 494-6182
Nonprofit college or university
Abstract
ABSTRACT: It is very challenging to secure applications in today's networked computer systems where applications inherently share various resources and information. In this proposal, we propose a novel approach called policy guided isolation and strategically shielded exposure, to protect applications in network environments. Our approach integrates virtualization technology with the Policy Machine technique to protect the applications. In Phase I, we implement the security-enhanced VM monitor (virtual machine monitor) to enforce the security policies regulating information sharing among processes inside a virtual machine. The experimental results in Phase I show that the security-enhanced VM monitor can effectively prevent information leakage caused by accidents or malware. In Phase II effort, we will extend our phase I work by integrating a light-weight kernel-compatible policy machine and efficient kernel code protection mechanisms with the VM monitor. Moreover, we will refine our process/data coloring technique to allow the VM monitor to more effectively monitor the execution of applications. Furthermore, the extended VM monitor can protect the guest operating system against kernel rootkits. Finally, the proposed techniques will be integrated into a prototype policy programmable VM monitor. BENEFIT: The proposed approach to application protection, policy guided isolation and strategically shielded exposure, provides a feasible solution to protect the applications in a networked environment. The architecture and techniques can be applied to a broad range of military scenarios that involve sensitive information protection including war-time command and control, real-time surveillance network, homeland security, etc. Other potential commercial applications include software industry, banking, law enforcement agency and various civil applications. In essence, the ideas, methods and products resulting from this effort will be applicable to virtually all applications where digital asset protection is needed. The market is quite large and still developing due to the development of computer and software industry. IAI is more than a"think tank", and we have actively pursued with our partners the application of our technologies into actual products. For this proposed effort, in particular, we strongly believe that our work provides the solution needed in practice. It is also reasonable to expect a source of revenue from service contracts related with the actual development of such product for application protection. In addition, IAI will closely work with our partners and collaborator companies such as Raytheon, Lockheed Martin, BAE systems, Boeing, and SAIC to transfer this technology into the military and commercial world.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government