Remote Attestation and Distributed Trust in Networks (RADTiN)
Small Business Information
Critical Technologies Inc
Suite 400, 1001 Broad Street, Utica, NY, -
AbstractABSTRACT: Warfighters need to be able to trust the computer systems on which their lives depend, which includes every computer in or attached to the network. We can launch a trustworthy computer by booting from a Trusted Computing Base consisting of a Microvisor with capabilities security plus a Capability Proxy engine running in a Virtual Machine, all protected by a Trusted Platform Module. We can instantiate multiple VMs that communicate with each other only by means of Microvisor methods that enforce capability-based security, instantiate a Tahoe-LAFS grid in the VM server farm, and run Secure Multi-Party Computation on the VMs. We can use secure multicast communications protected by capability-based security using NORM plus DIPLOMA, instantiate multiple Tahoe-LAFS grids and run Secure Multi-Party Computation on multiple computers to make the network resistant to exploitation. We can share security information using publish-subscribe distributed blackboards. We can enable trust relationships between VMs and between computers using the Trusted Computing Group"s Direct Anonymous Attestation. We can use multi-factor authentication of the user to the computer. We can make it easy for users to do the right thing and difficult for users and adversaries to do the wrong thing by managing capabilities with Capability Middleware, which CTI will design. BENEFIT: The increasing prevalence of mobile devices in defense, law enforcement, industrial, and commercial markets has resulted in an increased need for scalable, flexible, comprehensive, and automated security of the devices and of the data they store and transmit/receive. Additional to the security of the data is the requirement for secure computing, as apps on mobile smartphones, laptops, and personal computing devices are more frequently targeted with malware, spyware, and DoS attacks, and are less prepared to thwart attacks, when compared to traditional (and still prevalent) fixed workstations. Thus, there exists an acknowledge market need (both in government and the commercial marketplaces, regardless of industry) for a method that will enable mobile data storage, mobile computing, and the security to use a mobile node to access a static network via any node, agnostic to that node"s attributes or status (vulnerable, infected, unknown, etc.) CTI foresees this solution developing not into a single point solution, but a product line of OEM component solutions, customized for multiple hardware platforms (beyond the proposed PoC MXI stealth USB drive) and user groups. The latest market size figures for such a solution range from five hundred million to one and a half billion dollars in annual sales (2 to 4 million units sold in the US with an estimated average unit price of $250 over several storage MB limits) by the year 2016, more than tripling in size over the next five years, and experiencing a compound annual growth rate of 5-17% as various international commercial markets are forecast to grow. Given the potential service bureau attached to the proposed product line (whose value is not being estimated above), the sales of this hardware and service package solution would exceed one billion dollars net Certainly, even at this early stage, there are markets aware of the unsolved problems, the need for the benefits, and the willingness to purchase a solution capable of defending against evolving threats. Such market figures and educated customers indicate low programmatic risk for transition and commercialization.
* information listed above is at the time of submission.