TSPI: Transparent Software Protection Infrastructure

Award Information
Agency: Department of Defense
Branch: Air Force
Contract: F33615-03-M-1505
Agency Tracking Number: O031-0011
Amount: $99,999.00
Phase: Phase I
Program: SBIR
Awards Year: 2003
Solicitation Year: N/A
Solicitation Topic Code: N/A
Solicitation Number: N/A
Small Business Information
33 Thornwood Drive, Suite 500, Ithaca, NY, 14850
DUNS: 101321479
HUBZone Owned: N
Woman Owned: N
Socially and Economically Disadvantaged: N
Principal Investigator
 Carla Marceau
 Senior Principal Scientis
 (607) 257-1975
Business Contact
 Richard Smith
Title: Controller
Phone: (607) 257-1975
Email: rick@atc-nycorp.com
Research Institution
Software theft causes tremendous financial losses to software companies. Theft of trade secrets and critical national security information embedded in software can lead to further financial losses or even jeopardize national security. Various techniqueshave been developed to protect software after its release. However, hackers can break in and steal software directly from the development site. To protect against such losses, ATC-NY proposes to develop a Transparent Software Protection Infrastructure(TSPI) for protecting software under development. A Protected File System stores the code in encrypted form to protect it from unauthorized access. TSPI enables developers to access the encrypted code using normal development system interfaces, but willprevent developers from making ill-advised shortcuts and mistakes that could inadvertently expose the source code to thieves. A strong emphasis on usability will ensure that developers are not hampered in their work.To minimize unnecessary access to protected code, TSPI will incorporate a fine-grained access control mechanism, reflecting the software development workflow. It will also provide checks on external code being added to the protected environment, as wellas the ability to release completed code in a controlled manner. TSPI will sharply reduce the risk that software will be stolen from the development environment. It will encrypt software to ensure that thieves who break into the development system cannot steal it. It will prevent developers from inadvertentlyexposing the software to potential thieves. By logging developer activities, it will provide strong incentives for developers to follow software protection policies.Our wrapper approach to implementation will enable TSPI to be quickly adapted to multiple development environments. Thus, developers will not have to abandon their current environment in order to gain TSPI's advantages. Further, maintenance is expectedto be minimal, since TSPI does not depend on the development system, but on its use of the underlying platform.

* information listed above is at the time of submission.

Agency Micro-sites

SBA logo
Department of Agriculture logo
Department of Commerce logo
Department of Defense logo
Department of Education logo
Department of Energy logo
Department of Health and Human Services logo
Department of Homeland Security logo
Department of Transportation logo
Environmental Protection Agency logo
National Aeronautics and Space Administration logo
National Science Foundation logo
US Flag An Official Website of the United States Government