TSPI: Transparent Software Protection Infrastructure

Award Information
Agency:
Department of Defense
Branch
Office of the Secretary of Defense
Amount:
$99,999.00
Award Year:
2003
Program:
SBIR
Phase:
Phase I
Contract:
F33615-03-M-1505
Agency Tracking Number:
O031-0011
Solicitation Year:
n/a
Solicitation Topic Code:
n/a
Solicitation Number:
n/a
Small Business Information
ATC - NY
33 Thornwood Drive, Suite 500, Ithaca, NY, 14850
Hubzone Owned:
N
Minority Owned:
N
Woman Owned:
N
Duns:
101321479
Principal Investigator:
Carla Marceau
Senior Principal Scientis
(607) 257-1975
carla@atc-nycorp.com
Business Contact:
Richard Smith
Controller
(607) 257-1975
rick@atc-nycorp.com
Research Institution:
n/a
Abstract
Software theft causes tremendous financial losses to software companies. Theft of trade secrets and critical national security information embedded in software can lead to further financial losses or even jeopardize national security. Various techniqueshave been developed to protect software after its release. However, hackers can break in and steal software directly from the development site. To protect against such losses, ATC-NY proposes to develop a Transparent Software Protection Infrastructure(TSPI) for protecting software under development. A Protected File System stores the code in encrypted form to protect it from unauthorized access. TSPI enables developers to access the encrypted code using normal development system interfaces, but willprevent developers from making ill-advised shortcuts and mistakes that could inadvertently expose the source code to thieves. A strong emphasis on usability will ensure that developers are not hampered in their work.To minimize unnecessary access to protected code, TSPI will incorporate a fine-grained access control mechanism, reflecting the software development workflow. It will also provide checks on external code being added to the protected environment, as wellas the ability to release completed code in a controlled manner. TSPI will sharply reduce the risk that software will be stolen from the development environment. It will encrypt software to ensure that thieves who break into the development system cannot steal it. It will prevent developers from inadvertentlyexposing the software to potential thieves. By logging developer activities, it will provide strong incentives for developers to follow software protection policies.Our wrapper approach to implementation will enable TSPI to be quickly adapted to multiple development environments. Thus, developers will not have to abandon their current environment in order to gain TSPI's advantages. Further, maintenance is expectedto be minimal, since TSPI does not depend on the development system, but on its use of the underlying platform.

* information listed above is at the time of submission.

Agency Micro-sites


SBA logo

Department of Agriculture logo

Department of Commerce logo

Department of Defense logo

Department of Education logo

Department of Energy logo

Department of Health and Human Services logo

Department of Homeland Security logo

Department of Transportation logo

Enviromental Protection Agency logo

National Aeronautics and Space Administration logo

National Science Foundation logo
US Flag An Official Website of the United States Government