Browse
Content-Based, Context-Aware Role Based Access Control for Secure Distributed XML
↓This project will develop a comprehensive security framework using content-based and context-aware access control models for XML-based applications in distributed heterogeneous multi-enterprise environments. Such applications include electronic commerce, finance and banking, manufacturing, corporate databases, health-care and other on-line services and businesses. For these applications, information access may need to be restricted due to the sensitivity, importance or the relevance of the content of the information, time, location and other contextual information obtained at the time the access requests are made. The proposed framework will be built upon role-based access control (RBAC) models. In this project the following tasks will be pursued: development of a content and context-based generalized temporal RBAC model (CC-GTRBAC) for XML documents and extension of XML language for the proposed model. The extended language will be used to develop a security model that will allow protection of XML document sources at various levels including conceptual, XML schema and XML instance levels; extending CC-GTRBAC to develop a secure multi-enterprise environment for distributed XML documents; development of an experimental prototype of a distributed XML environment to check the efficacy and viability of this research.
Controlled Declassification with Software Transactional Memory
↓This project applies recent techniques in transactional computing to the problem of preventing unwanted declassification of secure information. Regulating the nature and amount of information that is declassified for complex software system is difficult; even when leaks are identified, suitably repairing the computation is usually not possible. The project develops ideas inspired from language-centric transactional computing to support information flow security by encapsulating critical regions that (a) either cannot be analyzed effectively statically or (b) declassify some set of confidential data. Isolation and atomicity properties of transactional regions ensure the approach is safe even in a multi-threaded environment. The technical issues associated with controlled declassification are examined from an entirely new perspective—rather than attempting to prevent statically any leaks from occurring, this research explores approaches that dynamically monitor when leaks occur, transparently reverting program state to an earlier safe context when leaks are identified. This security model encapsulates untrusted operations and library functions within monitored regions, allowing only information explicitly marked as declassified to escape the region scope. As regions run in isolation, they ensure that they can not be influenced by non-monitored code, nor can they influence its outcome. The monitoring infrastructure leverages transactional mechanisms to track memory use, and restore program state when declassification violations are detected. The broader impacts are significant. Information flow and declassification are critical problems to cyber-infrastructure, homeland security, and commercial interests. Techniques that provide scalable, transparent, and effective solutions to this problem are of immediate benefit to current government and business initiatives.
Cooperative Computer Incident Response (CCIR)
↓Created by the NW3C and CERT, and hosted by the Purdue University College of Technology, these workshops bring together members of the business, information technology, and law enforcement communities to initiate dialogue on computer security issues. Working together, participants identify the barriers to effective cooperation and investigate the ways to overcome those barriers.
In groups, participants define computer-related incidents, learn appropriate levels of response, and share effective solutions for dealing with computer incidents and crimes. Starting in single community teams (i.e., business, information technology, law enforcement), they analyze sample incidents. Then, teams reform into cross-community teams to simulate a task force and make recommendations about how to proceed. Discussion documents guide attendees through the process, with checklists for each professional role.
CSONET: A Distributed Wireless Networked Control System For Combined Sewer Overflow Abatement
Customized Intrusion Detection and Intrusion Prevention for Client-Server and Peer-to-Peer VOIP
Cyber Forensics Investigative Services for State of Indiana Office
Design and Development of a Data Management System for Uncertain Data
↓Current database management systems require all data to be modeled in terms of precise values. However, there is a large number of application domains where data values are imprecise or uncertain. Examples of such data include measurements for sensors, locations of moving objects, and experimental data. For these applications there is a need to develop a database management system that supports uncertain data types.
The project aims to develop a comprehensive database management system for storing and querying uncertain, or imprecise data. The project encompasses the creation of a comprehensive model for uncertain data based upon the relational model, the extension of SQL to support probabilistic queries over uncertain data, techniques for efficient and accurate evaluation of probabilistic queries, and the development of a prototype system. The specific optimization issues addressed include indexing, join algorithms, and query optimization for uncertain data.
The prototype will be developed as an extension of the open-source PostgreSQL database management system. A realistic moving objects’ application is targeted for testing of the prototype. In addition, collaboration with experts in biology and chemistry will serve as validations of the applicability of the developments in these domains.
The project is expected to have a significant impact on application domains that are in need of an uncertain data management system, and also on the database community. The proposal is expected to provide a single model for multiple types of uncertainty, and to develop indexing, join, and query optimization techniques for uncertain data.
Development of a Safe, Virtual Imaging Instrument for Logically Destructive Experiments (ReAssure)
↓This proposal, developing a networked system to allow safe and rapid analysis of network security and vulnerabilities with respect to worms, viruses, and other malicious conduct, creates a reconfigurable facility, named ReASSURE, for efficient reproducible, controlled, and safely contained experiments in computer science and technology with emphasis on information assurance and security. The new instrument will integrate functionalities in a manner that will enable high levels of safety and efficiency in manipulating, testing, and developing potentially dangerous experimental networking and virtual machine software while providing computational power to remote users. Advancing the study of virtual machine technology, the activity offers settings where potentially dangerous experimentation with networking and VM technologies can be performed safely. Providing as testbed networking facility, the infrastructure supports projects that require “self-contained” computing environments in computer science (including security), computer technology, forensics, and information warfares.
Enabling Detection of Elusive Malware by Going Out of the Box with Semantically Reconstructed View
↓There is an alarming trend that elusive malware is armed with techniques that detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based anti-malware systems is that they run inside the very hosts they are protecting, making them vulnerable to malware’s counter-detection and subversion. To address this limitation, solutions using virtual machine (VM) technologies advocate placing the malware detection facility outside of the protected VM. However, a dilemma exists between these two approaches: The “”out of the box”” approach gains tamper resistance at the cost of losing the native, semantic view of the host enjoyed by the “”in the box”” approach. To resolve the above dilemma, a new approach called OBSERV (“”Out of the Box with SEmantically Reconstructed View”“) is introduced to achieve the advantages of both camps by reconstructing the semantic internal view of a VM from external, low-level observations. OBSERV enables two exciting malware defense opportunities: (1) malware detection by view comparison and (2) real-time detection and stoppage of kernel-level rootkits. The broader impact of this research is two-fold: (1) It will enhance the trustworthiness and effectiveness of widely deployed anti-malware systems. Moreover, OBSERV is expected to be viewed favorably by the anti-virus software industry because of its support for existing off-the-shelf anti-virus software. (2) Results from this research will lead to the development of education materials for undergraduate and graduate courses and for professional training sessions.
Encore/J: Transparently Recoverable Java for Resilient Distributed Computing
↓The EncoreJ project is developing tools and libraries for transparent rewriting of Java code, making distributable Java applications resilient in the face of execution node reconfiguration and failure. Developers control the system, but EncoreJ automatically rewrites compiled Java code, as packages are loaded, adding support for creating, accessing, and computing upon local and remote objects, and for resilience in the face of system failures and reconfigurations. EncoreJ further interfaces with a variety of persistence mechanisms (e.g., databases), both for providing fundamental resilience (saving/restoring information) and for coordinating recovery with the mechanisms of the external database.
EncoreJ exploits resiliency support to make it easy to reconfigure applications as the host platform evolves, adding and removing resources dynamically; e.g., a virtual node might go down and be replaced by another, in order to force work to move to a newly available system. Programmers describe “”on the side”” (without modifying source code), how to place, move, and replicate objects and computations; the source code remains the primary mechanism for expressing algorithms clearly without hard-coded details of distribution or resilience.
The EncoreJ tools and prototype are a platform for research by the wider community working on policies/algorithms for migration, replication, scheduling, etc., in Grid systems. The focus is a convenient and flexible platform, powerful and extensible, without over-commitment to any particular policies or strategies. EncoreJ builds on readily available and standard systems (Java virtual machines and packages) to ensure wide applicability and easy distribution and adoption.
