Transparent Computing
Abstract
The Transparent Computing program will develop technologies to enable the implementation of more effective security policies across distributed systems. The scale and complexity of modern information systems obscures linkages between security-related events, the result being that detection of attacks and anomalies must rely on narrow contextual information rather than full knowledge of the event's provenance. This shortcoming facilitates attacks such as masquerade (at the user level) and mimicry (at the machine code level). Conversely, the space of security policies that can be enforced under the current operating paradigm is extremely narrow and restrictive; to the extent that users and administrators are required to make security decisions based on limited information, the default is often to just click through. The Transparent Computing program will pursue several promising approaches to these problems, including active/continuous testing via cooperating defenses, where protection components propagate security-relevant information and enable on-the-fly adaptation of the system security posture and usage controls, and behavior attestation techniques that ensure component interactions are consistent with established behavior profiles without exhaustive enumeration of all acceptable program states. Transparent Computing technologies are particularly important for large integrated systems with diverse components such as distributed surveillance systems, autonomous systems, and enterprise information systems.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2015
- Source ID
- 5418471788cddf9bb0dfbc5efb312b9f