Towards a Science Base for Cybersecurity

Abstract

The goal was to better understand approaches for building attack-resistant cyber-systems. This involved implementing new system software, designing formalisms for specifying system security properties, and developing program analysis techniques for enforcing those properties. Two operating systems were built to better understand how trusted coprocessors could be leveraged for increased assurance that unmodified software and applications are executing: Nexus provides support for a desktop and Cloud Proxy provides support for applications running in cloud. The specification and enforcement of information-use policies that could tag values was also investigated. Here, a theory of RIF (reactive information flow) labels was developed to support re-classification of information as it is transformed by program execution. The theory was then the basis for a new type system, and that type system was retrofit into a programming language.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jun 08, 2016
Accession Number
AD1010314

Entities

People

  • Fred B. Schneider

Organizations

  • Cornell University

Tags

Communities of Interest

  • Cyber

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Classification
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cybersecurity
  • Data Centers
  • Electronic Mail
  • Identity Management Systems
  • Intellectual Property
  • Language
  • Operating Systems
  • Security
  • Standards
  • Supply Chain Integrity
  • System Software

Fields of Study

  • Computer science
  • Engineering

Readers

  • Computational Linguistics
  • Cybersecurity.
  • Software Engineering.

Technology Areas

  • Cyber