Securing the Hosts
Abstract
(U) The Securing the Hosts program will meet the steadily increasing DoD demands for a new computing infrastructure with a much higher level of security. Securing the Hosts will create new, safer, computer languages and compilers; formal automated proof tools and development environment for security throughout the execution model; and techniques for design and pre-run-time validation of executables. The Securing the Hosts program will take a clean slate approach to the execution model; executables will be crypto-bound to the lower levels of the execution model, subject to proofs checks, and constructed with security-aware languages. Technical approaches will include, but are not limited to co-development of hardware and low level system software, with cryptographic microcontrollers to permit cryptographic handshaking at all system layers; lower levels of the execution model establish a root of trust from the hardware out through the hypervisor and other secure low-level software, cryptographically bound to the upper levels of the execution model; novel hardware architectures for data-provenance tracking, access rights enforcement, information flow tracking and tagging, cryptography, logic, memory, and data access to support secure execution; and provably secure hypervisor.
Document Details
- Document Type
- Accomplishment
- Publication Date
- Oct 01, 2011
- Source ID
- db9dbed6b8688bdbd3eb61d38d552b3a