NSF Org: |
CNS Division Of Computer and Network Systems |
Recipient: |
|
Initial Amendment Date: | July 19, 2010 |
Latest Amendment Date: | July 19, 2010 |
Award Number: | 1018928 |
Award Instrument: | Standard Grant |
Program Manager: |
Jeremy Epstein
jepstein@nsf.gov (703)292-8338 CNS Division Of Computer and Network Systems CSE Direct For Computer & Info Scie & Enginr |
Start Date: | September 1, 2010 |
End Date: | August 31, 2015 (Estimated) |
Total Intended Award Amount: | $496,086.00 |
Total Awarded Amount to Date: | $496,086.00 |
Funds Obligated to Date: |
|
History of Investigator: |
|
Recipient Sponsored Research Office: |
1156 HIGH ST SANTA CRUZ CA US 95064-1077 (831)459-5278 |
Sponsor Congressional District: |
|
Primary Place of Performance: |
1156 HIGH ST SANTA CRUZ CA US 95064-1077 |
Primary Place of Performance Congressional District: |
|
Unique Entity Identifier (UEI): |
|
Parent UEI: |
|
NSF Program(s): | TRUSTWORTHY COMPUTING |
Primary Program Source: |
|
Program Reference Code(s): |
|
Program Element Code(s): |
|
Award Agency Code: | 4900 |
Fund Agency Code: | 4900 |
Assistance Listing Number(s): | 47.070 |
ABSTRACT
Modern computer security requires bug-free code at every layer of the software stack. But in a world where operating systems and hypervisors are increasingly buggy, it can be dangerous to assume these components are trustworthy. LockBox provides an additional layer of security such that if the operating system or other system management software fails, certain portions of the system remain resistant to attack. LockBox embeds a set of security features into the architecture to provide a form of memory protection that enables correctly coded applications to resist attack even if underlying portions of the software stack become malicious or are otherwise compromised.
A nesting hypervisor is used to prototype the hardware modifications. Ultimately, the security features can be implemented either as a series of small hardware modifications or as a nesting hypervisor. In the former case, the hypervisor is unnecessary and the user will gain performance benefits. In the latter, users will not need to wait for new hardware to benefit from LockBox's security features.
LockBox provides the user with final authority to set security policy on the machine. It is a rights-preserving architecture in which the user's capabilities cannot be restricted. This is critical to alleviating fears that hardware security systems could one day restrict a user's capability to control their own hardware.
In summary, LockBox creates a next-generation trustworthy computing environment that can be trusted by users to keep data safe against malicious management software.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
The LockBox project took a novel approach to enabling users to keep data safe on their machines. The goal of the LockBox project was to increase the resiliency of computing systems even during a system compromise. The LockBox design explored possibilities to create hardware features to restrict compromised operating systems from stealing application data. In addition to further developing the design of this system, the project produced a number of peripheral outcomes:
- SeaOS, an operating system development framework consisting of a simple, self-hosting mostly unix-like kernel and associated toolset. This system allows systems researchers to more quickly iterate on design ideas and test out operating system theories in a simple environment.
- A suite of memory analysis tools: memsnap, memdiff and memxamine, which allow for analysis of memory change patterns over time. This suite of tools helps researchers study cases where applications leave traces of their activities even if their memory space is only visible as ciphertext.
- A port of a more recent version of the Linux kernel for OpenSPARC on an FPGA.
- A study on security indicator interfaces that provides guidance for other researchers designing user interfaces to security systems.
- fived, a network security design to explore how a session layer could impact the security and flexibility of the modern Internet.
Many of the resources and outcomes from this project are publicly available on github.
Last Modified: 12/07/2015
Modified by: Darrell E Long
Please report errors in award information by writing to: awardsearch@nsf.gov.