GGrantIndex
← Search

CAREER: Active System Management

$488,188FY2002CSENSF

University Of Maryland, College Park, College Park MD

Investigators

Abstract

A fundamental fact in computer and network security is that there never can be a one hundred percent assurance that a computer system is trusted. The term trusted is used heavily in Computer Security. Unfortunately, the term has several definitions depending on who uses it and how the term is used. Throughout this proposal, a definition which is a slight modifications of Peter Neumann's, is used. Based on this definition, an object is defined as trusted when the object always operates as expected according to design and policy. A stronger trust statement is when an object is trustworthy. A trustworthy object is one that has been shown in some convincing manner, e.g. a formal code-review or formal mathematical analysis, to operate as expected. Ken Thompson described very clearly one of the many issues involved in determining if a system is trusted in his Turing Award speech in 1984. For over twenty-five years, the security community has focused on technology, and yet information systems remain as vulnerable as ever (perhaps more so). However, a significant improvements in security lie in another area-the secure management of technologies and the systems that implement them. In this proposal, the PI demonstrates the need for intensive research on the secure management of distributed heterogeneous networks and systems, and describes a novel research plan using active system management to address this area. The tremendous growth of the use of information technology has exacerbated the problem of effectively managing and securing the resultant information infrastructure. This coupled with the fact that the current state of the art in security is essentially "penetrate and patch" has created a situation where information technology is more vulnerable than ever. The vulnerability of information technology is demonstrated by the large number of news stories relating to wide-spread computer intrusions and network scanning that are published each week. The big question is "how do we improve the situation?" While studies, anecdotal evidence, and press reports have demonstrated the increasing vulnerability of information technology, information security research is currently primarily focused on the underlying security technology rather than the secure management of the information technology. Yet, the tremendous growth in the use of information technology and its rate of change creates a configuration and system management nightmare that amplifies existing security problems. Unfortunately, current approaches for solving this complex problem are ad hoc, do not scale, and have not focused on security. In this research, the PI proposes a broad examination of distributed heterogeneous configuration and security management of network elements and hosts from both a theoretical and a systems approach. The proposed research provides the formalism, mechanisms, and protocols so that enterprises can implement and utilize a very small, or quick, management loop, i.e. the tools to allow the defenders to react faster than the attackers. Doing so eliminates one of the principle advantages of attackers, and dramatically increases the work factor of successful attacks- providing one of the first real improvements in computer and network security.

View original record on NSF Award Search →