GGrantIndex
← Search

SGER: Enabling Electronic Self-Defense with Dynamic Identities

$99,462FY2005CSENSF

University Of Notre Dame, Notre Dame IN

Investigators

Abstract

NSF 0549087 SGER: Enabling Electronic Self-Defense with Dynamic Identities PI: Douglas Thain In many operating systems, only a highly privileged user (a "super user") is allowed to create new users. This limitation prevents ordinary users from protecting themselves from untrustworthy applications, because it is difficult for a user to create a new, more restricted environment in which to run questionable applications. It also presents software designers with an uncomfortable choice: they may either run as an ordinary user and put themselves at risk, or they may run as the super-user and put the entire system at risk. This problem has afflicted the technical community for decades and now affects the public on the web and in grid computing. The concept of dynamic identities attacks this problem. In an operating system with dynamic identities, any user may create sub-identities at runtime without interacting with an administrator. Single users may perform self-defense by using dynamic identities to run untrusted programs. Dynamic identities also simplify the administration of distributed systems: accounts may be created on the fly according to local or global admission policies. This research will evaluate this concept by implementing it and using the implementation to explore the tradeoffs within an existing open source operating system. Preliminary work will investigate interactions between applications and the operating system. The results of this work will be experience reports describing and evaluating the implementation, applications, and deployment of dynamic identitie

View original record on NSF Award Search →
SGER: Enabling Electronic Self-Defense with Dynamic Identities · GrantIndex