This project seeks to evaluate security design principles in combination with functional requirements in the construction of a secure network service architecture.

Goal of the Project

The project plans include creation of a network service platform using commodity hardware and customized software to deliver critical network services. The emphasis for this implementation is primarily on security, though high availability and reliability are also addressed.

Conference Papers

The following papers have been accepted to conferences:

• Eric Bryant, James Early, Rajeev Gopalakrishna, Gregory Roth, Eugene Spafford, Keith Watson, Paul Williams, Scott Yost, Poly² Paradigm: A Secure Network Service Architecture, 19th Annual Computer Security Applications Conference, December, 2003.

Project Posters and Handouts

These posters and handouts are used to provide information about our project at research symposia, meetings, and colloquia. The poster has an eye-catching graphic and brief information about the project. The handouts provide some additional details and references.

7th Annual Information Security Symposium (March 21-22, 2006)

Negotiating Trust

• Poster [PDF]

6th Annual Information Security Symposium (March 23-24, 2005)

Security in Motion

• Poster [PDF]

5th Annual Information Security Symposium (March 23-24, 2004)

Energizing the Enterprise: Cyber Security in Context

• Poster [PDF]
• Handout [PDF]

4th Annual CERIAS Research Symposium (April 8-9, 2003)

Cyber Security & Safety for the 21st Century

• Poster [PDF]
• Handout [PDF]

3rd Annual CERIAS Research Symposium (April 16-18, 2002)

Protecting Information Resources

• Poster [PDF]

Current Members of the Project Group

• Eugene Spafford, faculty member.
• Keith Watson, research engineer.
• Robert Winkworth, graduate student.
• Hank Wu, graduate student.
• Dannie Stanley, graduate student.
• Mike McFail, graduate student.
• Brent Roth, graduate student.

Former Members of the Project Group

• Jim Early, graduate student.
• Rajeev Gopalakrishna, graduate student.
• Greg Roth, graduate student.
• Mahesh Tripunitara, graduate student.
• Paul Williams, graduate student.
• Scott Yost, graduate student.
• Michael Armbrust, undergraduate student.
• Eric Bryant, undergraduate student.
• David Ehrmann, undergraduate student.
• Jay Gengelbach, undergraduate student.
• Bill Harris, undergraduate student.
• Ryan Keyes, undergraduate student.
• Kayty Luptak, undergraduate student.
• Mike Olson, undergraduate student.
• Greg Ose, undegraduate student.
• Zach Tatlock, undergraduate student.
• Bobby Yang, undergraduate student.
• Nwokedi Idika, graduate student.
• Mohamed Shehab, graduate student.

Reading List

Papers

• R.A. De Millo, R.J. Lipton, A.J. Perlis, "Social Processes and Proofs of Theorems and Programs", Communications of the ACM, Vol. 22 No. 5, May 1979.
• J.H. Saltzer, M.D. Schroeder, "The Protection of Information in Computer Systems".
• R. Pike, B.W. Kernighan, "Program Design in the UNIX Environment", AT&T Bell Laboratories Technical Journal, 63(8), pp. 1595-1605, October 1984.
• P.A. Karger, R.R. Schell, "Thirty Years Later: Lessons from the Multics Security Evaluation", IBM Research Report RC22534, September 2002.
• P.G. Neumann, "Principled Assuredly Trustworthy Composable Architectures: First-Year Interim Report and Working Draft of the Final Report", SRI Project 11459, Deliverable A0003, 2002.

Books

• R.J. Anderson Security Engineering: A Guide to Building Dependable Distributed Systems, John Wiley & Sons, Hoboken, NJ, (2001).
• J. Viega, G. McGraw, Building Secure Software: How to Avoid Security Problems the Right Way, Addison-Wesley, Boston, MA, (2001).

Notice

This material is based upon work supported by the National Science Foundation under Grant No. 0523243. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.