This project seeks to evaluate security design principles in combination
with functional requirements in the construction of a secure network
Goal of the Project
The project plans include creation of a network service platform
using commodity hardware and customized software to deliver critical
network services. The emphasis for this implementation is primarily
on security, though high availability and reliability are also
The following papers have been accepted to conferences:
- Eric Bryant, James Early, Rajeev Gopalakrishna, Gregory Roth, Eugene
Spafford, Keith Watson, Paul Williams, Scott Yost,
Paradigm: A Secure Network Service Architecture, 19th Annual
Computer Security Applications Conference, December, 2003.
Project Posters and Handouts
These posters and handouts are used to provide information about our
project at research symposia, meetings, and colloquia. The poster has
an eye-catching graphic and brief information about the project. The
handouts provide some additional details and references.
7th Annual Information Security Symposium (March 21-22, 2006)
6th Annual Information Security Symposium (March 23-24, 2005)
Security in Motion
5th Annual Information Security Symposium (March 23-24, 2004)
Energizing the Enterprise: Cyber Security in Context
4th Annual CERIAS Research Symposium (April 8-9, 2003)
Cyber Security & Safety for the 21st Century
3rd Annual CERIAS Research Symposium (April 16-18, 2002)
Protecting Information Resources
Current Members of the Project Group
- Eugene Spafford, faculty member.
- Keith Watson, research engineer.
- Robert Winkworth, graduate student.
- Hank Wu, graduate student.
- Dannie Stanley, graduate student.
- Mike McFail, graduate student.
- Brent Roth, graduate student.
Former Members of the Project Group
- Jim Early, graduate student.
- Rajeev Gopalakrishna, graduate student.
- Greg Roth, graduate student.
- Mahesh Tripunitara, graduate student.
- Paul Williams, graduate student.
- Scott Yost, graduate student.
- Michael Armbrust, undergraduate student.
- Eric Bryant, undergraduate student.
- David Ehrmann, undergraduate student.
- Jay Gengelbach, undergraduate student.
- Bill Harris, undergraduate student.
- Ryan Keyes, undergraduate student.
- Kayty Luptak, undergraduate student.
- Mike Olson, undergraduate student.
- Greg Ose, undegraduate student.
- Zach Tatlock, undergraduate student.
- Bobby Yang, undergraduate student.
- Nwokedi Idika, graduate student.
- Mohamed Shehab, graduate student.
- R.A. De Millo, R.J. Lipton, A.J. Perlis, "Social Processes and Proofs of Theorems and Programs", Communications of the ACM, Vol. 22 No. 5, May 1979.
- J.H. Saltzer, M.D. Schroeder, "The Protection of Information in Computer Systems".
- R. Pike, B.W. Kernighan, "Program Design in the UNIX Environment", AT&T Bell Laboratories Technical Journal, 63(8), pp. 1595-1605, October 1984.
- P.A. Karger, R.R. Schell, "Thirty Years Later: Lessons from the Multics Security Evaluation", IBM
Research Report RC22534, September 2002.
- P.G. Neumann, "Principled Assuredly Trustworthy Composable Architectures: First-Year
Interim Report and Working Draft of the Final Report", SRI Project
11459, Deliverable A0003, 2002.
- R.J. Anderson Security Engineering: A Guide to Building Dependable Distributed Systems, John Wiley & Sons, Hoboken, NJ, (2001).
- J. Viega, G. McGraw, Building Secure Software: How to Avoid Security Problems the Right Way, Addison-Wesley, Boston, MA, (2001).
This material is based upon work supported by the National Science Foundation under Grant No. 0523243. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the National Science Foundation.