Systems

The ability to communicate and readily access information helps make possible positive social and political change. The Internet's effects on developing nations' educational, economic, and governmental institutions have been well explored by social scientists and technical experts. However, in unfortunately many instances, undemocratic governments monitor and censor Internet communication to attempt to control their populations.

Many compelling applications involve computations that require sensitive data from two or more individuals. For example, as the cost of personal genome sequencing rapidly plummets many genetics applications will soon be within reach of individuals such as comparing one?s genome with the genomes of different groups of participants in a study to determine which treatment is likely to be most effective. Such comparisons could have tremendous value, but are currently infeasible because of the privacy concerns both for the individual and study participants.

This National Academies study examines the tradeoffs associated with mechanisms to provide authorized government agencies with access to the plaintext version of encrypted information. The study describes the context in which decisions about such mechanisms would be made and identifies and characterizes possible mechanisms and alternative means of obtaining information sought by the government for law enforcement or intelligence investigations.

Embedded systems currently rely on local and often insecure state retention for process control and subsequent forensic analysis. As critical embedded control systems (e.g., smart grids, SCADA) generate increasing amounts of data and become ever more connected to other systems, secure retention and management of that data is required. Attacks such as Stuxnet show that SCADA and other systems comprising critical infrastructure are vulnerable to the compromise of controllers and sensing devices, as well as falsification of data to circumvent anomaly detection mechanisms.

This project is investigating the potential for language-based security techniques in the construction of low-level systems software. The specific focus is on the development of an open, capability-enhanced microkernel whose design is based on seL4, a "security enhanced" version of the L4 microkernel that was developed, by a team in Australia, as the first fully verified, general purpose operating system.