TWC

Modern software systems inherit their architecture, software development methodology, and security model from time-sharing operating systems developed four decades ago. Desktop, server, cloud, and even industrial control systems rely on a large stack of commercial off-the-shelf software that runs on top of a monolithic operating system kernel. Each application runs with the full set of privileges of some user, has access to the entire file space of that user, and can access the complete interface of a complex operating system kernel, and a number of privileged systems components.

To address today's environment of constant security challenges and cyber-threats, the Hardware-Assisted Lightweight Capability Optimization (HALCYON) research explores novel techniques to make the performance of more secure system designs acceptable to users. Conventional system designs have achieved acceptable performance, but have evolved from hardware and software designs that carry forward compromises in security that made sense in the past, but not with modern hardware resources in today's security climate.

The digital provenance of a digital object gives a history of its life cycle including its creation, update, and access. It thus provides meta-level information about the sequence of events that lead up to the current version of the object, as well as its chain of custody. Such provenance information can be used for a variety of purposes, such as identifying the origins of a document, assessing the quality or reliability of data, and detecting undesirable actions such as forgery or unauthorized alteration of data.

Third-party hardware Intellectual Property (IP), written as code in a Hardware Description Language (HDL), is extensively used in modern integrated circuits. Contemporary electronics typically include 75% of third party hardware IP and only 25% in-house design to provide customization or a profit-making edge. Such extensive use of third-party hardware IP in both commercial and military applications raises security and trustworthiness concerns, especially in today's globalized market.

Modern computer applications are typically made up of different software components that are created by, or may act on behalf of, mutually distrustful entities. To ensure the security of computer systems, it is important to restrict the ability of the components to perform actions within the computer system. The Principle of Least Authority states that a component should be given only the ability (or authority) it needs to perform its task, and no more.