NAI Labs Announces DARPA-Funded FreeBSD Security Initiative
Robert Watson
rwatson at FreeBSD.org
Mon Jul 9 08:47:31 PDT 2001
NAI Labs Announces DARPA-Funded FreeBSD Security Initiative
Monday, July 09, 2001
NAI Labs Partners With DARPA to Secure Open Source Operating System
$1.2 Million Contract to Enhance Operating System Security Services
NAI Labs, the advanced research group within PGP Security, a division of
Network Associates, Inc., announced a $1.2 million contract awarded by the
U.S. Navy's Space and Warfare Systems Command to develop security
extensions to the Open Source FreeBSD operating system. This work, which
is funded under the Defense Advanced Research Projects Agency (DARPA),
will be done in partnership with members of the FreeBSD developer
community, assuring tight system integration and rapid technology
transfer. The project will be lead by NAI Labs Research Scientist Robert
Watson, and NAI Labs Chief Scientist Lee Badger. The work will be done in
part by sub-contractors from the FreeBSD development community, including
Kirk McKusick, Poul-Henning Kamp, Jonathan Lemon, and Eivind Eklund. The
$1.2 million will be paid over the life of an 18-month contract.
Today's evolving military and business processes increasingly rely on Open
Source systems to power network infrastructure, network services, file and
database servers, and workstation environments. Unfortunately, these
systems have traditionally lacked advanced security features, such as
Mandatory Access Control, required for secure environments. Likewise,
other advanced security techniques developed by the security research
community have often failed to transition to off-the-shelf systems.
The Community-Based Open Source Security (CBOSS) initiative will address
these challenges through close collaboration with the FreeBSD developer
community. FreeBSD is an advanced, high-performance operating system
widely used by Internet Service Providers (ISPs), and as the basis for
embedded network products including routers and firewalls, due to its
scalability, ease of management, and cost effective operation. The system
has also formed the basis for substantial parts of Apple's Mac OS X next
generation operating system, as well as products from a variety of other
operating system vendors. NAI Labs, in cooperation with a number of key
FreeBSD developers, will enhance the FreeBSD operating system to offer
several new security services, as well as improved assurance, providing a
direct technology transfer path for security research. This will include
the development or porting of specific security technologies, including
NAI Labs' LOMAC, development of highly integrated file system and device
extensibility services to support security features, network stack
hardening, kernel security model extensibility allowing tightly integrated
mandatory access control, and application security work. Several of these
components are based on or contribute to work performed as part of the
TrustedBSD Project, a project which seeks to introduce trusted operating
system functionality into the FreeBSD operating system.
The Composable High Assurance Trusted Systems (CHATS) program at DARPA
will focus on the development of the tools and technology that enable the
core systems and network services to protect themselves from the
introduction and execution of malicious code and other attack techniques
and methods. These tools and technologies aim to provide the high
assurance trusted operating systems the security services needed to
achieve comprehensive secure highly distributed mission critical
information systems for the DoD. This program seeks to enhance the
existing approach to development and acquisition of high assurance trusted
operating systems technology by advancing the security functionality,
security services, and the state of assurance in current open-source
operating systems and developing a long-term architectural framework for
future trusted operating systems.
For more information on NAI Labs, please see:
http://www.nailabs.com/
For more information on the CBOSS initiative, please see:
http://opensource.nailabs.com/news/20010709-cboss.html
http://opensource.nailabs.com/initiatives/cboss/
This is the moderated mailing list freebsd-announce.
The list contains announcements of new FreeBSD capabilities,
important events and project milestones.
See also the FreeBSD Web pages at http://www.freebsd.org
To Unsubscribe: send mail to majordomo at FreeBSD.org
with "unsubscribe freebsd-announce" in the body of the message
More information about the freebsd-announce
mailing list