Robert Watson
2001-Jul-09 08:47 UTC
NAI Labs Announces DARPA-Funded FreeBSD Security Initiative
NAI Labs Announces DARPA-Funded FreeBSD Security Initiative Monday, July 09, 2001 NAI Labs Partners With DARPA to Secure Open Source Operating System $1.2 Million Contract to Enhance Operating System Security Services NAI Labs, the advanced research group within PGP Security, a division of Network Associates, Inc., announced a $1.2 million contract awarded by the U.S. Navy's Space and Warfare Systems Command to develop security extensions to the Open Source FreeBSD operating system. This work, which is funded under the Defense Advanced Research Projects Agency (DARPA), will be done in partnership with members of the FreeBSD developer community, assuring tight system integration and rapid technology transfer. The project will be lead by NAI Labs Research Scientist Robert Watson, and NAI Labs Chief Scientist Lee Badger. The work will be done in part by sub-contractors from the FreeBSD development community, including Kirk McKusick, Poul-Henning Kamp, Jonathan Lemon, and Eivind Eklund. The $1.2 million will be paid over the life of an 18-month contract. Today's evolving military and business processes increasingly rely on Open Source systems to power network infrastructure, network services, file and database servers, and workstation environments. Unfortunately, these systems have traditionally lacked advanced security features, such as Mandatory Access Control, required for secure environments. Likewise, other advanced security techniques developed by the security research community have often failed to transition to off-the-shelf systems. The Community-Based Open Source Security (CBOSS) initiative will address these challenges through close collaboration with the FreeBSD developer community. FreeBSD is an advanced, high-performance operating system widely used by Internet Service Providers (ISPs), and as the basis for embedded network products including routers and firewalls, due to its scalability, ease of management, and cost effective operation. The system has also formed the basis for substantial parts of Apple's Mac OS X next generation operating system, as well as products from a variety of other operating system vendors. NAI Labs, in cooperation with a number of key FreeBSD developers, will enhance the FreeBSD operating system to offer several new security services, as well as improved assurance, providing a direct technology transfer path for security research. This will include the development or porting of specific security technologies, including NAI Labs' LOMAC, development of highly integrated file system and device extensibility services to support security features, network stack hardening, kernel security model extensibility allowing tightly integrated mandatory access control, and application security work. Several of these components are based on or contribute to work performed as part of the TrustedBSD Project, a project which seeks to introduce trusted operating system functionality into the FreeBSD operating system. The Composable High Assurance Trusted Systems (CHATS) program at DARPA will focus on the development of the tools and technology that enable the core systems and network services to protect themselves from the introduction and execution of malicious code and other attack techniques and methods. These tools and technologies aim to provide the high assurance trusted operating systems the security services needed to achieve comprehensive secure highly distributed mission critical information systems for the DoD. This program seeks to enhance the existing approach to development and acquisition of high assurance trusted operating systems technology by advancing the security functionality, security services, and the state of assurance in current open-source operating systems and developing a long-term architectural framework for future trusted operating systems. For more information on NAI Labs, please see: http://www.nailabs.com/ For more information on the CBOSS initiative, please see: http://opensource.nailabs.com/news/20010709-cboss.html http://opensource.nailabs.com/initiatives/cboss/ This is the moderated mailing list freebsd-announce. The list contains announcements of new FreeBSD capabilities, important events and project milestones. See also the FreeBSD Web pages at http://www.freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-announce" in the body of the message