George W. Dinolt

The Trusted Computing Exemplar project

We describe the Trusted Computing Exemplar project, which is producing an openly distributed worked example of how high assurance trusted computing components can be built. The TCX project encompasses four related activities: creation of a prototype framework for rapid high assurance system development; development of a reference-implementation trusted computing component; evaluation of the component for high assurance; and open dissemination of results related to the first three activities. The projects open development methodology provides widespread availability of key high assurance enabling technologies and ensures transfer of knowledge and capabilities for trusted computing to the next generation of developers, evaluators and educators.

Cube-Type Algebraic Attacks on Wireless Encryption Protocols

Formally evaluating the strengths of a given cryptosystem will ensure that no flaws have crept into the application. During our investigation, we adopted Armknecht and Krauses approach to model the E0 encryption function, which does not depend on memory bits and will hold for every clock tick. We devised a polynomial of degree four consisting of 20 variables, 16 considered unknown and four known. We then created an automated tool in the Maple 12 environment (www. maplesoft.com) that finds all the maxterms and their corresponding linear-coefficient superpolys for the E0 encryption function.

A security and usability perspective of cloud file systems

Security and usability are the top concerns of business users and administrators of information technology services. This paper discusses several security and usability issues with cloud file systems, identifies four enablers for a secure and usable cloud storage infrastructure, and describes how such enablers can assist in an orderly transition of enterprise IT services to the cloud.

Monterey security enhanced architecture project

This research project has produced an innovative architecture and corresponding engineering prototype consisting of trusted security services and integrated operating system mechanisms for the protection of distributed multi-domain computing environments from malicious code and other attacks. These security services and mechanisms extend and interoperate with existing workstations, applications and open source operating systems, providing new capabilities for composing secure distributed systems using commercial off-the-shelf (COTS) components. The latter construct results from the realization that unless a secure system offers users comfortable and familiar interfaces for handling routine information, the secure system will fail due to lack of user acceptability. The work was supported in part by the MYSEA project of the DARPA/ATO CHATS program.

Challenges in emulating sensor and resource-based state changes for Android malware detection

The increasing prevalence of mobile malware has driven the need for emulated, dynamic analysis techniques. Unfortunately, emulating mobile devices is nontrivial because of the different types of hardware features onboard (e.g., sensors) and the manner in which users interact with their devices as compared to traditional computing platforms. To evaluate this, our research focuses on the enumeration and comparison of multiple attributes and event values from sensors and dynamic resources on Android runtime environments, both from physical devices and online analysis services. Utilizing our results from enumeration, we develop two different Android applications that are successful in detecting and evading the emulated environments utilized by those mobile analysis services during execution. When ran on physical devices, the same applications successfully perform a pseudo-malware action and send device identifying information to our server.

Implementing a Software Defined Radio using the Maestro 49-tile processor

The Maestro 49-tile Radiation-Hard-by-Design chip was developed to demonstrate the application of space-qualified, multicore hardware. We have investigated the implementation of a single precision floating-point pipeline FFT to be used as part of a Software Defined Radio (SDR) application. The details of the software architecture that can adapt to the use of different numbers of tiles and the performance of the N-point FFTs for N = 128, 512, 1024, and 2048 are described. The maximum throughput achieved for a 2048-point FFT is 27 million samples per second when 20 of the 49 available tiles are used for separate FFT blocks, one tile is used for input data distribution, and one tile is used for output data collection. We also report on the performance of the SDR based upon the FFT experiments.

MYSEA technology demonstration

The MYSEA project has produced an innovative architecture and corresponding engineering prototype consisting of trusted security services and integrated operating system mechanisms for the protection of distributed multi-domain computing environments from malicious code and other attacks. These security services and mechanisms extend and interoperate with existing workstations, applications and open source operating systems, providing new capabilities for composing secure distributed systems using commercial off-the-shelf (COTS) components. The MYSEA technical demonstration illustrates the MYSEA architecture, as well as the mechanisms for providing multi-domain information protection, trusted path extension and quality of security service.

A program for education in certification and accreditation

Large complex systems need to be analyzed prior to operation so that those depending upon them for the protection of their information have a well-defined understanding of the measures that have been taken to achieve security and the residual risk the system owner assumes during its operation. The U.S. military calls this analysis and vetting process certification and accreditation. Today there is a large, unsatisfied need for personnel qualified to conduct system certifications. An educational program to address those needs is described.