"Muu" projekt MOBIUS
MOBIUS (15905) "Mobiilsus, ubikviteet ja turvalisus väikestele seadmetele - MOBIUS (1.09.2005−31.08.2009)", Tarmo Uustalu, Tallinna Tehnikaülikool, TTÜ Küberneetika Instituut.
15905
MOBIUS
Mobiilsus, ubikviteet ja turvalisus väikestele seadmetele - MOBIUS
Mobility, ubiquity and security for small devices - MOBIUS
Mobility, ubiquity and security for small devices - MOBIUS
1.09.2005
31.08.2009
Teadus- ja arendusprojekt
Muu
ETIS klassifikaatorAlamvaldkondCERCS klassifikaatorFrascati Manual’i klassifikaatorProtsent
4. Loodusteadused ja tehnika4.6. ArvutiteadusedP170 Arvutiteadus, arvutusmeetodid, süsteemid, juhtimine (automaatjuhtimisteooria)1.1. Matemaatika ja arvutiteadus (matemaatika ja teised sellega seotud teadused: arvutiteadus ja sellega seotud teadused (ainult tarkvaraarendus, riistvara arendus kuulub tehnikavaldkonda)100,0
AsutusRiikTüüp
Euroopa Komisjon/ European Commission
PerioodSumma
01.09.2005−31.08.20093 399 051,00 EEK (217 238,95 EUR)
217 238,95 EUR
EL 6. raamprogramm

Through their global, uniform provision of services, and their distributed nature, global computers have the potential to profoundly enhance our daily life. However, they will not realize their full potential, unless the necessary levels of trust and security can be guaranteed. We aim to develop the technology for establishing trust and security for the next generation of global computers, using the Proof Carrying Code (PCC) paradigm. The essential features of the MOBIUS security architecture will be: - innovative trust management, dispensing with centralized trust entities, and allowing individual components to gain trust by providing verifiable certificates of their innocuousness; and - static enforcement mechanisms, sufficiently flexible to cover the wide range of security concerns arising in global computing, and sufficiently resource-aware and configurable to be applicable to the wide range of devices in global computers; and - support for system component downloading, for compatibility with the view of a global computer as an evolving network of autonomous, heterogeneous and extensible devices. The PCC paradigm is known for decentralized trust management, but has generally been restricted to simple safety properties, and to monolithic, non-distributed applications. We shall pioneer the first PCC framework applicable to global computers, and the first to allow enforcement of functional properties as well as advanced security properties. We shall extend the two technologies that enable PCC type systems and program logics-to allow enforcement of more advanced security properties, and combine them in hybrid certificates to be checked through type checking together with proof checking. To maximize the impact of our work, we will focus on Java-enabled global computers. This will also allow us to implement our security architecture and evaluate it on case studies from a range of application domains.
Through their global, uniform provision of services, and their distributed nature, global computers have the potential to profoundly enhance our daily life. However, they will not realize their full potential, unless the necessary levels of trust and security can be guaranteed. We aim to develop the technology for establishing trust and security for the next generation of global computers, using the Proof Carrying Code (PCC) paradigm. The essential features of the MOBIUS security architecture will be: - innovative trust management, dispensing with centralized trust entities, and allowing individual components to gain trust by providing verifiable certificates of their innocuousness; and - static enforcement mechanisms, sufficiently flexible to cover the wide range of security concerns arising in global computing, and sufficiently resource-aware and configurable to be applicable to the wide range of devices in global computers; and - support for system component downloading, for compatibility with the view of a global computer as an evolving network of autonomous, heterogeneous and extensible devices. The PCC paradigm is known for decentralized trust management, but has generally been restricted to simple safety properties, and to monolithic, non-distributed applications. We shall pioneer the first PCC framework applicable to global computers, and the first to allow enforcement of functional properties as well as advanced security properties. We shall extend the two technologies that enable PCC type systems and program logics-to allow enforcement of more advanced security properties, and combine them in hybrid certificates to be checked through type checking together with proof checking. To maximize the impact of our work, we will focus on Java-enabled global computers. This will also allow us to implement our security architecture and evaluate it on case studies from a range of application domains.
KirjeldusProtsent
Alusuuring67,0
Rakendusuuring33,0