Defense Advanced Research Projects AgencyTagged Content List

Physical Security

Relating to the selective release of information and access to facilities

Showing 6 results for Security + Trust RSS
Whether a piece of information is private, proprietary, or sensitive to national security, systems owners and users have little guarantees about where their information resides or of its movements between systems. When a user enters information on a phone, for example, it is difficult to provably track that the data remains on the phone or whether it is uploaded to a server beyond the device. The national defense and security communities are similarly left with few options when it comes to ensuring that sensitive information is appropriately isolated, particularly when it’s loaded to an internet-connected system.
There are a vast number of diverse computing devices used to run the critical infrastructure our national security depends on – from transportation systems to electric grids to industrial equipment. Much like commercial or personal computing devices, these systems utilize embedded software to execute and manage their operations. To fix certain security vulnerabilities, commercial and personal devices must undergo frequent updates, and are replaced every few years – or on occasion, more frequently when an update fails. Mission-critical systems are built to last for decades, and rarely have the same short upgrade cycles.
Emerging 5G mobile wireless networking technologies are slated to dramatically increase in both scale and speed, enabling much faster access to data collected from billions of connected devices. This supercharged information highway is envisioned to play an important role across several industries, ranging from medicine to manufacturing. Major advances in 5G, including new core network features will make it easier to customize the network at a wide variety of locations.
The safety and security of critical information – whether it is sensitive intellectual property (IP), financial information, personally identifiable information (PII), intelligence insight, or beyond – is of vital importance. Conventional data encryption methods or cryptographic solutions, such as Advanced Encryption Standards (AES), translate data into a secret “code” that can only be decoded by people with access to a decryption key.
January 23, 2019,
DARPA Conference Center
The Information Innovation Office is holding a Proposers Day meeting to provide information to potential proposers on the objectives of the new Guaranteed Architecture for Physical Security (GAPS) program. GAPS will develop hardware and software architectures that can provide physically provable guarantees around high-risk transactions, or where data moves between systems of different security levels. DARPA wants to ensure that these transactions are isolated and that the systems they move across are enabled with the necessary data security assertions. The intended outputs of this program are hardware and software co-design tools that allow data separation requirements to be defined during design, and protections that can be physically enforced at system runtime.