Defense Advanced Research Projects AgencyTagged Content List

Technologies for Trustworthy Computing and Information

Confidence in the integrity of information and systems

Showing 41 results for Trust RSS
As computing devices become more pervasive, the software systems that control them have become increasingly more complex and sophisticated. Consequently, despite the tremendous resources devoted to making software more robust and resilient, ensuring that programs are correct—especially at scale—remains a difficult and challenging endeavor. Unfortunately, uncaught errors triggered during program execution can lead to potentially crippling security violations, unexpected runtime failure or unintended behavior, all of which can have profound negative consequences on economic productivity, reliability of mission-critical systems, and correct operation of important and sensitive cyber infrastructure.
The February 2011 Federal Cloud Computing Strategy released by the U.S. Chief Information Officer reinforces the United States Government’s plans to move information technology away from traditional workstations and toward cloud computing environments. Where compelling incentives to do this exist, security implications of concentrating sensitive data and computation into computing clouds have yet to be fully addressed. The perimeter defense focus of traditional security solutions is not sufficient to secure existing enclaves. It could be further marginalized in cloud environments where there is a huge concentration of homogeneous hosts on high-speed networks without internal checks, and with implicit trust among hosts within those limited perimeter defenses.
Cloud computing provides computing capabilities as a service rather than a product. Advantages to this include reduced costs and maintenance, and increased flexibility, availability and scalability. Cloud computing, however, also presents some potentially significant security issues. In particular, vulnerabilities could include compromise of data security and loss of key information. Any computer or web-friendly device connected to the Internet could gain unauthorized access to pools of computing power, applications, or files – compromising information security in cloud-computing environments.
The Resilient Anonymous Communication for Everyone (RACE) program will research technologies for a distributed messaging system that can: a) exist completely within a given network, b) provide confidentiality, integrity, and availability of messaging, and c) preserve privacy to any participant in the system. Compromised system data and associated networked communications should not be helpful for compromising any additional parts of the system.
Today, code for input data validation is typically written manually in an ad-hoc manner. For commonly-used electronic data formats, input validation is, at a minimum, a problem of scale whereby specifications of these formats comprise hundreds to thousands of pages. Input validation thus translates to thousands or more conditions to be checked against the input data before the data can be safely processed.