There's a feeding frenzy going on in the field of computer security, as researchers and software vendors lunge at each chunk of the market. The problem, says Peter Neumann, principal scientist in the computer science lab at SRI International, is that there are lots of point solutions that address a small part of the security equation, but no comprehensive framework broad and deep enough to integrate all those products and approaches.

Computer-science teams at SRI--a private research lab in Menlo Park, Calif.--have been working on two key projects to bring greater reliability to computer security. The Chats (Composable High-Assurance Trustworthy Systems) project aims to build security into an open-source operating system, using Berkeley Unix. "Today's operating systems and applications aren't built with security in mind," Neumann says. "Developers are building castles in the sand, and the next big wave is going wipe everything out."

Most security tools today are appliqués, says Jaynarayan Lala, program manager at the Defense Advanced Research Projects Agency. That's why Darpa is funding Chats--to bring security into every level of a system.

SRI is also working on an advanced intrusion-detection system called the Emerald project. Emerald is a "forward-reasoning" expert system that can identify behaviors such as destruction, theft, manipulation, or random browsing of data; installation of malicious applications or back doors; or corruption of access rights. Emerald is one component of a broader suite of software under development at SRI for Darpa's information-assurance and cyberdefense programs.

How long until Emerald is ready for business use? It's still an active research project, but trial code is available for use from SRI's Web site.

close this window