Identifying Native Applications with High Assurance

The work described in this paper investigates the problem of identifying and deterring stealthy malicious processes on a host. We point out the lack of strong application iden- tication in main stream operating systems. We solve the application identication problem by proposing a novel iden- tication model in which user-level applications are required to present identication proofs at run time to be authenti- cated by the kernel using an embedded secret key. The se- cret key of an application is registered with a trusted kernel using a key registrar and is used to uniquely authenticate and authorize the application. We present a protocol for secure authentication of applications. Additionally, we de- velop a system call monitoring architecture that uses our model to verify the identity of applications when making critical system calls. Our system call monitoring can be integrated with existing policy specication frameworks to enforce application-level access rights. We implement and evaluate a prototype of our monitoring architecture in Linux as device drivers with nearly no modication of the ker- nel. The results from our extensive performance evaluation shows that our prototype incurs low overhead, indicating the feasibility of our model

Device-Based Isolation for Securing Cryptographic Keys

In this work, we describe an eective device-based isolation approach for achieving data security. Device-based isolation leverages the proliferation of personal computing devices to provide strong run-time guarantees for the condentiality of secrets. To demonstrate our isolation approach, we show its use in protecting the secrecy of highly sensitive data that is crucial to security operations, such as cryptographic keys used for decrypting ciphertext or signing digital signatures. Private key is usually encrypted when not used, however, when being used, the plaintext key is loaded into the memory of the host for access. In our threat model, the host may be compromised by attackers, and thus the condentiality of the host memory cannot be preserved. We present a novel and practical solution and its prototype called DataGuard to protect the secrecy of the highly sensitive data through the storage isolation and secure tunneling enabled by a mobile handheld device. DataGuard can be deployed for the key protection of individuals or organizations

Grid Community Characteristics and their Relation to Grid Security

The size, dynamics, composition and similar characteristics of Grid Communities constitute important data for Grid security requirements gathering and analysis. Collaborative Grid Communities are especially important as they constitute an important part of grid usage modes and demonstrate the need for more advanced Grid security solutions very clearly. This document reports the results of a survey conducted in the Fall of 2002 among members of the Grid community as to understand the needs of grid user and grid application developer communities today, provide information on and typical modes-of-use, and elicit requirements for future grid security systems

Americans Support Ukraine--but Not with US Troops or a No-Fly Zone

A new poll reveals that Americans see Russia as a significant threat to US interests and support military and economic assistance to Ukraine.In response to Russia's aggression toward Ukraine, the United States and its allies have imposed sanctions on Russia that are striking in their scope and severity and represent a broad effort to impose serious economic costs on Russia for its invasion of Ukraine. For their part, a March 25-28 Chicago Council survey finds that Americans support all measures to help Ukraine and pressure Russia short of direct US involvement in a military conflict. And while the public views the broad sanctions imposed on Russia as generally effective at punishing, weakening, and deterring Russia from further aggression, they doubt that sanctions will be enough to persuade Moscow to withdraw troops from Ukraine—the key condition Americans identify as necessary for lifting sanctions

The Virginia Tech Computational Grid: A Research Agenda

An important goal of grid computing is to apply the rapidly expanding power of distributed computing resources to large-scale multidisciplinary scientic problem solving. Developing a usable computational grid for Virginia Tech is desirable from many perspectives. It leverages distinctive strengths of the university, can help meet the research computing needs of users with the highest demands, and will generate many challenging computer science research questions. By deploying a campus-wide grid and demonstrating its effectiveness for real applications, the Grid Computing Research Group hopes to gain valuable experience and contribute to the grid computing community. This report describes the needs and advantages which characterize the Virginia Tech context with respect to grid computing, and summarizes several current research projects which will meet those needs

Race, Ethnicity, and American Views of Climate Change

Asian, Hispanic, and Black Americans are more likely to view climate change as a threat than Americans as a whole, data show.In the United States, definitions of national security threats are shifting, highly politicized, and closely tied to identity. At the same time, the US is more racially diverse than at any time in its past. To better understand how this diversity feeds into threat perception, the Chicago Council on Global Affairs and the New America Foundation have partnered to conduct novel research on the views of white, Black, Asian, Hispanic, and Native Americans as part of the 2022 Chicago Council Survey

Adapting Protocols to Massively Interconnected Systems

This paper describes ongoing research focused on two critical problems posed by the interconnection of a massive number of computer systems. The interconnection may be achieved through wide area or local area networks. The two problems considered in this research are as follows: (1) performance analysis of the protocols used in an internetwork connecting thousands to millions of nodes, and (2) application development in a massively distributed, heterogeneous environment where components implemented in different programming languages must be integrated and/or reused. The performance analysis problem is addressed by employing large-scale parallel simulation, extended finite state machines and objected-oriented simulation techniques. The approach to solving the application development problem is based on an environment which exploits the synergism between object-oriented programming and layered communication protocols (specifically, OSI)

The Design and Implementation of Concurrent Input/Output Facilities in ACT++ 2.0

ACT++ 2.0 is the most recent version of a class library for concurrent programming in C++. Programs in ACT++ consist of a collection of active objects called actors. Actors execute concurrently and cooperate by sending request and reply messages. An agent, termed the behavior of an actor, is responsible for processing a single request message and for specifying a replacement behavior which processes the next available request message. One of the salient features of ACT++ is its realization of I/O as an actor operation. A special type of actor, called an interface actor, provides a high level interface for a file. Interface actors are sent request messages whenever I/O is necessary and can also transparently perform asynchronous I/O. ACT++ has been implemented on the Sequent Symmetry multiprocessor using the PRESTO threads package

Pattern languages in HCI: A critical review

This article presents a critical review of patterns and pattern languages in human-computer interaction (HCI). In recent years, patterns and pattern languages have received considerable attention in HCI for their potential as a means for developing and communicating information and knowledge to support good design. This review examines the background to patterns and pattern languages in HCI, and seeks to locate pattern languages in relation to other approaches to interaction design. The review explores four key issues: What is a pattern? What is a pattern language? How are patterns and pattern languages used? and How are values reflected in the pattern-based approach to design? Following on from the review, a future research agenda is proposed for patterns and pattern languages in HCI

Applying Structure and Code Metrics to Three Large-Scale Systems

This work extends the area of research termed software metrics by applying measures of system structure and measures of system code to three realistic software products. Previous research in this area has typically been limited to the application of code metrics such as : lines of code, McCabe's Cyclomatic number, and Halstead's software science variables. However, this research also investigates the relationship of four structure metrics: Henry's Information Flow measure, Woodfield's Syntactic Interconnection Model, Yau and Collofello's Stability measure and McClure's Invocation complexity, to various observed measures of complexity such as, ERRORS, CHANGES and CODING TIME. These metrics are referred to as structure measures since they measure control flow and data flow interfaces between system components. Correlating the metrics to observed measures of complexity indicated that the Information Flow metric and the Invocation Measure typically performed as well as the three code metrics when project factors and subsystem factors were taken into consideration. However, it was generally true that no single metric was able to satisfactorily identify the variations in the data