Transcript Document

IA&S
IA&S Joint PI Meeting
Honolulu, HI
17-21 July 2000
ITS Track
Administrative Notes
• Please provide electronic copy of presentation
for web site posting before departure.
• Agenda Discipline
– Presentation Length (“The Hook”)
– Breaks (Lunch-Colony for us, other breaks)
•
•
•
•
•
Sidebars (Scheduled chat with PM)
Tours (Submarine, TCCC, JWID)
Social Events (Happy Hour, Luau)
Available Services (ISDN, Fax, Messages)
Cell Phones
– Technology shouldn’t subvert good manners
Program Manager’s Welcome
Intrusion Tolerant Systems Track
Joint IA&S Principal Investigator’s Meeting
Honolulu, Hawaii
July 17 – 21, 2000
Intrusion Tolerant Systems
Major Events & Milestones: August 1999 – July 2000
Kernel
supported
Program
RM
Interpreter
RM
Program
Kernel
Modified
application
Program
RM
Kernel
Kernel
ITS Program Kickoff
Summer IA&S Joint PI Meeting
August 2,3 1999
Real Time Execution Monitors
Proxy
Servers
ITS Winter PI Meeting
February 22, 23 2000
Ballot
Monitors
Acceptance
Monitors
COTS
Servers
P1
B1
A1
S1
P2
B2
A2
S2
P3
B3
A3
S3
Request
P4
B4
Responses
Control
Audit
Control
Control
A4
Responses
S4
Responses
Control
Adaptive
Reconfiguration
Error Detection
Tolerance Triggers
ITS Workshop
October 4,5 1999
Summer IA&S Joint PI Meeting
July 17-21, 2000
Error Compensation, Response
Recovery
Site Visits
• Augments the two Bi-annual PI Meetings
• Purpose:
–
–
–
–
–
Meet the project team
More in depth description of project
Familiarization with the PI’s organization
Informal discussion/questions/exchange of ideas
Bring problems to the attention of the PM
• Annual Affair
• Generally a ½ day (approx. 4 hours) is sufficient
• Presentations posted to web site
Project Status Reports
• Requirements specified in contract
– Generally monthly for commercial organizations
– Generally quarterly for university grants
• Purpose:
– Tool for PM to monitor progress
– Contract management for agent
• Timeliness
Project Summaries and Quad Charts
• Update existing summaries
– Important for accuracy and currency
• Need summaries for new projects
– Visit http://schafercorp-ballston.com/its for examples
• Summaries very useful for collecting project information
• Summaries are provided on web site accessible to general
public
• Press Releases
– Coordinate with PM in advance of release
ITS Web Site
• http://tolerantsystems.org
– Under Construction
– Link to active ITS web site
• http://iaands.org
– Link to ITS
• http://schafercorp-ballston.com/its/
–
–
–
–
–
Project summaries
ITS Kickoff Meeting (Phoenix)
ITS Williamsburg Workshop
ITS Winter PI Meeting (Aspen)
User id:itsfolks p/w:redundant
Presentation & Meeting Guidance
• New Format
– Group discussion at the end of each related set of presentations
• Present as if talking to your peers
– These presentations are as much for them as for the PM
• Jumping around between tracks
– Some of you have conflicts with other tracks
– Attending presentations in parallel tracks is allowed, even encouraged
•
Other presentations
–
–
–
–
PACOM speakers with operational emphasis
EWG Process
Threat/Attack Model and Policy Specification Workshop
JBI
Goals of Wednesday Discussion
• Better understanding of threat/attack models different
projects are working with
• Better understanding of what protection the current ITS
projects will provide
– individually
– collectively
• What is your attack model?
• What policies can you enforce?
Monday Afternoon
•
•
•
•
•
•
•
•
12:30- Program Manager’s Welcome (Jay Lala, DARPA)
12:40- Automatic Synthesis of Program-based Triggers for Intrusion
Tolerance Mechanisms (C.C. Michael, RST Corp)
1:05- System Health and Intrusion Monitoring (SHIM): A New Approach to
Triggering Intrusion Tolerant Mechanisms (Calvin Ko, NAI Labs)
1:30- Semantic Data Integrity (David Rosenthal, ORA)
2:00- Break
2:15- Group Discussion
2:30- Self Protecting Mobile Agents (Lee Badger, NAI Labs)
3:25- Group Discussion
Tuesday Morning
•
•
•
•
•
•
•
•
•
•
6:30- Registration and Breakfast
7:30- PACOM Speaker (Col(P)) Jan Hicks
8:30- Break
8:45- Scaling Proof-Carrying Code to Production Compilers and Security
Policies (Andrew Appel, Princeton University)
9:15- New Approaches to Mobile Code: Reconciling Execution Efficiency
with Provable Security (Michael Franz, UC, Irvine)
9:45- Break
10:10- Containment and Integrity for Mobile Code (Andrew Myers, Cornell)
10:40- Group Discussion
10:55- MAFTIA (Yves Deswarte, LAAS-CNRS; SRI International)
11:30- Lunch
Tuesday Afternoon
•
•
•
•
•
•
•
•
12:30- Intrusion Tolerant Server Infrastructure (Dick O’Brien, Secure
Computing Corp.)
12:55- Intrusion Tolerance Using Masking, Redundancy, and Dispersion
(Janet Lepanto, Draper Labs)
1:20- Hierarchical Adaptive Control for QoS Intrusion Tolerance (James
Just, Teknowledge)
1:45- Group Discussion
2:00- Break
2:15- A High Security Information System (Joe Johnson, University of
South Carolina)
2:40- Engineering a Distributed Intrusion Tolerant Database System Using
COTS Components (Peng Liu, Univ of Maryland, Baltimore County)
3:05- Group Discussion
Wednesday Morning
•
•
•
•
•
•
•
6:30- Registration and Breakfast
7:30- PACOM Speaker
8:45- Cross Program Presentations
9:45 Break
10:00 Threat/Attack Model and Policy Specifications Discussion (Carl
Landwehr, Mitretek)
10:30 Models of Security Policies for Proof-Carrying Code (Andrew Appel,
Princeton University)
11:30- Lunch
Wednesday Afternoon
•
•
•
•
•
•
•
12:30- Active Trust Management (ATMs) for Autonomous Adaptive
Survivable Systems (Howard Shrobe, MIT)
12:55- Dependable Intrusion Tolerance (Alfonso Valdes, SRI International)
1:20- Intrusion Tolerant Software Architecture (Bruno Dutertre, SRI
International)
1:45- Group Discussion
2:00- Break
2:15- Joint Battlespace Infosphere (Walt Tirenin, AFRL)
3:00- Using Maximum Entropy for Rapid Cyberwarfare Deduction and
Inference - A Demonstration (Philip Calabrese, SSC-SD)
Thursday Morning
•
•
•
•
•
•
•
•
•
•
•
•
6:30- Registration and Breakfast
7:30- PACOM Guest Speaker
8:30- Break
8:45- A Distributed Framework for Perpetually Available and Secure Information
Systems (Greg Ganger/Pradeep Khosla, CMU)
9:15- PASIS Demonstration (Greg Ganger/Pradeep Khosla, CMU)
9:25- SITAR: A Scalable Intrusion-Tolerant Architecture for Distributed Services
(Fengmin Gong, MCNC)
9:50- Break
10:05- Tolerating Intrusions Through Secure System Reconfiguration (Alexander
Wolf, Univ. of Colorado)
10:30- Group Discussion
10:40- Randomized Failover Intrusion Tolerant Systems (RFITS) (Ranga Ramanujan,
Architecture Technology Corp.)
11:05- Computational Resiliency (Steve Chapin, Syracuse)
11:30- Lunch
Thursday Afternoon
•
•
•
•
•
•
•
•
12:30- Agile Objects – Component-based Inherent Survivability (Andrew
Chien, UC, San Diego)
1:00- A Comprehensive Approach for Intrusion Tolerance Based on
Intelligent Compensating Middleware (Amjad Umar, Telcordia
Technologies)
1:25- Group Discussion
1:35- FOUR A – Agent Adaptation and Assurance (Bill Scherlis, CMU)
2:05- Break
2:20- Intrusion Tolerant Distributed Object Systems (Gregg Tally, NAI Labs)
2:45- Intrusion Tolerance by Unpredictable Adaptation (IT by UA) (Partha
Pal, BBN Technologies)
3:10- Group Discussion
Friday Morning
•
•
•
•
•
•
•
•
•
6:30- Breakfast
7:30- PACOM Guest Speaker
8:30- Break
8:45- Effectively Constraining Active Scripting on the Win32 Platform (Anup
Ghosh, RST Corp)
9:15- Integrity Through Mediated Interfaces (Bob Balzer, Teknowledge)
9:45- Break
10:00- A Binary Agent Technology for COTS Software Integrity (Anant
Agarwal, InCert Software Corp)
10:30- Group Discussion
10:45- Program Manager’s Closing Remarks