Project Summary
The proposed research is concerned with developing a model
for secure and survivable, yet flexible, transaction processing.
Special emphasis will be on the integrity and availability issues
of transactions, although confidentiality issues will not be ignored.
The outcome of this research will be a flexible framework for transaction
processing, based on a tool-kit approach. The framework assists the developer
in designing secure, complex applications
that can survive malicious attacks and other
system failures. The model allows the developer to
-
express complex transaction dependencies in a secure and
reliable manner
- provide authentication expressions within a transaction body that allows
component subtransactions to interact with each other in an authenticated
and secure manner
- analyze the dependencies to identify if they can be exploited to
launch attacks against the transaction, and if so, define remedial
actions within the transaction
- provide customized (geared to the specific application) resistance,
recognition and recovery techniques within the transaction so as to
survive malicious attacks
The proposed research effort is structured into the
following {\em research activities}.
- Investigate how the different types of data and control-flow
dependencies in extended transaction models impact secure transaction
processing with respect to integrity and availability.
- Investigate how the different types of control-flow, data
and external dependencies interact with each other to affect security.
- Formalize the notion of a {\em well-behaved} transaction.
Informally, a well-behaved transaction is one that survives
and/or gracefully degrades under attack.
- Develop the Secure Multiform Transaction model as tool-kit
approach to implementing well-behaved transactions.
-
Propose a set of transaction primitives to express resistance,
recognition and recovery procedures within a secure multiform
transaction.
- Develop a proof-of-concept prototype for the Secure Multiform
Transaction model from COTS components.
The proposed research advances the current state-of-the-art in secure
transaction processing. This research is significant because it will
produce results that can be used to develop complex yet secure and
easily deployable transactions. Such transactions find application in
a variety of different areas -- communications, finance, electronic
commerce, manufacturing, process control and office automation, to
name a few. These applications are characterized by their need for
complex coordination among different components and (often) long
duration -- two properties that impose substantial integrity,
availability and confidentiality requirements that are yet to be
addressed by the research community.