Many applications are now being deployed on rich, distributed platforms, such as those for cloud computing and Internet of Things (IoT). Such platforms can aid developers by launching their applications dynamically to align resource use with demand in serverless platforms and by composing fine-grained components into complete applications in microservice architectures. Even with these advanced architectures, the system platforms themselves still have large trusted computing bases, where a single vulnerability may threaten the security of the entire platform. This occurs because platform services are available to all applications and are typically fully trusted by other platform services. As a result, a malicious application may compromise a vulnerable service to gain access to another application's data and/or compromise the integrity of another application's computing.
The project will produce theories and techniques to deploy platform services to protect applications using information flow control. First, it is advocated that stateless platform services be deployed as single-use services: services launched on demand to perform an operation on behalf of a single command, much like serverless applications. Second, application data is protected by enforcing information flow control over single-use services, validating that enforcement services perform information flow control statically. Third, the project seeks to reduce trust in complex, monolithic services by developing methods to partition services into enforcement services and single-use services, which can be either validated or governed using information flow control. In contrast to current platforms that enforce mandatory access control to protect hosts from untrusted applications, an infrastructure will be developed to build platforms that protect applications from potentially vulnerable services using information flow control. As part of broader impacts, this research examines methods for how to "build security in" to emerging distributed platforms. A wide variety of commercial efforts are targeting container-based cloud and IoT platforms, but there is a dearth of infrastructure to aid programmers in constructing platforms that adhere to security requirements while achieving desired functionality. The open-source tools and example platforms developed will be utilized in coursework and aggressively pitched to industry practitioners to gain feedback and increase adoption.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
