[ISN] U.S. military backs open-source security

From: InfoSec News (isnat_private)
Date: Tue Jul 10 2001 - 01:51:12 PDT

  • Next message: InfoSec News: "[ISN] CERT warns firewall leaves open door to attackers"

    By Robert Lemos
    ZDNet News 
    July 9, 2001 3:40 PM PT
    Continuing its support of open-source operating systems, the U.S.
    Department of Defense granted $1.2 million to a community project
    aimed at adding advanced security features to FreeBSD, an open-source
    variant of Unix.
    NAI Labs, the advanced research group of security-software maker
    Network Associates, announced the grant Monday. The group administers
    the funded Community-Based Open-Source Security, or CBOSS, project.
    "Security can be seen as an investment and a form of insurance," said
    Robert Watson, FreeBSD Core Team member and a research scientist at
    NAI Labs. "We're taking a multipronged approach to address a number of
    parts of the security problem: Some have to do with an immediate
    short-term payoff, but many of them have to do with exploring how to
    make FreeBSD a better platform for new security work so as to
    facilitate future research."
    FreeBSD forms a major part of the foundation of Apple's Mac OS X, and
    it is possible that Darwin--the Unix foundation of Mac OS X--could
    adopt any security technology added to FreeBSD.
    "Interestingly, much of the results of this research should apply
    across all operating systems, and we hope it will therefore have
    far-reaching effects," Watson said. "Apple has expressed a strong
    interest in pulling in new technology from FreeBSD, and specific
    interest in the security features we're helping to research and
    The grant was awarded by the U.S. Navy's Space and Warfare Systems
    Command as part of a Defense Advanced Research Projects Agency (DARPA)
    initiative to secure open-source operating systems, which are
    increasingly used in sensitive government applications. DARPA is the
    arm of the Defense Department responsible for funding private-sector
    NAI Labs' CBOSS project aims to add a common set of security features
    to open-source operating systems, including encrypted file systems,
    hardened network components to protect against denial-of-service
    attacks, and extensions to the kernel to allow future security
    improvements to be easily plugged in.
    NAI will subcontract much of the work on the 18-month effort to
    open-source programmers. At least four open-source developers will get
    part of the grant to fund their contributions to the project.
    This is not the first award by DARPA for open-source security.
    As part of its five-year Composable High Assurance Trusted Systems, or
    CHATS, program, DARPA has handed out grants to projects that focus on
    the development of systems and network services that can protect
    themselves from malicious code and other types of network attacks.
    For example, the Reiser file-system project, which has created a
    faster, more robust way of storing data using a concept known as
    journaling, has received $600,000 to add encryption to the next
    version of the file system.
    Journaling uses a log of what files have been changed or modified--a
    journal--to keep track of the state of the file system. When a
    computer crashes, or is turned off without shutting down, the file
    system can be quickly restored to its proper state.
    DARPA has specifically requested that all CHATS projects include
    unclassified work from the open-source operating system development
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Tue Jul 10 2001 - 02:16:22 PDT