SHF: Medium: MEDITA - Multi-Layer Enterprise-Wide Dynamic Information-Flow Tracking and Assurance

SHF：中：MEDITA - 多层企业范围动态信息流跟踪和保证

• 批准号: 0964647
• 负责人: Alessandro Orso
• 金额: $ 90万
• 依托单位: Georgia Tech Research Corporation
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2010
• 资助国家: 美国
• 起止时间: 2010-06-01 至 2014-05-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0964647&HistoricalAwards=false
• 关键词: SHF; Medium; MEDITA; Multi; Layer

Enterprise Information Systems (EIS) continually face attacks ranging from data leaks to the spread of malware; these attacks cost companies billions of dollars annually and can result in critical loss or leakage of data. Existing defenses typically either attempt to secure the hosts within the enterprise or add a security perimeter to the network. These conventional defenses are ineffective in the face of compromised hosts, mobile devices, and insider threats. Dynamic Information-Flow Tracking (DIFT) techniques maintain data provenance information about objects within the system and control information flow by defining and implementing policies that dictate how that information should be allowed to flow. Although powerful, existing DIFT approaches are limited by the fact of targeting only a single layer on a single physical host, which limits their effectiveness and practical applicability.This research will develop MEDITA, a multi-layer DIFT mechanism that can precisely, securely, and efficiently track data flowing within a networked EIS and across layers, and control the flow of such data based on the data provenance and the security policy in place. Multi-layer DIFT holds great promise for controlling information flow within an enterprise in many real-world scenarios. Despite its appeal, however, realizing a system that could implement such DIFT policies in practice is extremely challenging because of the wide variety of attacks that can be mounted, ranging from copying and pasting the sensitive data to writing the document to removable storage or a mobile device. To address these and other challenges, this research will (1) refine existing techniques for performing DIFT within the individual layers of an EIS, (2) design and implement the integration and inter-operation of DIFT techniques between layers, (3) define a language that can be used to express multi-layer security policies for the EIS and mechanisms for translating those policies to tainting and enforcement mechanisms; and (4) Develop a prototype implementation of MEDITA and perform experiments by using the prototype to apply MEDITA to realistic information-flow tracking control scenarios.

企业信息系统（EIS）不断面临从数据泄露到恶意软件传播的各种攻击;这些攻击每年使公司损失数十亿美元，并可能导致严重的数据丢失或泄露。 现有的防御措施通常要么试图保护企业内的主机，要么向网络添加安全边界。 这些常规防御在面对受损主机、移动的设备和内部威胁时是无效的。 动态信息流跟踪（DIFT）技术维护关于系统内的对象的数据起源信息，并通过定义和实现指示应该允许信息如何流动的策略来控制信息流。 现有的DIFT方法虽然功能强大，但由于只针对单个物理主机上的单个层，这限制了它们的有效性和实用性。本研究将开发MEDITA，一种多层DIFT机制，可以精确，安全，有效地跟踪网络EIS内和跨层的数据流，并基于数据起源和适当的安全策略来控制这种数据的流动。多层DIFT在许多现实场景中为控制企业内的信息流提供了很大的希望。 然而，尽管其具有吸引力，但实现可以在实践中实现这种DIFT策略的系统是极具挑战性的，因为可以安装各种各样的攻击，从复制和粘贴敏感数据到将文档写入可移动存储器或移动终端。 为了解决这些和其他挑战，本研究将（1）改进现有的在EIS的各个层内执行DIFT的技术，（2）设计和实现DIFT技术在层之间的集成和互操作，（3）定义一种可用于表达EIS的多层安全策略的语言以及将这些策略转换为污染和执行机制的机制;（4）开发了MEDITA的原型实现，并利用该原型将MEDITA应用于现实的信息流跟踪控制场景进行了实验。