| EPSRC Reference: |
EP/D020158/1 |
| Title: |
XenSE: Security Enhanced Xen. |
| Principal Investigator: |
Hand, Dr S |
| Other Investigators: |
|
| Researcher Co-Investigators: |
|
| Project Partners: |
|
| Department: |
Computer Science and Technology |
| Organisation: |
University of Cambridge |
| Scheme: |
Standard Research (Pre-FEC) |
| Starts: |
17 October 2005 |
Ends: |
16 October 2008 |
Value (£): |
477,924
|
| EPSRC Research Topic Classifications: |
| Fundamentals of Computing |
|
|
| EPSRC Industrial Sector Classifications: |
| Communications |
Information Technologies |
|
| Related Grants: |
|
| Panel History: |
|
|
Summary on Grant Application Form |
|
Most computers today are connected to the Internet. This provides greatbenefits (e.g. email, web browsing, etc) but also introduces great risks to the security of systems (e.g. viruses, trojan horses, denialof service attacks). Malicious software is annoying at best, and at worst can cost tens of millions of pounds (e.g. in terms of lost revenue for commercial sites). One reason that malicious software is able to cause so much damageis that operating systems like Windows XP or Linux are very large. This means that there are lots of places in the program code which need to be checked for security weaknesses; unfortunately this means that in most cases we only discover a vulnerability after a successfulvirus or similar program has exploited it. By building systems in a different way, we can greatly reduce the risk of vulnerabilities of this kind. The key trick is to use a very small operating system which is easier to check for security.This new trusted computing kernel can potentially even be checkedusing mathematical proofs to ensure that it is bulletproof.The aim of the XenSE project is to produce a trusted computing kernelwhich provides a high quality set of security assurances, while remaining high performance and, crucially, being open source. This means both that the software is free to download and use, and also that the source code can be independently checked by experts in a variety of organizations (e.g. the government, large companies, security researchers at universities). We are confident that we can achieve this ambitious goal: previousresearch has produced Xen, a piece of software which allows a single computer to be divided into a number of virtual computers . Each of these virtual computer can run an operating system and allthe associated applications; but Xen is actually running underneathand can check for security problems. Xen is currently available forfree and has support from IBM, HP, Intel and AMD among others. Although Xen is currently high-performance and fairly secure, we have not yet added support to allow military-grade security . In this project we will add such support, and allow the use of new and emerging processors and supporting hardware from Intel and AMD. We will also address a previously unexplored area: attempting to providea completely secure display system so that users can be sure that whatthey see on screen is what they are supposed to see, and that no-one can eavesdrop on what's being displayed (something which we have previously demonstrated is really quite easy with less than a hundredpounds of equipment). Overall, the XenSE project will produce a free, high performance andindependently assessable piece of software which can be deployed in all kinds of organizations to reduce or even eliminate the risks from malicious software. It will also allow guarantees about theconfidentiality, integrity and provenance of sensitive data as is required by military, government and commercial organizations.
|
|
Key Findings |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Potential use in non-academic contexts |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Impacts |
|
| Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
| Summary |
|
| Date Materialised |
|
|
|
|
Sectors submitted by the Researcher |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
| Project URL: |
|
| Further Information: |
|
| Organisation Website: |
http://www.cam.ac.uk |