Taking the Open Source Road
Total Page:16
File Type:pdf, Size:1020Kb
The National Security Agency’s Review of Emerging Technologies 6 £nn Ó£ U ÓääÓä Taking the Open Source Road Raising the Bar in Operating System Security Cryptographic Binding of Metadata Providing a Secure Foundation with CLIP Open Source—Setting Software Free NSA’s Review of Emerging Technologies Letter from the Editor 2SHQ VRXUFH VRIWZDUH 266 LV D JURZLQJ SDUW RI WKH VRIWZDUH PDUNHW $OWKRXJK PXFK 266 LV ORZ FRVW HYHQ IUHH D JUHDW GHDO RI LWV JURZLQJ SRSXODULW\ LV EDVHG QRW RQ FRVW EXW RQ WKH DELOLW\ WR VHH DQG PDQLSXODWH WKH VRIWZDUH LQWHUQDOV 7KLV DELOLW\ HQDEOHV JUHDW ÁH[LELOLW\ DOORZLQJ SURJUDPPHUV WR HDVLO\ EXLOG XSRQ RU H[WHQG VRIWZDUH WR PHHW VSHFLÀF PLVVLRQ QHHGV ,QFUHDVLQJ LQWHUHVW LQ 266 LV QRW OLPLWHG WR FRPPHUFLDO PDUNHWV WKH 86 'HSDUWPHQW RI 'HIHQVH 'R' LV ORRNLQJ IRU ZD\V WR KDUQHVV WKH FRPPXQLW\ GHYHORSPHQW PRGHO ZLWKLQ LQWHUQDO SURMHFWV 'R' KDV HYHQ FUHDWHG LWV RZQ FRPPXQLW\ VRIWZDUH VLWH PLOIRUJHPLO WR PLPLF WKH SXEOLF RSHQ VRXUFH FRPPXQLW\ ,Q WKLV LVVXH RI 7KH 1H[W :DYH 71: ZH KDYH D VHULHV RI DUWLFOHV DERXW LPSRUWDQW SURMHFWV WKDW ZHUH HQDEOHG E\ RSHQ VRXUFH VRIWZDUH 7KH DUWLFOH ´5DLVLQJ WKH %DU LQ 2SHUDWLQJ 6\VWHP 6HFXULW\ 6(/LQX[ DQG 2SHQ6RODULV )0$&µ ZULWWHQ E\ 6WHYH 6PDOOH\ SUHVHQWV DQ XSGDWH RQ 6HFXULW\(QKDQFHG /LQX[ DQG LQWURGXFHV D SURMHFW WR EULQJ VLPLODU VHFXULW\ HQKDQFHPHQWV WR 6XQ·V 2SHQ6RODULV RSHUDWLQJ V\VWHP 7KH QH[W DUWLFOH ´3URYLGLQJ D 6HFXUH )RXQGDWLRQ IRU $SSOLFDWLRQV ZLWK WKH &HUWLÀDEOH /LQX[ ,QWHJUDWLRQ 3ODWIRUPµ E\ 7RGG 3DLVOH\ %UDQGRQ :KDOHQ DQG 6WHSKHQ /DZUHQFH LQWURGXFHV DQ 16$ SURMHFW WR HQDEOH TXLFNHU DQG FKHDSHU GHSOR\PHQW RI VHFXUH V\VWHP VROXWLRQV WR PHHW PLVVLRQ QHHGV 7KH DUWLFOH ´&U\SWRJUDSKLF %LQGLQJ RI 0HWDGDWDµ E\ &DOYLQ 0DVRQ FDOOV DWWHQWLRQ WR WKH LPSRUWDQFH RI WUXVWZRUWK\ PHWDGDWD DQG SUHVHQWV D VXPPDU\ RI WZR 16$ SURMHFWV WR SURWHFW PHWDGDWD )LQDOO\ RXU IRFXV DUWLFOH ´2SHQ 6RXUFH 6RIWZDUH³$ *URZLQJ 7UHQGµ E\ 5XVV 6XWFOLIIH DQG 5D\ <RXQJ H[SODLQV WKH LPSDFW RSHQ VRXUFH LV KDYLQJ RQ WKH JOREDO VRIWZDUH PDUNHW 7X[ WKH FUHDWLRQ RI /DUU\ (ZLQJ OHZLQJ#LVFWDPXHGX KDV UHSUHVHQWHG /LQX[ VLQFH 7KH RULJLQDO 7X[ ORJR ZDV FUHDWHG ZLWK *,03³WKH *18 ,PDJH 0DQLSXODWLRQ 3URJUDP &XVWRP YHUVLRQV RI 7X[ ZLOO VHUYH DV WKH JXLGH WKURXJK WKLV RSHQ VRXUFH HGLWLRQ RI 7KH 1H[W :DYH 7KH /LQX[ SHQJXLQ DQG *,03 DUH WZR H[DPSOHV RI RSHQ VRXUFH SURGXFWV DYDLODEOH IUHH WR WKH SXEOLF IRU XVH DQG PRGLÀFDWLRQ The Next Wave is published to disseminate technical advancements and research activities in telecommunications and information technologies. Mentions of company names or commercial products do not imply endorsement by the US Government. For more information, please contact us at [email protected] CONTENTS FEATURES 7DNLQJWKH2SHQ6RXUFH5RDG 5DLVLQJWKH%DULQ2SHUDWLQJ6\VWHP6HFXULW\ 6(/LQX[DQG2SHQ6RODULV)0$& 3URYLGLQJD6HFXUH)RXQGDWLRQIRU$SSOLFDWLRQV ZLWK WKH &HUWLÀDEOH /LQX[ ,QWHUJUDWLRQ 3ODWIRUP &U\SWRJUDSKLF%LQGLQJRI0HWDGDWD FOCUS 2SHQ6RXUFH³6HWWLQJ6RIWZDUH)UHH Taking the Open Source Road The direction is clear. Open-source software is paving a path to the information-centric future envisioned by the U.S. Department of Defense (DoD). In an address to Department personnel, the Pentagon’s deputy chief information offi cer (DCIO), David M. Wennergren, explained the reason for taking this new direction. “In today’s world we have to share information with people we never even dreamed of, using tools and means we never thought of before, [in] non-traditional ways with non-traditional organizations. And that’s the power of the information world.” FEATURE SHQVRXUFHVRIWZDUH 266 KDVSURYHQ 2WKHU IHGHUDO 26 SURMHFWV KDYH DOVR FRPH WR EH D SRZHUIXO WRRO IRU GLVWULEXWLQJ RQ OLQH UHFHQWO\ RU DUH LQ WKH ZRUNV ,Q -XQH LPSURYLQJ DQG H[WHQGLQJ QHZ WKH 86 $LU )RUFH UHOHDVHG D IUHH DQG RSHQVRXUFH SURJUDPV2266 OLFHQVLQJ LV JDLQLQJ DFFHSWDQFH YHUVLRQ RI )DOFRQ9LHZ D SHUVRQDO FRPSXWHU E\ LQGXVWU\ DQG JRYHUQPHQWV ZRUOGZLGH ,W LV WKH EDVHG PDSSLQJ DSSOLFDWLRQ GHYHORSHG IRU WKH SRZHU RI RSHQQHVV GHULYHG IURP FROODERUDWLRQ DQG 'R' E\ *HRUJLD 7HFK 5HVHDUFK ,QVWLWXWH (YHQ LQQRYDWLRQWKDW'R'LQWHQGVWRKDUQHVV WKH :KLWH +RXVH KDV HQWHUHG WKH 266 DUHQD 7KH )RU QHDUO\ WZR GHFDGHV 16$·V 5HVHDUFK SRSXODU :KLWH+RXVHJRY ZHE VLWH VZLWFKHG IURP 'LUHFWRUDWH 5' KDV EHHQ H[SORULQJ WKH UROH 266 DSURSULHWDU\FRQWHQWPDQDJHPHQWV\VWHPWRRSHQ FDQSOD\LQKHOSLQJWKH'R'DFKLHYHLWVPLVVLRQV VRXUFH 'UXSOH LQ 2FWREHU &LWLQJ WKH SRWHQWLDO (IIRUWV E\ 5' UHVHDUFKHUV OHG WR WKH SXEOLF UHOHDVH IRU HYHU\GD\ FLWL]HQV FRQWULEXWLQJ WR WKH HYROXWLRQ LQ 'HFHPEHU RI VHFXULW\HQKDQFHG 6( /LQX[ RI WKH ZHE VLWH :KLWH +RXVH PHGLD GLUHFWRU 0DFRQ 6LQFH WKHQ GHYHORSHUV IURP +3 +LWDFKL 6RIWZDUH 3KLOOLSV VDLG ´:H·UH ORRNLQJ IRUZDUG WR JHWWLQJ WKH ,%0 1(& 5HG +DW DQG RWKHU FRPPHUFLDO DV EHQHÀW RI WKHLU HQHUJ\ DQG LQQRYDWLRQµ ZHOO DV SULYDWH LQVWLWXWLRQV KDYH FRQWULEXWHG WR 7KH RSHQVRXUFH URDG DW WLPHV KDV EHHQ D H[WHQGLQJ WKH SURJUDP·V IHDWXUHV DQG PDWXULQJ LWV EXPS\ RQH QRW MXVW IRU WKH 'R' DV ,7 SODQQHUV IXQFWLRQDOLW\ )RU DQ LQGHSWK ORRN DW 6(/LQX[ VHH DWWHPSW WR VWHHU D FRXUVH VWUDGGOLQJ WKH EHQHÀWV ´5DLVLQJWKH%DULQ2SHUDWLQJ6\VWHP6HFXULW\µLQ RI RSHQQHVV ZLWK WKH GHPDQGV RI VHFXULW\ %XW WKLVLVVXHRI7KH1H[W:DYH :HQQHUJUHQ ZKR DOVR VHUYHV DV 'HSXW\ $VVLVWDQW 0RUH UHFHQWO\ 'R' GHYHORSHUV FRQWULEXWHG 6HFUHWDU\ RI 'HIHQVH IRU ,QIRUPDWLRQ 0DQDJHPHQW RYHU D PLOOLRQ OLQHV RI FRGH WR WKH RSHQVRXUFH 7HFKQRORJ\ DUJXHV WKDW WKLV LV WKH ZURQJ ZD\ WR 26 FRPPXQLW\ KHOSLQJ H[SDQG WKH IHGHUDO 26 ORRN DW WKH FKDOOHQJH +H SURSRVHV D GLIIHUHQW PRGHO KLJKZD\ 2QH PLOOLRQ OLQHV LV DERXW WKH VL]H RI LQZKLFKRSHQQHVVDQGVHFXULW\DUHJRDOVWKDWFDQ WKH &RUSRUDWH 0DQDJHPHQW ,QIRUPDWLRQ 6\VWHP UHLQIRUFHHDFKRWKHU &0,6 GHYHORSHG LQWHUQDOO\ E\ WKH 86 'HIHQVH 7KH 'R' KDV RIÀFLDOO\ HQGRUVHG WKH XVH RI ,QIRUPDWLRQ 6\VWHPV $JHQF\ ',6$ ',6$ 266 VWDWLQJ DV PXFK LQ JXLGHOLQHV SXEOLVKHG LQ VSHQW DOPRVW D GHFDGH EXLOGLQJ WKH ZHEEDVHG $ PHPRUDQGXP UHOHDVHG 2FWREHU IHGHUDO ZRUNIRUFH PDQDJHPHQW ZRUNÁRZ DQG E\ WKH &,2 WHDP SURYLGHV ´FODULI\LQJ JXLGDQFHµ DGPLQLVWUDWLYH VRIWZDUH VXLWH IRU XVH E\ PRUH WKDQ LQWHQGHG WR RYHUFRPH ´PLVFRQFHSWLRQV DQG PLOLWDU\ SHUVRQQHO PLVLQWHUSUHWDWLRQV RI WKH H[LVWLQJ ODZV SROLFLHV :KHQ RWKHU JRYHUQPHQW GHSDUWPHQWV DQGUHJXODWLRQVWKDWGHDOZLWKVRIWZDUHDQGDSSO\ ZDQWHG WR DGRSW WKH &0,6 VXLWH RI PRUH WKDQ WR 266µ '&,2 :HQQHUJUHQ VWDWHV LQ WKH PHPR WKDW DSSOLFDWLRQV ',6$·V GLUHFWRU RI PDQSRZHU WKHVH PLVFRQFHSWLRQV DQG PLVLQWHUSUHWDWLRQV KDYH SHUVRQQHO DQG VHFXULW\ -DFN 3HQNRVNH DVNHG KDPSHUHG 'R' HIIRUWV WR HIIHFWLYHO\ GHYHORS DQG ´:K\ QRW OHW WKHP"µ $QG LI VKDULQJ &0,6 ZLWK XVH266 RWKHU IHGHUDO DJHQFLHV ZDV D JRRG LGHD ZK\ QRW 266 KDV DOUHDG\ EHHQ DGRSWHG E\ VHYHUDO LQFOXGH DFDGHPLD LQGXVWU\ DQG WKH HQWLUH 26 'R' DJHQFLHV ZLWK LWV H[WHQVLYH XVH FLWHG DV HDUO\ FRPPXQLW\" DV ,Q D VWXG\ SUHSDUHG IRU WKH 'R' ´8VH ',6$ GLG MXVW WKDW ,Q 0DUFK WKH RI)UHHDQG2SHQ6RXUFH6RIWZDUH )266 LQWKH 3HQWDJRQ·V LQIRUPDWLRQ WHFKQRORJ\ XQLW DQQRXQFHG 86 'HSDUWPHQW RI 'HIHQVHµ 0,75( &RUSRUDWLRQ DFRRSHUDWLYHUHVHDUFKDQGGHYHORSPHQWDJUHHPHQW IRXQGWKDW´)266VRIWZDUHSOD\VDIDUPRUHFULWLFDO &5$'$ ZLWK WKH 2SHQ 6RXUFH 6RIWZDUH ,QVWLWXWH UROH LQ WKH 'R' WKDQ KDV EHHQ JHQHUDOO\ UHFRJQL]HGµ WR PDNH DQ 26 YHUVLRQ RI &0,6 DYDLODEOH WR 1RZ WKH PHPRUDQGXP ZKLFK VXSHUVHGHV RWKHU IHGHUDO DJHQFLHV DFDGHPLD QRQSURÀW 'R' JXLGHOLQHV RI VHYHQ \HDUV DJR RSHQV WKH GRRU RUJDQL]DWLRQV DQG LQGXVWU\ WR UHXVH DQG LPSURYH WRHYHQJUHDWHUSUROLIHUDWLRQRI266SURGXFWVLQWKH ',6$ XVHG $GREH &ROG )XVLRQ DQG 0LFURVRIW 64/ IXWXUH 6HUYHU WR EXLOG 26&0,6 7KH GHSDUWPHQW·V 2QH IRUFH DFFHOHUDWLQJ WKH 'R'·V DGRSWLRQ RI HIIRUW ZDV UHFRJQL]HG E\ *RYHUQPHQW &RPSXWHU 266 PD\ FRPH IURP WKH PHPR·V DIÀUPDWLRQ WKDW 1HZV *&1 DV RQH RI WKH ´ JUHDW JRYHUQPHQW ,7 ´LQ DOPRVW DOO FDVHV 266 PHHWV WKH GHÀQLWLRQ RI SURMHFWVµ IRU ¶FRPPHUFLDO FRPSXWHU VRIWZDUH·µ DQG QHHGV WR EH The Next Wave Vol 18 No 2 2009 5 WUHDWHGDVVXFK&ODVVLI\LQJ266DVDFRPPHUFLDO ZRUNVµ ÀQDQFLDO JDLQ %\ DSSO\LQJ WKLV GHÀQLWLRQ LWHP JUDQWV LW VSHFLDO FRQWUDFWXDO FRQVLGHUDWLRQ WR 266 VLPSO\ LPSURYLQJ FRGH³VRPHWKLQJ 86 ODZ 86& FDOOV IRU JRYHUQPHQW HQFRXUDJHG E\ WKH RSHQVRXUFH FRPPXQLW\ DQG SURFXUHPHQW WR IDYRU FRPPHUFLDO VXSSOLHV DQG H[SUHVVHGLQWKH26'DQGWKH)6'³LVDIRUPRI VHUYLFHV 7KH ODZ UHTXLUHV KHDGV RI DJHQFLHV WR ÀQDQFLDO JDLQ PDNLQJ WKH VRIWZDUH FRPPHUFLDO HQVXUH WKDW SURFXUHPHQW RIÀFLDOV DUH WUDLQHG LQ 0RUH REYLRXV HIIRUWV WR FRPPHUFLDOL]H 266 WKHDFTXLVLWLRQRIFRPPHUFLDOSURGXFWV(YHU\RQH DUH JDLQLQJ PRPHQWXP DV ZHOO 5HVHDUFK ÀUP ,'& LQYROYHG LQ WKH SURFXUHPHQW SURFHVV PXVW E\ IRUHFDVWVDSHUFHQWFRPSRXQGDQQXDOJURZWK ODZ PDNH HYHU\ HIIRUW WR DFTXLUH FRPPHUFLDO UDWH &$*5 IRU 266 UHYHQXH ZRUOGZLGH RYHU SURGXFWV DQG UHTXLUH FRQWUDFWRUV WR LQFRUSRUDWH WKH QH[W ÀYH \HDUV 7KDW JDLQ ZRXOG SXVK UHYHQXH FRPPHUFLDO SURGXFWV ZKHQ SRVVLEOH $GGLWLRQDOO\ IURP 266 SDVW ELOOLRQ E\ ,Q DGGLWLRQ WR VSHFLÀFDWLRQV IRU FRQWUDFW UHTXLUHPHQWV VKRXOG EH HVWDEOLVKHG 266 YHQGRUV OLNH 5HG +DW DQG 1RYHOO VWDWHG LQ WHUPV WKDW HQFRXUDJH ELGGHUV WR VXSSO\ VHUYLFHEDVHG ,7 EXVLQHVVHV VXFK DV ,%0 DQG FRPPHUFLDO SURGXFWV DQG SURFXUHPHQW SROLFLHV 2UDFOH KDYH EHHQ WDSSLQJ WKH RSHQVRXUFH PDUNHW SUDFWLFHV DQG SURFHGXUHV DUH WR EH ZULWWHQ RU E\ RIIHULQJ 266 VXSSRUW *RRJOH·V 266 VWUDWHJ\ UHYLVHGWRUHGXFHLPSHGLPHQWVWRWKHLUDFTXLVLWLRQ KDV EHHQ WR VKLIW HPSKDVLV DZD\ IURP WKH FRGH LQ 3ROLFLHV VHW RXW LQ )HGHUDO $FTXLVLWLRQ IDYRURIWUDQVSDUHQF\DQGDSSOLFDWLRQSURJUDPPLQJ 5HJXODWLRQ )$5 DQG WKH 'R' VXSSOHPHQW LQWHUIDFHV $3,V (YHQ 0LFURVRIW LV SURPRWLQJ ')$56 VSHFLÀFDOO\ UHTXLUH HIIRUWV WR VXSSRUW LQWHURSHUDELOLW\ EHWZHHQ WKH H[HFXWLYHDJHQFLHVWRLQFOXGH266ZKHQFRQGXFWLQJ FRPSDQ\·V SURSULHWDU\ OLQH RI SURGXFWV DQG 266 PDUNHW UHVHDUFK IRU VRIWZDUH SURFXUHPHQWV