Air force 14. 1 Small Business Innovation Research (sbir) Proposal Submission Instructions



Download 1.72 Mb.
Page10/40
Date02.02.2017
Size1.72 Mb.
#15739
1   ...   6   7   8   9   10   11   12   13   ...   40

PHASE I: Develop and perform a feasibility study to evaluate whether any existing AF applications can be scaled/migrated into a cloud environment. Document the requirements for applications to be "cloud-ready" and identify possible candidates. Identify several candidate applications that provide a reasonable sampling for development/testing within a proof-of-concept demonstration capability in Phase II.

PHASE II: Evaluate application isolation technologies for applicability within generalized cloud infrastructure. Evaluate various secure communication methods/protocols for inter-component communications. Design/implement compute cloud infrastructure to securely deploy application components. Demonstrate proof of concept prototype of secure application isolation of representative distributed mission app with reduced cloud infrastructure usage, while maintaining overall app isolation and security.

PHASE III DUAL USE APPLICATIONS: Utilize the developed technologies to implement & deploy a secure distributed mission application. This technology also directly benefits all customers of cloud infrastructure as they move away from traditional enterprise applications to enterprise applications designed specifically for the cloud.

REFERENCES:

1. Abdulla, Muhammad, et al. “Lightweight Virtualization Based Security Enforcement in Mobile Devices.” Center for Secure Information Systems George Mason University, http://cs.gmu.edu/~astavrou/courses/ISA_862_F10/lightvirt.pdf.


2. Russel, Rusty, “lguest: Implementing the little Linux hypervisor,” IBM OzLabs, http://landley.net/kdocs/ols/2007/ols2007v2-pages-173-178.pdf.
3. Mitasch, Christoph, “Lightweight Virtualization: LXC Best Practices,” LinuxCon Barcelona 2012, http://www.thomas-krenn.com/de/wikiDE/images/c/cf/20121106-Lighweight_Virtualization_LXC_Best_Practices.pdf.
KEYWORDS: Virtualization, Cloud Computing, Cloud Security, End-to-End Trust, Secure Communications, Information Assurance

AF141-042 TITLE: Protected Execution in Cloud Environments (PECE)


KEY TECHNOLOGY AREA(S): Information Systems Technology

OBJECTIVE: Analyze, develop and test a protected execution system that assures integrity of systems, software, and data by preventing unintended or unauthorized leakage through compromised third-party cloud infrastructures.

DESCRIPTION: External attackers or malicious insiders can deploy a variety of attacks against cloud infrastructure to expose sensitive code and data [1]. These attacks include traditional exploits against cloud instances, firmware and hardware-based malware, and the injection of malicious hypervisors.
Three examples of these attacks include:

1. A modified hypervisor that undetectably hooks and modifies API calls and arbitrary memory addresses to analyze and alter software behavior.

2. An attack that modifies a program’s dependencies, such as a dynamic-linked library (DLL), to modify memory accesses, alter program behavior, and tamper with data.

3. A custom hypervisor that single-steps application execution, allowing an adversary to analyze or modify each instruction as it executes [2].


External adversaries or malicious insiders at the provider can use these attacks to analyze code, launch D5 effects, expose sensitive data, and modify software behavior. With little or no control over the environment, cloud consumers cannot prevent these attacks.
As military organizations migrate to the cloud, they may need to trust the integrity of their systems, software, and data to a third-party, the cloud provider. The cloud provider may be public (e.g. Amazon EC2, Rackspace, etc.) or private (e.g. other government organizations). Malicious insiders within the provider, or the provider themselves, may analyze, modify, and exfiltrate a cloud consumer’s code and data [3]. In addition, external attackers may gain access to the cloud through vulnerabilities and supply chain attacks. Since the consumer lacks control over the environment, they cannot prevent these attacks or protect their code and data. Cloud consumers would benefit from technology that defeats these attacks by allowing them to securely operate in untrusted cloud instances while assuring confidentiality, integrity, and availability.

PHASE I: Research the application of efficient techniques, such as obfuscation, to prevent the rapid analysis or modification of computations and data in cloud environments.

PHASE II: Develop a working system that can prevent unintended or unauthorized leakage of data due to compromised cloud infrastructure. The team shall also carry out comprehensive benchmarking experiments using representative usage scenarios of varying application programs and malicious software and demonstrate the advantages of this approach by comparing against existing tools and techniques.

PHASE III DUAL USE APPLICATIONS: Employ developed technologies to assure the ability of mission applications to operate in hostile cloud environments. This technology also benefits commercial industries where trust and privacy are essential to business.

REFERENCES:

1. Al Morsy, Mohamed, et. al., (2010), “Analysis of The Cloud Computing Security Problem,” Proceedings of APSEC 2010 Cloud Workshop, Sydney, Australia, 30, Nov. 2010. Retrieved from: http://www.cs.nmsu.edu/~istrnad/cs579/presentations/AnalysisOfSecurityInCloudComputing.pdf.

2. Dinaburg, Artem et.al, (2008), “Ether: malware analysis via hardware virtualization extensions,” CCS’08 Proceedings of the 15th ACM conference on Computer and communications security, retrieved from: http://dl.acm.org/citation.cfm?id=1455779.
3. Rocha, F., (2011), “Lucy in the sky without diamonds: Stealing confidential data in the cloud,” 2011 IEEE/IFIP 41st International Conference on Dependable Systems and Networks Workshops, 27-30 June 2011, Retrieved from: http://ieeexplore.ieee.org/xpl/login.jsp?tp=&arnumber=5958798&url=http%3A%2F%2Fieeexplore.ieee.org%2Fxpls%2Fabs_all.jsp%3Farnumber%3D5958798.
KEYWORDS: Virtualization, Cloud Computing, Cloud Security, Virtual Machine Monitoring, Information Assurance, Protected Execution System, Cloud Infrastructure Attacks

AF141-043 TITLE: Fault Isolation in Hypervisors with Live Migration


KEY TECHNOLOGY AREA(S): Information Systems Technology

OBJECTIVE: To reduce the complexity and attack surface of commodity hypervisors and the virtual devices used by guest virtual machines without sacrificing live migration support.

DESCRIPTION: One of the tenets of Cloud Computing is the ability to host multiple virtual machine instances (owned by multiple parties) on the same physical hardware with guarantees that the different machines will be isolated from each other. These virtual machines can then migrate from one physical host to another for load balancing and reliability. By design these virtual machines are managed by a privileged hypervisor (also known as a Virtual Machine Monitor) that mediates accesses by the guests to shared physical resources through the use of virtual devices and prepares the guest state for live migration. Thus a compromise of either the hypervisor or the virtual devices can lead to a breakdown in the isolation guarantee and live migration capabilities. This weakness needs to be addressed.
This topic seeks to buttress the fault isolation guarantees provided by commodity hypervisors (i.e., Xen, KVM, VMWare, VirtualBox) by reducing the complexity of the hypervisor and virtual devices, and properly isolating the different components, while providing live migration support at the same time. Proper isolation implies that an attack on the hypervisor or virtual devices can only affect the virtual machine from which the attack originates. It must not lead to the Denial of Service for the other guest virtual machines for example. There exists a corpus of academic research towards privileged hypervisor minimization. These include DeHype [1], a design that separates the KVM hypervisor into privileged and unprivileged components and moved all of the unprivileged code down to user-space, and NoHype [2] that eliminates much of the privileged hypervisor among others. The limitation is lack of live migration support though.
For example, DeHype [1] moves much of the hypervisor code, including the memory manager, from kernel space down into the user-space. By doing so, there is a need for two separate Guest Physical Address to Host Physical Address mappings: the one held by the kernel, and the version that is held by the userspace component. The userspace component would propose changes to the mappings and the kernel verifies the proposed changes, and if valid, commits them into the Nested Page Tables / Extended Page Tables for use by the virtual machine. In this organization, both copies must be synchronized and must be migrated at the same time. This is currently not supported.

PHASE I: Design a virtualization platform that minimizes the attack surface of the hypervisor, virtual devices as well as support live migration. Define metrics used to measure success (e.g., DoS attack isolation, live migration latency, etc.). Develop and demonstrate a proof-of-concept prototype in preparation for Phase II.

PHASE II: Develop the prototype designed during Phase I and test it against the proposed metrics. The testing environment should be representative of a real cloud environment. Demonstrate the isolation properties using real-world vulnerabilities/exploits and demonstrate live migration.

PHASE III DUAL USE APPLICATIONS: Mature the prototype developed during Phase II and create a representative cloud computing environment using the new technology. Demonstrate its effectiveness (in terms of isolation and live migration) using both host-based and network-based attacks.

REFERENCES:

1. C. Wu, Z. Wang and X. Jiang. Taming Hosted Hypervisors with (Mostly) Deprivileged Execution. In Proceedings of the 20th Annual Network and Distributed System Security Symposium, February 2013.


2. J. Szefer, E. Keller, R. B. Lee, and J. Rexford. Eliminating the Hypervisor Attack Surface for a More Secure Cloud. In Proceedings of the 18th ACM Conference on Computer and Communications Security, October 2011.
KEYWORDS: Cloud Computing, Virtual Machine, Hypervisor, Live Migration, Isolation, Least Privilege, Attack Surface Minimization

AF141-044 TITLE: Live Patching of Virtual Machines with Limited Guest Support


KEY TECHNOLOGY AREA(S): Information Systems Technology

OBJECTIVE: This topic seeks to advance the state of the art towards being able to apply patches to a running guest virtual machine directly from the hypervisor without specialized software running on the guest.

DESCRIPTION: Patch management plays an important role in ensuring the overall security posture of machines. Traditionally, enterprise level patch management is conducted through the use of privileged end-point software that runs on the manage system. The patches and configuration changes can then be pushed to the end-points from a central server. Patch management in Cloud Computing essentially follows the same concept where the same end-point software is installed onto the virtual machines. This same paradigm is used even for dormant virtual machine images that are not running [1,2]. Given the advancement of virtual machine introspection [3] techniques for digital forensics and malware analysis [4,5], there is an opportunity to investigate the ability to apply patches to a live virtual machine with limited or no guest support. In this manner, critical, user-managed, misconfigured or malfunctioning virtual machines can still receive critical patches or configuration updates.
This topic seeks to advance the state of the art towards being able to apply patches to a running guest virtual machine directly from the hypervisor without specialized software running on the guest. The proposed solution needs to have a sound argument for and evidence to support the notion that the patch will be applied and the guest will not be rendered unstable. Additional metrics, such as the kind or type of patches that can be applied or the size of a guest module (if necessary), should also be proposed when necessary.

PHASE I: Define the type or kind of patches that can be applied to a live virtual machine and a technique for patching. Develop and demonstrate live patching on a proof-of-concept prototype.

PHASE II: Develop the prototype designed during Phase I and test it against the proposed metrics. Demonstrate live patching of virtual machines from the hypervisor using real-world patches on COTS systems. Prepare for commercialization.

PHASE III DUAL USE APPLICATIONS: Work with the DoD to demonstrate that the prototype developed during Phase II can also be applied to DoD systems and software. Further demonstrate the capability through multiple Guest Operating System platforms, e.g., Windows 7, Ubuntu Linux, etc.

REFERENCES:

1. G. Shields. Geek of All Trades: Patching Dormant VMs. In TechNet Magazine. July, 2010. http://technet.microsoft.com/en-us/magazine/ff848996.aspx.


2. Virtual Machine Servicing Tool (VMST) 2012. http://technet.microsoft.com/en-us/library/jj149757.aspx.
3. K. Nance, M. Bishop, and B. Hay, “Virtual Machine Introspection: Observation or Interference?,” IEEE Security and Privacy 6(5) pp. 32–37. September 2008.
4. T. Lengyel, J. Neumann, S. Maresca, B. Payne and A. Kiayias. “Virtual Machine Introspection in a Hybrid Honeypot Architecture.” In Proceedings of the 5th Workshop on Cyber Security Experiment and Test. August 2012.
5. D. Srinivasan, Z. Wang, X. Jiang and D. Xu. “Process Out-Grafting: An Efficient ‘Out-of-VM’ Approach for Fine-Grained Process Execution Monitoring.” In Proceedings of the 18th ACM Conference on Computer and Communications Security. October 2011.
KEYWORDS: Cloud Computing, Patch Management, Configuration Management, Virtual Machine Introspection, Active Introspection, Digital Forensics, Live Guest, Running Guest

AF141-045 TITLE: Conformal High-Efficiency Emitter Systems Enhancement (CHEESE)


KEY TECHNOLOGY AREA(S): Electronics and Electronic Warfare
The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with section 5.4.c.(8) of the solicitation and within the AF Component-specific instructions. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws. Please direct questions to the AF SBIR/STTR Contracting Officer, Ms. Kristina Croake, kristina.croake@us.af.mil.

OBJECTIVE: Develop low- (to no-) protruding antennae for SWaP-constrained aerial platforms. Provide minimal penetration of platform skin and structure.

DESCRIPTION: Provide approach for minimal impact for SWaP-C constrained aerial platforms, especially small to medium UAS that may be employed as dedicated maneuvering communications relays and gateways. The frequencies of interest for the antennas can range from L-band to Ku-band and are primarily meant to support Line Of Sight (LOS) communications.
Conformal emitters reduce drag and, at times, detectability of the air platform; in some designs, weight, changes to platform skin and structure is lessened, but, generally, conformal emitters are more expensive to install due to the need for underside antenna structures. Consider placement of one or more improved conformal designs to maximize utility of emitter for warfighter use. Consider frequency spectrum efficiency, cost, ease of manufacture, decrease in effectiveness (because it is not in the slipstream and may be "hidden" within the structure) or partially reduced in effectiveness due to potential lack of backplane provided to traditional emitters by the platform's skin.
Recent advances by many SBIR and large antenna designers have not had a comparative examination. This SBIR would provide an across the board look at multiple designs, identify specific features, in conjunction with the IP holders, to compare and contrast design features.

PHASE I: Examine and compare top 10 emitter designs (from "paint-on" to flush-mounted but deep) with attention to emitted power, gain, weight, power usage, skin and structure penetration, detectability by adversary defensive and offensive system (using engineering and physics estimations); select two candidates or blends of best features of the original 10; develop and prototype candidate(s) alternatives.

PHASE II: Employing own and government or commercial or university laboratory, construct working prototype(s) for multiple military communications band. TRL-5/6 goal. Design, develop, and conduct laboratory or ground field test. Provide engineering approach for installation and testing on 2 or more candidate US Air Force model- designation-series (MDS) aircraft. Provide cost estimate for production of dual quantities of emitters for Phase III flight testing. TRL-6.

PHASE III DUAL USE APPLICATIONS: Flight test and report results using wide spectrum analysis; conduct cosite tests for selected US Air Force platform(s).

REFERENCES:

1. Pique, A., Auyeung, R., et al, Rapid Prototyping of Conformal Antenna Structures,

http://www.princeton.edu/~spikelab/papers/027.pdf.
2. Gonzalez, M., Analysis of Conformal Antennas for Avionics Applications, Chalmers, DLR, Jan 2007.
3. Callus, Paul J., Conformal Load-Bearing Antenna Structure for Australian Defence Force Aircraft, http://www.dtic.mil/cgi-bin/GetTRDoc?AD=ADA470328.
KEYWORDS: conformal antennas, load bearing antennas, affordable communications, L-band, C-band, Ku-band, S-band

AF141-046 TITLE: Inverse Mission Planning of Aerial Communications Technologies (IMPACT)


KEY TECHNOLOGY AREA(S): Battlespace Environments
The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with section 5.4.c.(8) of the solicitation and within the AF Component-specific instructions. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws. Please direct questions to the AF SBIR/STTR Contracting Officer, Ms. Kristina Croake, kristina.croake@us.af.mil.

OBJECTIVE: Employ geospatial and mission-aware techniques to provide optimum coverage for all warfighters independent of mission criticality; reserve ability to prioritize surface communication needs. Reliable planning of airborne links increases survivability.



DESCRIPTION: Dedicated airborne relays and gateways are a relatively new addition to the battle space, and these are proving to be valued highly by both US and coalition ground forces. Having aerial platforms that, merely by virtue of their elevation above the ground communicator, provide 10 times or more RF effective range to communications devices used by our ground and special forces warfighters, allows cross-theater/cross-battle space communications and reachback to main Command & Control (C2) elements. Likewise, an airborne gateway/relay can provide extended C2 coverage for strike, rescue, and resupply missions within or entering/exiting the battle space. In order to take full advantage of these airborne gateway/relays, a robust mission planning approach is required to enable detailed planning, dynamic management and adaptive control of the enhanced communications and networking capability that is provided by these assets.
There are so many automated means employed on a regular basis today for complex networking and mission planning purposes that we no longer have to accept only a normalized approach to communications planning. It is now well within our reach to at least partially optimize assured RF coverage for all elements of a complex, changing, mobile set of forces. While it is not possible to establish a "ground truth" in cognitive networking for something happening in the future and something subject to continual change, we can vastly improve the state of communications if we begin to match up link quality and Quality-of-Service (QoS) for each air and ground element, with consideration given to the entire battle space, when geospatial, mission aware, and temporal factors, in addition to basic RF propagation factors, are considered. We can also "stretch" our mission planning to well beyond a safe radius of action for a given pair of transmitter-receivers, especially as we move to more Internet Protocol (IP) communications.
We must consider how missions are planned for joint and coalition forces using common planning tools. In many cases, specialized mission planning modules exist to control weapons delivery, navigation, threat avoidance, terrain following, etc. These modules are based on forward planning techniques which generally employ only a normalized approach for planning the specific mission. Unlike these specialized mission planning modules that support unit aircraft through forward planning techniques, the dedicated communications and network planning modules which are designed to integrate with current planning systems, might consider inverse planning techniques to serve a maximum number of ground users possible within the communications range of one or more dedicated airborne platforms. Such inverse planning techniques could employ an automated approach to communications and network planning through the assignment of critical factors, or weights, to ground users along with weight optimization schemes for prioritization of transmitter-receiver pairing. The Commander’s staff not only needs to know who the planned communicators are, but who MIGHT BECOME a user on short notice. Weighting of ground user (or others, non-relay nodes) mission priorities may need to be considered if the problem set shows a stretch must be made to fill all potential customer needs.
It will be vital to determine which factors can be normalized (considered at a base level, without specific outlier conditions considered). Radio characteristics may include: frequency, waveform, power, power amplifiers, antenna patterns, co-site issues, mode, etc. Antenna characteristics may include: multiple input/output (MIMO) versus single input/output (SISO), co-site factors, frequency, gain (transmit and receive), directionality, diplexing, etc. Some physical factors to be considered are: partial/full antenna blockage by wing/fuselage, aircraft state (both receiver and transmitter), terrain, and environment/weather. Propagation factors such as frequency sharing or isolation, and shared spectrum beyond effective ranges may also be considered in the solution.

PHASE I: Outline/select, in conjunction with SPOC/TPOC, factors for the planning problem. Deliver prototype IMPACT module, based on current unit-level mission planning tool for the communications node. Identify services needed from air, land, maritime forces' planning centers to determine the "customer set" and priorities.

PHASE II: Refine and test using modeling and simulation and RF emulation tools. In conjunction with unit-level mission planning office, select test cases; working with relevant airborne gateway/relay programs, validate problem set, run test cases. With SPOC/TPOC, select appropriate venue for live testing using existing field assets in live- virtual-constructive (LVC) environment.



Download 1.72 Mb.

Share with your friends:
1   ...   6   7   8   9   10   11   12   13   ...   40




The database is protected by copyright ©ininet.org 2024
send message

    Main page