.   +---------------------+      
+---|---------------------|-------.    .---_||||||_-----------------.   
|:--|-----\\\\\//////-----|--. o   ----                          (\)| 
|#|||------         ------|--.||      [  Peter A. H. Peterson       | 
|-::|-----|.-,   ,-.|-----|===========[  Assistant Professor of CS  |  
|o+o|----(| @ |   @ |)----|:::::::::::[  329 Heller Hall            | 
||o||-----#  '-'    #-----|:::::::::::[  1114 Kirby Drive           | 
|||||------\"==="  /------|===========[  Duluth, MN 55812           | 
|||||-------`-----'|------| | o       [  pahp@d.umn.edu             | 
||/ |.----/'\'-----'/\---.|-+-'       [  pedro@tastytronic.net_  (/)|   
||^_|     '''|     |''    |-----'''----||||-||||||||||-||||||||||.  |  
||| +---------------------+-----------'                          | :| 
|:|                                                              |:.|
| '------------.  [back to research]                             |.:|
| home         |                                                 |:.| 
'------------. |  Data Tethers                                   |.:|
.------------' |                                                 |:.|      
| cv           |  Data Tethers is an Information Flow Tracking   |.:|      
| .------------'  (IFT) OS with a focus on dynamically           |:.|      
| '------------.  rewriting legacy applications in conjunction   |.:|      
| research     |  with security policies based on environmental  |:.|      
'------------. |  information. "Environment" includes            |.:|      
.------------' |  everything from security posture to physical   |:.|      
| interests    |  location, and DT's security policies can       |.:|      
| .------------'  incorporate virtually any condition that the   |:.|      
| '------------.  computer can be made to test (innately or      |.:|      
| blog         |  with some peripheral such as a smartcard       |:.|      
'------------. |  reader).                                       |.:|      
.------------' |                                                 |:.|      
| reading      |  Implemented on top of OpenSolaris, DT can,     |.:|      
| .------------'  with very little overhead, track the flow of   |:.|      
| '------------.  information through legacy applications (for   |.:|      
| quotes       |  example, we extensively tested OpenOffice      |:.|      
'------------. |  tools). DT protects data via an abstract       |.:|      
.------------' |  "data barrier"; within the barrier, data flow  |:.|      
| contact      |  is tracked. Any time data leaves the barrier,  |.:|      
|              |  it is encrypted and tagged with a policy ID.   |:.|      
|''''''''''''''|  Compliance with the policy is necessary        |.:|      
| 001010101101 |  before the data can be used; this applies to   |:.|      
| 011011011001 |  running applications, or to new applications   |.:|      
| 010011011011 |  attempting to access the data. Our prototype   |:.|      
| 110011010111 |  DT system includes working barrier code for    |.:|      
| 100100001100 |  the filesystem and network (implemented        |:.|      
| 101001100111 |  within VFS and SockFS for maximum              |.:|      
| 001101100101 |  portability), as well as working policy        |:.|      
| 001111000000 |  evaluation code and a number of policy         |.:|      
| 001010101101 |  modules.                                       |:.|      
| 011011011001 |                                                 |.:|      
| 010011011011 |  Data Tethers would be ideal for use in         |:.|      
| 110011010111 |  environments where strict policy control of    |.:|      
| 100100001100 |  data is necessary, such as in law firms and    |:.|      
| 101001100111 |  hospitals. Another potential use is as a       |.:|      
| 001101100101 |  consumer protection tool for online retailers  |:.|      
| 001111000000 |  and customers. We built a working DT-based     |.:|      
| 001010101101 |  system where, user credit card numbers are     |:.|      
| 011011011001 |  tagged with an expiry policy -- after the      |.:|      
| 010011011011 |  transaction has completed, the retailer's      |:.|      
| 110011010111 |  computer systems are forced to "forget" the    |.:|      
| 100100001100 |  data by means of key destruction.              |:.|      
| 101001100111 |                                                 |.:|      
| 001101100101 |  Our NSPW paper is available online; a new,     |:.|      
| 001111000000 |  comprehensive paper on our work is currently   |.:|      
| 001010101101 |  in submission.                                 |:.|      
| 011011011001 |                                                 |.:|      
| 010011011011 |  [back to research]                             |:.|      
| 110011010111 |                                                 |.:|      
|'''''''''''''''-------------------------------------------------'::'. 
|::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::| 
`=======---------.______.-------:::::::-:------------------------. ? | 
                                                                  ---'