Subject: NAI Labs/FreeBSD
From: Keith Bostic <bostic@sleepycat.com>
Date: Wed, 11 Jul 2001 09:05:29 -0400 (EDT)

NAI Labs Announces DARPA-Funded FreeBSD Security Initiative
                                                                                
   Monday, July 09, 2001                                                        
                                                                                
   NAI Labs Partners With DARPA to Secure Open Source Operating System          
                                                                                
   $1.2 Million Contract to Enhance Operating System Security Services          
                                                                                
   NAI Labs, the advanced research group within PGP Security, a division of     
   Network Associates, Inc., announced a $1.2 million contract awarded by the   
   U.S. Navy's Space and Warfare Systems Command to develop security            
   extensions to the Open Source FreeBSD operating system. This work, which     
   is funded under the Defense Advanced Research Projects Agency (DARPA),       
   will be done in partnership with members of the FreeBSD developer            
   community, assuring tight system integration and rapid technology            
   transfer. The project will be lead by NAI Labs Research Scientist Robert     
   Watson, and NAI Labs Chief Scientist Lee Badger. The work will be done in    
   part by sub-contractors from the FreeBSD development community, including    
   Kirk McKusick, Poul-Henning Kamp, Jonathan Lemon, and Eivind Eklund. The     
   $1.2 million will be paid over the life of an 18-month contract.             
                                                                                
   Today's evolving military and business processes increasingly rely on Open   
   Source systems to power network infrastructure, network services, file and   
   database servers, and workstation environments. Unfortunately, these         
   systems have traditionally lacked advanced security features, such as        
   Mandatory Access Control, required for secure environments. Likewise,        
   other advanced security techniques developed by the security research        
   community have often failed to transition to off-the-shelf systems.          
                                                                                
   The Community-Based Open Source Security (CBOSS) initiative will address     
   these challenges through close collaboration with the FreeBSD developer      
   community. FreeBSD is an advanced, high-performance operating system         
   widely used by Internet Service Providers (ISPs), and as the basis for       
   embedded network products including routers and firewalls, due to its        
   scalability, ease of management, and cost effective operation. The system    
   has also formed the basis for substantial parts of Apple's Mac OS X next     
   generation operating system, as well as products from a variety of other     
   operating system vendors. NAI Labs, in cooperation with a number of key      
   FreeBSD developers, will enhance the FreeBSD operating system to offer       
   several new security services, as well as improved assurance, providing a    
   direct technology transfer path for security research. This will include     
   the development or porting of specific security technologies, including      
   NAI Labs' LOMAC, development of highly integrated file system and device     
   extensibility services to support security features, network stack           
   hardening, kernel security model extensibility allowing tightly integrated   
   mandatory access control, and application security work. Several of these    
   components are based on or contribute to work performed as part of the       
   TrustedBSD Project, a project which seeks to introduce trusted operating     
   system functionality into the FreeBSD operating system.                      
                                                                                
   The Composable High Assurance Trusted Systems (CHATS) program at DARPA       
   will focus on the development of the tools and technology that enable the    
   core systems and network services to protect themselves from the             
   introduction and execution of malicious code and other attack techniques     
   and methods. These tools and technologies aim to provide the high            
   assurance trusted operating systems the security services needed to          
   achieve comprehensive secure highly distributed mission critical             
   information systems for the DoD. This program seeks to enhance the           
   existing approach to development and acquisition of high assurance trusted   
   operating systems technology by advancing the security functionality,        
   security services, and the state of assurance in current open-source         
   operating systems and developing a long-term architectural framework for     
   future trusted operating systems.                                            

   For more information on NAI Labs, please see:

      http://www.nailabs.com/

   For more information on the CBOSS initiative, please see:

      http://opensource.nailabs.com/news/20010709-cboss.html

      http://opensource.nailabs.com/initiatives/cboss/