[[PageOutline]] == Project Number == 1696 == Project Title == Exploiting Insecurity to Secure Software Update Systems[[BR]] a.k.a. SECUREUPDATES === Technical Contacts === '''PI:''' Justin Cappos [mailto:justinc@cs.washington.edu][[BR]] Justin Samuel [mailto:jsamuel@cs.washington.edu][[BR]] === Participating Organizations === [http://www.cs.washington.edu Computer Science and Engineering][[BR]] University of Washington[[BR]] Box 352350 Seattle, WA 98195-2350 === GPO Liaison System Engineer === [mailto:vthomas@geni.net Vic Thomas] == Scope == This proposed effort will create a framework that secures the software update systems that operate on GENI. The work will define and implement a security layer that can operate over many different application-specific installation environments, thus providing secure update functions for diverse GENI nodes and clients. The proposal plans to leverage the VM and the redirection proxy from the Million Node GENI project to support multiple platforms. The effort provides secure key management support for software update system developers, allowing software updates to be signed, validated, and distributed securely. === Current Capabilities === === Milestones === [[MilestoneDate(SECUREUPDATES: S2.a overview)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.b client lib design)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.c repo lib design)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.d client lib demo)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.e repo lib demo)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.f push demo)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.g client lib example)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.h client lib trust design)]][[BR]] [[MilestoneDate(SECUREUPDATES: S2.i repo lib trust design)]][[BR]] == Project Technical Documents == [attachment:Secure_Updates_in_GENI.pdf Securing Software Updates in GENI] (overview document)[[BR]] === Quarterly Status Reports === [attachment:qsr-dec09.pdf December 2009 report] === Spiral 2 Connectivity === === Related Projects === [wiki:"ProvisioningService" Provisioning Service (Raven)][[BR]]