Version 32 (modified by 12 years ago) (diff) | ,
---|
Project Number
1696
Project Title
Exploiting Insecurity to Secure Software Update Systems
a.k.a. SECUREUPDATES
Technical Contacts
PI: Justin Cappos jcappos@poly.edu
Participating Organizations
Computer Science and Engineering
Polytechnic Institute of NYU
Metrotech 6
Brooklyn NY 11201
GPO Liaison System Engineer
Scope
This proposed effort will create a framework that secures the software update systems that operate on GENI. The work will define and implement a security layer that can operate over many different application-specific installation environments, thus providing secure update functions for diverse GENI nodes and clients. The proposal plans to leverage the VM and the redirection proxy from the Million Node GENI project to support multiple platforms. The effort provides secure key management support for software update system developers, allowing software updates to be signed, validated, and distributed securely.
Current Capabilities
Milestones
Spiral 4
- MilestoneDate(SECUREUPDATES: S4.a Demonstration and outreach at GEC12)?
- MilestoneDate(SECUREUPDATES: S4.b Identify GENI project(s) that are potential users of TUF)?
- MilestoneDate(SECUREUPDATES: S4.c Demonstration and outreach at GEC13)?
- MilestoneDate(SECUREUPDATES: S4.d Demonstration and outreach at GEC14)?
- MilestoneDate(SECUREUPDATES: S4.e Deliver software and documentation)?
Project Technical Documents
Securing Software Updates in GENI (overview document)
Client library design
Repository library design
Design documents: Client Specification and Server Specification
Source code (including client and repository libraries): http://www.updateframework.com/wiki/Download
Quarterly Status Reports
December 2009 report
March 2010 report
June 2010 report
November 2011 report
March 2011 report
March 2012 report
July 2012 report
Spiral 2 Connectivity
Related Projects
Attachments (9)
- Secure_Updates_in_GENI.pdf (43.1 KB) - added by 15 years ago.
-
qsr-dec09.pdf (69.2 KB) - added by 15 years ago.
December 2009 Quarterly Status Report.
-
Client_Library_Design_Document.pdf (63.2 KB) - added by 15 years ago.
Client library design.
-
Repository_Library_Design_Document.pdf (65.5 KB) - added by 15 years ago.
Repository library design.
-
qsr-mar10.pdf (59.9 KB) - added by 15 years ago.
Quarterly Status Report --- March 2010
- SecureUpdates 2010 review.pptx (170.1 KB) - added by 14 years ago.
-
tuf-server-spec.pdf (120.2 KB) - added by 14 years ago.
Design doc for repository library selective trust delegation and key management.
-
tuf-client-spec.pdf (123.4 KB) - added by 14 years ago.
Design doc for client library selective trust delegation and key management.
-
MilestonesS2f&gdeliverables.tar.gz (22.0 KB) - added by 14 years ago.
Deliverables for Milestones S2.f & S2.g
Download all attachments as: .zip