1999 Project Summary
|Project Website:||http://www.isi.edu/software-sciences/integrity-through-mediated-interfaces.html -- Additional project information provided by the performing organization|
|Quad Chart:||Quad Chart provided by the performing organization|
|Objective:||Provide end-to-end integrity management of data that ensures that it is only modified by authorized users using approved tools. It will detect and repair any other modifications to the data (such as by program bugs or malicous attacks).|
|Approach:||We will create an Integrity Manager that monitors
and records the tools (i.e. programs), and operations within those tools,
being applied to integrity-marked data sets to provide an end-to-end audit
record of all the transformations performed on the data set. This operation
level audit record can be used off-line for attribution (who made a specific
change and when did it occur) and on-line for authorization (who and/or
which tools are allowed to make particular types of changes to an integrity-marked
We will also associate integrity marks with these data sets when they are stored and check them when they are loaded. Any data sets that have been corrupted (their integrity marks don't match their contents) will be recreated by replaying the recorded sequence of data set modifications in their transaction history.
|Recent FY-99 Accomplishments:||We have created mediators that create cryptographic
checksums for documents (i.e. files) and check that these cryptographic
checksums are still valid when those documents are loaded. We have integrated
these mediators into PowerPoint so that they are activated when documents
are loaded and saved.
We have built an initial GUI monitor that detects application level operations occuring in the Windows GUI initiated by button selection or direct manipulation (e.g. moving or dragging). This GUI monitor will work with any tool-tip enabled application.
|FY-00 Plans:||The GUI monitor will be extended to detect menu
selection operations and keyboard input. It will also be extended to generate
pseudo-events for each of the detected application-level operations. These
pseudo-events will be fielded by application specific event handlers that
use the application's COM interface to gather the particular data needed
for the transaction history for that operation.
Application specific event handlers will be built for Microsoft PowerPoint and Word.
|Technology Transition:||We will demonstrate end-to-end data set integrity
for a major GCCS COTS product - Microsoft Office Suite (i.e. Word, Excel,
PowerPoint, and Access). The integrity manager, attribution, and data restoration
software will each be composed of application independent and application
specific portions. The application independent technology will be transferrable
without modification to additional COTS applications and data set types.
The most difficult task in extending integrity management to a new application is determining how application level operations have been implemented in terms of run-time-observable intermodule communications. The GUI and API spy technology we use to uncover these details will be refined to enable use to encompass the MS Office Suite. This technology will also be transferrable to simplify the task of bringing additional applications under control of the integrity manager.
|Principal Investigator:||Robert Balzer
4676 Admiralty Way
Marina del Rey, CA 90292-6695
[ Return to the ITS Project Summary Page ]