Cornell researchers have begun developing a technique that builds security into a computer system from the start. By incorporating security in the language used to write the programs, Myers and Schneider are changing the norm of defenses only improving after they've been successfully penetrated.
The research partners are working on a new computer platform they've named 'Fabric,' which replaces multiple existing layers of security with a single programming interface, making security reasoning direct and explicit. Fabric is being designed to create extremely secure systems for distributed computing such as systems that move money around or maintain medical records. Fabric's programming language is an extension of the Java language, but it actually builds in security as the program is written. Every bit of information in Fabric is an considered an "object" labeled with certain policies which dictate how and by whom any data can be viewed.
Fabric is presently only a prototype, being tested with a database of Cornell computer science students. But with their $1.1 million from the National Science Foundation and $1.3 million from the Office of Naval Research, Myers and Schneider plan to scale it up for much larger distributed systems.
Will the computer establishment actually be willing to change the way they manage complex systems? "How did we get people to use the Web?" Myers countered. Courtesy of www.drdobbs.com