SEC SODA - Security of Software for Distributed Applications
From 01-12-2008 to 30-11-2012
DescriptionMost software developed today runs in a network connected, and hence possibly hostile environment. Vulnerabilities in distributed software can potentially be exploited from anywhere on the Internet. The goal of the SEC SODA project is to enable the development and deployment of secure distributed software applications.
The project starts from the observation that many high quality security building blocks, such as authentication technologies, authorization engines or data protection protocols are widely available. These building blocks are an essential but not sufficient enabler for building secure distributed software: most of the vulnerabilities in software systems are not directly related to these (traditional) security specific components. The SEC SODA project will address other facets of distributed software development that have a substantial impact on the global security of the software product.
More specifically, the project consists of research activities to :
1. support the systematic development of security-aware software architectures in which security properties can be accommodated, as well as veriﬁed for their effectiveness
2. enhance the implementation experience for developers of secure software by providing programming models that provably guarantee the absence of particular security problems, as well as by improving the integration of specialized security measures into a security-unaware, or even untrusted software artefact
3. enable the trustworthy deployment of secure software via techniques of self-protecting code, encrypted execution and remote attestation
The work programme is structured in three tracks that cover the objectives enumerated above, complemented by an additional track in which representative applications are being developed in the domains of health-care, e-government and telecommunication systems. These applications will drive the requirements, as well as the validation of the various solutions that will be developed in the course of the project. Each track is lead by a senior researcher and executed by one or two consortium partners, thus reducing the project risk.
- Bart Preneel, Co-promotor
- Jan Cappaert, Coordinator
- Dries Schellekens, Team member
- Nessim Kisserli, Team member
- Yoni De Mulder, Team member
- Nikos Mavrogiannopoulos, Team member
Institute for the Promotion of Innovation through Science and Technology in Flanders