Sun/Dartmouth OpenSolaris Security Collaboration

Project Summary

Dartmouth and Sun have begun the first of a multi-phase project exploring PKI, trusted hardware and OS security. This exploration is driven by three observations: current open-source certificate authority platforms do not meet the needs of an academic enterprise; current Trusted Computing Group-based approaches integrating trusted hardware with commodity platforms require dependence on OS security; and OpenSolaris may provide a more usable OS security base than SE/Linux. In Phase 1, we explore requirements and evaluation/selection of an existing CA implementation as a development starting point for the OpenSolaris CA. We will examine architectures and technical approaches towards building higher levels of trust within OpenSolaris when on a system which includes a hardware or software-based TPM. This collaboration area would result in collaborative development proposals for future phases for how to augment OpenSolaris to anchor cryptographic activity (key storage, random numbers, integrity protection/validation). Phase 1 also includes an equipment donation for the migration of the graduate-level operating system course (CS108) to use OpenSolaris as the development OS at the start of calendar year 2006.

• Principal Investigator: Sean W. Smith, Department of Computer Science
• Project Researchers
• Project Publications
  
• Funding: Sun Microsystems