Computer Security Section

Code 5542, the Computer Security Section, conducts advanced research and development to maintain information superiority of the DoD and US Navy.

In our research, we attempt to bridge the gap between infrastructure protection requirements and the current state of information security. While we respond to the immediate security requirements of the Navy and DoD, we maintain a vision for emerging technologies that would affect the information battle space of the future.

We offer innovative solutions and develop practical approaches to provide secure, trusted, and high-assurance systems for the military. Our information security expertise covers issues ranging from high-level applications and software components to low-level infrastructure and hardware systems. Deliverables range from conceptual system designs and policy statements to prototype implementations and deployable systems. Our major technology areas are:

Security Architecture

  • Develop and implement security architectures for enterprise systems
    • Create and implement federated identity management and access control solutions for data sharing among different organizations
    • Provide data protection mechanisms that satisfy need-to-know
    • Perform vulnerability assessments of systems

Application Security

  • Secure Service Oriented Architectures (SOA)
    • Enhance and apply security to SOA
      • Develop security ontologies for machine-understandability
      • Create machine understandable security policies and tools that can automatically process and compare policies
      • Develop application-specific security monitoring and flexible run-time binding to enhance survivability
    • Develop techniques and tools for automatic web service composition
  • Cross-domain solutions
    • Develop Multilevel Secure Service oriented architecture (MLS-SOA)
      • Enable cross-domain web service discovery and invocation while minimizing interaction between High and Low entities.

High-assurance Software and Safe Execution Environments

  • Develop methodologies for building high-assurance software
    • Software engineering methods, processes, and tools that are required to build high-assurance software.
  • Create safe software execution environment
    • Prevent failure propagation using virtualization techniques