Security Escorts for Not-Yet-Trusted Software

Period of Performance: 06/09/2006 - 06/09/2007


Phase 1 STTR

Recipient Firm

Stottler Henke Associates
1650 South Amphlett Boulevard, Suite 300
San Mateo, CA 94402
Principal Investigator
Firm POC

Research Institution

Columbia University
615 West 131st Street
New York, NY 10027
Institution POC


With the rapid release of new software applications, builds and patches for existing applications, and increased mobility of software across networks, more of our systems will run software applications that may not have a full pedigree of evaluation and testing to ensure that they are free from exploits and malware. Additionally, any previous certifications are invalidated at the first update. However, it isn t practical to exclude critical functionality from our systems simply due to a lack of pedigree. One technique for allowing untrusted functions to run on a system is to establish a constrained environment, or sandbox, that monitors the activities of software and limits access to the rest of the system.