Building an Internet Cleanroom from Virtual Machines

Period of Performance: 07/31/2006 - 05/28/2007

$569K

Phase 1 STTR

Recipient Firm

Secure Command, LLC
3975 University Drive, Suite 460
Fairfax, VA 22030
Principal Investigator

Research Institution

George Mason University
4400 University Drive MS 4C6
Fairfax, VA 22030
Institution POC

Abstract

In this proposal, we present an approach for building the Internet Cleanroom (IC) that represents a radical departure from prior and current Internet security tools and practices. Where today's information security tools and practices focus either on building better software, filtering mechanisms such as firewalls to prevent remote exploitation, or building tools to detect compromises, the proposed technology described here creates a safe environment for running Internet-enabled software. The system provides an environment in which intrusions or compromises present no threat to the host system or other software and data. This approach effectively eliminates all external threats from Internet-connected machines. It does not address the insider threat where users are given keyboard access to machines.