SPRINT: Secure Programming Using Artificial Intelligence Techniques

Period of Performance: 01/08/2004 - 09/08/2004

$99K

Phase 1 SBIR

Recipient Firm

Architecture Technology Corp.
9971 Valley View Road Array
Eden Prairie, MN 55344
Principal Investigator

Abstract

To meet the demand for more "intelligent" applications-in web services, enterprise software, network management, etc.-developers are turning to the AI technique of rule-based programming. But the very things that make rule-based programming attractive-its flexibility, its introduction of complex and dynamically changing control structures-raise serious security concerns. ATC-NY, in collaboration with Architecture Technology Corporation (ATC), will develop SPRINT, a tool to support secure programming in the rule-based language CLIPS. SPRINT can be thought of as a sophisticated type-checker for a modest extension of CLIPS. The extensions, which take the form of structured comments, provide a way for programmers to indicate more precise constraints on intended execution, and thereby provide "checkable hints" to SPRINT. A program that passes SPRINT type checks will have eliminated many potential security flaws. Since CLIPS is broadly similar to many other rule-based languages, we expect that the techniques and principles developed in this work will be generally applicable.