Overview

The Manifest Security Initiative is collaborative research program including faculty, students, and post-doctoral researchers at the University of Pennsylvania and Carnegie Mellon University.

This project proposes manifest security as a new architectural principle for secure extensible systems. Its research objectives are to develop the theoretical foundations for manifestly secure software and to demonstrate its feasibility in practice.

Manifest security applies to extensible software platforms—software systems that can be customized by installing third-party extensions. The goal of manifest security is to address two fundamental problems in this domain, both stemming from the need to protect the platform from untrusted and potentially malicious extensions. Useful software extensions often require access to system resources or sensitive information, yet permitting unrestricted access opens the possibility for abuse. It is therefore necessary, first, to specify policies about what resources an extension may use and how it can handle sensitive data; second, the platform must also include an effective mechanism for enforcing such policies. The critical components missing from existing architectures are thus (1) a general, practical means for users to specify security policies about how extensions are permitted to behave, and (2) a way of determining whether a given extension (which may be malicious) actually meets the desired policy. Manifest security addresses both of these issues.

The Manifest Security Initiative is supported in part by the National Science Foundation, grants CNS-0716469 and NSF-0715936.