Secure Middleware Template Library, 10-R9777Printer Friendly Version
Inclusive Dates: 01/01/08 07/01/09
Background - Middleware is, by definition, software that sits between the application and the operating system. Because it provides a pathway into and out of an executing program, it is a critical part of an overall system to secure. This project focused specifically on middleware that allows processes running on one or more machines to interact across a network by making remote procedure calls (RPCs) on objects residing in those processes. Adding security functionality to middleware can result in unacceptable effects on performance, memory usage and reliability. To date, there has not been a high-level middleware solution that combines this distributed communication functionality with security efficiently and reliably enough so that it can be used in small embedded systems with rigid performance and memory overhead constraints.
Approach - SwRI's premise is that the best way to meet this need is to create a secure middleware library based on a template-based generic programming approach that considers security in the design from the ground up. A generic library approach is attractive because it can simultaneously promote code reuse and program performance (often considered opposing forces). Algorithms from generic libraries are defined using general-case (i.e., abstract) parameters to promote code reuse, while actual parameters specific to the use of the generic algorithm are substituted at compile-time to improve performance. This allows fewer lines of code (LOC) to be written for equivalent functionality (improving reliability) and allows the code to run as fast as hand-tuned code at runtime (improving performance).
To confirm this premise and thereby establish credibility, the proposed effort involved several experiments in which the core concepts of a template-based secure middleware technique were challenged against the current secure software development techniques. Experimental results allowed a series of metrics involving security issues, time and memory performance, scalability, and composability to be measured, enabling a formal evaluation of the proposed concept. The objective was to show that this type of middleware software library solution could be used effectively in small embedded real-time systems under stringent performance and memory constraints while providing security appropriate for middleware.
Accomplishments - This research effort concluded June 30, 2009. The research team was able to achieve two primary research goals. First, the team eliminated two additional compile steps that are required when using the comparable and widely used common object request broker architecture (CORBA) by using C++'s template instantiation mechanism. The additional steps of CORBA require compiling an object request broker (ORB) and using a specialized compiler to create a stub and skeleton needed by the client and server, respectively. The benefit of using this library in this case eliminates extraneous components that could themselves contain security vulnerabilities and significantly reduces the complexity of developing distributed computing applications. SwRI is unaware of any effort to date that has eliminated the two compile steps using solely C++ templates. Second, the team demonstrated that three sets of orthogonal functionality (communication, threading, and security) could be combined and supported by a minimal amount of source code, generating (during compilation) only the machine code relevant to the functionality options selected through the C++ template parameters. This was validated by the small amount of library source code (less than 15K LOC) and the small size of the client and server executables (approximately 200 Kbytes). Fewer lines of code equate to better reliability, and smaller executables make the library well suited for embedded real-time systems with stringent performance and memory constraints while also providing security for the software application.