System and method for translating mapping policy into code
Inventors
Boling, Eli • Milburn, Steven • Sullivan, Gregory T. • Sutherland, Andrew • Casinghino, Christopher J.
Interested in licensing this patent?
MTEC can help explore whether this patent might be available for licensing for your application.
Assignees
Charles Stark Draper Laboratory Inc • Dover Manufacturing Co
Member
DraperDraper is an independent nonprofit engineering innovation company with a legacy spanning over 90 years, dedicated to delivering transformative solutions for national security, prosperity, and global challenges. Renowned for its pioneering work in guidance, navigation, and control (GN&C) systems, Draper partners with government, industry, and academia to engineer advanced technologies in space, defense, biotechnology, and electronic systems. The company leverages multidisciplinary expertise, digital engineering, and a collaborative approach to provide field-ready prototypes, mission-critical systems, and innovative research. Draper’s mission is to ensure the nation's security and prosperity by delivering sustainable, cutting-edge solutions that address the toughest problems of today and tomorrow, while fostering an inclusive and diverse workforce. Draper also invests in the next generation of innovators through robust educational programs, including internships, co-ops, and the Draper Scholars Program, integrating academic research with real-world problem-solving.
Draper is an independent nonprofit engineering innovation company with a legacy spanning over 90 years, dedicated to delivering transformative solutions for national security, prosperity, and global challenges. Renowned for its pioneering work in guidance, navigation, and control (GN&C) systems, Draper partners with government, industry, and academia to engineer advanced technologies in space, defense, biotechnology, and electronic systems. The company leverages multidisciplinary expertise, digital engineering, and a collaborative approach to provide field-ready prototypes, mission-critical systems, and innovative research. Draper’s mission is to ensure the nation's security and prosperity by delivering sustainable, cutting-edge solutions that address the toughest problems of today and tomorrow, while fostering an inclusive and diverse workforce. Draper also invests in the next generation of innovators through robust educational programs, including internships, co-ops, and the Draper Scholars Program, integrating academic research with real-world problem-solving.
Publication Number
US-11977613-B2
Publication Date
2024-05-07
Expiration Date
Abstract
A system including at least one processor programmed to translate a policy into policy code, wherein: the policy is provided in a policy language; the policy code is in a programming language that is different from the policy language; and the policy includes a statement that maps an entity name to one or more metadata symbols to be associated with an entity in a target system against which the policy is to be enforced.
Core Innovation
The invention is a system comprising at least one processor programmed to translate a policy into policy code, wherein the policy is provided in a policy language, the policy code is in a programming language that is different from the policy language, and the policy comprises a statement that maps an entity name to one or more metadata symbols to be associated with an entity in a target system against which the policy is to be enforced. In some embodiments the at least one processor is further programmed to resolve at least one metadata symbol of the one or more metadata symbols into a binary representation, and the binary representation of the at least one metadata symbol is included in the policy code. In some embodiments the at least one processor is further programmed to identify, from a target description describing the target system, an entity description describing the entity of the target system and use the entity description to associate the one or more metadata symbols with the entity of the target system.
The background describes an urgent need to improve computer security because security professionals are constantly playing catch-up with attackers. The patent cites examples including a remote attack on a Jeep Cherokee, the WannaCry ransomware attack, and an Equifax data breach to show that vulnerabilities lead to wide impact and that monitoring approaches often do not prevent malicious code from being executed. The problem emphasized is that existing monitoring approaches may detect suspicious patterns only after damage has been done, motivating architectures that associate metadata with memory and check instructions against policies.
The disclosure further describes toolchain and initialization support in which a policy compiler translates a policy into policy code, a policy linker uses a target description comprising modules of entity descriptions to produce an initialization specification, and a loader initializes metadata in a target system. The disclosure describes resolving metadata labels to canonical binary representations to avoid duplication, using a tag map table and metadata memory to associate application memory addresses with metadata, and using a rule cache and policy processor to evaluate rules for policy enforcement. The disclosure also describes policies and mechanisms to secure a loader program and to initialize metadata for enforcing integrity, safety, context switch, and compartment policies.
Claims Coverage
Three independent inventive features are identified corresponding to a system, a method, and a non-transitory computer-readable medium.
System translating a policy into policy code and associating metadata symbols with target entities
translate a policy into policy code; the policy is provided in a policy language; the policy code is in a programming language that is different from the policy language; the policy comprises a statement that maps an entity name to one or more metadata symbols; search a target description for at least one entity matching the entity name; the target description comprises descriptions of a plurality of entities; each entity of the plurality of entities represents a respective component of a target system against which the policy is to be enforced; and use a description of the at least one entity matching the entity name to associate, with the at least one entity, the one or more metadata symbols to which the entity name is mapped by the policy, wherein the policy code is executed on the target system to enforce the policy.
Method for translating a policy into policy code and binding metadata symbols to entities
translating a policy into policy code, wherein the policy is provided in a policy language, the policy code is in a programming language that is different from the policy language, and the policy comprises a statement that maps an entity name to one or more metadata symbols; searching a target description for at least one entity matching the entity name, wherein the target description comprises descriptions of a plurality of entities and each entity of the plurality of entities represents a respective component of a target system against which the policy is to be enforced; and using a description of the at least one entity matching the entity name to associate, with the at least one entity, the one or more metadata symbols to which the entity name is mapped by the policy, wherein the policy code is executed on the target system to enforce the policy.
Non-transitory medium encoding instructions to translate policies and associate metadata symbols
translate a policy into policy code, wherein the policy is provided in a policy language, the policy code is in a programming language that is different from the policy language, and the policy comprises a statement that maps an entity name to one or more metadata symbols; search a target description for at least one entity matching the entity name, wherein the target description comprises descriptions of a plurality of entities and each entity of the plurality of entities represents a respective component of a target system against which the policy is to be enforced; and use a description of the at least one entity matching the entity name to associate, with the at least one entity, the one or more metadata symbols to which the entity name is mapped by the policy, wherein the policy code is executed on the target system to enforce the policy.
The independent inventive features emphasize translating policies written in a policy language into executable policy code in a different programming language, matching policy entity names to entity descriptions in a modular target description, and associating metadata symbols with those entities for enforcement, presented as system, method, and computer-readable medium embodiments.
Stated Advantages
Resolving metadata symbols statically can advantageously reduce load time processing.
Resolving syntactically different but semantically equivalent metadata labels to the same binary representation avoids duplicate storage and reduces rule cache misses, improving system performance.
Maintaining a one-to-one correspondence between binary representations of metadata and storage locations facilitates metadata comparison by comparing addresses, which can result in significant performance improvement.
Constructing a table of actually used binary representations and using indices reduces metadata memory usage.
Providing a target description organized into modules enables a policy that maps entity names to metadata symbols to be readily re-used across different target systems.
Loader policies and secure initialization techniques reduce the risk that an attacker taking control of a loader program can thwart security policies.
Documented Applications
Secure initialization of a target system using an initialization specification produced by a policy linker and applied by a loader.
Securing a loader program by mapping loader entities to metadata symbols and enforcing loader policies to prevent misuse.
Enforcing memory access control and executable code protection by annotating code and data with metadata labels and checking instructions against policies.
Integrity policy use cases including information flow tracking to identify data sources and restrict uses of tracked information.
Safety policy use cases for enforcing temporal system properties such as ordering and protocol state transitions.
Context switch policy use cases to allow privileged OS code to perform context switches while managing metadata for task data.
Compartment policy use cases to provide isolation and control of information flow between tasks or compartments.
Real-time scheduling support including mechanisms for pre-installing rules or preserving ISR rules in a rule cache to preserve deterministic interrupt performance.
Toolchain integration use cases including a policy compiler, policy linker, and loader to translate policies into policy code and annotate object code with metadata labels.
Interested in licensing this patent?