DARPA's plan to restore trust in electronic documents
With the task of verifying the trustworthiness of shared data getting exponentially larger and more difficult, the Defense Advanced Research Projects Agency wants a dramatically better way to detect and reject invalid or maliciously crafted electronic data.
The new Safe Documents (SafeDocs) program seeks to ensure that an electronic document, image or message is automatically checked before it is deemed safe to open and that untrustworthy versions are converted into safer document formats without impacting their key functionality.
“With today’s online risk environment, allowing software to interact with untrusted electronic documents and messages is akin to downloading and running untrusted programs on your computer,” said SafeDoc's Program Manager Sergey Bratus. “Through SafeDocs, we are looking for ways to reduce the complexity of electronic document exchange and minimize the means of exploitation for all malicious actors -- from cybercriminals to nation states.”
DARPA plans to focus on two technical thrusts.
The first would develop methodologies and tools for understanding, simplifying and reducing electronic data formats to safe, verification-friendly subsets that can be used without affecting the format’s essential functionality.
Under the second technical thrust, researchers would create software construction kits for building secure, verified parsers – components used to break data inputs down into manageable objects for further processing -- that can be used on new and existing data formats to help reduce chances of compromise.
A proposers day is scheduled for Aug. 24. More information if online here.
Connect with the GCN staff on Twitter @GCNtech.