About the Team
The Security Department is part of the Security, Information Analytics, and Business Integrity Department at IBM's Thomas J. Watson Research Center. The group's research focuses on developing security technologies, design methodologies, best practices and standards. The goal is to significantly raise the bar on the quality of security in products and services while simultaneously easing the overhead of developing and deploying such secure solutions.
Members of the group are known for their pioneering work on a variety of topics that have led to new technologies being incorporated in IBM's products and services, definitive industry leading standards as well as publications in premier security workshops and conferences.
The group continues to do innovative work on various topics including:
- development of model-driven security engineering and testing, language-based security
- security services such as identity and access control management
- secure service delivery environments
- secure hypervisors and secure high assurance operating systems for embedded platforms
- hardware security via physical secure co-processors, service processors and novel hardware architectures
- ethical hacking as part of the Global Security Analysis (GSAL) activities
- new cryptographic techniques and algorithms and their secure implementations and side-channel cryptanalysis
In The News
- 2009-06-10: The newly released Linux kernel 2.6.30 includes our Integrity Measurement Architecture (IMA). IMA is a cornerstone of trusted computing and was listed by Computerworld as one of the top 5 new features of 2.6.30. It is also in process of being adopted by IBM, Intel and OpenMoko. Find more information in the technical papers and the code .
- 2009-03-16: Rutgers University will host the next NYC Security and Privacy Day on Friday, May 15, 2009 in New Brunswick. See the webpage for the more information, e.g., program, how to register and information about past Security & Privacy days.
- 2009-02-28: We are co-organizing the third edition of the IEEE Symposium on Security and Privacy Workshop on Web 2.0 Security and Privacy, May 2009.
- 2008-11-13: We will host the next NYC Security and Privacy Day at the IBM T.J.Watson Research Center on Friday, December 5, 2008. See the webpage for the more information, e.g., program, how to register and information about past Security & Privacy days.
- 2008-04-08: At the RSA Conference 2008, IBM announced project Phantom which offers businesses a new means of securing virtualized server environments. Read more in the Press Release and see the coverage in Computerworld
- 2008-03-18: The U.S Department of Homeland Security awarded us a grant for the project MONTAGE: A Methodology for Designing Composable End-to-End Secure Distributed Systems in the context of BAA 07-09.
- 2008-03-18: IBM donated our SMash Technology for secure mashups to the OpenAjax Alliance. See the press release and some media coverage in InfoWorld, Computerworld, Web 2.0 Journal and the MIT Tech Review
- 2008-02-21: We made significant contributions to the the user-centric identity framework offered by the Eclipse Higgins Project which has just released Version 1.0 Other coverage of the release can be read here.
- 2008-02-07: Our team got awarded a National Security Agency High Assurance Platform (HAP) contract to Improve Secure Information Sharing. Read the corresponding press release ...
- older news ...
Projects
To find out more about our activities, explore the following list of current projects as well as highlights from the past:
Active
- Botnet Detection Using Stream Processing
- Hypervisor Security Architecture (sHype)
- Identity 2.0
- Integrity Measurement Architecture (IMA)
- Secure Identity Tokens
- Security Services in Virtualized Environments
- Security for a Software as a Service architecture
- Security for System S & FuzzyMLS
- Trojan detection in Integrated Cicuits
- Trusted Virtual Data Center (TVDc)
- Trusted Virtual Domains (TVD)
- Virtual Trusted Platform Module (vTPM)
- Web 2.0
Completed
- Bluebox:Policy-Driven Intrusion Avoidance System
- Caernarvon: A Secure, High Assurance Operating System for Smart Cards
- E-Check
- Feedback-Driven Automated Security Testing
- Integrated Security Context Management
- IPSec and IKE
- Language-based Security: Java, PHP
- Linux for the 4758 Secure Coprocessor
- Linux Security Analysis Tools (VALI)
- Matchbox
- Pseudonymity
- Secure Co-Processors
- Secure DNS
- Secure Internet Multicast
- Security Analysis Tools
- Security for Pervasive Computing Applications
- Security for SOA infrastructure
- Sentry: Tivoli Compliance and Remediation
- Side-channel Cryptanalysis
If you are interested in these topics and you have a strong background in security, software engineering and services: Our team has openings for a variety of research positions including interns, coops and Research Staff Members. Please contact Josyula R. Rao for more information.
Last updated 29 Jun 2009