Automated Cryptography for Data-Centric Security

We’re shifting the paradigm from system-centric to data-centric security, enabling automatic protection for data throughout all of its uses.
3 columns of text labeled "Secur Computation Engine," "Secure Data Capsule," and 'Content-centric network" laid over a graphic of the earth with "streams" of data, 0s and 1s, wrapping around Earth.
The ACDC architecture integrates many different secure computation techniques, with an emphasis on securing data instead of servers.

Today’s security model focuses on securing massive servers and protecting networks. This security approach creates an environment where cyber attackers can focus all of their effort on a small number of large, high-value targets that give massive returns with a single success. This model is responsible for many high-profile incidents, such as the 2015 OPM hack and the 2016 Yahoo! breach, and highlights a flaw in the core design philosophy of the current state of security. Securing users’ data requires restructuring to a distributed, data-centric model.

We’re developing just that — a data-centric security architecture that ensures data are used only in authorized and auditable ways. Our goals are to protect the confidentiality, integrity, and availability of data throughout all uses, including not only storage and transmission but also sharing and computation, on devices and networks that may be partially compromised. At its core, our architecture puts all data into encrypted, secure data capsules. Capsules can easily be spread throughout the network and cached redundantly. Access-control policies can be written to ensure the confidentiality and integrity of a capsule, and every data interaction has a permanent record of who acted on the data and what was done. Among their global benefits, these protections can end the era of the “catastrophic” breach, and help ensure the security of critical national assets.

Read more

ACDC Security (PDF)

Related

Events

Apr 30 -
May 1

Homeland Protection Technologies Workshop 2024

MIT Lincoln Laboratory, Lexington, Massachusetts
May
29 - 30

Cyber Technology for National Security (CTNS) 2024

MIT Lincoln Laboratory, Lexington, Massachusetts

News

Three men stand side by side, with the person in the middle holding a box containing a software package.
Awards

TASR wins a 2024 FLC Excellence in Technology Transfer Award

February 7, 2024
Two individuals hold and look at a drone at an Air Force Base indoor test range.

Cybersecurity technology forms basis for winning pitch at NSIN Foundry competition

February 5, 2024
three people talking around a high top table at a poster session

Workshop explores cyber technology for national security

December 14, 2023
A piece of hardware showing a copper mount with integrated circuit components bonded to it
Awards

Lincoln Laboratory technologies win five R&D World awards

September 7, 2023

Datasets

VPN/NonVPN Network Application Traffic Dataset (VNAT)

cyber security

Publications

Cross-language attacks

Apr 22
Network and Distributed System Security (NDSS) Symposium 2022.

Preventing Kernel Hacks with HAKCs

Apr 22
Network and Distributed System Security (NDSS) Symposium 2022.

Keeping Safe Rust safe with Galeed

Dec 6
Annual Computer Security Applications Conf., ACSAC, December 2021, pp. 824-36.

Practical principle of least privilege for secure embedded systems

May 18
2021 IEEE 27th Real-Time and Embedded Technology and Applications Symp., RTAS. 18-21 May 2021.

Staff

Tyler Kaczmarek

Tyler Kaczmarek

Technical Staff