Experiences Enhancing Open Source Security in the POSSE Project

Experiences Enhancing Open Source Security in the POSSE Project

Jonathan M. Smith (University of Pennsylvania, USA), Michael B. Greenwald (University of Pennsylvania, USA), Sotiris Ioannidis (University of Pennsylvania, USA), Angelos D. Keromytis (Columbia University, USA), Ben Maughan Laurie (AL Digital, Ltd., USA), Dale Rahn (Defense Advanced Research Projects Agency, USA) and Jason Wright (University of Pennsylvania, USA)
DOI: 10.4018/978-1-59904-939-7.ch115
OnDemand PDF Download:
No Current Special Offers


This chapter reports on our experiences with POSSE, a project studying “Portable Open Source Security Elements” as part of the larger DARPA effort on Composable High Assurance Trusted Systems. We describe the organization created to manage POSSE and the significant acceleration in producing widely used secure software that has resulted. POSSE’s two main goals were, first, to increase security in open source systems and, second, to more broadly disseminate security knowledge, “best practices,” and working code that reflects these practices. POSSE achieved these goals through careful study of systems (“audit”) and starting from a well-positioned technology base (OpenBSD). We hope to illustrate the advantages of applying OpenBSD-style methodology to secure, open-source projects, and the pitfalls of melding multiple open-source efforts in a single project.

Complete Chapter List

Search this Book: