

                    Generic Software Wrappers

Large-scale critical information systems increasingly are built by
combining Commercial Off The Shelf (COTS) software components.
Unfortunately, security and reliability requirements of critical
information systems may not be apparent until such systems are near
deployment: COTS software cannot be designed to anticipate all such
requirements.  Additionally, cost factors dictate that COTS software
is developed with ``commercial-grade'' assurance.  For these reasons,
technologies are needed both to add security and reliability
functionality to COTS software, and to increase general assurance of
systems composed of COTS components.

This DARPA-sponsored research (under contract F30602-96-C-0333) is
developing techniques and tools for specifying and implementing
generic software wrappers.  Generic software wrappers intercept COTS
component interactions and bind them with additional functions that
implement practical security (e.g., restricting, filtering) and
reliability (e.g., redundancy, crash data recovery) policies.  This
research is organized into three tasks:

1)      Formulate both a preliminary Wrapper Definition Language
        (WDL) for specifying security and reliability software
        wrappers and a preliminary Wrapper Support Interface (WSI)
        that provides operating system services needed by wrappers.
        Prototype a WDL compiler and develop a WSI simulator to
        provide experimental feedback during the formulation of the
        
2)      Develop a wrapper-supporting FreeBSD UNIX prototype system.
        Develop a Wrapper Support Subsystem (WSS) suitable for
        inclusion in mainstream kernelized UNIX systems, and develop
        WDL wrapper tools for conveniently wrapping/unwrapping
        selected UNIX system components.

3)      Develop Sun Solaris and Windows NT wrapper-supporting
        prototype systems.  Adjust the WDL and the WSI as needed to
        support these environments.  By developing multiple
        prototypes, demonstrate that wrapper concepts are portable to
        dissimilar systems.

All tasks are complete.  Additional follow-on work included developing a port
of the GSWTK to Linux.

For build instructions, see the file "README.build"

Subdirectories contain the source code for the wrappers prototype

docs:           Documentation on the Wrappers system.
extensions:     Extensions to the base Toolkit.
gwm:            Global Wrapper Manager for Windows NT.  
kernmod:        Wrappers loadable kernel modules (the WSS).
linkers:        Wrapper module-linker files to support different file formats.
lwm:            Local Wrapper Manager for Windows NT.
mak:            Build system files.
testbed:        Testing applications for the Wrappers system.
testlibs:       Libraries used to test parts of the Wrappers system.
toolkits:       Toolkits utilized by the GSWTK.
wdl:            Example WDL code from the language definition paper.  
                This is old code.  Working WDL examples can be found in
                the wrappers directory.
wr.bin:         Wrappers binaries.
wr.classes:     Java classes used by the GUI.
wr.include:     GSWTK-specific Commonly used header files.
include:	Platform definitions not limited to GSWTK
wr.lib:         Wrappers libraries.
libraries:      Wrapper libraries.  How to create common code that
		specific wrappers can reference.
wr.mak:         GSWTK-specific build system files.
mak:		Build system files.
wrappers:       Example wrappers.
wsi:            Wrapper Support Interface files.
wsl:            Wrapper Support Libraries files.
wss:            Wrapper Support Subsystem files.
idw:		Intrusion detection example wrappers and frameworks.


This software is a proof of concept.  It has bugs.  Since it adds
functionality to the kernel, those bugs may trash your system.  Do Not
Use This Software on systems you can not afford to trash.  We know
there are unfixed bugs that can and will crash the operating system.
You have been warned.

With the exception of code copied from other sources listed below, all
files are:

  Copyright (c) 1999,2000, 2001  Network Associates, Incorporated
  All rights reserved.

  Redistribution and use are governed by the terms detailed in the
  license document ("LICENSE") included with the toolkit.


Notes:

To work around shortcomings in gcc-2.7.2's template support, we have
included parts of the STLport STL implimentation in
wr.lib/libwdl/template.  See "README.STLport" in the "docs" directory
for the copyright notice, license, and disclaimer.

The Wrapper Viewer GUI uses the JClass BWT 3.5.0.  JClass BWT 3.5.0 is
Copyright (c) 1996-98 by KL Group Inc.  All Rights Reserved.

