Presentation is loading. Please wait.

Presentation is loading. Please wait.

TRUST September 13 th 2004NSF STC Site Visit TRUST :Team for Research in Ubiquitous Secure Technologies Shankar Sastry (Berkeley), Mike Reiter (CMU), Steve.

Published byElizabeth Jennings Modified over 8 years ago

Similar presentations

Presentation on theme: "TRUST September 13 th 2004NSF STC Site Visit TRUST :Team for Research in Ubiquitous Secure Technologies Shankar Sastry (Berkeley), Mike Reiter (CMU), Steve."— Presentation transcript:

1 TRUST September 13 th 2004NSF STC Site Visit TRUST :Team for Research in Ubiquitous Secure Technologies Shankar Sastry (Berkeley), Mike Reiter (CMU), Steve Wicker (Cornell), John Mitchell (Stanford), Janos Sztipanovits (Vanderbilt)

2 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 2 Attacks are growing in sophistication Serious hackers

3 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 3 Technology Generations of Information Assurance 1st Generation (Prevent Intrusions) Intrusions will Occur Some Attacks will Succeed Cryptography Trusted Computing Base Access Control & Physical Security Multiple Levels of Security 2nd Generation (Detect Intrusions, Limit Damage) Firewalls Intrusion Detection Systems Boundary Controllers VPNs PKI 3rd Generation (Operate Through Attacks) Big Board View of Attacks Real-Time Situation Awareness & Response Intrusion Tolerance Graceful Degradation Hardened Core Functionality Performance Security

4 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 4 TRUST ed Systems and Software TRUST is more than resistance to information attack: Today’s systems and networks are fragile, difficult-to- compose and maintain: – Non-robust – Non-adaptive – Untrustworthy Point failures bring down systems Difficult, costly-to-compose useful systems from multiple components Poor or nonexistent means for building reliable systems from necessarily unreliable components Poor understanding of vulnerabilities of networks, performance under – and uncharacterized attacks No clear history, pedigree on data, code

5 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 5 TRUST worthy Systems More than an Information Technology issue Complicated interdependencies and composition issues – Spans security, systems, and social, legal and economic sciences – Cyber security for computer networks – Critical infrastructure protection – Economic policy, privacy TRUST : “holistic” interdisciplinary systems view of security, software technology, analysis of complex interacting systems, economic, legal, and public policy issues Goals: – Composition and computer security for component technologies – Integrate and evaluate on testbeds – Address societal objectives for stakeholders in real systems

6 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 6 Research Agenda Security Science (Schneider) – Software Security (Mitchell) – Trusted Platforms (Boneh) – Applied Cryptography Protocols (Wagner) – Network Security (Joseph) Systems Science (Schmidt) – Interdependency Modeling and Analysis (Anantharam) – Secure Network Embedded Systems (Wicker) – Model Based Integration of Trusted Components (Sztipanovits) – Secure Information Management Tools (Birman) Social, Economic and Legal Considerations (Samuelson) – Economics, Public Policy and Societal Challenges (Varian) – Digital Forensics and Privacy (Tygar) – Human computer Interfaces and Security (Reiter)

7 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 7 Integration of Research Agenda Four testbeds chosen to be responsive to national needs: Computer and network security, Critical infrastructure protection, Privacy – Integration testbed (Sztipanovits) – Secure Network Embedded Systems (Wicker) – Planet Lab (Culler) – Cyber Defense Technology Experimental Research testbed (DETER) (Benzel/Joseph/Sastry) Technical Management Plan through time sensitive internal deliverables of software, systems among team members Exchange of scientific personnel among team members

8 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 8 Broad Security and Privacy Vision Privacy Computer and Network Security Power Grid Testbed Network Security Testbed Secure Networked Embedded Systems Testbed Software Security Trusted Platforms Applied Crypto- graphic Protocols Network Security Secure Network Embedded Sys Forensic and Privacy Complex Inter- Dependency mod. Model-based Security Integration. Econ., Public Pol. Soc. Chall. Secure Compo- nent platforms HCI and Security Secure Info Mgt. Software Tools Component Technologies Societal Challenges IntegrativeTestbeds TRUST will address social, economic and legal challenges Specific systems that represent these social challenges. Component technologies that will provide solutions Critical Infrastructure

9 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 9 Education Development Security must be consciously engineered into new and legacy critical infrastructure systems Every component level needs rethinking and education: need to build in TRUST: security science, systems science and social, legal, economic considerations into every course in undergrad and grad curricula (“liberal” technologically literate education)

10 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 10 Human Resource Development: leveraging our experience Cornell has had partnerships with the Information Assurance Institute at AFRL, Rome CMU students have extensive access to Software Engineering Institute and CERT. Stanford has extensive interactions with USPS, Secret Service, and brings the Center for Strategic and International Studies for policy matters Vanderbilt runs the Institute for Software Integrated Systems and Institute for Public Policy Studies At Berkeley, we have the Center for Information Technology Research in the Interest of Society (CITRIS), aimed at bringing innovative technologies to societal scale systems

11 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 11 Course Work Development Course work to have TRUST built in at all levels--undergrad, grad, advanced seminars. Repositories will be maintained professionally by the Vanderbilt System CAPE/ELM. – Security Science: operating systems, programming languages, cryptography, secure networking, … – Social Sciences: Bringing policy, social, economic issues to student community: economics of information technology, information management, privacy and security – Systems Science: “systems integration using software” curriculum needs to be developed from scratch, capstone design course for undergrads (or 5 th year MS) – NSA-NSF Cybersecurity Center of Excellence in Information Assurance Education to be developed at San Jose State, on going certification efforts for other Centers of Excellence at CMU

12 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 12 Workforce Training Undergrad and Grad Student mentorship and development features – Exchanging students and postdocs – REU activities at partner campuses – Student Entrepreneurship clubs (Vertex, Bases) – Partnership with Cornell Information Assurance Institute US workforce in research challenge areas with infrastructure holders, industry partners Summer and Winter Educational Institutes and Retreats for TRUST – In-depth discussion of research challenge areas – Testbed and integrative activities

13 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 13 Diversity Plans K-12 Outreach: Berkeley Foundation for Opportunities in IT (BFOIT) for Oakland/Bay Area secondary schools Summer Research in Information Assurance for HBCU faculty: CMU as a Center of Academic Excellence in Information Assurance education has worked with Howard, Morgan State, UTEP, Hampton, Texas A&M, Corpus Christi, Cal State Fullerton: emphasizes both teaching and research at CyLab Curriculum Development for Hispanic Serving Institutions: NSA/NSF Center at SJSU in Information Assurance education Summer Internship for HBCU faculty in Systems Science (SIPHER): California Community Colleges, Fisk, Tennessee State, UAB, Morehouse, Spelman, Tuskegee, …

14 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 14 Diversity Plans Summer Undergraduate Program in Engineering Research at Berkeley (SUPERB). Undergrad research for students from institutions serving under- represented groups. Overwhelming demand for TRUST. Women’s Colleges: Summer Immersion Institute for students from Colleges like Mills, Smith, Ithaca College with sponsorship of CRA-W Community Outreach: public “town hall” style forums about privacy and security, economic and legislative issues for secure systems. Engagement with local and state authorities, media and first responders.

15 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 15 Knowledge Transfer Plans: TRUST as a Public Private Partnership TRUST as a DMZ (trusted intermediary!) between industry, government, non-profit and academia for answering hard questions: – Who will pay for security – Should the Feds play the role of market maker – Roadmaps for guiding investment – The role of regulation/insurance Open dissemination of research: – Publications and software – Short courses at ACM/IEEE/Infrastructure Protection meetings – Public lectures and forums – Curriculum development and courses

16 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 16 Technology Transfer to Start Ups, Industry and Infrastructure Stakeholders Strategies for improving tech transfer Economic, Legal and Social Implications of TRUST technology built into technology Testbeds to demonstrate robustness and scalability Developing an eco-system with different constituencies by – Focused Workshops – Strategic Investment Sessions between stakeholders, industry, government – Internships for students in industry and infrastructure sectors – Internships for post docs and faculty as entrepreneur incubators at venture partners

17 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 17 Leadership and Outreach to other groups EU-IST and US partnerships in dependability and TRUST OSTP/DHS workshops Workshops for venture partners Special issues of ACM/IEEE/… ESCHER, a non-profit for repositorying TRUST software ACM-SIGBED Partnerships with Singapore (Nanyang) and Taiwan (National Chiao Tong and National Taiwan University)

18 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 18 Management Exec Committee made up of PIs + Ruzena Bajcsy (Diversity Outreach Coordinator) Project Manager and Executive Director for Education and Outreach (TBD) Each team (Security Technology, Systems Science, Social Science) has its coordinator Each technical challenge area has its lead faculty, responsible for meeting deliverables/re-negotiating deliverables Technical Management Plan through deliverables, which can be renegotiated at the bi-annual retreats

19 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 19 Management Interdependency among elements built in by interleaving deliverables and using testbeds for integrating and evaluating research products External Advisory Committee consists of representatives from academia, stakeholders in the government, industry, and utility stakeholders

20 TRUST Sept. 13 th, 2004 NSF STC Center Site Visit 20 Why an NSF-STC TRUST ? Interdisciplinary problems with issues of law, privacy, economics, and public policy Problem is too large and complex for any one team. Need to simultaneously work on Security Science, Systems Science (of complex systems), and Social Science issues No single silver bullet, but a number of novel and promising approaches Huge leverage with education, industrial transition, diversity efforts with comprehensive team

Download ppt "TRUST September 13 th 2004NSF STC Site Visit TRUST :Team for Research in Ubiquitous Secure Technologies Shankar Sastry (Berkeley), Mike Reiter (CMU), Steve."

Similar presentations

Demonstrating the Legal Sustainability of Effective STEM Diversity Programs Wanda E. Ward Ph.D., Discussant Sr. Advisor to the Director Office of the Director.

Demonstrating the Legal Sustainability of Effective STEM Diversity Programs Wanda E. Ward Ph.D., Discussant Sr. Advisor to the Director Office of the Director.
Philippine Cybercrime Efforts

Philippine Cybercrime Efforts
The subcommittee recognizes the profound changes in US demographics and skill levels that currently exist, and the changes that are predicted for the.

The subcommittee recognizes the profound changes in US demographics and skill levels that currently exist, and the changes that are predicted for the.
 Copyright 2007 STI - INTERNATIONAL www.sti2.org Semantic Technology Institute International PlanetData - Ensuring Impact.

 Copyright 2007 STI - INTERNATIONAL Semantic Technology Institute International PlanetData - Ensuring Impact.
ActionWebs : Education and Outreach ActionWebs Kickoff Meeting December 17, 2009 │Berkeley, California Education Overview Kristen Gates, Ed.D University.

ActionWebs : Education and Outreach ActionWebs Kickoff Meeting December 17, 2009 │Berkeley, California Education Overview Kristen Gates, Ed.D University.
Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D 202-254-5802.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
CIAO.0209 - July 99 - 1 Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.

CIAO July Critical Infrastructure Assurance Office Protecting America’s Cyberspace: Version 1.0 of the National Plan Jeffrey Hunker National.
Academics and Research Working Group Teaching Future Generations.

Academics and Research Working Group Teaching Future Generations.
M M ultimedia E E ducational R R esource for L L earning and O O nline T T eaching.

M M ultimedia E E ducational R R esource for L L earning and O O nline T T eaching.
Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.
A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality 2014-06-10.

A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality
1 Sustaining Technical Programs The NSF’s Advanced Technological Education Program and American Competitiveness Mike Lesiecki, MATEC A Member of the Academic.

1 Sustaining Technical Programs The NSF’s Advanced Technological Education Program and American Competitiveness Mike Lesiecki, MATEC A Member of the Academic.
College of Basic and Applied Sciences Advising/Retention Report.

College of Basic and Applied Sciences Advising/Retention Report.
TRUST NSF Site Visit, Berkeley, March 19-20, 2007 TRUST Summer Study Programs Ruzena Bajcsy, UC Berkeley Kristen Gates, UC Berkeley.

TRUST NSF Site Visit, Berkeley, March 19-20, 2007 TRUST Summer Study Programs Ruzena Bajcsy, UC Berkeley Kristen Gates, UC Berkeley.
Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.
Stanford Technology Ventures Program Slide 1 State Policy Academy on Entrepreneurship New Orleans, July 16, 2001 “Human Capital.

Stanford Technology Ventures Program Slide 1 State Policy Academy on Entrepreneurship New Orleans, July 16, 2001 “Human Capital.
Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.

Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.
US-CERT www.us-cert.gov National Cyber Security Division/ U.S. Computer Emergency Readiness Team (US-CERT) Overview Lawrence Hale Deputy Director, US-CERT.

US-CERT National Cyber Security Division/ U.S. Computer Emergency Readiness Team (US-CERT) Overview Lawrence Hale Deputy Director, US-CERT.
November 6, 2003 Leveraging Resources and Building Partnerships for Critical Infrastructure Protection John B. Noftsinger, Jr., Associate Vice President.

November 6, 2003 Leveraging Resources and Building Partnerships for Critical Infrastructure Protection John B. Noftsinger, Jr., Associate Vice President.

Similar presentations

Ads by Google