TRUST:Team for Research in Ubiquitous Secure Technologies - PowerPoint PPT Presentation

Loading...

PPT – TRUST:Team for Research in Ubiquitous Secure Technologies PowerPoint presentation | free to view - id: 72563d-ZTZjO



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

TRUST:Team for Research in Ubiquitous Secure Technologies

Description:

Title: Towards an Agile, Predictive Infrastructure Author: Anthony D. Joseph Last modified by: sastry Created Date: 6/6/2002 9:48:57 AM Document presentation format – PowerPoint PPT presentation

Number of Views:59
Avg rating:3.0/5.0
Slides: 21
Provided by: Antho151
Category:

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: TRUST:Team for Research in Ubiquitous Secure Technologies


1
TRUSTTeam for Research in Ubiquitous Secure
Technologies
  • Shankar Sastry (Berkeley), Mike Reiter (CMU),
    Steve Wicker (Cornell), John Mitchell (Stanford),
    Janos Sztipanovits (Vanderbilt)

2
Attacks are growing in sophistication
Serious hackers
3
Technology Generations of Information Assurance
1st Generation (Prevent Intrusions)
4
TRUSTed Systems and Software
  • TRUST is more than resistance to information
    attack
  • Todays systems and networks are fragile,
    difficult-to- compose and maintain
  • Non-robust
  • Non-adaptive
  • Untrustworthy
  • Point failures bring down systems
  • Difficult, costly-to-compose useful systems from
    multiple components
  • Poor or nonexistent means for building reliable
    systems from necessarily unreliable components
  • Poor understanding of vulnerabilities of
    networks, performance under and uncharacterized
    attacks
  • No clear history, pedigree on data, code

5
TRUST worthy Systems
  • More than an Information Technology issue
  • Complicated interdependencies and composition
    issues
  • Spans security, systems, and social, legal and
    economic sciences
  • Cyber security for computer networks
  • Critical infrastructure protection
  • Economic policy, privacy
  • TRUST holistic interdisciplinary systems view
    of security, software technology, analysis of
    complex interacting systems, economic, legal, and
    public policy issues
  • Goals
  • Composition and computer security for component
    technologies
  • Integrate and evaluate on testbeds
  • Address societal objectives for stakeholders in
    real systems

6
Research Agenda
  • Security Science (Schneider)
  • Software Security (Mitchell)
  • Trusted Platforms (Boneh)
  • Applied Cryptography Protocols (Wagner)
  • Network Security (Joseph)
  • Systems Science (Schmidt)
  • Interdependency Modeling and Analysis
    (Anantharam)
  • Secure Network Embedded Systems (Wicker)
  • Model Based Integration of Trusted Components
    (Sztipanovits)
  • Secure Information Management Tools (Birman)
  • Social, Economic and Legal Considerations
    (Samuelson)
  • Economics, Public Policy and Societal Challenges
    (Varian)
  • Digital Forensics and Privacy (Tygar)
  • Human computer Interfaces and Security (Reiter)

7
Integration of Research Agenda
  • Four testbeds chosen to be responsive to national
    needs Computer and network security, Critical
    infrastructure protection, Privacy
  • Integration testbed (Sztipanovits)
  • Secure Network Embedded Systems (Wicker)
  • Planet Lab (Culler)
  • Cyber Defense Technology Experimental Research
    testbed (DETER) (Benzel/Joseph/Sastry)
  • Technical Management Plan through time sensitive
    internal deliverables of software, systems among
    team members
  • Exchange of scientific personnel among team
    members

8
Broad Security and Privacy Vision
Societal Challenges
Privacy
TRUST will address social, economic and legal
challenges
Critical
Computer and
Infrastructure
Network Security
Integrative
Testbeds
Network Security
Specific systems that
Testbed
represent these social
Secure Networked
Power Grid
challenges.
Embedded Systems
Testbed
Testbed
Component Technologies
Secure Info Mgt. Software Tools
Component technologies
that will provide solutions
9
Education Development
  • Security must be consciously engineered into new
    and legacy critical infrastructure systems
  • Every component level needs rethinking and
    education need to build in TRUST security
    science, systems science and social, legal,
    economic considerations into every course in
    undergrad and grad curricula (liberal
    technologically literate education)

10
Human Resource Development leveraging our
experience
  • Cornell has had partnerships with the Information
    Assurance Institute at AFRL, Rome
  • CMU students have extensive access to Software
    Engineering Institute and CERT.
  • Stanford has extensive interactions with USPS,
    Secret Service, and brings the Center for
    Strategic and International Studies for policy
    matters
  • Vanderbilt runs the Institute for Software
    Integrated Systems and Institute for Public
    Policy Studies
  • At Berkeley, we have the Center for Information
    Technology Research in the Interest of Society
    (CITRIS), aimed at bringing innovative
    technologies to societal scale systems

11
Course Work Development
  • Course work to have TRUST built in at all
    levels--undergrad, grad, advanced seminars.
    Repositories will be maintained professionally by
    the Vanderbilt System CAPE/ELM.
  • Security Science operating systems, programming
    languages, cryptography, secure networking,
  • Social Sciences Bringing policy, social,
    economic issues to student community economics
    of information technology, information
    management, privacy and security
  • Systems Science systems integration using
    software curriculum needs to be developed from
    scratch, capstone design course for undergrads
    (or 5th year MS)
  • NSA-NSF Cybersecurity Center of Excellence in
    Information Assurance Education to be developed
    at San Jose State, on going certification efforts
    for other Centers of Excellence at CMU

12
Workforce Training
  • Undergrad and Grad Student mentorship and
    development features
  • Exchanging students and postdocs
  • REU activities at partner campuses
  • Student Entrepreneurship clubs (Vertex, Bases)
  • Partnership with Cornell Information Assurance
    Institute
  • US workforce in research challenge areas with
    infrastructure holders, industry partners
  • Summer and Winter Educational Institutes and
    Retreats for TRUST
  • In-depth discussion of research challenge areas
  • Testbed and integrative activities

13
Diversity Plans
  • K-12 Outreach Berkeley Foundation for
    Opportunities in IT (BFOIT) for Oakland/Bay Area
    secondary schools
  • Summer Research in Information Assurance for HBCU
    faculty CMU as a Center of Academic Excellence
    in Information Assurance education has worked
    with Howard, Morgan State, UTEP, Hampton, Texas
    AM, Corpus Christi, Cal State Fullerton
    emphasizes both teaching and research at CyLab
  • Curriculum Development for Hispanic Serving
    Institutions NSA/NSF Center at SJSU in
    Information Assurance education
  • Summer Internship for HBCU faculty in Systems
    Science (SIPHER) California Community Colleges,
    Fisk, Tennessee State, UAB, Morehouse, Spelman,
    Tuskegee,

14
Diversity Plans
  • Summer Undergraduate Program in Engineering
    Research at Berkeley (SUPERB). Undergrad research
    for students from institutions serving
    under-represented groups. Overwhelming demand for
    TRUST.
  • Womens Colleges Summer Immersion Institute for
    students from Colleges like Mills, Smith, Ithaca
    College with sponsorship of CRA-W
  • Community Outreach public town hall style
    forums about privacy and security, economic and
    legislative issues for secure systems. Engagement
    with local and state authorities, media and first
    responders.

15
Knowledge Transfer Plans TRUST as a Public
Private Partnership
  • TRUST as a DMZ (trusted intermediary!) between
    industry, government, non-profit and academia for
    answering hard questions
  • Who will pay for security
  • Should the Feds play the role of market maker
  • Roadmaps for guiding investment
  • The role of regulation/insurance
  • Open dissemination of research
  • Publications and software
  • Short courses at ACM/IEEE/Infrastructure
    Protection meetings
  • Public lectures and forums
  • Curriculum development and courses

16
Technology Transfer to Start Ups, Industry and
Infrastructure Stakeholders
  • Strategies for improving tech transfer
  • Economic, Legal and Social Implications of TRUST
    technology built into technology
  • Testbeds to demonstrate robustness and
    scalability
  • Developing an eco-system with different
    constituencies by
  • Focused Workshops
  • Strategic Investment Sessions between
    stakeholders, industry, government
  • Internships for students in industry and
    infrastructure sectors
  • Internships for post docs and faculty as
    entrepreneur incubators at venture partners

17
Leadership and Outreach to other groups
  • EU-IST and US partnerships in dependability and
    TRUST
  • OSTP/DHS workshops
  • Workshops for venture partners
  • Special issues of ACM/IEEE/
  • ESCHER, a non-profit for repositorying TRUST
    software
  • ACM-SIGBED
  • Partnerships with Singapore (Nanyang) and Taiwan
    (National Chiao Tong and National Taiwan
    University)

18
Management
  • Exec Committee made up of PIs Ruzena Bajcsy
    (Diversity Outreach Coordinator)
  • Project Manager and Executive Director for
    Education and Outreach (TBD)
  • Each team (Security Technology, Systems Science,
    Social Science) has its coordinator
  • Each technical challenge area has its lead
    faculty, responsible for meeting
    deliverables/re-negotiating deliverables
  • Technical Management Plan through deliverables,
    which can be renegotiated at the bi-annual
    retreats

19
Management
  • Interdependency among elements built in by
    interleaving deliverables and using testbeds for
    integrating and evaluating research products
  • External Advisory Committee consists of
    representatives from academia, stakeholders in
    the government, industry, and utility stakeholders

20
Why an NSF-STC TRUST?
  • Interdisciplinary problems with issues of law,
    privacy, economics, and public policy
  • Problem is too large and complex for any one
    team. Need to simultaneously work on Security
    Science, Systems Science (of complex systems),
    and Social Science issues
  • No single silver bullet, but a number of novel
    and promising approaches
  • Huge leverage with education, industrial
    transition, diversity efforts with comprehensive
    team
About PowerShow.com