TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview - PowerPoint PPT Presentation


PPT – TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview PowerPoint presentation | free to download - id: 72f5af-ZmViN


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation

TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview


TRUST worthy Systems More than an Information Technology issue ... Critical infrastructure ... Create reusable library of test technology for ... – PowerPoint PPT presentation

Number of Views:192
Avg rating:3.0/5.0


Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview

TRUSTTeam for Research in Ubiquitous Secure
Technologies Strategic and Implementation Plan
  • Shankar Sastry (Berkeley),
  • Anna Gatti (myQube),
  • Giuliano Tavaroli (Telecom Italia, Pirelli)

TRUST worthy Systems
  • More than an Information Technology issue
  • Complicated interdependencies and composition
  • Spans security, systems, and social, legal and
    economic sciences
  • Cyber security for computer networks
  • Critical infrastructure protection
  • Economic policy, privacy
  • TRUST holistic interdisciplinary systems view
    of security, software technology, analysis of
    complex interacting systems, economic, legal, and
    public policy issues
  • Goals
  • Composition and computer security for component
  • Integrate and evaluate on testbeds
  • Address societal objectives for stakeholders in
    real systems

Coordinated Research Agenda
  • TRUST center will develop and demonstrate science
    and technology in real-life testbeds.
  • TRUST has long term research objectives but
    immediate delivery of royalty free tools and
    testbeds available today.
  • NSF seed funding of 19 M (39 M) over 5 (10)
  • Expected additional support from US Air Force
  • NSF/US State Department would like to make
    partnerships with key international partners
  • Coordinated research eleven challenge areas
    across three key topics
  • Security Science
  • Systems Science
  • Social Science

Security Science (1)
  • Network Security
  • Focused on making the Internet more secure
  • Challenges
  • Denial of service attacks
  • Spoofed source addresses
  • Routing security
  • Approaches
  • Structured overlay networks
  • Better infrastructure
  • Epidemic protocols
  • Simulation and Emulation on DETER testbed (key
    area for collaboration with Telecom Italia)

Security Science (2)
  • Trusted Platforms
  • Composition
  • Security and Vulnerability
  • Minimal Software and Hardware Configurations
  • Software Security
  • Static Code Verification
  • Dynamic Analysis
  • Multi-lingual Security
  • Software Design

DETER Cyber Defense Test and Evaluation
Research Network
Created by National Science Foundation and
Department of Homeland Security for testing of
network (DDOS, BGP, DNS) attacks and worm
defenses in a vendor and user neutral framework
DETER Testbed Goals
  • Established by Department of Homeland Security
    and NSF to facilitate scientific experimentation
  • Establish baseline for validation of new
  • Made available to industry such as BT, Bell South
  • Provide a safe platform for experimental
    approaches that involve breaking network
  • Real systems, Real code, Real attacks!
  • Provide access for wide community of users
  • Create researcher- and vendor-neutral environment
    (Juniper, Cisco, HP, Foundry, IBM, Sun)
  • Potential to simulate effects of network attack
    for Telecom Italia

Long Term Objectives
  • Create reusable library of test technology for
    conducting realistic, rigorous, reproducible,
    impartial tests
  • For assessing attack impact and defense
  • Test data, test configurations, analysis
    software, and experiment automation tools
  • Provide usage examples and methodological
  • Recommendations for selecting (or developing)
    tests and interpreting results
  • Test cases and results, possibly including
  • Facilitate testing of prototypes during
    development and commercial products during

System Science (1)
  • Complex Interdependency Modeling and Analysis
  • The nations critical infrastructure is
    intertwined and interdependent. Will begin Power
    systems, Financial Systems, and SCADA
    (Supervisory Control and Data Acquisition)
  • Four-fold approach to reducing vulnerability of
    interdependent systems to disruptive failure
  • Modeling Strategies
  • Analysis Techniques
  • Design Technologies
  • Operational Tools

System Science (2)
  • Secure Network Embedded Systems
  • Present unique security concerns
  • Conventional end-to-end approaches break down
  • New code must be propagated throughout the
  • Focus areas
  • Automated design, verification, and validation
  • Secure, composable, and adaptive software
  • Emphasis on sensor networking technology as
    high-impact application
  • Berkeley motes, Tiny OS used by hundreds of
  • Motes being used by Pirelli for tire monitoring

The Sensor Network Challenge
  • Monitoring Managing Spaces and Things

uRobots actuate
MEMS sensing
Miniature, low-power connections to the physical
Instrumenting the world
Great Duck Island
Elder Care
Soil monitoring
NEST Final Experiment Demo
Social Science Security vs. Privacy
  • Digital Forensics and Privacy
  • Privacy cuts across the trust/security issues
    that are the focus of TRUST
  • Common interfaces are needed for specifying
    privacy requirements
  • Allows privacy properties to transfer as
    information crosses compositional boundaries
  • Emphasis on strong audit, selective revelation of
    information, and rule-processing technologies
  • Research will develop framework for
    privacy-preserving data mining, identify theft,
    and privacy-aware sensor networking.

Sample Application Use of IT for health in the
  • Embedded, intelligent sensors as event monitors
  • Provide private monitoring and alerting
  • Can also enable telemedicine functions
  • Can be used as
  • A personal system electronic patient records
    belong to the user!
  • Or integrated with a health care provider system
  • Smart sensors can/will be easy to install and
  • Will be modular and upgradeable
  • Learning and/or assimilation technologies that
    will customize the devices to individuals.

Health Care Security and Privacy Testbed
Device being deployed
RS232-Bluetooth Cable Replacers
EECS Network (http)
Laptops for emulation of other sensors
Camera phone Nokia 6670
Communicator Nokia 9500
Telos Motes
Social Science Usability
  • Human Computer Interfaces and Security
  • Security problems may arise through the
    mis-configuration of complex systems
  • Generally, humans lack many computational
    abilities that are conducive to securing networks
    and systems
  • Research Emphases
  • Strengthening standard passwords
  • Using biometric information
  • Using image recognition

Some Concluding Remarks
  • TRUST is an excellent point of leverage for
    Telecom Italia to develop cyber security and
    trust solutions for wired/wireless
    infrastructures, emerging critical
    infrastructures. Long term investment by US
    Federal Agencies.
  • Initial points of collaboration could be in
    Network Defense, secure wireless networked
    embedded systems, trusted privacy, authentication
    and anti-phishing solutions
  • TRUST software and solutions are available as
    royalty-free to partners
  • TRUST offers technologists, economists, social
    scientists and public policy researchers and
  • Telecom Italia can influence strategic directions
    and testbed development.