TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview - PowerPoint PPT Presentation

Loading...

PPT – TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview PowerPoint presentation | free to download - id: 72f5af-ZmViN



Loading


The Adobe Flash plugin is needed to view this content

Get the plugin now

View by Category
About This Presentation
Title:

TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview

Description:

TRUST worthy Systems More than an Information Technology issue ... Critical infrastructure ... Create reusable library of test technology for ... – PowerPoint PPT presentation

Number of Views:114
Avg rating:3.0/5.0

less

Write a Comment
User Comments (0)
Transcript and Presenter's Notes

Title: TRUST:Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview


1
TRUSTTeam for Research in Ubiquitous Secure
TechnologiesStrategic and Implementation Plan
overview
  • Shankar Sastry (Berkeley),
  • Anna Gatti (myQube),
  • Giuliano Tavaroli (Telecom Italia, Pirelli)

2
TRUST worthy Systems
  • More than an Information Technology issue
  • Complicated interdependencies and composition
    issues
  • Spans security, systems, and social, legal and
    economic sciences
  • Cyber security for computer networks
  • Critical infrastructure protection
  • Economic policy, privacy
  • TRUST holistic interdisciplinary systems view
    of security, software technology, analysis of
    complex interacting systems, economic, legal, and
    public policy issues
  • Goals
  • Composition and computer security for component
    technologies
  • Integrate and evaluate on testbeds
  • Address societal objectives for stakeholders in
    real systems

3
Coordinated Research Agenda
  • TRUST center will develop and demonstrate science
    and technology in real-life testbeds.
  • TRUST has long term research objectives but
    immediate delivery of royalty free tools and
    testbeds available today.
  • NSF seed funding of 19 M (39 M) over 5 (10)
    years
  • Expected additional support from US Air Force
  • NSF/US State Department would like to make
    partnerships with key international partners
  • Coordinated research eleven challenge areas
    across three key topics
  • Security Science
  • Systems Science
  • Social Science

4
Security Science (1)
  • Network Security
  • Focused on making the Internet more secure
  • Challenges
  • Denial of service attacks
  • Spoofed source addresses
  • Routing security
  • Approaches
  • Structured overlay networks
  • Better infrastructure
  • Epidemic protocols
  • Simulation and Emulation on DETER testbed (key
    area for collaboration with Telecom Italia)

5
Security Science (2)
  • Trusted Platforms
  • Composition
  • Security and Vulnerability
  • Minimal Software and Hardware Configurations
  • Software Security
  • Static Code Verification
  • Dynamic Analysis
  • Multi-lingual Security
  • Software Design

6
DETER Cyber Defense Test and Evaluation
Research Network
Created by National Science Foundation and
Department of Homeland Security for testing of
network (DDOS, BGP, DNS) attacks and worm
defenses in a vendor and user neutral framework
7
DETER Testbed Goals
  • Established by Department of Homeland Security
    and NSF to facilitate scientific experimentation
  • Establish baseline for validation of new
    approaches
  • Made available to industry such as BT, Bell South
  • Provide a safe platform for experimental
    approaches that involve breaking network
    infrastructure
  • Real systems, Real code, Real attacks!
  • Provide access for wide community of users
  • Create researcher- and vendor-neutral environment
    (Juniper, Cisco, HP, Foundry, IBM, Sun)
  • Potential to simulate effects of network attack
    for Telecom Italia

8
Long Term Objectives
  • Create reusable library of test technology for
    conducting realistic, rigorous, reproducible,
    impartial tests
  • For assessing attack impact and defense
    effectiveness
  • Test data, test configurations, analysis
    software, and experiment automation tools
  • Provide usage examples and methodological
    guidance
  • Recommendations for selecting (or developing)
    tests and interpreting results
  • Test cases and results, possibly including
    benchmarks
  • Facilitate testing of prototypes during
    development and commercial products during
    evaluation

9
System Science (1)
  • Complex Interdependency Modeling and Analysis
  • The nations critical infrastructure is
    intertwined and interdependent. Will begin Power
    systems, Financial Systems, and SCADA
    (Supervisory Control and Data Acquisition)
    networks
  • Four-fold approach to reducing vulnerability of
    interdependent systems to disruptive failure
  • Modeling Strategies
  • Analysis Techniques
  • Design Technologies
  • Operational Tools

10
System Science (2)
  • Secure Network Embedded Systems
  • Present unique security concerns
  • Conventional end-to-end approaches break down
  • New code must be propagated throughout the
    network
  • Focus areas
  • Automated design, verification, and validation
  • Secure, composable, and adaptive software
  • Emphasis on sensor networking technology as
    high-impact application
  • Berkeley motes, Tiny OS used by hundreds of
    groups
  • Motes being used by Pirelli for tire monitoring

11
The Sensor Network Challenge
  • Monitoring Managing Spaces and Things

applications
Store
Comm.
uRobots actuate
MEMS sensing
Proc
Power
technology
Miniature, low-power connections to the physical
world
12
Instrumenting the world
Great Duck Island
Redwoods
Elder Care
Factories
Soil monitoring
13
NEST Final Experiment Demo
14
Social Science Security vs. Privacy
  • Digital Forensics and Privacy
  • Privacy cuts across the trust/security issues
    that are the focus of TRUST
  • Common interfaces are needed for specifying
    privacy requirements
  • Allows privacy properties to transfer as
    information crosses compositional boundaries
  • Emphasis on strong audit, selective revelation of
    information, and rule-processing technologies
  • Research will develop framework for
    privacy-preserving data mining, identify theft,
    and privacy-aware sensor networking.

15
Sample Application Use of IT for health in the
home
  • Embedded, intelligent sensors as event monitors
  • Provide private monitoring and alerting
  • Can also enable telemedicine functions
  • Can be used as
  • A personal system electronic patient records
    belong to the user!
  • Or integrated with a health care provider system
  • Smart sensors can/will be easy to install and
    operate
  • Will be modular and upgradeable
  • Learning and/or assimilation technologies that
    will customize the devices to individuals.

16
Health Care Security and Privacy Testbed
Device being deployed
RS232-Bluetooth Cable Replacers
EECS Network (http)
Laptops for emulation of other sensors
Camera phone Nokia 6670
Communicator Nokia 9500
Telos Motes
17
Social Science Usability
  • Human Computer Interfaces and Security
  • Security problems may arise through the
    mis-configuration of complex systems
  • Generally, humans lack many computational
    abilities that are conducive to securing networks
    and systems
  • Research Emphases
  • Strengthening standard passwords
  • Using biometric information
  • Using image recognition

18
Some Concluding Remarks
  • TRUST is an excellent point of leverage for
    Telecom Italia to develop cyber security and
    trust solutions for wired/wireless
    infrastructures, emerging critical
    infrastructures. Long term investment by US
    Federal Agencies.
  • Initial points of collaboration could be in
    Network Defense, secure wireless networked
    embedded systems, trusted privacy, authentication
    and anti-phishing solutions
  • TRUST software and solutions are available as
    royalty-free to partners
  • TRUST offers technologists, economists, social
    scientists and public policy researchers and
    teachers.
  • Telecom Italia can influence strategic directions
    and testbed development.
About PowerShow.com