Nsf wireless security workshop
Download
1 / 19

NSF Wireless Security Workshop - PowerPoint PPT Presentation


  • 402 Views
  • Updated On :

NSF Wireless Security Workshop. Karl Levitt and Jie Wu Division of Computer and Network Systems Computer & Information Science & Engineering National Science Foundation [email protected] , [email protected] Outlines. NSF NeTS and CT programs Challenges and Opportunities

Related searches for NSF Wireless Security Workshop

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'NSF Wireless Security Workshop' - DoraAna


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Nsf wireless security workshop l.jpg

NSF Wireless Security Workshop

Karl Levitt and Jie Wu

Division of Computer and Network Systems

Computer & Information Science & Engineering

National Science Foundation

[email protected], [email protected]


Outlines l.jpg
Outlines

NSF NeTS and CT programs

Challenges and Opportunities

CNCI: A Multi-Agency Program

Overview from Government Representatives

Final Remarks

2

2


Nsf nets cluster 2008 l.jpg
NSF NeTS Cluster (2008)

Network Ecosystems

(NECO)

Aware Networking

(ANET)

Networking at the Edge

(NEDG)

Future Internet

Design (FIND)

Exploratory Networking

(XPLR)

Du: NEGD, NECO

Fisher: FIND, NECO

Mankin: FIND, ANET

Wu: NEDG, NECO

All PDs: XPLR


Cyber trust overview fy08 l.jpg
Cyber Trust Overview – FY08

Foundations (Rich Beigel): Cryptography, New models

Formal methods(Rich and Karl): Verifying trustworthiness, static analysis of programs

Host security architecture(David Du): hw support, new OSes, …

Network security(Kevin Thompson and Karl): network security architecture, network monitoring

Wireless and sensor network security(Jie and David)

Intrusion tolerance(Karl and Kevin): Operate through attacks

Privacy and human issues (Jim French): usable security

Testbeds and experimental evaluation(Kevin and Karl): Metrics

Applications that demand trustworthiness (Ralph Wachter): Telecom, E-voting, PowerGrid, Healthcare, Vehicles with wireless

4

4


Cyber trust overview fy09 l.jpg
Cyber Trust Overview – FY09

Cyber Trust will be renamed to Trustworthy Computing

The mission will not change but will place increased emphasis on:

Privacy

Usability

Foundations

5

5


Challenges and opportunities l.jpg
Challenges and Opportunities

Security Architecture

Prevention vs. detection and respond

Management: App. dependent/independent

Integration with wired networks

Foundations and Formal Methods

Cryptograph: lightweight methods, key management, …

Verification and validation

6

6


Challenges and opportunities7 l.jpg
Challenges and Opportunities

Unique Security Issues for Wireless

Unique security threats (e.g. jamming)

Light weight methods

Mobility

Privacy, reputation, and trust

Social networks

Economic concerns

Testbeds

7

7


Questions l.jpg
Questions

What is industry doing, and how can we complement that?

What are the current threats for which the research community has no solution, e.g., jamming?

What are future threats to the wireless networks?

What are future wireless applications?

8

8


Questions9 l.jpg
Questions

What are the fundamental issues w.r.t. wireless trustworthiness?

Are new design/architectures/paradigms needed?

What is the role of regulation?

What testbeds are needed for the future?

How can different agencies work together?

9

9


Slide10 l.jpg

Comprehensice National Cyber Defense Initiative (CNCI)

Research associated with CNCI, a.k.a the National Cyber Defense Initiative (NCDI)

What This Talk is NOT About: The other 17 categories, one of which is the TIC

  • NCDI is a merge of a grass roots effortand CNCI

  • Current goal of NCDI: Create an actionable R&D plan

  • Summary of NCDI planning meetings

  • Why it is a daunting (but achievable) challenge to realize a secure system

  • Current view on on the planning process for the NCDI


Slide11 l.jpg
Baltimore Sun Article on Cyber Initiativehttp://www.baltimoresun.com/technology/bal-te.cyber24oct24,0,782050,full.story

House panel chief demands details of cybersecurity plan (October 24, 2007)

The chairman of the House Homeland Security Committee called on the Bush administration yesterday to delay the planned launch of a multi- billion-dollar cybersecurity initiative so that Congress could have time to evaluate it. Rep. Bennie Thompsonsaid he wants to make sure the new program is legal before it is launched. In an interview, the Mississippi Democrat said he had been told that President Bush might unveil the initiative as early as next week. Known internally as the"Cyber Initiative,"the program is designed to use the spying capabilities of the National Security Agency and other agencies to protect government and private communications networks from infiltration by terrorists and hackers. The Sun reported the existence of the program last month, but Thompson said the administration has refused to discuss the initiative with members of his committee, despite repeated requests.
a letter this week to Homeland Security Secretary Michael Chertoff, Thompson demanded that his committee receive a briefing on details of the plan. He also warned that the "centralization of power" envisioned under the initiative raised "significant questions" that should be answered before the program is launched. Thompson - whose panel oversees the Homeland Security Department, which would run the initiative - said he was unaware of the program's existence until I …

A Homeland Security spokeswoman said Chertoff had received Thompson's letter, which was dated Monday, and would respond "in a timely fashion. We do agree that cybersecurity is a very important issue, and that is why since the beginning of this congressional session DHS has provided more than a half a dozen briefings to the House Homeland Security Committee on cyberthreats and related issues," said the spokeswoman, Laura Keehner.Thompson said that if the administration continues to give his panel the silent treatment, he will consider issuing a congressional subpoena. "You have to put sunshine on a program so sensitive as this," he said. The administration is saying that "'you have to believe us.' Obviously, as a nation of laws, we can't accept that.“ Thompson said that because the program involves the NSA and similar agencies, questions aboutprivacyand domestic surveillance would be of particular concern.


2006 ncdi related activities l.jpg
2006 NCDI-related Activities

  • DSB Net-centric Warfare Summer Study

    • April-August, 2006

    • http://www.acq.osd.mil/dsb/reports/2007-04-IM_Vol_I.pdf

  • SCW (Safe Computing Workshop) Planning Meeting (DTO, MIT, NSA, NSF, Sandia, UPenn)

    • August 21-22, 2006, MIT CSAIL, Cambridge

  • NSF-DTO-NSA Safe Computing Workshop

    • Top US IA experts from government, industry and academia

    • Assessed entire computing & networking stack

    • November 29 – December 1, 2006, Sandia National Laboratory, NM

    • https://og5.csail.mit.edu/scw/dist/

  • NSF-DTO-NSA Itanium STA Workshop

    • 25 specialists examined Itanium as platform for STA and looked at programming language verification

    • March 26-27 2006, MIT CSAIL, Cambridge

    • https://og5.csail.mit.edu/cdi/itanium/


2007 ncdi related activities l.jpg
2007 NCDI-related Activities

  • NSF CyberTrust PI Meeting (NCDI presentations)

    • 29-30 JAN 2007 in Atlanta

    • http://www.gtisc.gatech.edu/cybertrust2007/

  • IA Leadership Workshop

    • (20 USG IA leaders reviewed NCDI progress to date)

    • 13 JUN 2007 at NGC, Reston

    • https://og5.csail.mit.edu/cdi/ialw/

  • “Leap Ahead” Workshop

    • Report on gaps in current security and privacy technology

    • 5 OCT 2007 in Rosslyn, VA

  • Government-only meetings

    • We worked weekends to produce an initial plan

  • Workshop to Produce Actionable Plans

    • 3-7 DEC 2007 at the Naval Postgraduate School

    • Report under preparation


Findings of ncdi l.jpg
Findings of NCDI

  • “Attackers Rule !” and Disasters are Likely

  • Short-term Measures Essential but Insufficient

  • Market Forces Will Not Change the Balance

  • Usability & Manageability Critical to Solution

  • New Technology Can Catalyze Major Changes

  • Research Business as Usual will Not Work

Only a National Initiative Involving Researchers, Industry with Government Funding Will Make a Real Difference


Ncdi vision l.jpg
NCDI Vision

Over the next ten years transform the cyber-infrastructure to be resistant to attack so that critical national interests are protected from catastrophic damage and our society can confidently adopt new technological advances

Transformation means we must learn how to build the new infrastructure and deploy it. Learning how to execute this transformation will advance both technology and U.S. competitiveness in many ways


Systems that provide safety security and privacy a possible process l.jpg

S&T advances and new capabilities

  • Necessary and sufficient accountability

  • Trust-modulated e-commerce

  • Prevention of catastrophic cascading disruption

  • Ownership over personal data

  • Secure system/subsystem interoperability

  • Cooperative defense

  • Security measures and metrics

  • Critical Applications & Infrastructures

    • Power Grid

    • Telecom

    • Financial

    • EMR & Health Care

    • eVoting

  • Information Technologies & Components

    • Operating Systems

    • Protocols

    • Processors

    • Cryptography

    • ….

Systems that Provide Safety, Security, and Privacy: A Possible Process

  • Security Shortfalls - IRC HPL

    • Security with Privacy

    • Global Identity Management

    • Insider Threats

    • Situation Understanding

    • Operating While Hurt

    • Information Pedigree

    • Security Metrics


Overview from government representatives l.jpg
Overview from Government Representatives

NSF: Karl Levitt and Jie Wu

ARO: Cliff Wang

NIST: Tom Karygiannis

NSA: Steve Borbash

NRL: Jason Rogers and Cathy Meadows

17

17


Final remarks l.jpg
Final Remarks

Dialogue on

Unique security issues in wireless

What’s working and what’s not

Threats of the future in wireless

18

18


Interactions l.jpg

Government

Academia

Industry

Interactions

  • Academia-Industry-Government

Problems/Fund/Solutions


ad