Embed Size (px)
Citation preview
Presentation to ACSAC 2009
Cyber Security and Information Assurance R&D
Federal Networking and Information Technology Research and Development (NITRD)
Program
Tomas Vagoun
Technical Coordinator
2
NITRD Program
Definition The NITRD Program is the primary mechanism by which the U.S. Government
coordinates its unclassified networking and information technology (IT) research and development (R&D) investments.
Legislation
The High-Performance Computing Act of 1991 (Public Law 102-194) as amended by:
Next Generation Internet Research Act of 1998 (P.L. 105-305) and the
America COMPETES Act of 2007 (P.L 110-69)
Objectives Serve as the Federal focal point for interagency technical planning, budget planning,
and coordination for the Federal NITRD Program
Serve as a source of timely, high-quality, technically accurate, in-depth information on accomplishments, new directions, and critical challenges for the NITRD Program
Support NITRD-related policy making in the White House Office of Science and Technology Policy (OSTP)
3
13 Member Agencies – N/IT R&D Budget ~ $4B
Agency for Health Research QualityNational Institutes of Health
National Oceanic and
Atmospheric Administration
DOE/Office of Science
Defense Advanced Research
Projects Agency
DOE/National Nuclear
Security Administration
National Institute of Standards
and Technology
National Science Foundation
National Archives and
Records Administration
Department of Defense
National Security Agency
National Aeronautics and
Space Administration
Environmental Protection Agency
4
Selected NITRD Agency Budgets in Cyber Security and Information Assurance (CSIA) R&D
Selected NITRD Agencies
Cyber Security and Information Assurance R&D
FY 2010 Budget Request (Unclassified)
DARPA $143.6M
OSD and DOD Service research organizations
$70.0M
NSF $67.4M
NSA $32.2M
NIST $29.3M
Source: “NITRD Supplement to the President’s FY 2010 Budget,”
http://www.nitrd.gov/Pubs/2010supplement/FY10Supp-FINALFormat-Web.pdf
5
NSF: Many Topics Funded by Trustworthy Computing Program
Cryptography: provable security, key management, lightweight cryptographic systems, conditional and revocable anonymity, improved hash functions
Formal methods: access control rule analysis, analysis of policy, verification of composable systems, lightweight analysis, on-line program disassembly
Formal models: access control, artificial diversity and obfuscation, deception
Defense against large scale attacks: worms, distributed denial of service, phishing, spam, adware, spyware, stepping stone and botnets
Applications: critical infrastructures, health records, voice over IP, geospatial databases, sensor networks, digital media, e-voting, federated systems
Privacy: models, privacy-preserving data-mining, location privacy, RFID networks
Hardware enhancements for security: virtualization, encryption of data in memory, high performance IDS, TPM
Network defense: trace-back, forensics, intrusion detection and response, honeynets
Wireless & Sensor networks: security, privacy, pervasive computing New challenges: spam in VoIP, “Google-like” everywhere,
virtualization, quantum computing, service oriented architecture Metrics: Comparing systems wrt security, risk-based measurement Testbeds and Testing Methodology: DETER, WAIL, Orbit and GENI,
scalable experiments, sanitized data
6
NSF Strategic Priorities in CSIA
Foundations: models, logics, algorithms, and theories for analyzing and reasoning about all aspects of trustworthiness
Usability: make security accessible for system developers, system administrators, programmers, evaluators, and home users
Privacy: scientific methodologies and technologies to reason about privacy policies, and to explore the interplay among privacy, security and legal policies
Security Architecture: security architectures to obtain trustworthy systems
Evaluation: metrics comparing systems with respect to security/privacy/usability, risk-based measurements; testbeds and testing methodologies, data to support testing
Slide 6
7
NSF: Major Supported Centers
TRUST: Team for Research in Ubiquitous Secure Technology Create new technologies and perhaps even new social institutions to build
inherently secure computer software and networks 5-year, $20M award to UC Berkeley (prime), Carnegie Mellon University, Mills
College, San Jose State U, Smith College, Stanford U and Vanderbilt U
ACCURATE: A Center for Correct, Usable, Reliable, Auditable, & Transparent Elections Improving the reliability and trustworthiness of voting technology through new
architectures, tamper-resistant hardware, crypto-graphic protocols 5-year, $7.5M award to Johns Hopkins U (prime), Rice U, Stanford U, Berkeley
U, University of Iowa, and SRI International
CCIED: Collaborative Center for Internet Epidemiology and Defenses Analyzing the behavior and limitations of Internet pathogens (e.g., worms,
viruses), reverse-engineering of worms, developing early-warning and forensic capabilities, and defending against new outbreaks in real-time
FY04 5-year, $7.5 award to UC San Diego and UC Berkeley, International Computer Science Institute
TCIP: Trustworthy Cyber Infrastructure for Power Address technical challenges motivated by power grid problems 5-year, $7.5M award, University of Illinois, Dartmouth College, Cornell
University, Washington State
SAFE: Usable Security 5-year, $7.5M award CMU
8
NSF: Science of Security
Are there powerful models (like Shannon’s binary symmetric channel) so that realistic security and privacy properties can be computed?
Is there a theory that enables secure systems to be composed from insecure components
Metrics: Is there a theory such that systems can be ordered with respect to their security or privacy?
Can entire systems (hosts, networks) and their “defenses” be formally verified with respect to realistic security objectives and threats?
Are there security-related hypotheses that can be validated experimentally?
What kind of an instrument (testbed) is needed to validate such hypotheses?
NSF/IARPA/NSA organized a workshop on SOS, Nov. 2008
9
NIST CSIA Priorities
SHA-3 Hash Competition Problem: Hash collisions found for MD5; SHA-1 vulnerable; design
similarity in SHA-2 causes concerns
Internet Infrastructure Protection – Routing, Naming and Addressing Problem: DNS, BGP and IP components of the Internet’s
infrastructure are trivially vulnerable to focused attacks Goal: New trust infrastructures are required to enable secure and
robust routing, naming and addressing
Policy Machine Problem: Access control mechanisms are implemented differently
and only implement and enforce simple policies. Cannot interoperate over varied platforms and applications.
Goal: One mechanism capable of comprehensively expressing and enforcing any policy over all resources (e.g., files, work items, messages and attachments, clipboard)
Standardizing Metrology for Information Security Problem: Lack of understanding as to which security measures and
metrics are most relevant for determining security posture and making decisions; lack of understanding as to how to analyze measures and combine them into higher-level metrics
10
NSA Priorities
Trusted Computing High assurance security architectures enabled by virtualization Improved enterprise protection through strong software
measurement and reporting
Mobility Secure enterprise infrastructure required for secure mobility Improved physical protection of mobile assets Location sensitive access control Cost-effective protection of air interface
Anomaly Detection Integrating data from different sensors (host, LAN, gateway) Non-signature based detection
11
IARPA Cyber Security Interests
Circuit Analysis Tools (CAT) Program Tools that are necessary for circuit analysis at future technology
nodes, specifically, the 22 nm node and beyond
Securely Taking On New Executable Stuff of Uncertain Provenance (STONESOUP) Program Technologies that provides comprehensive, automated techniques
that allow end users to safely execute new software of uncertain provenance
Multi-qubit Coherent Operations Program Exploring the performance of multi-qubit systems; maintain and
improve the control over quantum operations in a more complex and noisier environment
Information Assurance Research Private Information Retrieval (PIR): query a database without
revealing the query or the answer to the (cooperative) database owner
12
OSD/DDR&E CSIA Strategic Priorities
Harden key components for cyber conflict defense Assure missions despite adverse cyber effects Disrupt adversaries’ attack planning and execution
Slide 12
DoD Information Assurance/Cyber Security (IA/CS) S&T
Roadmap Study identified strategic focus areas
13
AFRL: Cyber Defense Challenges
•Metrics / Tradespace•Containment Technology•Mission / Infrastructure Dependencies•Self Regeneration•Composability•Synthetic Diversity•Acquired Immunity
Avoid Threats•Polymorphic Systems / Agility•Selective Interoperability•Domain Design for Mission
Assurance•Early Warning / Anticipation•Attribution / Geolocation•Deception
Survive & Recover from Attacks
•Cooperative Agents•Timely & Effective Engagement•Formal Approaches to Policy, Intent, RoE•Fratricide Prevention / IFF•Rapid / Live Forensics•Response Action (Offensive Defense)
Defeat Threats
14
AFRL: CSIA Interest Areas
Polymorphism: code, network, etc. Selective interoperability for threat avoidance Fight through / survival in a contested environment Mission assurance & understanding mission dependency on
cyber Methods for posturing offensive technologies to protect
blue assets and missions Cyber signal processing, novel observables & HPC
applications
15
ARMY: CERDEC IA Thrust Areas
Technology Focus AreasComputer Network OperationsCross Domain SecurityCognitive NetworkingSoftware AssuranceIdentity Protection and Access
ManagementEncryption
IA Goals
Defend Against Attacks
Predict/Detect Attacks
Real Time Damage Assessment
Active Response/Deception
“Morph” the playing field
Suitable Security Metrics
Protect Information and Maintain acceptable level of Mission effectiveness
Protect Detect Assess Respond
16
Navy Strategic Priorities in CSIA
Vision Develop the fundamental principles, processes, tools and techniques to
protect and defend information in cyberspace with assurance
Foundations Fundamental properties of algorithms, software, processes, and design Quantum Information sciences for secure computing and communications Cognitive, social, and behavioral aspects influencing interactions in cyber
Security Architecture Research for Host, Network, and Application Trust management in enterprise services Mitigation of the Botnet threat Assurances for cyber-physical systems Anti-tamper hardware (and software) Wireless security & networks at the edge High assurance in hypervisors and network virtualizations
Advanced Technology Demonstration Computer network defense Secure distributed collaboration Security management infrastructure and assured information sharing Secure dynamic tactical communications networks
17
Food For Thought: R&D Framework For Secure Cyberspace
Transparency Acuity Agility
Safety Extensibility
Robust Attribution
Authentication
Automatic Security Policy Compilation and Verification
Risk Adaptive Access Control
Understand the Value of Information and System Components
Low Latency Analytics
Analysis of Streaming Data
Smart/Hardened Data
Detection/Mitigation of Insider Threat
Modeling Complex Systems
Control of Heterogeneous Systems with Non-linear Dynamics
Smart Sensors
Management and Command and Control of Distributed Sensors
Operating Center Virtual Environment
Resilient Systems
Trustworthy Platforms in Untrustworthy Environments
Trustworthy Information Flow
Advanced Cryptography
Usability
Self-Protecting, Self-Healing Data, Information, Hardware, and Software
Composition
Secure System Engineering
Social Engineering
Enablers
Metrics
18
Tomas Vagoun, PhDTechnical Coordinator
National Coordination Office for Networking and Information Technology Research and DevelopmentSuite II-405, 4201 Wilson Blvd.Arlington, VA 22230
Tel: (703) 292-4873
Credits: information presented has been excerpted from materials provided by representatives from NITRD member agencies
