Transcript Towards an Agile, Predictive Infrastructure

TRUST
TRUST:Team for Research in
Ubiquitous Secure Technologies
Shankar Sastry (Berkeley), Mike
Reiter (CMU), Steve Wicker
(Cornell), John Mitchell (Stanford),
Janos Sztipanovits (Vanderbilt)
June 13th, 2005
Minister F. C. Lin visit
TRUST
Attacks are growing in sophistication
Serious hackers
2
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Technology Generations of
Information Assurance
1st Generation
(Prevent Intrusions)
Access Control &
Physical Security
Trusted Computing Base
Cryptography
Multiple Levels
of Security
Intrusions will Occur
2nd Generation
(Detect Intrusions, Limit Damage)
Firewalls
Some Attacks will Succeed
3
3rd Generation
(Operate Through Attacks)
PKI
Intrusion Detection
Systems
Boundary Controllers
Intrusion
Tolerance
Graceful
Degradation
NSF STC Center Site Visit
VPNs
Big Board View of Attacks
Real-Time Situation Awareness
& Response
Hardened
Performance Core
Functionality
Sept. 13th, 2004
TRUST
TRUSTed Systems and Software
4
TRUST is more than resistance to information attack:

Today’s systems and networks are fragile, difficult-tocompose and maintain:
– Non-robust
– Non-adaptive
– Untrustworthy

Point failures bring down systems

Difficult, costly-to-compose useful systems from multiple
components

Poor or nonexistent means for building reliable systems from
necessarily unreliable components

Poor understanding of vulnerabilities of networks,
performance under – and uncharacterized attacks

No clear history, pedigree on data, code
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
TRUST worthy Systems


More than an Information Technology issue
Complicated interdependencies and composition issues
–
–
–
–


TRUST: “holistic” interdisciplinary systems view of security, software
technology, analysis of complex interacting systems, economic,
legal, and public policy issues
Goals:
–
5
Spans security, systems, and social, legal and economic sciences
Cyber security for computer networks
Critical infrastructure protection
Economic policy, privacy
–
–
Composition and computer security for component technologies
Integrate and evaluate on testbeds
Address societal objectives for stakeholders in real systems
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Research Agenda

Security Science (Schneider)
–
–
–
–

Systems Science (Schmidt)
–
–
–
–

6
Software Security (Mitchell)
Trusted Platforms (Boneh)
Applied Cryptography Protocols (Wagner)
Network Security (Joseph)
Interdependency Modeling and Analysis (Anantharam)
Secure Network Embedded Systems (Wicker)
Model Based Integration of Trusted Components (Sztipanovits)
Secure Information Management Tools (Birman)
Social, Economic and Legal Considerations (Samuelson)
–
–
–
Economics, Public Policy and Societal Challenges (Varian)
Digital Forensics and Privacy (Tygar)
Human computer Interfaces and Security (Reiter)
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Integration of Research Agenda

Four testbeds chosen to be responsive to national
needs: Computer and network security, Critical
infrastructure protection, Privacy
–
–
–
–

7

Power Grid (Sztipanovits)
Secure Network Embedded Systems (Wicker)
Planet Lab (Culler)
Cyber Defense Technology Experimental Research testbed
(DETER) (Joseph/Sastry)
Technical Management Plan through time sensitive
internal deliverables of software, systems among
team members
Exchange of scientific personnel among team
members
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Broad Security and Privacy Vision
Societal Challenges
Privacy
Critical
Infrastructure
Computer and
Network Security
TRUST will address
social, economic and
legal challenges
Integrative Testbeds
Network Security
Testbed
Secure Networked
Embedded Systems
Power Grid
Testbed
Testbed
Component Technologies
Software
Security
8
Trusted
Platforms
Applied Crypto graphic Protocols
Network
Security
Specific systems that
represent these social
challenges.
Complex Inter Dependency mod.
Secure Info Mgt.
Software Tools
Secure Network
Embedded Sys
Model -based
Security Integration.
Secure Compo nent platforms
Econ., Public Pol. Soc.
Chall.
Forensic
and Privacy
Component technologies
that will provide solutions
HCI and
Security
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Education Development


Security must be consciously engineered into
new and legacy critical infrastructure systems
Every component level needs rethinking and
education: need to build in TRUST: security
science, systems science and social, legal, economic
considerations into every course in undergrad
and grad curricula (“liberal” technologically
literate education)
9
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Human Resource Development:
leveraging our experience





10
Cornell has had partnerships with the Information Assurance
Institute at AFRL, Rome
CMU students have extensive access to Software Engineering
Institute and CERT.
Stanford has extensive interactions with USPS, Secret Service,
and brings the Center for Strategic and International Studies for
policy matters
Vanderbilt runs the Institute for Software Integrated Systems and
Institute for Public Policy Studies
At Berkeley, we have the Center for Information Technology
Research in the Interest of Society (CITRIS), aimed at bringing
innovative technologies to societal scale systems
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Course Work Development

Course work to have TRUST built in at all levels--undergrad,
grad, advanced seminars. Repositories will be maintained
professionally by the Vanderbilt System CAPE/ELM.
–
–
–
11
–
Security Science: operating systems, programming languages,
cryptography, secure networking, …
Social Sciences: Bringing policy, social, economic issues to student
community: economics of information technology, information
management, privacy and security
Systems Science: “systems integration using software” curriculum
needs to be developed from scratch, capstone design course for
undergrads (or 5th year MS)
NSA-NSF Cybersecurity Center of Excellence in Information Assurance
Education to be developed at San Jose State, on going certification efforts
for other Centers of Excellence at CMU
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Workforce Training

Undergrad and Grad Student mentorship and
development features
–
–
–
–


12
Exchanging students and postdocs
REU activities at partner campuses
Student Entrepreneurship clubs (Vertex, Bases)
Partnership with Cornell Information Assurance Institute
US workforce in research challenge areas with
infrastructure holders, industry partners
Summer and Winter Educational Institutes and
Retreats for TRUST
–
–
In-depth discussion of research challenge areas
Testbed and integrative activities
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Diversity Plans




13
K-12 Outreach: Berkeley Foundation for Opportunities in IT
(BFOIT) for Oakland/Bay Area secondary schools
Summer Research in Information Assurance for HBCU
faculty: CMU as a Center of Academic Excellence in Information
Assurance education has worked with Howard, Morgan State,
UTEP, Hampton, Texas A&M, Corpus Christi, Cal State Fullerton:
emphasizes both teaching and research at CyLab
Curriculum Development for Hispanic Serving Institutions:
NSA/NSF Center at SJSU in Information Assurance education
Summer Internship for HBCU faculty in Systems Science
(SIPHER): California Community Colleges, Fisk, Tennessee
State, UAB, Morehouse, Spelman, Tuskegee, …
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Diversity Plans



14
Summer Undergraduate Program in Engineering
Research at Berkeley (SUPERB). Undergrad
research for students from institutions serving underrepresented groups. Overwhelming demand for TRUST.
Women’s Colleges: Summer Immersion Institute for
students from Colleges like Mills, Smith, Ithaca
College with sponsorship of CRA-W
Community Outreach: public “town hall” style forums
about privacy and security, economic and legislative
issues for secure systems. Engagement with local
and state authorities, media and first responders.
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Knowledge Transfer Plans: TRUST as a
Public Private Partnership

TRUST as a DMZ (trusted intermediary!) between
industry, government, non-profit and academia for
answering hard questions:
–
–
–
–

Who will pay for security
Should the Feds play the role of market maker
Roadmaps for guiding investment
The role of regulation/insurance
Open dissemination of research:
–
–
15
–
–
Publications and software
Short courses at ACM/IEEE/Infrastructure Protection
meetings
Public lectures and forums
Curriculum development and courses
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Technology Transfer to Start Ups, Industry and
Infrastructure Stakeholders
Strategies for improving tech transfer
 Economic, Legal and Social Implications of TRUST
technology built into technology
 Testbeds to demonstrate robustness and scalability
 Developing an eco-system with different
constituencies by
–
–
16
–
–
Focused Workshops
Strategic Investment Sessions between stakeholders,
industry, government
Internships for students in industry and infrastructure sectors
Internships for post docs and faculty as entrepreneur
incubators at venture partners
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Leadership and Outreach to other
groups







17
EU-IST and US partnerships in dependability and
TRUST
OSTP/DHS workshops
Workshops for venture partners
Special issues of ACM/IEEE/…
ESCHER, a non-profit for repositorying TRUST software
ACM-SIGBED
Partnerships with Singapore (Nanyang) and Taiwan
(National Chiao Tong and National Taiwan University)
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Management




18

Exec Committee made up of PIs + Ruzena Bajcsy
(Diversity Outreach Coordinator)
Project Manager and Executive Director for Education
and Outreach (TBD)
Each team (Security Technology, Systems Science,
Social Science) has its coordinator
Each technical challenge area has its lead faculty,
responsible for meeting deliverables/re-negotiating
deliverables
Technical Management Plan through deliverables,
which can be renegotiated at the bi-annual retreats
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Management


19
Interdependency among elements built in by
interleaving deliverables and using testbeds
for integrating and evaluating research
products
External Advisory Committee consists of
representatives from academia, stakeholders
in the government, industry, and utility
stakeholders
NSF STC Center Site Visit
Sept. 13th, 2004
TRUST
Why an NSF-STC TRUST?



20

Interdisciplinary problems with issues of law,
privacy, economics, and public policy
Problem is too large and complex for any one
team. Need to simultaneously work on
Security Science, Systems Science (of
complex systems), and Social Science issues
Large leverage with education, industrial
transition, diversity efforts with large team
No single silver bullet, but a number of novel
and promising approaches
NSF STC Center Site Visit
Sept. 13th, 2004