TRUST:Team for Research in Ubiquitous Secure Technologies Responses to Issues Raised by Past Reviewers John Mitchell (Stanford) NSF STC Review September 6, 2004
Summary (Excerpted from reviews) Goal Develop science and technology to enable organizations to design, build, and operate trustworthy information systems for the U.S. critical infrastructure Team Multidisciplinary group of very well-known and active researchers with expertise in computer security, software technology, analysis of complex interacting systems, and economic and public policy NSF STC Review December 4, 2018
Concerns One is that most of the researchers in the proposed center are not directly involved in mainstream research of computer security although they have been doing related research. This could be a minus but could also be advantageous as these strong researchers may bring fresh ideas and new approaches to solving security problems of large scale. Another concern is whether the group of senior researchers could really collaborate closely as a large team as there is not much past record of collaboration among some of the researchers or subgroups. Related to that is the question how the testbeds will be used effectively for integrative activities among the partners. NSF STC Review December 4, 2018
Outline Research focus Management structure Integrative testbeds Computer security does not exist in a vacuum, but involves endowing specific kinds of systems with security properties Management structure Supports goals of the project Integrative testbeds Role in structure of the project NSF STC Review December 4, 2018
Testbeds Social Science Security Science System Science NSF STC Review December 4, 2018
Integrative Testbeds Network Security PlanetLab Testbed (DETER) Specific systems that represent social needs and translate into technical challenges Networked Power Grid Embedded Systems Testbed Testbed Research Challenges Software Complex Inter Dependency mod. - Economics, Security Public Policy Research areas which will provide solutions in the context of the testbeds Trusted Secure Network Platforms Embedded Sys. Forensic and Privacy Applied Model - based Cryptography Integration Network Secure Info. Mgt. HCI and Security Software Tools Security NSF STC Review December 4, 2018
Research expertise Core security experts Birman, Boneh, Joseph, Mitchell, Perrig, Reiter, Robinson, Schneider, Song, Tygar, Wagner Computer systems and wireless networking Bajcsy, Culler, Wicker, Sirer, Lee, Manohar, Raghavan, Sztipanovits Software engineering and principles Aiken, Garcia-Molina, Henzinger, Karsai, Necula, Schmidt, Wing Social scientists Mc Fadden, Samuelson, Varian, Weber NSF STC Review December 4, 2018
Management Questions (from reviews) Can this group of this size, institutional diversity and seniority be integrated and managed? The management structure is not yet complete (with some key roles not filled). There is no succession plan for the leadership of the center. The management plan is rather brief without mentioning how resource allocation and project termination will be done. There are almost 40 senior researchers involved in this proposed effort, most are involved in other (admittedly related) significant research projects. While they propose a reasonable hierarchical management structure, … the question is whether the whole will be greater than the sum of the parts NSF STC Review December 4, 2018
Management Organization Security Technology Teams Schneider (coordinator) Systems Science Teams Schmidt (coordinator) Social Science Teams Samuelson (coordinator) Complex Interdependency Modeling and Analysis Anantharam (lead) Economics, Public Policy and Societal Challenges Varian (lead) Software Security Mitchell (lead) Trusted Platforms Rosenblum (lead) Secure Network Embedded Systems Wicker (lead) Digital Forensics and Privacy Tygar (lead) Applied Cryptographic Protocols Wagner (lead) Model-based Integration of Trusted Components Sztipanovits (lead) Human Computer Interfaces and Security Garcia-Molina (lead) Network Security Joseph (lead) Secure Information Management Software Birman (lead) NSF STC Review December 4, 2018
Evaluation of Results As the technical areas covered by this proposal are extremely broad, it is crucial to devise an effective plan or strategy to evaluate the research results in terms of the performances of the integrated testbeds. However, the proposal does not address this issue. The proposal provides a list of deliverables, which is a plus, but the deliverables do not show clear connections to the development of the proposed integrative testbeds. In general, the proposal raises good questions concerning existing approaches and systems, but does not elaborate sufficiently how the new technologies and systems proposed to be developed will be more effective. NSF STC Review December 4, 2018
Mod-based Integration Secure Inf Mgmt Tools Econ Pub Policy Security Technology Systems Science Social Science Software Security Trusted Platforms Applied Crypto. Network Security Modeling Analysis Net EmbedSys Model-based Integration Secure InfMgtSoftware Tools Dig Forensics Privacy HumComp Interfaces, Power Grid √ Netwk/Embd Sys PlanetLab DETER Software Security Trusted Platforms Applied Cryptography Network Security CI Modeling Analysis Secure Net Embed Sys Mod-based Integration Secure Inf Mgmt Tools Econ Pub Policy Forensics, Privacy Hum-Comp Interfaces NSF STC Review December 4, 2018
Conclusion Diverse team Integrative testbeds Management structure Bring security, software, social science together to solve fundamental problems Integrative testbeds Motivate research, facilitate collaboration Management structure Matrix of interlocking responsibilities Works well so far! NSF STC Review December 4, 2018
From reviews The TRUST team will address very important research issues underlying critical infrastructure security problems and ubiquitous computing. Given their current track record, there is every reason to believe that the outcomes of this research will contribute substantially to scientific knowledge and will have direct impact on important societal issues. NSF STC Review December 4, 2018