8 July 2005MM Sprinkle UC Berkeley TRUST :Team for Research in Ubiquitous Secure Technologies An Overview Shankar Sastry (Berkeley), Ruzena Bajcsy (Berkeley),

Slides:

Advertisements

Similar presentations

Disaster Risk Reduction and Governance. Ron Cadribo.

Advertisements

 Copyright 2007 STI - INTERNATIONAL Semantic Technology Institute International PlanetData - Ensuring Impact.

Improving Cybersecurity Through Research & Innovation Dr. Steve Purser Head of Technical Competence Department European Network and Information Security.

© 2003 Carnegie Mellon University slide 1 Building CSIRT Capabilities and the State of the Practice Georgia Killcrece CSIRT Development Team CERT ® Training.

TRUST, Washington, D.C. Meeting January 9–10, 2006 TRUST :Team for Research in Ubiquitous Secure Technologies Overview Shankar Sastry, PI and Dir. Ruzena.

Cyber Security R&D Challenges: A Homeland Security Perspective Simon Szykman, Ph.D. Director, Cyber Security R&D

DHS, National Cyber Security Division Overview

South Carolina Cyber.

Smart Grid - Cyber Security Small Rural Electric George Gamble Black & Veatch

1 Telstra in Confidence Managing Security for our Mobile Technology.

February 21, 2008 Center for Hybrid and Embedded Software Systems Organization Board of Directors Edward A. Lee, UC Berkeley.

Overview FAA IT & ISS R&D: Security Today Security Tomorrow Marshall Potter Chief Scientist for Information Technology Federal Aviation Administration.

CSCD 434 Spring 2011 Lecture 1 Course Overview. Contact Information Instructor Carol Taylor 315 CEB Phone: Office.

Higher Education Cybersecurity Strategy, Programs, and Initiatives Rodney Petersen Policy Analyst & Security Task Force Coordinator EDUCAUSE.

A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality

A project under the 7th Framework Programme CPS Workshop Stockholm 12/04/2010 Gunnar Björkman Project Coordinator A Security Project for the Protection.

The LOGIIC Consortium Zachary Tudor, CISSP, CISM, CCP Program Director SRI International.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

Bill Newhouse Program Lead National Initiative for Cybersecurity Education Cybersecurity R&D Coordination National Institute of Standards and Technology.

Critical Emerging Network-Centric Applications Tele-control/tele-presence Defense Tele-medicine Remote plane/vehicle/robot control Distance learning Real-time.

Lessons Learned in Smart Grid Cyber Security

1 HiPEAC Workshop on Building Partnerships September 25, 2014 Ljubljana, Slovenia.

Computer Science and Engineering 1 Csilla Farkas Associate Professor Center for Information Assurance Engineering Dept. of Computer Science and Engineering.

Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy.

Whitacre College of Engineering Panel Interdisciplinary Cybersecurity Education Texas Tech University NSF-SFS Workshop on Educational Initiatives in Cybersecurity.

1 © 2003 Cisco Systems, Inc. All rights reserved. CIAG-HLS Security For Infrastructure Protection: Public-Private Partnerships KEN WATSON 15 OCT.

The Materials Genome Initiative and Materials Innovation Infrastructure Meredith Drosback White House Office of Science and Technology Policy September.

BOTSWANA NATIONAL CYBER SECURITY STRATEGY PROJECT

TRUST September 13 th 2004NSF STC Site Visit TRUST :Team for Research in Ubiquitous Secure Technologies Shankar Sastry (Berkeley), Mike Reiter (CMU), Steve.

TRUST NSF Site Visit, Berkeley, March, 2007 Sensor Networks: Technology Transfer Stephen Wicker – Cornell University.

IST programme Cultural Heritage in Tomorrow ’s Knowledge Society FUTURE PLANS FP6 Cultural Heritage in Tomorrow ’s Knowledge Society FUTURE PLANS FP6 RRRESE.

CSCD 434 Network Security Spring 2014 Lecture 1 Course Overview.

Dependability in FP 6 Brian Randell Pisa Workshop, November 2002.

“The NESSI Strategy: The Way Ahead” BCI´07 Jose M. Cavanillas Vice-chairman NESSI Steering Committee Director Atos Origin – Research & Innovation.

Dependable ICT for Utilities Proposal for DESIRE activities The CRIS Institute Hans Ottosson The International.

INFORMATION TECHNOLOGY IN A GLOBAL SOCIETY

Janos Sztipanovits Dr. Janos Sztipanovits E. Bronson Ingram Distinguished Professor of EECS Director of ISIS Vanderbilt University Nashville, TN Overview.

Dec 14 th, 2005Telecom Italia Strategy Meeting TRUST :Team for Research in Ubiquitous Secure Technologies Strategic and Implementation Plan overview Shankar.

TRUST, Washington, D.C. Meeting January 9–10, 2006 Integrative Projects Status Report Janos Sztipanovits.

EDUCAUSE LIVE EDUCAUSE/Internet2 Computer and Network Security Task Force Update Jack Suess January 21, 2004.

1 Direction scientifique Networks of Excellence objectives  Reinforce or strengthen scientific and technological excellence on a given research topic.

Randy Beavers CS 585 – Computer Security February 19, 2009.

Frankfurt (Germany), 6-9 June 2011 Iiro Rinta-Jouppi – Sweden – RT 3c – Paper 0210 COMMUNICATION & DATA SECURITY.

WELCOME David Culler 2/26/04. TinyOS Tech Exchange So what is this all about? Meeting point for the larger TinyOS community –Beyond UCB, UCLA, Intel,

International Telecommunication Union Geneva, 9(pm)-10 February 2009 BEST PRACTICES FOR ORGANIZING NATIONAL CYBERSECURITY EFFORTS James Ennis US Department.

TRUST : Team for Research in Ubiquitous Secure Technology National Science Foundation Site Visit February 24-26, 2009 │Berkeley, California Health Infrastructures.

TechCon Food systems history… Agriculture has a 10,000 year history Farmers are estimated to be 38 to 45% of the global work force In the developing.

AUB Department of Electrical and Computer Engineering Imad H. Elhajj American University of Beirut Electrical and Computer Engineering

REGIONAL INNOVATION NATIONAL PROSPERITY Presented by Charles J. Brown III HRQMC Regional Agenda.

TRUST 2 nd Year Site Visit, March 19 th, 2007 TRUST Knowledge Transfer EMR Project Vanderbilt (Sztipanovits, Karsai, Ledeczi, Xue) Stanford (Mitchell,

Jacques Bus Head of Unit, DG INFSO-F5 “Security” European Commission FP7 launch in the New Member States Regional on-line conference 22 January 2007 Objective.

What’s Happening at Internet2 Renee Woodten Frost Associate Director Middleware and Security 8 March 2005.

Latest Strategies for IT Security Margaret Myers Principal Director, Deputy CIO United States Department of Defense North American Day 2006.

Internet2 Strategic Directions October Fundamental Questions  What does higher education (and the rest of the world) require from the Internet.

Research and Innovation Policies Exploiting synergies for Sustainable Growth in Europe 14 July 2009.

IS3220 Information Technology Infrastructure Security

Education and Human Resource development By Ruzena Bajcsy TRUST TRUST:Team for Research in Ubiquitous Secure Technologies September 13th 2004 NSF STC Review.

Preparing Mechanical Engineering Students for Collaborations Across Distance and Disciplines (CADD) Nina Robson California State University, Fullerton.

Cyber Security – An Existential Threat? (IIC, Singapore)

Educause/Internet 2 Computer and Network Security Task Force

TRUST Area 3 Overview: Privacy, Usability, & Social Impact

ASSET - Automotive Software cyber SEcuriTy

BRIDGING DIVIDES: towards digital dividends for all

TRUST:Team for Research in Ubiquitous Secure Technologies

TRUST:Team for Research in Ubiquitous Secure Technologies Overview

CSCD 434 Network Security Spring 2012 Lecture 1 Course Overview.

TRUST:Team for Research in Ubiquitous Secure Technologies

TRUST:Team for Research in Ubiquitous Secure Technologies

CIPSEC architecture CIPSEC workshop Frankfurt 16/10/2018

CSCD 434 Network Security Spring 2019 Lecture 1 Course Overview.

Presentation transcript:

8 July 2005MM Sprinkle UC Berkeley TRUST :Team for Research in Ubiquitous Secure Technologies An Overview Shankar Sastry (Berkeley), Ruzena Bajcsy (Berkeley), Sigurd Meldal (SJSU), John Mitchell (Stanford), Mike Reiter (CMU), Fred Schneider (Cornell), Janos Sztipanovits (Vanderbilt), Steve Wicker (Cornell)

2 8 July 2005MM Sprinkle UC Berkeley Attacks are growing in sophistication

3 8 July 2005MM Sprinkle UC Berkeley Attack Incidents [Reports to CERT/CC]

4 8 July 2005MM Sprinkle UC Berkeley The Internet in 1980

5 8 July 2005MM Sprinkle UC Berkeley The Internet Today

6 8 July 2005MM Sprinkle UC Berkeley Bad Code + Big Networks = Problems Geographic spread of Sapphire worm 30 minutes after release Source: CodeRed worm (Summer 2001) – Infected 360,000 hosts in 10 hours (CRv2) Sapphire/Slammer worm (Spring 2003) – 90% of Internet scanned in <10mins

7 8 July 2005MM Sprinkle UC Berkeley Technology Generations of Information Assurance 1st Generation (Prevent Intrusions) Intrusions will Occur Some Attacks will Succeed Cryptography Trusted Computing Base Access Control & Physical Security Multiple Levels of Security 2nd Generation (Detect Intrusions, Limit Damage) Firewalls Intrusion Detection Systems Boundary Controllers VPNs PKI 3rd Generation (Operate Through Attacks) Big Board View of Attacks Real-Time Situation Awareness & Response Intrusion Tolerance Graceful Degradation Hardened Core Functionality Performance Security

8 8 July 2005MM Sprinkle UC Berkeley TRUST ed Systems and Software TRUST is more than resistance to information attack: Today’s systems and networks are fragile, difficult-to- compose and maintain: – Non-robust – Non-adaptive – Untrustworthy Point failures bring down systems Difficult, costly-to-compose useful systems from multiple components Poor or nonexistent means for building reliable systems from necessarily unreliable components Poor understanding of vulnerabilities of networks, performance under – and uncharacterized attacks No clear history, pedigree on data, code

9 8 July 2005MM Sprinkle UC Berkeley TRUST worthy Systems More than an Information Technology issue Complicated interdependencies and composition issues – Spans security, systems, and social, legal and economic sciences – Cyber security for computer networks – Critical infrastructure protection – Economic policy, privacy TRUST : “holistic” interdisciplinary systems view of security, software technology, analysis of complex interacting systems, economic, legal, and public policy issues Goals: – Composition and computer security for component technologies – Integrate and evaluate on testbeds – Address societal objectives for stakeholders in real systems

10 8 July 2005MM Sprinkle UC Berkeley Research Agenda Security Science (Schneider) – Software Security (Mitchell) – Trusted Platforms (Boneh) – Applied Cryptography Protocols (Wagner) – Network Security (Joseph) Systems Science (Schmidt) – Interdependency Modeling and Analysis (Anantharam) – Secure Network Embedded Systems (Wicker) – Model Based Integration of Trusted Components (Sztipanovits) – Secure Information Management Tools (Birman) Social, Economic and Legal Considerations (Samuelson) – Economics, Public Policy and Societal Challenges (Varian) – Digital Forensics and Privacy (Tygar) – Human computer Interfaces and Security (Reiter)

11 8 July 2005MM Sprinkle UC Berkeley Broad Research Vision Privacy Computer and Network Security Power Grid Testbed Network Security Testbed Secure Networked Embedded Systems Testbed Software Security Trusted Platforms Applied Crypto- graphic Protocols Network Security Secure Network Embedded Sys Forensic and Privacy Complex Inter- Dependency mod. Model-based Security Integration. Econ., Public Pol. Soc. Chall. Secure Compo- nent platforms HCI and Security Secure Info Mgt. Software Tools Component Technologies Societal Challenges IntegrativeTestbeds TRUST will address social, economic and legal challenges Specific systems that represent these social challenges. Component technologies that will provide solutions Critical Infrastructure

12 8 July 2005MM Sprinkle UC Berkeley Integration of Research Agenda Four testbeds chosen to be responsive to national needs: Computer and network security, Critical infrastructure protection, Privacy (Sztipanovits coordinator) – Integration testbed – Secure Network Embedded Systems – Planet Lab (Culler) – Cyber Defense Technology Experimental Research testbed (DETER) (Benzel/Joseph/Sastry) Technical Management Plan through time sensitive internal deliverables of software, systems among team members Exchange of scientific personnel among team members

13 8 July 2005MM Sprinkle UC Berkeley Education Program Vision Security must be consciously engineered into new and legacy critical infrastructure systems Every component level needs rethinking and education: need to build in TRUST: security science, systems science and social, legal, economic considerations into every course in undergrad and grad curricula (“liberal” technologically literate education) Summer school, hallmark of TRUST for hottest new research Repositorying content developed Evaluation of Effectiveness

14 8 July 2005MM Sprinkle UC Berkeley Education Evaluation Metrics

15 8 July 2005MM Sprinkle UC Berkeley Outreach Vision and Goals It is an oft quoted adage that security is as strong as the weakest link. Our aim is to have no weak links left in the education of our society about the technical, compositional, privacy, economic and legal aspects of trusted information systems. We will begin locally but spread our outreach as far as we can along as many diverse axes as we can. Current outreach and diversity efforts are piecemeal. We have a comprehensive solution K-6, 6-12 school outreach Summer research for HBCU/HSIfaculty Curriculum development for HBCU/HSIfaculty Undergrad Research Opportunities Grad Research Opportunities Summer Immersion Institute for women Community Outreach

16 8 July 2005MM Sprinkle UC Berkeley Knowledge Transfer Vision: TRUST as a Public Private Partnership TRUST as trusted intermediary between industry, government, non-profit and academia for answering hard questions: – Who will pay for security – Should the Feds play the role of market maker – Roadmaps for guiding investment – The role of regulation/insurance Open dissemination of research: – Publications and software – Short courses – Public lectures and forums – Curriculum development and courses

17 8 July 2005MM Sprinkle UC Berkeley Key Infrastructures Chosen for Transition Electric Power Infrastructures: SCADA networks and their evolution, wireless sensor network testbed at Oak Ridge, DoE’s DC net Financial Infrastructures: key partnerships with Secret Service and Treasury, USPS and financial institutions DoD’s Global Information Grid (GIG): key partnerships with Air Force (JBI), Command and Control (Constellation) networks

18 8 July 2005MM Sprinkle UC Berkeley Leadership and Outreach to other groups EU-IST and US partnerships in dependability and TRUST OSTP/DHS/Treasury/DoE/DoD workshops Workshops for venture partners Special issues of ACM/IEEE/… ESCHER, a non-profit for repositorying TRUST software ACM-SIGBED Partnerships with Singapore (Nanyang) and Taiwan (National Chiao Tong and National Taiwan University)