Presentation is loading. Please wait.

Presentation is loading. Please wait.

資安科技跨國合作 : 目標與期許 O bjectives and Expectations of International Collaboration in Information Security Research D. T. Lee 李德財 Director, IIS, Academia Sinica.

Published byNathan King Modified over 8 years ago

Similar presentations

Presentation on theme: "資安科技跨國合作 : 目標與期許 O bjectives and Expectations of International Collaboration in Information Security Research D. T. Lee 李德財 Director, IIS, Academia Sinica."— Presentation transcript:

1 資安科技跨國合作 : 目標與期許 O bjectives and Expectations of International Collaboration in Information Security Research D. T. Lee 李德財 Director, IIS, Academia Sinica Director, TWISC 資安科技跨國合作策略規劃研討會 Taipei Feb. 10, 2006

2 The Objectives and Expectation of Int’l Collaboration 2/17 Outline  Severe problems in Information Security (world and Taiwan)  Status of Info. Security R&D in Taiwan  Int’l Collaboration of Info. Security  Objectives and Expectations of Int’l Collaboration

3 The Objectives and Expectation of Int’l Collaboration 3/17 Recent Severe Incidents (World) June 17, 2005: -CardSystems, located in Arizona, was breached by SQL Injection (SecurityFocus) - 200,000 transactions got stolen - 40 million accounts were leaked June 19, 2005: - A USC database containing about 270,000 records of past applicants were leaked. (SecurityFocus) Aug 03, 2005: Cisco.com search tool was found vulnerable that could expose passwords of registered users (CNET news) - All of its customers were notified to change their passwords

4 The Objectives and Expectation of Int’l Collaboration 4/17 Internet Security Incidents (Taiwan) 2000 –Over 60% of website in Taiwan can’t prevent hackers ( Mun Sang Poh) 2001 –There was no firewall in Taiwan Stock Exchange Corporation (TSEC) (UDN.com) –TSEC was affected by Nimda, all web applications were shutdown for maintenance (Yahoo!) 2002 – “Over 80% of websites were vulnerable to SQL Injection” (TWCERT) –Apr., Taiwan’s taxation Website was breached by SQL Injection Attack Academia Sinica received requests from government to develop solutions –Nov., Taiwan DoD’s Website was found vulnerable to SQL Injection, by IIS, Academia Sinica More than 6000 accounts and confidential personal data compromised The vulnerability was fixed in two weeks 2005: –Taiwan’s College Entrance Exam Center was hacked –More than 10,000 accounts of data leaked!

5 The Objectives and Expectation of Int’l Collaboration 5/17 R&D in Info. Security Digital SignaturesCryptographyAAAVirusIDS/ IPSData Privacy ProtectionDigital Rights Protection Electronic Cash PKI Smart Card OS Security Software Security Hardware Security Anti- Spyware/ Malware Mobile Commerce P2P Security

6 The Objectives and Expectation of Int’l Collaboration 6/17 Improving R&D Effort in Info. Security 國內研發團隊在五個面向有所不足 – 網路安全 ( 入侵偵測誤判率偏高 ) – 應用程式安全 ( 安全漏洞潛伏於程式碼 階段 ) – 異質網安全 ( 異質網路匯流後所造成之 安全議題 – 數位監控 / 鑑識 ( RFID 與監控系統造成 隱私權爭議 – 資安科技應用 ( 資安風險評估及專家系 統 )

7 The Objectives and Expectation of Int’l Collaboration 7/17 Initiatives & e-Taiwan 2008 project 2000 - Mr. President Chen, S.B. instructed that Information Security is top priority in e-government 2001 - Executive Yuan assigned “Building Secure Information & Communication Environment (BSICE) ” to e-Taiwan2008 project 2002 - DoD announced “Information Security Will Become Regular Maneuvers.” 2003 - MoEA announced 2 nd half of BSICE (2005-2008 ) will focus on core technology development & transfer 2005 - TWISC was officially founded 2006 – initiated Int’l Collaboration of Information Security

8 The Objectives and Expectation of Int’l Collaboration 8/17 Int’l Collaboration in Info. Security Why and How –Objectives –Expectation Core Values to Taiwan Info. Security Research Core Values to Taiwan Info. Security Industry

9 The Objectives and Expectation of Int’l Collaboration 9/17 Some Questions In the Internet era, what’s the competitiveness of Taiwan? –IC industry and its R&D –One of the best e-gov infrastructure in the world Over 90% penetration –One of the highest Internet prevalence Top 5 in the world But in many arenas, (information security research in particular), we are the followers: –What do we do? We need to IMPORT knowledge! Act and think internationally!!!

10 The Objectives and Expectation of Int’l Collaboration 10/17 Objectives of Int’l Collaboration 2 Improve skill set in Info. Security via learning from world- class team –People’s expertise –Trend in research –Resources utilization/allocation –Operation plan Keep abreast in start-of-the-art research topics Build own team of advanced information security research Look for opportunities to participate in int’l information security standards (as a key member) Create unique competitiveness for Taiwan IS industry

11 The Objectives and Expectation of Int’l Collaboration 11/17 Objectives of Int’l Collaboration 1 培養種子資安研發人才 提升國內資安研發水準和能量 鞏固資安研究之核心技術 提升資安研究之國際影響力 建置資安關鍵技術系統供政府機關 ( 構 ) 及業界技轉

12 The Objectives and Expectation of Int’l Collaboration 12/17 From the trend of industry: Global Security Product Markets ( From: BusnissInsights ) 1. 2. 3. 4.

13 The Objectives and Expectation of Int’l Collaboration 13/17 5 Years Later? After 5 years, what will Taiwan become in information security area? –Own several world-class technologies? –A solid research infrastructure that supports Training of People Knowledge and Technology Transition People Networking (global) Resources Utilization/Sharing (global) International Competition –Academia-Industry collaboration in info. security with real applications Derive new business model? Trigger new IS industry? Beyond OEM, ODM? Toward IIT (Invent in Taiwan)?

14 The Objectives and Expectation of Int’l Collaboration 14/17 Expectations 2 Valuable Outputs/Outcomes Attain core values: to gain world-class information security technologies (Creativity, Originality and Usability, Academia-Industry Cooperation) Dynamics: In Internet era, only people who act dynamically can survive. Int’l collaboration should be a multi-dimensional operation: –Exchange of scholars/engineers –Engage in security research forum, e.g. TRUST discussion forum –Join int’l working groups, e.g. IETF, OASIS, OWASP –Open source development Upgraded core competitiveness for Taiwan in both IS research and industry! –Practical Choose the right target to attack (i.e., plan strategically) Dedication, Teamwork & Execute!

15 The Objectives and Expectation of Int’l Collaboration 15/17 Expectations 1 Build Info. Security Research Infrastructure –Transfer know-how of world-class research labs –Teamwork: Setup an environment for potential researchers and students to join research projects of collaboration parties –Build a mechanism for information and knowledge sharing and management –Training Info. Security research needs more hands-on experience –Education Curriculum Exchange program –International Workshop/Conference –Others

16 The Objectives and Expectation of Int’l Collaboration 16/17 Conclusion Bring core values to Taiwan Information Security Research via International Collaboration Build a solid Info. Security Research Infrastructure as a key outcome of International Collaboration. Attain world-class info. security technologies through International Collaboration and upgrade our competitiveness Commitment, Dedication, and Teamwork will be key to success for International Collaboration

17 The Objectives and Expectation of Int’l Collaboration 17/17 Thank you for your attention

Download ppt "資安科技跨國合作 : 目標與期許 O bjectives and Expectations of International Collaboration in Information Security Research D. T. Lee 李德財 Director, IIS, Academia Sinica."

Similar presentations

Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,

Research, Development, and Evaluation Commission Department of Information Management Research, Development, and Evaluation Commission The Executive Yuan,
Company Confidential Mobile Learning for Mathematics Education for All | Sustainability | Scalability | Accessibility | Affordability in formal /informal.

Company Confidential Mobile Learning for Mathematics Education for All | Sustainability | Scalability | Accessibility | Affordability in formal /informal.
1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.

1 No Silver Bullet : Inherent Limitations of Computer Security Technologies Jeffrey W. Humphries Texas A&M University.
©2002, Pearson Education Canada 1.1 c h a p t e r 1 1 MANAGING THE DIGITAL FIRM: CANADA AND BEYOND CANADA AND BEYOND.

©2002, Pearson Education Canada 1.1 c h a p t e r 1 1 MANAGING THE DIGITAL FIRM: CANADA AND BEYOND CANADA AND BEYOND.
By Ashlee Parton, Kimmy McCoy, & Labdhi Shah

By Ashlee Parton, Kimmy McCoy, & Labdhi Shah
STEM (Science, Technology, Engineering and Math) education is an integrated, interdisciplinary approach to learning that provides hands-on and relevant.

STEM (Science, Technology, Engineering and Math) education is an integrated, interdisciplinary approach to learning that provides hands-on and relevant.
APAC Defense Forum Learning and IT Capacity Building for Defense Sector.

APAC Defense Forum Learning and IT Capacity Building for Defense Sector.
Centre for Health & Technology Maritta Perälä-Heape, PhD Director, CHT.

Centre for Health & Technology Maritta Perälä-Heape, PhD Director, CHT.
Update on GSE Activities Klaus-Dieter Barbknecht GSE President GIE General Assembly Madrid 21 November 2007.

Update on GSE Activities Klaus-Dieter Barbknecht GSE President GIE General Assembly Madrid 21 November 2007.
Internet properties and marketing implications

Internet properties and marketing implications
Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.

Contact Center Security Strategies Grant Sainsbury Practice Director, Dimension Data.
Spring 2003, IEOR 170 - Experience and Interface Design For Engineers A New Engineering Direction Mohsen Ashraf Alice ChenJake Gessin Milan Lee Angela.

Spring 2003, IEOR Experience and Interface Design For Engineers A New Engineering Direction Mohsen Ashraf Alice ChenJake Gessin Milan Lee Angela.
ICT & Nursing: Challenges for Nursing Practice Anya Zubic.

ICT & Nursing: Challenges for Nursing Practice Anya Zubic.
SiteLock Internet Security: Big Threats for Small Business.

SiteLock Internet Security: Big Threats for Small Business.
The 22 nd meeting of the INTOSAI Working Group on IT Audit (WGITA) KPI Project Final Report — Key Performance Indicators Methodology for Auditing IT Programs.

The 22 nd meeting of the INTOSAI Working Group on IT Audit (WGITA) KPI Project Final Report — Key Performance Indicators Methodology for Auditing IT Programs.
© Experian CheetahMail 2007. All rights reserved. Confidential and proprietary. 1 © Experian Information Solutions, Inc. 2009. All rights reserved. Confidential.

© Experian CheetahMail All rights reserved. Confidential and proprietary. 1 © Experian Information Solutions, Inc All rights reserved. Confidential.
Top Objectives: 1.Increase web traffic and exposure 2.Become definitive authority on Coffee 3.Increase sales to coffee centric Food Service Operators 4.Engage.

Top Objectives: 1.Increase web traffic and exposure 2.Become definitive authority on Coffee 3.Increase sales to coffee centric Food Service Operators 4.Engage.
Key Action II - Objectives Support the development and adoption of novel IST solutions for eCommerce & eWork aimed at enhancing: Support the development.

Key Action II - Objectives Support the development and adoption of novel IST solutions for eCommerce & eWork aimed at enhancing: Support the development.
MasterCard Site Data Protection Program Program Alignment.

MasterCard Site Data Protection Program Program Alignment.
1 TWNIC Update Sheng Wei Kuo, TWNIC NIR 38.

1 TWNIC Update Sheng Wei Kuo, TWNIC NIR 38.

Similar presentations

Ads by Google