1. HOMMER: Holistic Model for Minority Education & Research “The Balancing Act”: Accountability vs. Privacy by Deidre W. Evans Christy L. Chatmon Department of Computer and Information SciencesMay 5th, 2004

2. Overview Introduction Research Discussion –“The Balancing Act” Goals of Research –Security Track in Curricula –Center of Educational Excellence in Information Assurance by NSA –Build Collaborations Department of Computer and Information SciencesMay 5th, 2004

3. Introduction September 11, 2001 was in part due to a lack of operational balance between privacy and accountability: –“Uncrackable encryption is allowing terrorists to communicate about their intentions without fear of outside intrusion. They’re thwarting the efforts of law enforcement to detect, prevent and investigate illegal activities.” [FBI director] Department of Computer and Information SciencesMay 5th, 2004

4. Introduction Increase in security threats –Denial of service, worms, viruses, etc. Advancement in data retrieval & storage mechanisms –Data-mining, CRM, WEB Tracking

5. “The Balancing Act” Privacy/Anonymity –Controlling all information about one’s self & personal activity –Authentication Passwords, PKI’s, biometrics, etc. Accountability/Security –Attribute actions to the user that caused those actions

6. “The Balancing Act” Investigate existing methodologies: –Key Escrow third party retrieves cryptographic keys for data confidentiality for recovery of encrypted data –PKIs Department of Computer and Information SciencesMay 5th, 2004

7. “The Balancing Act” Department of Computer and Information SciencesMay 5th, 2004 AnonymityAccountability PrivacyAuthentication PrivacyCyber-forensics Free SpeechLiability/Copyright

8. Goals of Research Problem: –Existing paradigms embody conflict between security goals and privacy goals Goal: –Explore alternative paradigms that balances the needs for security with the needs for personal privacy Develop a cryptographic infrastructure models, techniques, & tools to facilitate “privacy-balanced accountability” Department of Computer and Information SciencesMay 5th, 2004

9. Goals of Research FAMU CIS department recognized as a Center of Educational Excellence in Information Security by National Security Agency Information Security Track in CIS curricula Department of Computer and Information SciencesMay 5th, 2004

10. Goals of Research

11. Standalone Security Lab to support research & course needs –explore new paradigms for training students about security and to foster students’ interests in security issues Extend collaborations with other security educators –FSU, University of Central Florida, etc. Department of Computer and Information SciencesMay 5th, 2004

12. References [1]Carl Ellison and Bruce Schneier. Ten Risks of PKI, What You Are Not Being Told About PKI. Computer Security Journal, Vol. XVI, No. 1, 2000. [2]Donald Runsfeld. US Secretary of State, Comments to the press, Sept 12, 2001, http://www.defenselink.mil/cgi- bin/real_audio.pl?Sep2001/DoD091201a&1000322100 [3] Hosmer, C., Gordon, G., Hyde, C., Grant, T. "Cyber Forensics 2000." Proceedings, 1st Annual Study of the State-of-the-Art in Cyber Forensics. [4]J.K. Millen and R.N. Wright. Reasoning about Trust and Insurance in a Public Key Infrastructure. Proceedings of 13th IEEE Computer Security Foundations Workshop, IEEE Computer Society, July 2000. [5]Jack Kelley. Terror groups hide behind Web encryption. USA Today, June 19, 2001, http://www.usatoday.com/life/cyber/tech/2001-02-05-binladen.htm [6]M. Burmester, Y. Desmedt and J. Seberry. Equitable key escrow with limited time-span. Advances in Cryptology, Asiacrypt 98, LNCS 1514, Springer, Berlin, pp. 380-391, 1998. Department of Computer and Information SciencesMay 5th, 2004