Cyber Security Report Released

On June 28, 2007, In Events, People, Policy, Research, Security, By MelissaNorr

The National Research Council of the National Academies of Science released a new report on cyber security and research called “Toward a Safer and More Secure Cyberspace.” The report is available for free online at the National Academies Press.
The report lists three broad categories that lack of cyber security falls into:

First is the threat of catastrophe-a cyberattack, especially in conjunction with a physical attack, could result in thousands of deaths and many billions of dollars of damage in a very short time. Second is frictional drag on important economic and security-related processes. Today, insecurities in cyberspace systems and networks allow adversaries (in particular, criminals) to extract billions of dollars in fraud and extortion-and force businesses to expend additional resources to defend themselves against these threats. If cyberspace does not become more secure, the citizens, businesses, and governments of tomorrow will continue to face similar pressures, and most likely on a greater scale. Third, concerns about insecurity may inhibit the use of IT in the future and thus lead to a self-denial of the benefits that IT brings, benefits that will be needed for the national competitiveness of the United States as well as for national and homeland security.

It also lists a set of ten provisions that could form a Cyber Security Bill of Rights. The provisions are:

I. Availability of system and network resources to legitimate users.
II. Easy and convenient recovery from successful attacks.
III. Control over and knowledge of one’s own computing environment.
IV. Confidentiality of stored information and information exchange.
V. Authentication and provenance.
VI. The technological capability to exercise fine-grained control over the flow of information in and through systems.
VII. Security in using computing directly or indirectly in important applications, including financial, health care, and electoral transactions and real-time remote control of devices that interact with physical processes.
VIII. The ability to access any source of information (e.g., e-mail, Web page, file) safely.
IX. Awareness of what security is actually being delivered by a system or component.
X. Justice for security problems caused by another party.

 
0 Comments
Leave A Response

First Senate Appropriations Numbers

On June 27, 2007, In American Competitiveness Initiative, FY08 Appropriations, Funding, By MelissaNorr

The Senate Commerce, Justice and Science appropriations subcommittee and the Senate Energy and Water Development appropriations subcommittee marked up their appropriations bills and, as with the House versions, it appears the science agencies did very well. We don’t yet have all the details, but here are the early numbers:
NSF received a total appropriation of $6.6 billion from the subcommittee — about $200 million more than the President’s request, $100 million more than the House subcommittee allocation, and about $700 million more than the agency received in FY 07.
NIST received $712 million, $71 million more than the President’s request and $33 million more than FY07 but $66 million less than the House subcommittee allocation. We don’t know how much of that increase goes to the NIST core research budget, however.
The Department of Energy’s Office of Science received $4.497 billion, almost $100 million above the President’s request and $700 million over FY07 but $17 million less than the House allocation.
All the usual caveats about appropriations bills apply here — we don’t have the details, no funding is certain until the bill becomes law with the President’s signature, these numbers can change dramatically if the process melts down over an earmark dispute or a veto threat, etc — but it’s again a very positive sign that both the House and the Senate appear committed to the increases called for in both the President’s American Competitiveness Initiative and the Democratic Innovation Agenda. We’ll keep you posted as the bills move forward.

 
0 Comments
Leave A Response

GENI Gets Some Press

On June 25, 2007, In Computing Community Consortium (CCC), R&D in the Press, Research, Security, By MelissaNorr

The Chronicle of Higher Education (sub. req’d.) has a great article on the future of the Internet and the Global Environment for Network Innovations or GENI. It contains quotes from many participants of the new Computing Community Consortium (CCC) that CRA helped launch.
The article talks about the problems with the current state of the Internet:

Identity theft, viruses, and attacks on Web sites are on the rise — a few weeks ago the country of Estonia was practically shut down, digitally, by deliberate attempts to jam government computers. Spam, which was less than 50 percent of e-mail traffic back in 2002, is now close to 90 percent, according to Commtouch Software Ltd., an Internet-security company.
Moreover, the Internet has great difficulty coping with the sharp increase in mobile devices like cellphones and laptops, and handling bandwidth-hungry traffic such as video, now demanded by an increasing number of users.

GENI and its possibilities are discussed in great detail:

The people pushing for change are the very people at universities and colleges who built the Internet in the first place. Researchers at the Massachusetts Institute of Technology, the University of California at Berkeley, and the University of Southern California, among others, have joined Mr. Peterson in the GENI planning process. Industry players such as chip-maker Intel are also on board.

In late May of this year, the science foundation awarded Cambridge-based BBN Technologies the job of planning GENI, giving them $10-million to spend over the next four years. The company has deep roots in the old Internet: It built the first network segment connecting four universities back in 1969.
Chip Elliott, the BBN engineer who will be running the GENI project office, thinks the project calls for two approaches. “First, if you don’t like conventional Internet protocols, try something completely different. Second, do it on a large enough scale, with enough users, so that your results actually mean something.” People associated with GENI say that “large enough” means access for experimenters at several hundred universities and, eventually, a user community in the tens of thousands.
Thousands of users will provide a crucial dose of reality, say planners. Over the years, there have been many papers published on new Internet design, and simulations run on networks such as PlanetLab. “But you don’t know how an Internet design will behave until a large group of people actually use it,” says Ms. Zegura, who will co-chair a GENI science council charged with rounding up ideas from the research community. “They will do things that you don’t expect, just like in the real Internet, and then you’ll see how robust your idea is. That’s where the rubber meets the road.”

 
0 Comments
Leave A Response
« Previous Entries
Go To Top »