1 / 9

Update on OCI’s Cybersecurity Activities for CASC

Update on OCI’s Cybersecurity Activities for CASC. September 2011 Kevin Thompson. Outline. New SaTC solicitation FY11 SDCI program and new awards Software Institute workshop on Cyber Security from Aug 2010 revisited. SaTC – Secure and Trustworthy Cyberspace.

joseph-garrison
Télécharger la présentation

Update on OCI’s Cybersecurity Activities for CASC

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Update on OCI’s Cybersecurity Activities for CASC September 2011 Kevin Thompson

  2. Outline • New SaTC solicitation • FY11 SDCI program and new awards • Software Institute workshop on Cyber Security from Aug 2010 revisited

  3. SaTC – Secure and Trustworthy Cyberspace • Joint solicitation from CISE, OCI, and SBE • CISE’s long standing basic research program in cyber security (Trustworthy Computing) as the basis • OCI’s Transition to Practice Theme

  4. Software Development for Cyberinfrastructure (SDCI) FY10 Cyber Security Focus • [Separate from the SDCI network performance focus area] • Malware detection and prevention: areas include polymorphism, countering obfuscation, command&control • Situational understanding: includes varying time scales, attack attribution, cross-boundary data sharing, and handling massive data. • Assurance techniques in sharing data: anonymization and protections for data collected, in transit, and at rest • Software assurance: tools and services for software testing and vulnerability analysis • HPC resources and distributed computing: secure access to, leverage of, and improving security of existing compute resources. • Research infrastructure: supporting cyber security r&d

  5. SDCI Proposal Requirements • Partnering with a scientific research project (users) and/or deployment environment (CI infrastructure) • Working with an existing software base or initial prototype capability of some kind • Use of NSF-funded software build-and-test services or alternative • Application to NSF community, in terms of user identification, missing/needed capability, and impact • Project plan including release, deployment info and eval plan • open source license to be used • Collaborations with industry encouraged, not required • “Strong preference will be shown for efforts that provide near-term benefit to a broad user base in the NSF community”

  6. SDCI Awards from FY11 • 8 projects • Award activities 3 years in duration • Total funding ~$5M • Award abstracts available at www.fastlane.gov

  7. SDCI Awards from FY11 • #1127210 – “Distributed Web Security for Science Gateways” – Jim Basney (UIUC) • #1127500 – “Metadata Management Software Tools to support R&D of Cyberinfrastructure” – kc claffy (UCSD) and Minaxi Gupta (Indiana) • #1127361 – “New Software Platforms for Supporting Network-wide Detection of Code Injection Attacks” – Fabian Monrose (UNC) • #1127506 – “Transport-Layer Abusive Traffic Detection and Mitigation” – Rob Beverly (NPS) • #1127388 – “Traffic Modeling and Generation with Custom Fidelity for Cyber Security Experimentation” – Jelena Mirkovic (USC) • #1127425 – “SESv3 (Security Event System – Version 3)” – Doug Pearson (Indiana) • #1127195 – “Passive and Active DNS Monitoring Tools for Detecting and Tracking the Evolution of Malicious Domain Names” – Roberto Perdisci (Georgia) • #1127396 – “Integrated Simulation and Emulation Platform for Security Experimentation” – Yuan Xue (Vanderbilt)

  8. SI2 Workshop on Cyber Security from Aug 2010 • Report of NSF Workshop on Scientific Software Security Innovation Institute • http://security.ncsa.illinois.edu/si32/ • Key recommendations / community needs (16 total): • Provide leadership/guidance to NSF and NSF community • Provide documentation, training, recommendations and consulting to NSF CI projects on s/w security, security s/w • Short term support for “orphaned” critical security s/w • Perform independent s/w security assessments • Support security design reviews of MREFCs and smaller efforts

  9. S2I2 recommendations cont’d • Highlight/rank security s/w used in community • Provide vulnerability analysis and security autiting • Should Not develop s/w • Should Not do s/w integration • Should Not operational security services or replicate existing • Governed in an open fashion • Synthesis point for expertise w/out owning all expertise • Coordinate with other agencies and agency efforts • Defined relationship with CMU SEI, InCommon, I2, REN-ISAC, XD TAIS, etc • Document institute success metrics and pursue other funding

More Related