210 likes | 427 Vues
The INFOSEC Research Council. Carl Piechowski Chair IRC, DOE Dr. Douglas Maughan IRC Program Manager, DARPA John C. Davis Executive Agent IRC, Mitretek. The INFOSEC Research Council (IRC). Charter Informally chartered, government sponsored, voluntary organization Goals
E N D
The INFOSEC Research Council Carl Piechowski Chair IRC, DOE Dr. Douglas Maughan IRC Program Manager, DARPA John C. Davis Executive Agent IRC, Mitretek
The INFOSEC Research Council (IRC) • Charter • Informally chartered, government sponsored, voluntary organization • Goals • Facilitate communication and collaboration between participating organizations • Enable knowledgeable and intelligent information security research investments • Increase efficiency and effectiveness of U.S. Government INFOSEC research • Support consolidated identification of high value research targets • The IRC provides an opportunity for participants to: • Discuss critical information security issues • Convey members’ research needs • Describe current research activities and planned research investments • Informally examine concepts and approaches against a body of experience and knowledge • Benefit to members • Helps them to focus their INFOSEC research investments through coordination with other relevant individuals and organizations
Roll Up DB Knowledge Base Hard Problems List IRC Vision INFOSEC Science and Technology Study Groups INFOSEC Research Council Innovative Approaches Funding Requirements Fed Labs & FFRDC R&D Participating Organizations Warfighter, National Security, Homeland Security, and Civil Agency Needs Academic R&D Industry R&D Ideas Solutions
IRC Background • First organized by NSA R2 in May 1996 • IRC activities are sponsored by most of the participating organizations, as led and coordinated by DARPA • U.S. Department of Energy provides the current chairperson
IRC Participants • Representatives from U.S. Government organizations that sponsor information security research • Current Members • DOD: BMDO, DTRA, NCS, DARPA, NSA, OSD • Air Force: AFRL, AFIWC • Army: ARL, CECOM • Navy: NRL, ONR, SPAWAR • Intelligence Community: CIA, NRO, ARDA • Civilian Agencies: DOE, NIST, NSF, FBI, FAA, DOJ, NRC
IRC Activities • Bimonthly meetings • Program discussions • Relevant technical presentations • Review new developments • Events • Developed the INFOSEC “Hard Problems List” • Developing an R&D Database • Developed R&D Summary Report • Created and maintain IRC websites • www.infosec-research.org • Initiate INFOSEC Science and Technology Study Groups (ISTSG)
INFOSEC Science and Technology Study Groups • Studies • Issues of particular import • Issues of shared interest • Benefit from the contributions of recognized experts • Studies Completed • Information Assurance Vision / End State • Malicious Code • Studies Proposed • Self Healing Networks • Technology Transfer • Network Study
Recent Briefings • Institute for Information Infrastructure Protection (I3P) – Michael Vatis, Dartmouth University • National Strategy to Secure Cyberspace – Marcus Sachs, Director for Communication Infrastructure Protection • NIAP Certification of Linux and Security-Enhanced Linux – Tony Stanco, George Washington University • Homeland Security: In Pursuit of the Asymmetric Advantage – Ruth David, Analytic Services, Inc. (ANSER) • The State of Information Security within the Civil Agencies – Keith A. Rhodes, GAO
Recent Briefings • Large Network Security – Dr. Ed Amoroso, AT&T • Know Your Enemy: Modeling and Predicting Hacker Behavior– the Honeynet Project • Fortune 500 Corporate Security – Head of Security of F500 company • "DUSD (S&T)'s Software Protection Initiative" – Jeff Hughes • MAC OS Security -- Shawn Geddis, Apple Federal • Microsoft XP Security – Sean Finnegan, Microsoft
INFOSEC Research Hard Problems List • Why define the “hard problems?” • Identify important roadblocks to effective information security • Guide research program planning • Achieve consensus on identifying especially difficult/persistent information security issues • How was it done? • Discussion and e-mail exchanges among members • Contributions from national experts
What makes INFOSEC problems hard? • Technical factors • Need for COTS solutions • Need for wide deployment of security technology • Need to manage complex, networked systems securely • Need to support dynamic security policy environments • Growing technical sophistication of threats • IT Market and user perception factors • COTS provides more function, less assurance • Declining government influence on COTS information technology • User belief COTS security will suffice • Unrealistic assumptions (e.g. detect new attack)
Design & Development Secure system composition High assurance development Metrics for security Operational Intrusion and misuse detection Intrusion and misuse response Security of foreign and mobile code Controlled sharing of sensitive information Application security Denial of service Communications security Security management infrastructure Infosec for mobile warfare IRC’s Hard Problem List
Program R&D Database • Originally in hardcopy: • Now being automated • Each member organization provides R&D summary info • Project records will target: • Summary technical info / URL • Contact information • Non-sensitive budget info • Relationship to Hard Problems list • Benefits: identify resources being applied to hard problems, support gap analysis
R&D Study • Collected information about Federal INFOSEC R&D Programs • Identified key INFOSEC issues facing the U.S. • Fundamental flaws in much of the nation’s deployed information infrastructure that leave systems open to exploitation • Decreasing diversity in the software components of that infrastructure, and diminishing ability to assure that hardware communications paths are diverse, which causes any flaw to be very wide-spread • Lack of effective means for detecting the exploitation of these flaws, both tactically and strategically • Lack of controllable, graduated responses to such exploitations • Synthesized the data • Performed Gap Analysis
IRC Websites -- Overview • Provide the infrastructure for communicating research priorities and sharing research results • Mitretek Systems maintains three IRC websites for various audiences • Public - http://www.infosec-research.org • IRC Meeting Participants • IRC Members • Implemented using open source software • Websites are hosted at Mitretek Systems in Falls Church, VA
IRC Public Website • Only publicly accessible IRC website • Provides an overview of the organization and objectives • Website contents • IRC Charter • Member Organizations • Upcoming Meeting Date and Location • Public Documents • Hard Problems List • IRC Overview (PowerPoint and Word Document) • Contact Information
IRC Meeting Participants Website • Access controlled by username/password • Separate username/password issued for each meeting to all participants • SSL used for encrypted communication • Website contents • Schedule of future meetings • Meeting agendas • Abbreviated minutes -- contents from Closed Sessions are removed • Presentations from Open Sessions
IRC Members Website • Access limited to Federal employees and IPAs • PKI client certificates are used for website authentication • SSL used for encrypted communication • Website contents • Schedule of future meetings • Meeting agendas • Complete minutes • Presentations from all sessions • ISTSG results / Draft documents for review • Calendar of upcoming meetings and conferences • Infrastructure to support the R&D database • Search R&D summary information • Update R&D project information
IRC Benefits While it is understood that each participating agency will have its own research priorities, the IRC helps identify and organize high priority INFOSEC problem areas and related research opportunities. The IRC: • Promotes more efficient and effective use of research funds • Shares expertise • Supports corporate memory beyond organization • Helps identify common problems • Helps avoid redundant efforts
Chair, Infosec Research Council Carl Piechowski U.S. Department of Energy SO-13 19901 Germantown Rd Germantown, MD 20874-1290 Phone: 301-903-4053 carl.piechowski@hq.doe.gov IRC Executive Agent John Davis (703) 610-1945 Mitretek Systems, Inc MS F220 3150 Fairview Park Drive South Falls Church, VA 22042 Fax: (703) 610-1699 john.davis@mitretek.org Thank You