The NITRD technical coordination efforts are focused in its Interagency Working Groups (IWGs) where member- and participating-agency representatives exchange information and collaborate on research plans and activities such as testbeds, workshops, and cooperative solicitations.
CYBER SECURITY ASSUMPTION BUSTER WORKSHOPS 2011
There is a strong and often repeated call for research to provide novel cyber security solutions. The rhetoric of this call is that our new solutions be radically different from existing solutions; making incremental improvements is a losing proposition; we are lagging behind and need technological leaps to get, and keep, ahead of adversaries who are themselves rapidly improving attack technology. To answer this call, we must examine the key assumptions that underlie current security architectures. Challenging those assumptions both opens up the possibilities for novel solutions that are rooted in a fundamentally different understanding of the problem and provides even stronger basis for moving forward on those assumptions that are well-founded.
The Special Cyber Operations Research and Engineering (SCORE) Interagency Working Group is conducting a series of four workshops to begin the assumption buster process. The assumptions that underlie this series is that cyber space is an adversarial domain, that the adversary is stubborn and clever, and that re-examining our cyber security architectures with these assumptions in mind will result in key insights that will lead to the novel solutions we desperately need. To assure that our discussion has the requisite adversarial flavor, we are inviting researchers that develop solutions in of the type under discussion, and researchers that exploit these solutions. The aim is to have robust debate of topics long held to be true to determine to what extent that claim is warranted. The adversarial nature of these debates will assure the threat environment is reflected in the discussion and the research concepts that result from these workshops will have a greater chance of having a sustained positive impact on our cyber security posture.
In discussing these topics we will cover a broad spectrum of security architectures: architectures that focus on securing the perimeter, architectures that focus on building out trust from a solid core, and distributed architectures. We will also discuss architectural implications of human behavior.