dec 14 th, 2005telecom italia strategy meeting trust :team for research in ubiquitous secure...
TRANSCRIPT
Dec 14th , 2005 Telecom Italia Strategy Meeting
TRUST:Team for Research in Ubiquitous Secure Technologies
Strategic and Implementation Plan overview
Shankar Sastry (Berkeley), Anna Gatti (myQube),Giuliano Tavaroli (Telecom Italia, Pirelli)
December 14th 2005Telecom Italia Meeting
2
TRUST worthy Systems
More than an Information Technology issue Complicated interdependencies and composition issues
– Spans security, systems, and social, legal and economic sciences– Cyber security for computer networks– Critical infrastructure protection – Economic policy, privacy
TRUST: “holistic” interdisciplinary systems view of security, software technology, analysis of complex interacting systems, economic, legal, and public policy issues
Goals: – Composition and computer security for component technologies– Integrate and evaluate on testbeds– Address societal objectives for stakeholders in real systems
December 14th 2005Telecom Italia Meeting
3
Coordinated Research Agenda
TRUST center will develop and demonstrate science and technology in real-life testbeds.
TRUST has long term research objectives but immediate delivery of royalty free tools and testbeds available today.
NSF seed funding of $ 19 M (39 M) over 5 (10) years Expected additional support from US Air Force NSF/US State Department would like to make partnerships with
key international partners Coordinated research: eleven challenge areas across three key
topics:– Security Science – Systems Science– Social Science
December 14th 2005Telecom Italia Meeting
4
Security Science (1)
Network Security– Focused on making the Internet more secure– Challenges
Denial of service attacks Spoofed source addresses Routing security
– Approaches: Structured overlay networks Better infrastructure Epidemic protocols Simulation and Emulation on DETER testbed (key area for
collaboration with Telecom Italia)
December 14th 2005Telecom Italia Meeting
5
Security Science (2)
Trusted Platforms – Composition– Security and Vulnerability– Minimal Software and Hardware Configurations
Software Security– Static Code Verification– Dynamic Analysis– Multi-lingual Security– Software Design
December 14th 2005Telecom Italia Meeting
6
DETER: Cyber Defense Test and Evaluation Research
Network
Created by National Science Foundation and Department of Homeland Security for testing of network (DDOS, BGP, DNS) attacks and worm defenses in a vendor and user neutral framework
December 14th 2005Telecom Italia Meeting
7
DETER Testbed Goals
Established by Department of Homeland Security and NSF to facilitate scientific experimentation
– Establish baseline for validation of new approaches– Made available to industry such as BT, Bell South– Provide a safe platform for experimental approaches that
involve breaking network infrastructure– “Real systems, Real code, Real attacks!”
Provide access for wide community of users– Create researcher- and vendor-neutral environment (Juniper,
Cisco, HP, Foundry, IBM, Sun)– Potential to simulate effects of network attack for Telecom Italia
December 14th 2005Telecom Italia Meeting
8
Long Term Objectives
Create reusable library of test technology for conducting realistic, rigorous, reproducible, impartial tests
– For assessing attack impact and defense effectiveness– Test data, test configurations, analysis software, and
experiment automation tools Provide usage examples and methodological guidance
– Recommendations for selecting (or developing) tests and interpreting results
– Test cases and results, possibly including benchmarks Facilitate testing of prototypes during development and
commercial products during evaluation
December 14th 2005Telecom Italia Meeting
9
System Science (1)
Complex Interdependency Modeling and Analysis– The nation’s critical infrastructure is intertwined and
interdependent. Will begin Power systems, Financial Systems, and SCADA (Supervisory Control and Data Acquisition) networks
– Four-fold approach to reducing vulnerability of interdependent systems to disruptive failure
Modeling Strategies Analysis Techniques Design Technologies Operational Tools
December 14th 2005Telecom Italia Meeting
10
System Science (2)
Secure Network Embedded Systems– Present unique security concerns
Conventional end-to-end approaches break down New code must be propagated throughout the network
– Focus areas: Automated design, verification, and validation Secure, composable, and adaptive software
– Emphasis on sensor networking technology as high-impact application
Berkeley motes, Tiny OS used by hundreds of groups Motes being used by Pirelli for tire monitoring
December 14th 2005Telecom Italia Meeting
11
The Sensor Network Challenge
applications
service
network
system
architecture
data mgmt
Monitoring & Managing Spaces and Things
technology
MEMSsensing Power
Comm. uRobotsactuate
Miniature, low-power connections to the physical world
Proc
Store
December 14th 2005Telecom Italia Meeting
12
Building Comfort,Smart Alarms
Great Duck Island
Elder Care
Fire Response
Factories
Wind ResponseOf Golden Gate Bridge
Vineyards
Redwoods
Soil monitoring
Instrumenting the world
December 14th 2005Telecom Italia Meeting
13
NEST Final Experiment: Demo
December 14th 2005Telecom Italia Meeting
14
Social Science Security vs. Privacy
Digital Forensics and Privacy– Privacy cuts across the trust/security issues that are the
focus of TRUST– Common interfaces are needed for specifying privacy
requirements Allows privacy properties to transfer as information crosses
compositional boundaries– Emphasis on strong audit, selective revelation of information,
and rule-processing technologies– Research will develop framework for privacy-preserving data
mining, identify theft, and privacy-aware sensor networking.
December 14th 2005Telecom Italia Meeting
15
Sample Application: Use of IT for health in the home
Embedded, intelligent sensors as event monitors:– Provide private monitoring and alerting– Can also enable telemedicine functions– Can be used as
A personal system: electronic patient records belong to the user! Or integrated with a health care provider system
– Smart sensors can/will be easy to install and operate– Will be modular and upgradeable:
Learning and/or assimilation technologies that will customize the devices to individuals.
December 14th 2005Telecom Italia Meeting
16
Health Care Security and Privacy Testbed
Fall Detector
Berkeley Mote
RS-232
RS-232
E.g. Bluetooth Sender
Emulate sensor
E.g. Bluetooth Sender
E.g. Bluetooth Sender
E.g. Bluetooth Sender Berkeley
Mote
Zigbeeor USB
Emulate Gateway
Sensors
Mobile Gateway
Home Health System
Mobile Phone
Integrated Camera
Internet
Berkeley Motes
Hospital
Terminal, WLAN
EECS Network
(http)
Device being
deployed
Laptops for emulation of other sensors
RS232-Bluetooth “Cable
Replacers”
Telos Motes
Camera phone –
Nokia 6670Communicator – Nokia
9500
December 14th 2005Telecom Italia Meeting
17
Social Science: Usability
Human Computer Interfaces and Security– Security problems may arise through the mis-configuration of
complex systems– Generally, humans lack many computational abilities that are
conducive to securing networks and systems Research Emphases
– Strengthening standard passwords– Using biometric information– Using image recognition
December 14th 2005Telecom Italia Meeting
18
Some Concluding Remarks
TRUST is an excellent point of leverage for Telecom Italia to develop cyber security and trust solutions for wired/wireless infrastructures, emerging critical infrastructures. Long term investment by US Federal Agencies.
Initial points of collaboration could be in Network Defense, secure wireless networked embedded systems, trusted privacy, authentication and anti-phishing solutions
TRUST software and solutions are available as royalty-free to partners
TRUST offers technologists, economists, social scientists and public policy researchers and teachers.
Telecom Italia can influence strategic directions and testbed development.