From Information Assurance to Trusted Systems – A Strategic Shift

Patricia A. MuoioChief, NSA Trusted Systems Research

(formerly known as National Information Assurance Research Lab)

Briefing to SINET, October 4, 2011

Why Trusted Systems?

• It’s all about enabling safe operations in risky or compromised environments

• Traditional IA mechanisms are key components, but IA lockdown, border war mentality won’t get you there

• Need smart systems, ability to adapt, ability to be proactive in addressing threats

• Consider the SYSTEM, not the BOUNDARY• Consider the ADVERSARY in designing protections

Address Componetry

• Investigate new technology components and systems to address emerging trusted system needs such as:– Trusted platform mechanisms– Policy statement and enforcement mechanisms– Mobility mechanisms

Address Design

• Develop methods to design software or hardware with no vulnerabilities

• Develop methods that enable us to assess the soundness of our software

• Address composition and secure software re-use

• Develop methods to allow some level of confidence given an untrusted supply chain

Take advantage of Cryptography

• Investigate capabilities that provide integrated use of cryptography for more than traffic confidentiality.– Cryptography in systems context – deep

integration into efforts that enable new CONOPS

Bring about trustworthysystem behaviors

• Investigate new ways to design and integrate systems to provide desired properties such as:– Active Defense– Risk Adaptive, Situationally Variant Response– Resilience– Moving Target– Immune Systems – Autonomic Systems – Usability

What industry can do

• Encourage critical thinking rather than “check the box” in developing security solutions – develop ways to realistically assess our risk posture

• Advance the state of the practice in smart systems• Advance the state of the practice in dynamic risk

management• Work with us on CONOPS that stretch the

envelope for safe operations