Fostering International Collaborations in
Information Security Research
Saturday,
Organizer: Maria Vassileva, Research Competitiveness Service
Co-organizer: Lynn Jelinski, Sunshine Consultants International
The ease of global travel and
satellite communication, the interlinkage of
financial systems, the constant movement of merchandise, opinions and
technological know-how, and the electronic exchange of information through the
internet have merged into one global forum of ideas in the world today. That is
why the interdependence among nations and cultures is more complex than in any
other time in history. This interdependence has both positive and negative
aspects to it. It brings enhanced awareness and a greater appreciation of our
shared objectives, but it also brings security risks that are associated with
it.
Three speakers talked about the grand challenges and great
opportunities of international collaborations in information security research
in the 21st Century:
Dr. Bob Crangle
was the moderator for the discussion. He is an engineer and a lawyer by
training, and works as an independent consultant and an attorney in
Fred
was the first speaker. He emphasized that today's networked information systems
are not as secure as they could be. He stated that trustworthiness is not
free, and the incentives for businesses to invest in information security
research are scarce or simply nonexistent. That is why individuals suffer
while at the same time national infrastructures are vulnerable as well. Fred
explained that the solutions for all these problems must be international in
scope. His talk sketched some of the economic, legal, and public policy
forces for creating an environment that fosters global system
trustworthiness. He also discussed the extent to which cultural and legal
differences between countries hinder international cooperation in populating
cyberspace with trustworthy networked information systems.
Spaf was the second speaker. He
addressed the balance of new and old in information security research. He said
that over the last 30 years professionals have made significant
advancements in information security, including development of architectures,
development of principles for secure system design, and extensive research into
security tools and techniques. Spaf explained that there have been numerous instances of
highly secure systems built, and even today there are many systems and networks
that are operated safely and securely.
Despite this, it is clear that there is a crisis in cybersecurity
practice, and a call for new research to address the problems. Is it really a need for new research, or is
it simply a failure to apply what we already know? In his presentation Dr. Spafford
explored this question and attempted to illuminate why the answer is not
obvious -- possibly because the wrong questions are being posed.
The last talk focused on an emerging global ecosystem for infrastructure protection and digital forensics. Tony talked about an array of developments over the past year that have been unfolding and are collectively aimed at providing infrastructure protection and digital forensics for public IP-enabled, Next Generation Networks. His presentation identified these activities in the context of a structured ecosystem – portraying how the often autonomously disaggregated actions represent an effective means of tackling a common objective. Also treated were several sets of needed steps – both domestically and internationally - that have to be undertaken to enhance the common security needs.
Maria Vassileva, Senior Program Associate, Research Competitiveness Service, Science and Policy Programs, AAAS
Dr. Fred Schneider, Professor of Computer Science, Director of
the Information Assurance Institute,
Dr. Eugene Spafford, Professor of Computer Sciences and of Electrical
and Computer Engineering at
Dr. Anthony Rutkowski, Vice-President
for Regulatory Affairs and Standards within the Communication Services Division
at VeriSign, Inc.
Bob
Crangle, Rose and Crangle,
Ltd.