Background
The Federal government has funded research of various aspects of
security in computing, networking, and data processing for decades.
In 2001, the National Science Foundation launched the Trusted
Computing Program to provide a research forum focused specifically
on the security and trustworthiness of information systems.
Together with R&D programs at DARPA, NIST, DOD, and several
other agencies, the current unclassified Federal funding in Cyber
Security and Information Assurance R&D is about $350 million
per year (see FY 2011 Supplement to the President's
Budget).
In January 2008, the President initated the Comprehensive National Cybersecurity Initiative. One of the goals of the CNCI is to develop "leap-ahead" technologies that would achieve orders-of-magnitude improvements in cybersecurity. Based on this directive, in 2009, the agencies of the NITRD Program executed the National Cyber Leap Year (NCLY), a year-long effort to identify the most promising game-change concepts in cybersecurity. During the NCLY, three public Requests For Input were issued resulting in over 230 submissions from the private sector. A synthesis of the submissions revealed five game-change areas:
The five game-change areas were investigated during the NCLY Summit 2009, a 3-day summit of security experts from the industry, academia, and government in August 2009. The Summit Co-Chairs Report and Participants Ideas Report were provided as input to the Administration’s cybersecurity R&D agenda.
Utilizing the NCLY Summit 2009 as an input, the NITRD cybersecurity working groups identified three initial R&D themes to exemplify and motivate future Federal cybersecurity game-change research activities:
The themes will guide future Federal cybersecurity research activities and solicitations. While these themes do not themselves constitute a complete research agenda, they spur new and different ways of thinking about the problem of cybersecurity and provoke novel solutions. As we pursue research along the lines of these three initial themes, we expect new themes, possibly complementary and possibly overlapping, will emerge, enriching our understanding of how to design and build a more trustworthy cyberspace.
In January 2008, the President initated the Comprehensive National Cybersecurity Initiative. One of the goals of the CNCI is to develop "leap-ahead" technologies that would achieve orders-of-magnitude improvements in cybersecurity. Based on this directive, in 2009, the agencies of the NITRD Program executed the National Cyber Leap Year (NCLY), a year-long effort to identify the most promising game-change concepts in cybersecurity. During the NCLY, three public Requests For Input were issued resulting in over 230 submissions from the private sector. A synthesis of the submissions revealed five game-change areas:
- Digital Provenance - basing trust decisions on verified assertions
- Moving-target Defense - attacks only work once if at all
- Hardware-enabled Trust - knowing when we’ve been had
- Health-inspired Network Defense - move from forensics to real-time diagnosis
- Cyber Economics - crime doesn’t pay
The five game-change areas were investigated during the NCLY Summit 2009, a 3-day summit of security experts from the industry, academia, and government in August 2009. The Summit Co-Chairs Report and Participants Ideas Report were provided as input to the Administration’s cybersecurity R&D agenda.
Utilizing the NCLY Summit 2009 as an input, the NITRD cybersecurity working groups identified three initial R&D themes to exemplify and motivate future Federal cybersecurity game-change research activities:
- Tailored Trustworthy Spaces
- Moving Target
- Cyber Economic Incentives
The themes will guide future Federal cybersecurity research activities and solicitations. While these themes do not themselves constitute a complete research agenda, they spur new and different ways of thinking about the problem of cybersecurity and provoke novel solutions. As we pursue research along the lines of these three initial themes, we expect new themes, possibly complementary and possibly overlapping, will emerge, enriching our understanding of how to design and build a more trustworthy cyberspace.
© 2012 Created by NITRD Cyber Security.
