Untitled - nitrd

More documents

Recommendations

Info

PREPRINT COPYHardware and firmware security: Virtualization technologies (e.g., NSA’s Secure Virtual Platform); secureOS; encryption of data in memory; security processors; high-performance intrusion-detection technologies andtrusted platform modules – NSA, NSF, OSD, AFRLCryptography: Cryptographic algorithms and engineering for increasing network speeds; cryptographic keymanagement; quantum cryptographic methods and standards; quantum information science and security;quantum computation-resistant cryptography – NSA, NSF, DARPA, ONR, NISTApplied and information infrastructure securitySecurity management infrastructure: Policy-based access control systems; principles, frameworks, models, andmethods for identity, authentication, and privilege management in dynamic environments; management tools(threat analysis, attack- and risk-based decision models; survivability analysis framework; automated and realtimediagnostics for system security-policy flaws, configuration anomalies, vulnerabilities; ResiliencyEngineering Framework for assessing organizational security-management capabilities); next-generationbiometric measurements and standards – NSF, DARPA, OSD, AFRL, ARO, CERDEC, NSA, NISTCyber Conflict Defense S&T: Harden key networks and systems; assure missions; defenses to disruptadversaries’ cyber preparation and execution – DARPA, OSDAssured information sharing: DoD-wide priority to enhance technologies and tools to secure communicationsand data sharing across multiple, heterogeneous networks, platforms, and security levels; demonstrate securecollaboration through cyber sensing station – OSD and DoD Service research organizations, NSAInformation Security Automation Program (ISAP): Multiagency initiative to enable automation andstandardization of technical security operations; applying Security Content Automation Protocol (SCAP), amethod for using specific standards to enable automated vulnerability management, measurement, and policycompliance evaluation (e.g., FISMA compliance) – NIST, OSD, NSA, DHS, DISAMobile wireless and sensor networks: Security architectures for airborne/enclave networks, security ofclassified information on wireless networks; assured access anti-jam communications (physical layerinformation assurance); wireless, optical geolocation; trustworthy information delivery in mobile tacticalsystems (including sensor networks); secure handover for roaming between heterogeneous networks – NSF,DARPA, OSD, AFRL, ARO, NSA, NISTSituational awareness and responseNetwork protection and defense: Technologies and tools for situational awareness across organizations; threatanticipation and avoidance; attack sensing, warning, and response; cognitive policy-based intrusion protectionand detection; rapid response (containment, adaptation, repair, self-regeneration); behavior-based networkmonitoring and active defense; defense against large-scale attacks (e.g., DDoS, worms, botnets, spyware);routing security management tool; traceback, attribution, real-time forensics; prototype cyber operations center;security of emerging net-centric systems of systems and strategic computing resources – NSF, DARPA, OSD,AFRL, ARL, ARO, CERDEC, HPCMP, ONR, NSA, NIST, NASA, DHSInfrastructure R&DNational Cyber Range (NCR): Enable a revolution in the Nation’s ability to conduct cyber operations anddefend against cyber threats by providing a persistent cyber testing range – DARPAExperimental Research Testbed (DETER): experimental infrastructure to support next-generation cybersecurity technologies; allows repeatable medium-scale Internet emulation experiments – DHS, NSFInformation infrastructure security: Secure protocols; Domain Name System Security (DNSSEC); processcontrol systems security; Internet route monitoring; modeling of Internet attacks – NIST, DHS, GSA, OMBProtected Repository for the Defense of Infrastructure Against Cyber Threats (PREDICT): research datarepository to create and develop new models, technologies, and products to assess cyber threats to the country’scomputing infrastructure and increase cyber security capabilities – DHSStandards, testing, and metrics: Quantitative risk-analysis methods and tools; evidence-based security metrics;quantitative methods and tools to support cryptographic conformance determination and validation; models andstandards for protection, sharing of sensitive information; standards and tests to assess, validate systemsecurity; reliable information-assurance metrics; leadership in national and international standards bodies –NIST, NSF, OSD, ARL, ARO, DHSNITRD Supplement to the President’s FY 2010 Budget 7
PREPRINT COPYPlanning and Coordination Supporting RequestCo-funding: Cyber Trust awards (secure processing core, formal verification, detection of security-relatedsoftware errors) – NSF, DARPA; TCIP Center – NSF, DOE, DHS; biometrics – NSF, DHS; National CyberDefense Initiative (NCDI) – NSF, DNI, DoD, DHS; National Centers of Academic Excellence in InformationAssurance Education and Research – NSA, DHS; joint support for developing technologies to help lawenforcement detect and attribute cyber crimes – AFRL, NIJ, U.S. Secret Service, law enforcement agenciesWorkshops: Security/privacy for sensor nets and embedded systems – NSF, ARO; privacy and dataconfidentiality – NSF, IT vendorsJoint solicitations: Planning for joint effort on confidentiality and usability of research data – NSF, NIH;discussions toward collaboration on secure and resilient recovery mitigation of systems against insider attacks –NSF, TreasuryCollaborative deployment: Coordinate testing and deployment of DoD software-protection technologies withinthe DOE HPC environment – OSD, AFRL, DOE/NNSAInteragency cooperation: Ongoing information exchanges on vulnerability assessment: auditing; DoS-attackmitigation; firewalls; access control; botnet detection – DHS, ONR, AFRLTechnical standards: Developing, maintaining, and coordinating validation programs for many cryptographicstandards – NIST, NSA; participation in IETF security groups to develop standard representations andcorresponding reference implementations of security-relevant data – OSD, NSA, NISTTestbeds: Continued joint development of research testbeds, such as DETER, PREDICT, Web*DECIDE – NSF,DHS, TreasuryINFOSEC Research Council: Participation in technical forum for coordination of ongoing Federal R&D – CSIAagenciesAdditional 2009 and 2010 Activities by AgencyNSF: Trustworthy Computing (formerly Cyber Trust) program seeking new models, logics, algorithms, andtheories for analyzing and reasoning about all aspects of trustworthiness (reliability, security, privacy, andusability); fundamentals of cryptography; remediation of security weaknesses in current algorithms orprotocols; exploration of new computing models that promise to improve trustworthinessDOE/SC: Planning for basic research in cyber security focused on the unique needs of open science networks andscientific computing facilities; current interests are mathematics of large datasets to address fundamental issuesin finding key features and meeting extreme-scale computing challenges, risk assessment in complex systemsOSD: Continue to lead DoD coordination through the DoD Information Assurance S&T Steering Council;continued focus on multidisciplinary university research (MURI) awards; leading the development ofsoftware-protection techniquesAFRL: Cyber Science (fault tolerance, botnet and anomaly detection, applications of game theory, fundamentalscientific basis for Cybercraft); integrated cyber defense to ensure continued mission operationsARO/ARL/CERDEC: Army Cryptographic Modernization Office; tactical security tools evaluations; biometricpilot programs; information assurance program supportONR: Cyberspace and complex software; botnets; software producibility with a focus on securityNSA: Developing low cost, high assurance, programmable, “easier” to certify guard; privilege-managementcapability for information sharing in dynamic policy environments; leveraging commodity hardware,virtualization, measurement, and attestation to develop Secure Virtual PlatformNIST: Federal Computer Security Program Managers’ Forums; technical and managerial guidance, standards;global electronic ID verification; international hash competition; product assurance research; voting security;Software Analysis Tool Exposition (SATE): analysis and evaluation of software assessment tools andtechnologies to advance integrity, security, and reliability in software; advanced models, methods,technologies, and standards to enhance software experimentation, testing, and measurementDHS: DHS Secure Wireless Access Pilot (DSWAP); IronKey Pilot (1,000+ users across DHS); network datavisualization for information assurance; Internet tomography; data anonymization tools, techniquesIARPA: Large-scale system defense; accountable information flow; network-event data visualization; networkattacktraceback; National Intelligence Community Enterprise Cyber Assurance Program (NICECAP)8NITRD Supplement to the President’s FY 2010 Budget
Page 3 and 4: PREPRINT COPY
Page 6: PREPRINT COPYTable of ContentsIntro
Page 10 and 11: PREPRINT COPYEPA: Applications in c
Page 13: PREPRINT COPYCyber Security and Inf
Page 20 and 21: PREPRINT COPYLarge-scale data flows
Page 22 and 23: PREPRINT COPYinteract with the phys
Page 24 and 25: PREPRINT COPYSocial, Economic, and
Page 26 and 27: Software Design and Productivity (S
Page 28 and 29: PREPRINT COPYAgency NITRD Budgets b
Page 30 and 31: NITRD Program Budget AnalysisPREPRI
Page 32 and 33: PREPRINT COPYincrease of $50 millio
Page 34 and 35: PREPRINT COPYParticipation in the N
Page 36 and 37: I/O - Input/outputIARPA - Intellige
Page 38 and 39: PREPRINT COPYNational Coordination

Untitled - nitrd

Create successful ePaper yourself

Delete template?

Save as template?