four grand challenges in trustworthy computing why grand
play

Four Grand Challenges in Trustworthy Computing Why Grand - PowerPoint PPT Presentation

Apr 02, 2024 •154 likes •677 views

Four Grand Challenges in Trustworthy Computing Why Grand Challenges? Inspire creative thinking Encourage thinking beyond the incremental Some important problems require multiple approaches over long periods of time Big

  1. Four Grand Challenges in Trustworthy Computing

  2. Why Grand Challenges? • Inspire creative thinking – Encourage thinking beyond the incremental • Some important problems require multiple approaches over long periods of time • Big advances require big visions – Small, evolutionary steps won’t take us everywhere we need to go 20 Nov. 2003 2

  3. Computing Research Association (CRA) 200+ computing research departments, industrial and government labs • Six affiliated societies • Mission: – strengthen research and education in the computing fields – expand opportunities for women and minorities – improve public and policymaker understanding of the importance of computing and computing research in our society 20 Nov. 2003 3

  4. The Conference* • Held 16 Nov 03 – 19 Nov 03 • 50+ invitees from around the world – Invitations based on 220 submitted abstracts – Students to retirees, novices to legends – Industry, academia, government • Series of debates and writing exercises, guided by a program committee * Supported, in part, by NSF grant CCR-0335324, which is gratefully acknowledged. 20 Nov. 2003 4

  5. Trustworthy Computing? • Identified as important in first Grand Challenges conference • Clear and increasing public needs • Poses significant research challenges • Synergistic with current industry and government initiatives – e.g., NSF Cyber Trust 20 Nov. 2003 5

  6. Computing in the Future • Smaller, cheaper, embedded computing • Pervasive networking and mobility • Global reach and global participation • Growing volumes of data • Growing population of user-centric services – Internet commerce – E-government – On-demand services – Telecommuting – Individualized entertainment 20 Nov. 2003 6

  7. Two Alternate Futures • Overwhelming • No spam or viruses unsolicited junk • User-controlled privacy • Rampant ID theft • Uninterrupted • Frequent network communications outages • “Hassle-free” computing • Frequent manual • Balanced regulation intervention and law-enforcement • Largely unchecked abuses of laws and rights 20 Nov. 2003 7

  8. Overarching Vision • Intuitive, controllable computing • Reliable and predictable • Supports a range of reasonable policies • Adapts to changing environment • Enables rather than constrains • Supports personal privacy choices • Security not as an afterthought, but as an integral property 20 Nov. 2003 8

  9. The Role of Security Security is like adding brakes to cars. The purpose of brakes is not to stop you: it’s to enable you to go fast! Brakes help avoid accidents caused by mechanical failures in other cars, rude drivers, and road hazards. Better security is an enabler for greater freedom and confidence in the Cyber world. 20 Nov. 2003 9

  10. Why is it Difficult? • Adversaries with a variety of motives and backgrounds • Increasing complexity • Increasing value of targets • Reduced cost of entry – Low-cost connectivity – “Point and shoot” attacks • Increasing leverage from asymmetric threats 20 Nov. 2003 10

  11. Need Focus on Long-Term Research • Immediacy of threat has led to too much focus on near-term needs – Patch rather than innovate • Policy lags innovation • Focus, and thus progress, is often episodic • Problems go beyond national defense • Need to grow the talent pool 20 Nov. 2003 11

  12. The Grand Challenges: 1) Eliminate epidemic-style attacks within 10 years – Viruses and worms – SPAM – Denial of Service attacks (DOS) 2) Develop tools and principles that allow construction of large-scale systems for important societal applications that are highly trustworthy despite being attractive targets. 20 Nov. 2003 12

  13. The Grand Challenges: 3) Within 10 years, quantitative information-systems risk management is at least as good as quantitative financial risk management. 4) For the dynamic, pervasive computing environments of the future, give end- users security they can understand and privacy they can control. 20 Nov. 2003 13

  14. Challenge #1 20 Nov. 2003 14

  15. What is the Challenge? Elimination of epidemic-style attacks by 2014 – Viruses and worms – SPAM – Denial of Service attacks (DOS) 20 Nov. 2003 15

  16. Why is this a Grand Challenge? • Epidemic-style attacks can be fast – Slammer worm infected 90% of vulnerable hosts in less than 30 minutes – Attacks exploit Internet’s connectivity and massive parallelism • Price of entry is low for adversaries – Very easy for “uneducated” to launch the attack • Unpredictable attack techniques and sources – Polymorphic worms and viruses – Anonymous attackers • No organized active defense – Poor visibility into global Internet operations – No emergency global control 20 Nov. 2003 16

  17. Why Does it Matter? • Cost of attacks are tremendous (tens of billions of $$ annually) – Costs to enterprise operations – Decreased productivity – Loss of confidence in information infrastructure • Internet is being used today for critical infrastructure – Hospitals, ATM networks, utilities, air traffic control • Eliminating malware will: – Support emerging classes of applications (e.g., telemedicine) – Increase trust and confidence 20 Nov. 2003 17

  18. Current Trends Computer Viruses 90000 80000 70000 60000 50000 40000 30000 20000 10000 0 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 2000 2001 2002 2003 CERT-reported Attacks Regular viruses Macro viruses 120000 100000 80000 60000 40000 20000 0 1988 1990 1992 1994 1996 1998 2000 2002 20 Nov. 2003 18

  19. Why is Progress Possible? • All stakeholders now recognize this as a significant, growing problem • We have built some systems with limited functionality that are not susceptible to attacks • We can envision solutions that should work if they were further developed and deployed 20 Nov. 2003 19

  20. Barriers to Overcome? • Nobody owns the problem – Finger-pointing among developers, network operators, system administrators, and users • Lack of Internet-scale data • Lack of Internet-sized testbeds • May need legislative support • Conflicting economic interests 20 Nov. 2003 20

  21. How can Success be Demonstrated? • No more: – Internet Worms – Internet-wide Service Interruptions – Massive spam attacks against ISPs, Email Providers, and businesses • Internet protection: – Supplied standard on all new computers, routers, large & small appliances – A mitigation strategy is available for existing infrastructure 20 Nov. 2003 21

  22. What Else Might be Enabled? • Reduction in “noise” enabling better identification of other cyber crimes • Redirection of significant capital (human, financial, and technical) to other, constructive needs • Increased confidence in computing infrastructure 20 Nov. 2003 22

  23. Who Will Be Involved in the Solution? • Short Term: – Researchers – Software developers – Network operators – Businesses – End-users • Long term: – Researchers – Educators – Media – Regulators & law makers – International law enforcement 20 Nov. 2003 23

  24. Challenge #2 20 Nov. 2003 24

  25. What is The Challenge? Develop tools and principles that allow construction of large-scale systems for important societal applications that are highly trustworthy despite being attractive targets. – e.g., patient medical record databases – e.g., electronic voting systems – e.g., law enforcement databases 20 Nov. 2003 25

  26. Why is This a Grand Challenge? • Worldwide, computing technology is being adopted to support critical applications • We do not know, in general, how to build systems that resist failures and repel attacks with high confidence • We do not understand how to compose systems into networks of trustworthy systems 20 Nov. 2003 26

  27. Why Does it Matter? • Computing and networking are becoming pervasive in all aspects of society • Systems are being built and deployed now that may not be fully trustworthy, and whose failures will have major negative impacts. • Critical applications must be trustworthy! 20 Nov. 2003 27

  28. Why Does it Matter? Examples • Ensuring that e-voting is trustworthy – Helps preserve faith in democracy for all parties around the world – May eventually help reduce fraud and mistakes in elections worldwide • If medical databases are trustworthy and doctors have access to full patient results – There are fewer mistakes due to online checking, fewer defensive medical tests, fewer unnecessary medical procedures, lower medical costs, and fewer patient deaths, saving more than $100B / year in the US alone! 20 Nov. 2003 28

  29. Why is Progress Possible? • Recent paradigm shift from perimeter defense to intrusion and failure tolerance and recovery – Survivable systems look promising • Encryption technologies have been proven trustworthy • Moore’s Law – Amazing growth in computing, communication, and storage resources – May allow trustworthiness to be a 1 st class property along with functionality, performance, and cost 20 Nov. 2003 29

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

San Juan, PR March 22, 2016 Grand Challenges for Social Work Timeline 2012 Grand Challenges

San Juan, PR March 22, 2016 Grand Challenges for Social Work Timeline 2012 Grand Challenges

Social progress powered by science Richard P. Barth, PhD, MSW NADD Panel on Grand Challenges Implementation San Juan, PR March 22, 2016 Grand Challenges for Social Work Timeline 2012 Grand Challenges Planning Begins 2013 First GCs

487 views • 11 slides
ADDRESSI NG GRAND ADDRESSI NG GRAND CHALLENGES THROUGH SCI ENCE Future Challenges &

ADDRESSI NG GRAND ADDRESSI NG GRAND CHALLENGES THROUGH SCI ENCE Future Challenges &

ADDRESSI NG GRAND ADDRESSI NG GRAND CHALLENGES THROUGH SCI ENCE Future Challenges & Opportunities Opportunities M. Terry Coffey y y Murphy-Brown LLC Categories Production efficiency: ADG, feed$/gain, mortality/ p/s/y y/ p/ /y

158 views • 11 slides
Grand Large Grand Large INRIA High Performance Computing on P2P Platforms: Recent

Grand Large Grand Large INRIA High Performance Computing on P2P Platforms: Recent

Grand Large Grand Large INRIA High Performance Computing on P2P Platforms: Recent Innovations Franck Cappello CNRS Head Cluster et GRID group INRIA Grand-Large LRI, Universit Paris sud. fci@lri.fr www.lri.fr/~fci May 20,

768 views • 50 slides
The New Engineering Frontier: Manufacturing for the Grand Challenges C. D. Mote, Jr. President,

The New Engineering Frontier: Manufacturing for the Grand Challenges C. D. Mote, Jr. President,

The New Engineering Frontier: Manufacturing for the Grand Challenges C. D. Mote, Jr. President, National Academy of Engineering Regional Grand Challenges Summit Cary, NC October 31, 2013 THE NEXT CENTURY POSES CRITICAL CHALLENGES

351 views • 24 slides
Addressing Grand Challenges - a challenge in its own right Prof. Stefan Kuhlmann OECD, Paris,

Addressing Grand Challenges - a challenge in its own right Prof. Stefan Kuhlmann OECD, Paris,

Addressing Grand Challenges - a challenge in its own right Prof. Stefan Kuhlmann OECD, Paris, March 2017 21/03/2017 1 Grand Societal Challenges (EU Horizon 2020) Health , demographic change and wellbeing Food security , sustainable

260 views • 11 slides
No challenge, decade outlook. Industrys evolutionary path Que sera sera Grand Goodness

No challenge, decade outlook. Industrys evolutionary path Que sera sera Grand Goodness

No challenge, decade outlook. Industrys evolutionary path Que sera sera Grand Goodness Challengeland Base Case Death and Doldrums 2000 Time 2012 Computing Research Association Grand Challenges Gordon Bell Microsoft Research 26

774 views • 12 slides
Wave of Grand Challenge Initiatives Grand Challenges in Computer Science and Engineering

Wave of Grand Challenge Initiatives Grand Challenges in Computer Science and Engineering

Computational Trust SFM11 Bertinoro June 2011 Mogens Nielsen University of Aarhus DK AARHUS S UNIVERSI SITET 1 Aarhus Gr Aa Gradua uate Sc School of Sc Scie ience Mogens Nie iels lsen Plan of talk 1) The grand challenge of

794 views • 38 slides
Nanotechnology-inspired Grand Challenges in the United States Mike Roco NSF and NNI US-Korea

Nanotechnology-inspired Grand Challenges in the United States Mike Roco NSF and NNI US-Korea

Nanotechnology-inspired Grand Challenges in the United States Mike Roco NSF and NNI US-Korea Nano Forum, Seoul, September 26, 2016 Nanotechnology-inspired grand challenges S&T breakthroughs, the long-term vision-inspired research,

716 views • 44 slides
DUBAIS FAVOURITE GRAND DESTINATION SEPTEMBER, 2019 GRAND STANDS OUT! Grand Hyatt Dubai is a

DUBAIS FAVOURITE GRAND DESTINATION SEPTEMBER, 2019 GRAND STANDS OUT! Grand Hyatt Dubai is a

DUBAIS FAVOURITE GRAND DESTINATION SEPTEMBER, 2019 GRAND STANDS OUT! Grand Hyatt Dubai is a perfect blend of city conference and resort hotel, set within a lush oasis of 37 acres of landscaped gardens and views of the Dubai city skyline,

160 views • 13 slides
154 GRAND ST PAINTED SIGN MASTER PLAN APPLICATION Lot Diagram Zoning Map 2 154 GRAND ST -

154 GRAND ST PAINTED SIGN MASTER PLAN APPLICATION Lot Diagram Zoning Map 2 154 GRAND ST -

154 GRAND ST PAINTED SIGN MASTER PLAN APPLICATION Lot Diagram Zoning Map 2 154 GRAND ST - CURRENT CONDITION FROM GRAND ST & CENTRE ST 3 3 - Secondary Facade of 154 Grand St - Zoned M1-5B - Sign dimensions: 36 H x 20 W - Sign

603 views • 26 slides
Quarterly Communication of Grand Lodge WELCOME MWBro. Agapito Suan Jnr, Grand Master VWBro.

Quarterly Communication of Grand Lodge WELCOME MWBro. Agapito Suan Jnr, Grand Master VWBro.

Welcome to the September 2019 Quarterly Communication of Grand Lodge WELCOME MWBro. Agapito Suan Jnr, Grand Master VWBro. Oliver Yabut, Assistant Grand Secretary VWBro. Manuel Idquival, Assistant Grand Treasurer VWBro. Teodoro Kalaw, Senior

658 views • 33 slides
Grand Marshals Official Grand marshal POW/MIA Chair of honor Honorary grand marshal

Grand Marshals Official Grand marshal POW/MIA Chair of honor Honorary grand marshal

Grand Marshals Official Grand marshal POW/MIA Chair of honor Honorary grand marshal WWII Veterans Safety briefing attendance is mandatory All drivers and safety officers must attend a safety briefing in order to participate. It

389 views • 22 slides
Ultimately our vision is about GRAND CHALLENGE using science to make a difference in the world.

Ultimately our vision is about GRAND CHALLENGE using science to make a difference in the world.

GRAND CHALLENGE GRAND CHALLENGE Ultimately our vision is about GRAND CHALLENGE using science to make a difference in the world. GRAND CHALLENGE GRAND CHALLENGE GRAND CHALLENGE Our Driving forces: ENTREPRENEURSHIP INNOVATION

515 views • 37 slides
HECs Grand Challenge Fund 2020 HISTORY, APPROACH, THEMATIC AREAS, AND SOME POINTERS JAN 29,

HECs Grand Challenge Fund 2020 HISTORY, APPROACH, THEMATIC AREAS, AND SOME POINTERS JAN 29,

HECs Grand Challenge Fund 2020 HISTORY, APPROACH, THEMATIC AREAS, AND SOME POINTERS JAN 29, 2020 DR. ATHAR OSAMA, PROGRAMME CHAIR, GRAND CHALLENGE FUND HIGHER EDUCATION COMMISSION Presentation Outline Grand Challenges: Definitions and

216 views • 21 slides
>> Welcome to CDC Public Health Grand Rounds Year In Review. Every Grand Round is an

>> Welcome to CDC Public Health Grand Rounds Year In Review. Every Grand Round is an

>> Welcome to CDC Public Health Grand Rounds Year In Review. Every Grand Round is an opportunity to learn what CDC and others are doing in the world of public health. Let's hear from Dr. John Iskander, Scientific Director for Grand Rounds.

586 views • 10 slides
Grand Challenge Project (http://www-rnc.lbl.gov/GC/) D. Olson RHIC Off-line Computing Review 30

Grand Challenge Project (http://www-rnc.lbl.gov/GC/) D. Olson RHIC Off-line Computing Review 30

Grand Challenge Project (http://www-rnc.lbl.gov/GC/) D. Olson RHIC Off-line Computing Review 30 July 1997 Outline People Goals The Problem Approach Near Term Issues Schedule 30 July 1997 Grand Challenge, D. Olson 2 1

284 views • 11 slides
Machine-Level Programming V: Advanced Topics 15-213:

Machine-Level Programming V: Advanced Topics 15-213:

Carnegie Mellon Machine-Level Programming V: Advanced Topics 15-213: Introduc0on to Computer Systems 8 th Lecture, Sep. 16, 2010 Instructors: Randy Bryant &

738 views • 53 slides
by Bisyron Wahyudi Muhammad Salahuddien Amount of malicious traffic circulating on the

by Bisyron Wahyudi Muhammad Salahuddien Amount of malicious traffic circulating on the

by Bisyron Wahyudi Muhammad Salahuddien Amount of malicious traffic circulating on the Internet is increasing significantly. Increasing complexity and rapid change in hosts and networks technology suggests that there will be new

1.05k views • 46 slides
Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug

Introduction to Network Security Chapter 4 Taxonomy of Network-Based Vulnerabilities Dr. Doug Jacobson - Introduction to 1 Network Security - 2009 Topics Network Security Model Header attacks Protocol Attacks

597 views • 25 slides
CSSE132 Introduc0on to Computer Systems 18 : Alignment,

CSSE132 Introduc0on to Computer Systems 18 : Alignment,

Adapted from Carnegie Mellon 15-213 CSSE132 Introduc0on to Computer Systems 18 : Alignment, Pointers, Bounds April 9, 2013 1 Today Structures Alignment

605 views • 43 slides
Network Forensics and Next Generation Internet Attacks Moderated by: Moheeb Rajab Background

Network Forensics and Next Generation Internet Attacks Moderated by: Moheeb Rajab Background

Network Forensics and Next Generation Internet Attacks Moderated by: Moheeb Rajab Background singers: Jay and Fabian 1 Agenda Questions and Critique of Timezones paper Extensions Network Monitoring (recap) Post-Mortem Analysis

666 views • 40 slides
Software Security Smashing the Stack: Real-World Examples Jan Nordholz Prof. Jean-Pierre Seifert

Software Security Smashing the Stack: Real-World Examples Jan Nordholz Prof. Jean-Pierre Seifert

Software Security Smashing the Stack: Real-World Examples Jan Nordholz Prof. Jean-Pierre Seifert Security in Telecommunications TU Berlin SoSe 2014 jan (sect) Software Security SoSe 2014 1 / 24 Example 1: the Morris worm (1988) first

695 views • 24 slides
Software and Web Security deel 1 deel 1 sws1 About this course: people Erik Poll P t

Software and Web Security deel 1 deel 1 sws1 About this course: people Erik Poll P t

1 Software and Web Security deel 1 deel 1 sws1 About this course: people Erik Poll P t Peter Schwabe S h b Pol van Aubel Ko Stoffelen Ko Stoffelen sws1 2 About this course: topics & goals g Standard

943 views • 48 slides
CS241 Computer Organization Spring 2015 Buffer Overflow 4-022015 Outline Linking

CS241 Computer Organization Spring 2015 Buffer Overflow 4-022015 Outline Linking

CS241 Computer Organization Spring 2015 Buffer Overflow 4-022015 Outline Linking & Loading, continued Buffer Overflow Read: CSAPP2: section 3.12: out-of-bounds memory references & buffer overflow K&R:

775 views • 43 slides

More recommend