Skip to Main Content Area
  • CPS-VO
    • Contact Support
      
 
Not a member?
Click here to register!
Forgot username or password?
 
logo
logo
Science of Security VO
  • Home
  • About
  • Search
  • Calendar
  • Members
  • Contact Us
  • Forums
  • Files
CPS-VO

Visible to the public Hard Problems in Security Science

  • View
  • Login or register to post comments
No replies
Sun, 10/21/2012 - 5:03pm
rvmeush
rvmeush's picture
Offline
Established Community Member
Joined: Aug 27 2010

This forum discussion focuses on some of the significant problems in security whose solution will provide a foundation for the advancement of science

Summarized below are a selected set of five of the "hard problems" in the science of security developed by the Science of Security lablets sponsored by NSA. These problems are excerpted from a much more detailed report. These problems were selected because of their level of technical challenge, their potential operational significance, and their likelihood of benefiting from emphasis on scientific research methods and improved measurement capabilities. The intent was for the hard problems to be crisply stated and well scoped, to assist us in assessing progress towards solutions. Solutions may have the feature of incrementality, in that discernible steps will lead towards an overall solution, each step with the potential to result in a corresponding increment of mission impact, even when a fully comprehensive solution may remain elusive.

The five hard problems include:
1. Scalability and Composability
Challenge: Develop methods to enable the construction of secure systems with known security properties from components with known security properties, without a requirement to fully re-analyze the constituent components.
2. Policy-Governed Secure Collaboration
Challenge: Develop methods to express and enforce normative requirements and policies for handling data with differing usage needs and among users in different authority domains.
3. Security-Metrics-Driven Evaluation, Design, Development, and Deployment
Challenge: Develop security metrics and models capable of predicting whether or confirming that a given cyber system preserves a given set of security properties (deterministically or probabilistically), in a given context.
4. Resilient Architectures
Challenge: Develop means to design and analyze system architectures that deliver required service in the face of compromised components.
5. Understanding and Accounting for Human Behavior
Challenge: Develop models of human behavior (of both users and adversaries) that enable the design, modeling, and analysis of systems with specified security properties.
AttachmentTaxonomyKindSize
CombinedHard_Problems_V5.pdfPDF document145.08 KBDownloadPreview

Other available formats:

CombinedHard_Problems_V5.pdf
‹ The Role of Experimentation in Security Science Adversary Models ›
Top
  • Login or register to post comments
  • 1 attachment
  • PDF version
  • Printer-friendly version

Terms of Use  |  © 2019. CPS-VO