ORNL - PowerPoint PPT Presentation

About This Presentation
Title:

ORNL

Description:

A multi-level trust model is needed, in which a ... Metrics and Models ... Dr. R. Abercrombie and R. Walker (CSED/ CSIIR), DoD/DHS Infrastructure Applications ... – PowerPoint PPT presentation

Number of Views:404
Avg rating:3.0/5.0
Slides: 27
Provided by: csmO6
Learn more at: https://www.csm.ornl.gov
Category:

less

Transcript and Presenter's Notes

Title: ORNL


1
WELCOME
1st Annual Visiting Professor Collaborative
Research Program (VPCRP) Workshop March 14 15,
2005 Oak Ridge National Laboratory Joseph P.
Trien Group Leader Cyber Security Information
Infrastructure Research (CSIIR) Interim
Director Information Operations Center (IOC)
2
ORNL Knowledge Management Focus
3
ORNL has many Knowledge Management Strategic
Research Thrusts
  • Modeling and Simulation
  • Parallel Discrete Event Simulations
  • Inverse simulations
  • Dynamic prediction simulations
  • Distributed control
  • Information Systems
  • Data systems architecture
  • Distributed data management
  • Dynamic data management
  • Sensor data management
  • Information Discovery
  • Dynamic text analysis
  • Knowledge extraction sciences
  • Dynamic Information Retrieval
  • Information/Knowledge Fusion
  • Geospatial Sciences
  • Population dynamics
  • Community modeling
  • Commodity tracking
  • Information Operations
  • Steganography
  • Quantum Cryptography
  • Insider Threat Detection Mitigation
  • Distributed Authentication and Trust
  • Automated Code Verification Validation
  • Information Assurance
  • 3-D Situation Awareness
  • Decision Sciences
  • Man/Machine Interfaces
  • Behavioral Sciences
  • Cognitive Inference

4
Strategic Thrust Cyber Security
  • Cyber Security
  • Cyber Attack Detection and Machine Speed Response
  • Zero-Day Attack Detection
  • Multi-Level and Distributed Ad-Hoc Trust
  • Large-scale Cyber Situation Awareness, Warnings,
    Response
  • Leverage existing commercial distributed
    framework technologies
  • Integrate LDRD initiatives
  • Insider Threat Detection
  • Protection of data (secure, trusted, protected
    information sharing)
  • Prevent ex-filtration and corruption of stored
    data
  • Stand-off brain scan authentication and
    identification
  • Large-Scale Cyber Security Network Test Bed
  • Expand existing network lab into recognize single
    location to perform world-class large-scale test,
    evaluation, and implementation protocols
  • Vulnerability Assessments
  • Automated Software Code Verification Validation
    tool and certification center

5
Strategic Thrust Infrastructure
  • Infrastructure
  • Large Scale Network Modeling and Simulation
  • CADENCE/OPNET supercomputer initiative
  • Commercial Vehicle Integrated Safety and Security
    Enforcement System
  • Integrated information collection, transmission,
    processing, dissemination architecture protocol
  • Sensor Net Network Systems and Network Security
    Architecture Research

6
Visiting Professor Collaborative Research Program
(VPCRP) 1st Annual Workshop
  • Common Goal
  • Develop our near term research goals aimed at
    finding/building a tangible doable foundation
    that can help expand our collective capabilities
    and broaden our opportunities for future
    collaborative (i.e., summer research visitations
    and beyond) RD success in Cyber Security and
    Information Infrastructure.

7
Focus Insider Threats
  • Develop outside-of-the-box concepts for near-term
    capabilities in identifying, defending against,
    and countering an insider who attempts to abuse
    his or her computer privileges.
  • The potential for damage from insider threats are
    potentially catastrophic.
  • Defined as the potential damage to the interests
    of an organization, a company, or a corporation,
    done by a person regarded as loyally working for
    or on behalf of the organization, company, or
    corporation.
  • The insider threat focus is limited to threats
    posed to devices connected to a network. This
    can be simply inadvertent violation of security
    policy or overt attempt at defeating the security
    systems from within the network.

8
Focus Life Cycle Threats
  • There is not a means for automated testing of
    large software, both static and mobile code, to
    detect, identify malicious code, sleeper codes,
    and exploitable vulnerabilities and to determine
    and understand the potential impact on the
    life-cycle of the codes.
  • Current testing approaches are largely manual
    rather than automated

9
Focus Distributed Ad Hoc Trust/ Multi-Level Trust
  • A mobile ad hoc network (MANET) is a network
    formed in a spontaneous manner without any
    central administration or with few connections to
    other fixed networks (i.e., an autonomous system
    of mobile nodes).
  • The absence of the pre-existing knowledge between
    the nodes and no trusted central server make
    traditional trust establishment mechanisms and
    assumptions inappropriate. The communication
    among nodes is prone to security attacks and
    nodes can be easily compromised.
  • Attacks such as wormhole and DoS can compromise
    routes through spoofing ARP or IP packets
    (passively/actively). Threshold cryptography is
    an example of one solution but suffers in cases
    of bandwidth constraints and energy conservation
    so an efficient implementation of the scheme is
    critical.
  • A multi-level trust model is needed, in which a
    device's capabilities in the network are
    determined by the level of trust assigned to them
    and the trust level is determined by the
    certificates issued by their peers.

10
Workshop Goals
  • Establish and Foster Environment for
    Collaborative Research and Development between
    CSIIR and Academia.
  • Develop 3 4 research topics relevant to the
    Focus Areas for the summer program
  • Research topics to include
  • Concepts must support and/or complement the focus
    areas
  • Targeted problem/focus areas clearly articulated
  • Approach must be innovative - leading to
    breakthrough
  • Deliverables must be tangible
  • Milestones
  • Summer Research Program
  • One to three research proposals will be funded
    this summer
  • Research will be performed jointly at ORNL

11
Lets Begin
1st Annual Visiting Professor Collaborative
Research Program (VPCRP) Workshop March 14 15,
2005 Oak Ridge National Laboratory Frederick T.
Sheldon, Ph.D. Software Engineering for Secure
and Dependable Systems Lab http//www.csm.ornl.gov
/sheldon http//www.ioc.ornl.gov
12
CSIIR Landscape I
  • Information infrastructure consists of
    technologies and capabilities for gathering,
    handling, and sharing information accessible to,
    or commonly depended upon by, multiple
    organizations, within a single enterprise, a
    critical infrastructure sector (e.g.,
    banking/finance), the U.S. Government, the nation
    as a whole, or transnationally.
  • Information infrastructure includes
    well-engineered systems as well as poorly
    configured systems in businesses and homes.

13
CSIIR Landscape II
  • United States Private, academic, and public
    sectors invest significantly in cyber security.
  • The commercial sector primarily performs cyber
    security research as an investment in future
    products and services.
  • Public sector also funds RD in cyber security,
    the majority of this activity focuses on the
    specific missions of the government agency
    funding the work.
  • Thus, broad areas of cyber security remain
    neglected or underdeveloped.
  • Therefore, our agenda identifies the
    high-priority gaps, . . .
  • RD problems of significant value to the security
    of the information infrastructure that are either
    not funded or under-funded within the collection
    of private sector and government-sponsored
    research in the U.S., but are expected to become
    significant foci in the future.

14
National Agenda
  • Enterprise Security Management
  • Trust Among Distributed Autonomous Parties
  • Discovery and Analysis of Security Properties and
    Vulnerabilities
  • Secure System and Network Response and Recovery
  • Traceback, Identification, and Forensics
  • Wireless Security / MANET
  • Metrics and Models

15
Workshop Format
  • Informal
  • Open
  • In the time available, we hope to
  • Develop a coherent strategy for
  • Short term initiative(s) designed to yield
    successful fruit, as well as the seeds
  • Long term path forward
  • Discover our individual/cooperative capabilities
  • Gain a historical perspective / facilities
    programs
  • Vision for research common ground

16
A Word About EHS and Security I
  • Maintain a safe workplace environment complying
    with all procedures and ESH. In day-to-day
    activities be aware of potential safety issues
    and provide an example of safety compliance. The
    assembly point, in case of alarm, is due west of
    this, the JICS building.
  • Laboratory area encompassing 330 acres, with
    outlying facilities and waste management storage
    areas utilizing another 1,125 acres. The main
    Laboratory area is designated as a Property
    Protection Area (PPA) as are outlying facilities
    and waste management storage areas.
  • Located within the main Laboratory PPA are a
    number of islands of security (including fourteen
    14 separate and distinct Limited Areas and one
    Protected Area) which are formally designated and
    signed as security areas, for which physical
    protection is provided, and for which definitive
    access controls are applied. Because we use
    various hazardous materials, it is important that
    you are alert to all special instructions, signs,
    tags, and barriers. The ORNL campus, owing to its
    role in the Manhattan Project and other
    pioneering activities of the atomic age, is
    posted as a "Controlled Area" and includes
    several radiological areas. These radiological
    areas pose little, if any, risk to the staff and
    visiting public when properly observed.

17
A Word About EHS and Security II
  • Visitor Computer Access Limits Limited computer
    access is allowed for visitors. Use of ORNL
    computers for computer access is limited to
    browsing external web sites , public
    (non-internal) ORNL web sites and to read email
    at remote locations. You may access the visitors
    wireless network using your ORNL issued badge
    number using your own computer.
  • as a minimum on the day of arrival, in addition
    to the initial site access orientation the host
    should ensure the visitor(s) receives a briefing
    which includes the specific areas where the
    visitor(s) may access, those areas they should
    not access, the specific area in which they may
    park their private vehicles, the route of travel
    to be taken in accessing authorized facilities,
    emergency signals for the site, emergency egress
    procedures, etc.
  • Security Police Officers/Security Officers
    assigned to the Protective Force at ORNL portals
    may check vehicles transporting the visitor for
    the presence of prohibited articles. Visitor(s)
    will be provided a Site Access Orientation
    Brochure and further be briefed regarding rules
    of conduct and prohibited items such as weapons,
    explosives, drugs, drug paraphernalia, etc.
    Permitted hours of access of foreign national
    visitors and guest assignees to ORNL, the regular
    work day hours are designated as 600 a.m. to
    800 p.m., Monday through Friday.

18
(No Transcript)
19
(No Transcript)
20
(No Transcript)
21
Monday Morning
  • 800 a.m. Coffee and pastries
  • 810 a.m. Welcome April McMillin, Introduction
    and overview Joe Trien
  • 830 a.m. Fast Abstracts Round Robin 3-5 minutes
    per person as follows
  • Mili, Kafura, Yoo, Che, McGregor, Schumann,
    Park, Arazi, Prowell, Langston, Shankar/Sheldon
  • 915 a.m. Presentation by Nagi Rao (ORNL/CSMD),
    Infrastructure and Protocols for Dedicated
    Bandwidth Channels
  • 945 a.m. Prof. Ali Mili (N.J. Institute of
    Tech./CS), An Integrated Approach to Security
    Management
  • 1030 a.m. Break
  • 1045 a.m. Prof. Dennis Kafura (Virginia
    Tech./CS), Policy Delegation and Dynamic Policy
    for Authorization in Pervasive Cyber
    Infrastructures
  • 1130 a.m. Prof. Seong-Moo Yoo (Univ. of AL
    Huntsville/CSE), Case Based Reasoning Approach
    to Intrusion Detection
  • 1215 a.m. Lunch at cafeteria (across the const
    site due East)

22
Monday Afternoon
  • 115 a.m. Prof. Che Hao (Univ. of TX at
    Arlington/CSE), Detection and Containment
    Algorithms and High Speed Dynamic Filtering
  • 200 p.m. Prof. John McGregor (Clemson Univ./CS),
    Techniques for Validating the Security Quality
    Attributes of Infrastructure Software
  • 245 p.m. 30 min Open Discussion (Concepts,
    Approach, Deliverables, Targeted Problem
    Areas)
  • 315 p.m. SNS Tour (Van available)
  • 415 p.m. Return to JICS building
  • 430 p.m. Professor Arazi (Univ. of Kentucky/CS),
    Wireless Sensor Networks Security
  • 515 p.m. Return to Hotel

23
Monday Evening
  • 600 p.m. Van picks everyone up from the Hampton
    lobby at Cedar Bluff
  • 630 p.m. Reservation at Calhouns on the River,
    Lenoir City
  • Dinner and Open Issues Discussion
  • 800 p.m. Dr. Sheldon (CSED/ CSIIR), Wrap-up of
    Day 1 and Agenda for Day 2

24
Tuesday Morning
  • 800 a.m. Coffee and pastries
  • 815 a.m. Dr. R. Abercrombie and R. Walker (CSED/
    CSIIR), DoD/DHS Infrastructure Applications
  • 845 a.m. Dr. Johann Schumann (NASA/Ames), Design
    Tools for Reliable Secure Communication
    Software
  • 930 a.m. Prof. Jung-Min Park (Virginia
    Tech./ECE), Defending Against Denial-of-Service
    Attacks in Wired and Wireless Networks
  • 1015 a.m. Break
  • 1030 a.m. Arjun Shankar (ORNL/CSED), Fusing
    Intrusion Data for Pro- Active Containment
  • 1100 a.m. Prof. Stacy Prowell (Univ. of TN/CS
    and SEI), Automated Program Behavior Analysis
  • 1130 p.m. Prof. Mike Langston (Univ. of TN/CS),
    Trusted Computing Amidst Untrustworthy
    Intermediaries
  • 1200 p.m. Open Discussion Agenda by Joe Trien

25
Tuesday Afternoon
  • 1215 p.m. 3 Hour Working Lunch (catered) Open
    Discussion
  • Develop research topics for the summer program
  • Research topic areas to include
  • Concepts, approach, and deliverables
  • Targeted problem areas and time table
  • Identify research strategies for sustained
    funding
  • 315 p.m. Closing remarks
  • 330 p.m. National Transportation Research Center
    (NTRC) Tour (Van available)
  • 400 p.m. Return to Visitor Center for Departure

26
Weeks and Months Ahead
  • Based on the group consensus, lets decide how to
    proceed with our research thrusts
Write a Comment
User Comments (0)
About PowerShow.com