Cyber Security Research and Development Agenda

From Cybersecurity Wiki
Jump to navigation Jump to search

Full Title of Reference

Cyber Security Research and Development Agenda

Full Citation

Institute for Information Infrastructure Protection, Cyber Security Research and Development Agenda (2003). Web

BibTeX

Categorization

Overview: Independent Reports

Key Words

Research & Development,

Synopsis

The Institute for Information Infrastructure Protection (I3P) is a consortium of twenty three academic and not-for-profit research organizations focused on cyber security and information infrastructure protection research and development (R&D). Its mission is to help protect the information infrastructure of the United States by developing a comprehensive, prioritized R&D Agenda for cyber security and promoting collaboration and information sharing among academia, industry, and government.

The information infrastructure consists of technologies and capabilities for gathering, handling, and sharing information that are accessible to, or commonly depended upon by, multiple organizations, whether within a single enterprise, a critical infrastructure sector such as banking and finance, the U.S. Government, the nation as a whole, or transnationally. The Internet is perhaps the most obvious element of the information infrastructure; other easily recognized components include such widely used products as desktop operating systems and routers, the devices that handle message transfers between computers. The development of this infrastructure over the past two decades has been swift and has permanently changed the way the nation conducts business, operates its governmental structures and armed forces, keeps its people healthy and safe, and spends its leisure time

This document constitutes the initial Cyber Security R&D Agenda. This initial Agenda identifies R&D topics of significant value to the security of the information infrastructure that are either not funded or under-funded by the collection of private sector and government-sponsored research activities in the United States. The Agenda is based on information gathered and analyzed during the 2002 calendar year and reflects the input of experts in industry, government, and academia. The Agenda, together with that supporting information, is intended to aid researchers in identifying problems and R&D program managers in defining program directions.




Areas in which new or additional research is needed include:

• Enterprise Security Management

• Trust Among Distributed Autonomous Parties

• Discovery and Analysis of Security Properties and Vulnerabilities

• Secure System and Network Response and Recovery

• Traceback, Identification, and Forensics

• Wireless Security

• Metrics and Models

• Law, Policy, and Economic Issues

Additional Notes and Highlights

Expertise Required: None