Cyber Security Research and Development Agenda
Full Title of Reference
Cyber Security Research and Development Agenda
Full Citation
Institute for Information Infrastructure Protection, Cyber Security Research and Development Agenda (2003). Web
Categorization
Overview: Independent Reports
Key Words
Synopsis
The Institute for Information Infrastructure Protection (I3P) is a consortium of twenty three academic and not-for-profit research organizations focused on cyber security and information infrastructure protection research and development (R&D). Its mission is to help protect the information infrastructure of the United States by developing a comprehensive, prioritized R&D Agenda for cyber security and promoting collaboration and information sharing among academia, industry, and government.
The information infrastructure consists of technologies and capabilities for gathering, handling, and sharing information that are accessible to, or commonly depended upon by, multiple organizations, whether within a single enterprise, a critical infrastructure sector such as banking and finance, the U.S. Government, the nation as a whole, or transnationally. The Internet is perhaps the most obvious element of the information infrastructure; other easily recognized components include such widely used products as desktop operating systems and routers, the devices that handle message transfers between computers. The development of this infrastructure over the past two decades has been swift and has permanently changed the way the nation conducts business, operates its governmental structures and armed forces, keeps its people healthy and safe, and spends its leisure time
This document constitutes the initial Cyber Security R&D Agenda. This initial Agenda identifies R&D topics of significant value to the security of the information infrastructure that are either not funded or under-funded by the collection of private sector and government-sponsored research activities in the United States. The Agenda is based on information gathered and analyzed during the 2002 calendar year and reflects the input of experts in industry, government, and academia. The Agenda, together with that supporting information, is intended to aid researchers in identifying problems and R&D program managers in defining program directions.
Areas in which new or additional research is needed include:
• Enterprise Security Management
• Trust Among Distributed Autonomous Parties
• Discovery and Analysis of Security Properties and Vulnerabilities
• Secure System and Network Response and Recovery
• Traceback, Identification, and Forensics
• Wireless Security
• Metrics and Models
• Law, Policy, and Economic Issues
Additional Notes and Highlights
Expertise Required: None