Strong community engagement strengthens cybersecurity research and development

05.22.08 -

Randy Butler and Von Welch, Co-directors
NCSA Cybersecurity Directorate

Infrastructures around the world—from power grids to financial services to scientific research grids to emergency systems—are dependent on cyberinfrastructure, which itself is an increasingly intricate network of interdependent systems. As this infrastructure become more complex and critical to our everyday lives, so grows the risk from attackers whose motives range from illicit profits to terrorism. And the rate at which we increasingly depend on cyberinfrastructure is exceeded only by the rapid emergence of new threats, to which sites and their administrators must constantly adapt while maintaining the delicate balance between security and usability.

Previously, infrastructure could be isolated for protection, but the interconnections that now bring us cyberinfrastructure with greater capabilities increasingly bring that same cyberinfrastructure into the open. One of NCSA's great strengths as an open national computing resource has always been our recognition that the productivity of our broad spectrum of users, from K-12 educators to academic researchers to government and industrial partners, depends on our accessibility. That level of openness, however, requires heightened vigilance against intrusions and attacks.

Trustworthy, adaptive cybersecurity in an open environment relies on a continual, close interaction between researchers, developers, and users. It's an enormous challenge—one that NCSA, with our rich history of both successfully defending our own systems against attacks and continually perfecting new investigative and preventive security tools and techniques, has confronted successfully for 20 years. Initial cybersecurity efforts at NCSA were focused on protecting our own world-class computational resources, which serve the nation's science and engineering communities. These efforts expanded to performing basic cybersecurity research in collaboration with researchers at the University of Illinois and across the globe and to developing and deploying security systems such as MyProxy, used at over 300 sites worldwide to enable scientific grid users to securely manage their online credentials.

Drawing on NCSA's long history of experience with incident response, security researchers at NCSA are developing Palantir, a secure cyberenvironment intended to facilitate collaborative investigations between law enforcement and IT professionals into large-scale, multi-institutional cyberattacks. Palantir is a prime example of the kind of innovation made possible by the National Center for Advanced Secure Systems Research (NCASSR). Funded by the Office of Naval Research, NCASSR explores, builds, and delivers technologies for the protection of Department of Defense and other government and critical infrastructure systems. NCASSR-supported exploratory research and development projects have sparked additional external funding and development opportunities as well as successful deployment and adoption by users ranging from the defense sector to state law enforcement to the utilities industry.

Throughout our history NCSA has worked closely with numerous research communities to provide the technology to help them conduct scientific investigations in fields from astronomy and atmospheric science to environmental and structural engineering. We continue this tradition with our involvement the Ocean Observatories Initiative, where we are engaged with project partners to provide safe, reliable cyberinfrastructure for environmental observatories.

Recently, we have expanded our scope to include assisting law enforcement with the challenges of digital investigations in the increasingly complex domain of cyberspace. Under two projects funded from within the Department of Justice, NCSA has embarked to bring its technical expertise to bring the same level of technical expertise and innovation to law enforcement that we have historically provided to academic researchers. The first project, with the Federal Bureau of Investigation (FBI), is creating a unique hands-on training course, aimed at cyber crime investigation experts, to teach advanced skills of leading complex, multi-system cyber-investigations. The second project, with the National Institute of Justice (NIJ), is aimed at law enforcement personnel, who may have only average technology skills but find themselves faced with complex cyber crimes during the course of their day-to-day activities. This tool will guide these personnel through the process of making a diagnosis of complex cyber crimes and taking the crucial first steps in the field before experts can be engaged.

It is NCSA's continuing mission to support our nation's scientists and engineers in their pursuits, and security is an increasingly critical component of that mission. By leveraging the complementary strengths and solving the common challenges of the range of communities we support—from academia to industry to law enforcement and government—we will continue to provide common, interoperable solutions, while at the same time developing broadly applicable security solutions that increase the reliability of our national cyberinfrastructures.