Course Control Number: 27081
Time: Mondays 4:00-5:00pm
Location: 540 Cory Hall
Organizers: David Wagner, Shankar Sastry, Vern Paxon, Darleen Fisher
Credit Hours: 1
Internet and computer security has received growing attention. Newspapers have carried articles about the impact of denial of service attacks, the cost of cyberfraud, the embarrassment of website vandalism, and the interference to business by worms and viruses. But September 11 caused us to look at security in a new light-not just isolated incidents that annoy, but attacks that destroy. The critical infrastructure we depend upon and take for granted has been shown to be vulnerable and open to unexpected destruction.
Critical Infrastructures as defined by the Government are "systems whose incapacity or destruction would have a debilitating impact on the defense or economic security of the nation. They include: telecommunications, electrical power systems, gas and oil, banking and finance, transportation, water supply systems, government services and emergency services." Critical infrastructures increasingly depend upon information technology, are more and more interconnected, and are largely unprotected from malicious attack.
Even before the World Trade Center attack, the vulnerability of these systems has been of national concern. The Government and the press have moved to address these issues.
In July, 1996 the President's Commission on Critical Infrastructure Protection was established as the first national effort to address the vulnerabilities created in the new information age. http://www.info-sec.com/pccip/web/
In February 1998, the FBI established the National Infrastructure Protection Center (NIPC), which has the mission to serve as the U.S. government's focal point for threat assessment, warning, investigation, and response for threats or attacks against our critical infrastructures. http://www.nipc.gov/index.html
In last summer, James Adams in his "Virtual Defense" article in Foreign Affairs, argued that given the U.S. military dominance and high-tech weapons, the next war is apt to be against the highly insecure civilian infrastructure through their information systems. Thomas Friedman in his July 27 New York Times article claimed that cyberattack is the big threat, not atomic bombs.
This October the President created the Office of Homeland Security, the Homeland Security Council and the President's Critical Infrastructure Protection Board to recommend policies and coordinate programs protecting information systems for critical infrastructure. http://www.ciao.gov
This fall the Congress has been working on bills to support the improvement of vulnerability assessment and technological and systems solutions.
This seminar raises a series of timely and important questions: If we look at the nation's critical infrastructures, how much do they depend upon information technology? How vulnerable are they? What is the current state of preparedness for recovery? How can research help protect us? What is the current state of research and implementation of protections? What are the policy implications of different solutions? Where shall we go from here?
Seminar presenters include:
Ross Anderson, Professor and director of the Security Group, Cambridge University Computer Laboratory
Massoud Amin, Area Manager, Infrastructure Security, Energy Power Research Institute
Kenneth Birman, Professor of Computer Science, Cornell University
Steven Bellovin, AT&T Fellow, Communications Information Systems Research Department at AT&T Labs Research
Richard Clarke, Special Advisor to the President for Cyberspace Security, The White House
Jeffrey Hunker, Dean School of Public Policy and Management
Teresa Lunt, Principal Scientist, Area Manager for Secure Document Systems and Area Manager for the Theory Group, Computer Science Laboratory Xerox PARC
Vern Paxson, The ICSI Center for Internet Research
Shankar Sastry, Department Chair and Professor, Electrical Engineering and Computer Science Department
Sami Saydjari, Senior Staff Scientist, Computer Science Laboratory, SRI International
Ion Stoica, Assistant Professor, Electrical Engineering and Computer Science Department
Stuart Staniford, President and Founder, Silicon Defense
David Wagner, Assistant Professor, Electrical Engineering and Computer Science Department