Team for Research in
Ubiquitous Secure Technology

TRUST Annual Report 2008-2009
Faculty and Staff

Citation
Faculty and Staff. "TRUST Annual Report 2008-2009". Unpublished article, May, 2009.

Abstract
The Team for Research in Ubiquitous Security Technology (TRUST) was created in response to a growing sense of urgency in dealing with all aspects of cyber security as it affects society. The role and penetration of computing systems and networks in our societal infrastructure continues to grow and their importance to societal safety and the security has never been greater. Beyond mere connection to the internet and access to global resources, information systems form the backbone of our nation’s financial services and electronic commerce, are used for controlling critical infrastructures such as power, water, and telecommunications, and enable the rapid evolution in healthcare toward enhanced services increasingly supported by the digital storage of and instant access to patient health and medical data

That said, many such computing and control systems remain untrustworthy. Waves of viruses and worms sweep the Internet and exhibit increasing virulence and rate of speed that is also directly proportional to their growing ease of deployment. Issues affecting privacy are poorly understood and, when they are understood, are often not sufficiently addressed in system design and development. Security is generally inadequate, and some speak of a “market failure” in the domain. Broader issues of software usability, reliability and correctness remain challenging. Industry stakeholders are unable to recruit new employees adequately trained in these technologies. Society is placing computers into critical roles, although they do not meet the requirements of trust.

TRUST is composed of several universities that have joined forces to organize a multifaceted response to these issues. TRUST represents the strongest and most diverse engagement in the area of trusted systems ever assembled. TRUST recognized the breadth of the problems and has combined fundamental science with a broader multidisciplinary focus on economic, social, and legal considerations as well as a substantial education mission. TRUST is enabling dialog with stakeholders whose needs simply cannot be approached in a narrower and purely technical manner or by any single research group. As such, TRUST acts as an intermediary between policy makers and society at large on the one hand, and researchers, academics, and industrial providers of services and technology on the other.

TRUST seeks to achieve its mission through research as well as a global policy for engaging in education of society as a whole. This annual report of TRUST details the experience of the Center along many dimensions—research, education, diversity, and knowledge transfer.

In research, TRUST has achieved success along several fronts and is addressing fundamental scientific and technological problems and advancing the state-of-the-art in a number of areas: security and privacy issues associated with the rapidly increasing use of electronic media for the archival and access of patient medical records; web authentication, end-user privacy, next-generation browser security, malware detection, and improved system forensic techniques to combat online attacks; application defenses for network-level intrusions and attacks including compromised and malfunctioning legacy applications, viruses, worms, and spyware; incentives for research, investment, policies, and procedures for technology that enhance system security, privacy, and trustworthiness; secure embedded sensor networks for large-scale applications critical to the nation’s economy, energy, security, and health; and techniques that ensure trustworthy computing by securing hardware, improving software robustness, and increasing the survivability of critical systems.

In education, TRUST is leveraging an existing learning technology infrastructure to quickly enable TRUST courseware and material to be assembled, deposited in a repository, and adapted for wide web-based content dissemination. In addition to developing special courses for undergraduate and graduate curricula, and regular seminars and webcasts, TRUST has hosted a series of workshops on sensor networks, privacy, identity theft, and electronic medical records. A major thrust in the fourth year was increasing content in the TRUST Academy Online (TAO) and continuing the redesign of the TAO portal. Again, all these are reported below in the section on education.

In diversity, TRUST has an ambitious goal of reaching a diversity goal across the Center of 30% women and 10% from underrepresented minorities. The Center has been very proactive in this regard and expanded several programs for enhancing diversity and broadening the participation of women and underrepresented minorities.

In knowledge transfer, TRUST has continued a robust program of technology transition with industry (from reporting security vulnerabilities to software vendors to various consulting activities) and active engagement with governmental agencies such as the Department of Homeland Security (DHS), the Air Force Office of Scientific Research (AFOSR), the Department of Defense (DoD), and the Department of Energy (DoE) which are all concerned with issues of cyber security and trustworthiness. TRUST also has an active set of industrial partners with whom we are engaging in research and development collaborations of mutual interest. More details are provided in the section on knowledge transfer.

Overall, we are happy to report that the Center is making excellent progress towards its goals, its participants are actively engaged, and the outlook is positive.

Electronic downloads

Citation formats  
  • HTML
      Faculty and Staff. <a
    href="http://www.truststc.org/pubs/663.html"
    ><i>TRUST Annual Report
    2008-2009</i></a>, Unpublished article,  May,
    2009.
  • Plain text
      Faculty and Staff. "TRUST Annual Report
    2008-2009". Unpublished article,  May, 2009.
  • BibTeX
    @unpublished{FacultyandStaff09_TRUSTAnnualReport20082009,
        author = {  Faculty and Staff},
        title = {TRUST Annual Report 2008-2009},
        month = {May},
        year = {2009},
        abstract = {The Team for Research in Ubiquitous Security
                  Technology (TRUST) was created in response to a
                  growing sense of urgency in dealing with all
                  aspects of cyber security as it affects society.
                  The role and penetration of computing systems and
                  networks in our societal infrastructure continues
                  to grow and their importance to societal safety
                  and the security has never been greater. Beyond
                  mere connection to the internet and access to
                  global resources, information systems form the
                  backbone of our nationâs financial services and
                  electronic commerce, are used for controlling
                  critical infrastructures such as power, water, and
                  telecommunications, and enable the rapid evolution
                  in healthcare toward enhanced services
                  increasingly supported by the digital storage of
                  and instant access to patient health and medical
                  data <p>That said, many such computing and control
                  systems remain untrustworthy. Waves of viruses and
                  worms sweep the Internet and exhibit increasing
                  virulence and rate of speed that is also directly
                  proportional to their growing ease of deployment.
                  Issues affecting privacy are poorly understood
                  and, when they are understood, are often not
                  sufficiently addressed in system design and
                  development. Security is generally inadequate, and
                  some speak of a âmarket failureâ in the
                  domain. Broader issues of software usability,
                  reliability and correctness remain challenging.
                  Industry stakeholders are unable to recruit new
                  employees adequately trained in these
                  technologies. Society is placing computers into
                  critical roles, although they do not meet the
                  requirements of trust. <p>TRUST is composed of
                  several universities that have joined forces to
                  organize a multifaceted response to these issues.
                  TRUST represents the strongest and most diverse
                  engagement in the area of trusted systems ever
                  assembled. TRUST recognized the breadth of the
                  problems and has combined fundamental science with
                  a broader multidisciplinary focus on economic,
                  social, and legal considerations as well as a
                  substantial education mission. TRUST is enabling
                  dialog with stakeholders whose needs simply cannot
                  be approached in a narrower and purely technical
                  manner or by any single research group. As such,
                  TRUST acts as an intermediary between policy
                  makers and society at large on the one hand, and
                  researchers, academics, and industrial providers
                  of services and technology on the other. <p>TRUST
                  seeks to achieve its mission through research as
                  well as a global policy for engaging in education
                  of society as a whole. This annual report of TRUST
                  details the experience of the Center along many
                  dimensionsâresearch, education, diversity, and
                  knowledge transfer. <p>In research, TRUST has
                  achieved success along several fronts and is
                  addressing fundamental scientific and
                  technological problems and advancing the
                  state-of-the-art in a number of areas: security
                  and privacy issues associated with the rapidly
                  increasing use of electronic media for the
                  archival and access of patient medical records;
                  web authentication, end-user privacy,
                  next-generation browser security, malware
                  detection, and improved system forensic techniques
                  to combat online attacks; application defenses for
                  network-level intrusions and attacks including
                  compromised and malfunctioning legacy
                  applications, viruses, worms, and spyware;
                  incentives for research, investment, policies, and
                  procedures for technology that enhance system
                  security, privacy, and trustworthiness; secure
                  embedded sensor networks for large-scale
                  applications critical to the nationâs economy,
                  energy, security, and health; and techniques that
                  ensure trustworthy computing by securing hardware,
                  improving software robustness, and increasing the
                  survivability of critical systems. <p>In
                  education, TRUST is leveraging an existing
                  learning technology infrastructure to quickly
                  enable TRUST courseware and material to be
                  assembled, deposited in a repository, and adapted
                  for wide web-based content dissemination. In
                  addition to developing special courses for
                  undergraduate and graduate curricula, and regular
                  seminars and webcasts, TRUST has hosted a series
                  of workshops on sensor networks, privacy, identity
                  theft, and electronic medical records. A major
                  thrust in the fourth year was increasing content
                  in the TRUST Academy Online (TAO) and continuing
                  the redesign of the TAO portal. Again, all these
                  are reported below in the section on education.
                  <p>In diversity, TRUST has an ambitious goal of
                  reaching a diversity goal across the Center of 30%
                  women and 10% from underrepresented minorities.
                  The Center has been very proactive in this regard
                  and expanded several programs for enhancing
                  diversity and broadening the participation of
                  women and underrepresented minorities. <p>In
                  knowledge transfer, TRUST has continued a robust
                  program of technology transition with industry
                  (from reporting security vulnerabilities to
                  software vendors to various consulting activities)
                  and active engagement with governmental agencies
                  such as the Department of Homeland Security (DHS),
                  the Air Force Office of Scientific Research
                  (AFOSR), the Department of Defense (DoD), and the
                  Department of Energy (DoE) which are all concerned
                  with issues of cyber security and trustworthiness.
                  TRUST also has an active set of industrial
                  partners with whom we are engaging in research and
                  development collaborations of mutual interest.
                  More details are provided in the section on
                  knowledge transfer. <p>Overall, we are happy to
                  report that the Center is making excellent
                  progress towards its goals, its participants are
                  actively engaged, and the outlook is positive.},
        URL = {http://www.truststc.org/pubs/663.html}
    }
    

Posted by Larry Rohrbough on 28 Mar 2010.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.