Team for Research in
Ubiquitous Secure Technology

TRUST Annual Report 2010-2011
Faculty and Staff

Citation
Faculty and Staff. "TRUST Annual Report 2010-2011". Unpublished article, June, 2011.

Abstract
The Team for Research in Ubiquitous Security Technology (TRUST) was created in response to a growing sense of urgency in dealing with all aspects of cyber security as it affects society. The role and penetration of computing systems and networks in our societal infrastructure continues to grow and their importance to societal safety and the security has never been greater. Beyond mere connection to the internet and access to global resources, information systems form the backbone of our nation's financial services and electronic commerce, are used for controlling critical infrastructures such as power, water, and telecommunications, and enable the rapid evolution in healthcare toward enhanced services increasingly supported by the digital storage of and instant access to patient health and medical data. That said, many such computing and control systems remain untrustworthy. Waves of viruses and worms sweep the Internet and exhibit increasing virulence and rate of speed that is also directly proportional to their growing ease of deployment. Issues affecting privacy are poorly understood and, when they are understood, are often not sufficiently addressed in system design and development. Security is generally inadequate, and some speak of a "market failure" in the domain. Broader issues of software usability, reliability and correctness remain challenging. Industry stakeholders are unable to recruit new employees adequately trained in these technologies. Society is placing computers into critical roles, although they do not meet the requirements of trust. TRUST is composed of several universities that have joined forces to organize a multifaceted response to these issues. TRUST represents the strongest and most diverse engagement in the area of trusted systems ever assembled. TRUST recognized the breadth of the problems and has combined fundamental science with a broader multidisciplinary focus on economic, social, and legal considerations as well as a substantial education mission. TRUST is enabling dialog with stakeholders whose needs simply cannot be approached in a narrower and purely technical manner or by any single research group. As such, TRUST acts as an intermediary between policy makers and society at large on the one hand, and researchers, academics, and industrial providers of services and technology on the other. TRUST seeks to achieve its mission through research as well as a global policy for engaging in education of society as a whole. This annual report of TRUST details the experience of the Center along many dimensions--research, education, diversity, and knowledge transfer. In research, TRUST has achieved success along several fronts and is addressing fundamental scientific and technological problems and advancing the state-of-the-art in a number of areas: security and privacy issues associated with the rapidly increasing use of electronic media for the archival and access of patient medical records; web authentication, end-user privacy, next-generation browser security, malware detection, and improved system forensic techniques to combat online attacks; application defenses for network-level intrusions and attacks including compromised and malfunctioning legacy applications, viruses, worms, and spyware; incentives for research, investment, policies, and procedures for technology that enhance system security, privacy, and trustworthiness; secure embedded sensor networks for large-scale applications critical to the nation's economy, energy, security, and health; and techniques that ensure trustworthy computing by securing hardware, improving software robustness, and increasing the survivability of critical systems. In education, TRUST is leveraging an existing learning technology infrastructure to quickly enable TRUST courseware and material to be assembled, deposited in a repository, and adapted for wide web-based content dissemination. In addition to developing special courses for undergraduate and graduate curricula, and regular seminars and webcasts, TRUST has hosted a series of workshops on sensor networks, privacy, identity theft, and electronic medical records. A major thrust recently has been focused on increasing content in the TRUST Academy Online (TAO) and continuing the redesign of the TAO portal. In diversity, TRUST has an ambitious goal of reaching a diversity goal across the Center of 30% women and 10% from underrepresented minorities. The Center has been very proactive in this regard and expanded several programs for enhancing diversity and broadening the participation of women and underrepresented minorities. In knowledge transfer, TRUST has continued a robust program of technology transition with industry (from reporting security vulnerabilities to software vendors to various consulting activities) and active engagement with governmental agencies such as the Department of Homeland Security (DHS), the Air Force Office of Scientific Research (AFOSR), the Department of Defense (DoD), and the Department of Energy (DoE) which are all concerned with issues of cybersecurity and trustworthiness. Recently, this has been expanded to include key constituents in the financial sector, in particular through dialogue and exchange of ideas with the Financial Services Technology Consortium (FSTC). TRUST also has an active set of industrial partners with whom we are engaging in research and development collaborations of mutual interest. Overall, we are happy to report that the Center is making excellent progress towards its goals, its participants are actively engaged, and the outlook is positive.

Electronic downloads

Citation formats  
  • HTML
      Faculty and Staff. <a
    href="http://www.truststc.org/pubs/902.html"
    ><i>TRUST Annual Report
    2010-2011</i></a>, Unpublished article,  June,
    2011.
  • Plain text
      Faculty and Staff. "TRUST Annual Report
    2010-2011". Unpublished article,  June, 2011.
  • BibTeX
    @unpublished{FacultyandStaff11_TRUSTAnnualReport20102011,
        author = {  Faculty and Staff},
        title = {TRUST Annual Report 2010-2011},
        month = {June},
        year = {2011},
        abstract = {The Team for Research in Ubiquitous Security
                  Technology (TRUST) was created in response to a
                  growing sense of urgency in dealing with all
                  aspects of cyber security as it affects society.
                  The role and penetration of computing systems and
                  networks in our societal infrastructure continues
                  to grow and their importance to societal safety
                  and the security has never been greater. Beyond
                  mere connection to the internet and access to
                  global resources, information systems form the
                  backbone of our nation's financial services and
                  electronic commerce, are used for controlling
                  critical infrastructures such as power, water, and
                  telecommunications, and enable the rapid evolution
                  in healthcare toward enhanced services
                  increasingly supported by the digital storage of
                  and instant access to patient health and medical
                  data. That said, many such computing and control
                  systems remain untrustworthy. Waves of viruses and
                  worms sweep the Internet and exhibit increasing
                  virulence and rate of speed that is also directly
                  proportional to their growing ease of deployment.
                  Issues affecting privacy are poorly understood
                  and, when they are understood, are often not
                  sufficiently addressed in system design and
                  development. Security is generally inadequate, and
                  some speak of a "market failure" in the domain.
                  Broader issues of software usability, reliability
                  and correctness remain challenging. Industry
                  stakeholders are unable to recruit new employees
                  adequately trained in these technologies. Society
                  is placing computers into critical roles, although
                  they do not meet the requirements of trust. TRUST
                  is composed of several universities that have
                  joined forces to organize a multifaceted response
                  to these issues. TRUST represents the strongest
                  and most diverse engagement in the area of trusted
                  systems ever assembled. TRUST recognized the
                  breadth of the problems and has combined
                  fundamental science with a broader
                  multidisciplinary focus on economic, social, and
                  legal considerations as well as a substantial
                  education mission. TRUST is enabling dialog with
                  stakeholders whose needs simply cannot be
                  approached in a narrower and purely technical
                  manner or by any single research group. As such,
                  TRUST acts as an intermediary between policy
                  makers and society at large on the one hand, and
                  researchers, academics, and industrial providers
                  of services and technology on the other. TRUST
                  seeks to achieve its mission through research as
                  well as a global policy for engaging in education
                  of society as a whole. This annual report of TRUST
                  details the experience of the Center along many
                  dimensions--research, education, diversity, and
                  knowledge transfer. In research, TRUST has
                  achieved success along several fronts and is
                  addressing fundamental scientific and
                  technological problems and advancing the
                  state-of-the-art in a number of areas: security
                  and privacy issues associated with the rapidly
                  increasing use of electronic media for the
                  archival and access of patient medical records;
                  web authentication, end-user privacy,
                  next-generation browser security, malware
                  detection, and improved system forensic techniques
                  to combat online attacks; application defenses for
                  network-level intrusions and attacks including
                  compromised and malfunctioning legacy
                  applications, viruses, worms, and spyware;
                  incentives for research, investment, policies, and
                  procedures for technology that enhance system
                  security, privacy, and trustworthiness; secure
                  embedded sensor networks for large-scale
                  applications critical to the nation's economy,
                  energy, security, and health; and techniques that
                  ensure trustworthy computing by securing hardware,
                  improving software robustness, and increasing the
                  survivability of critical systems. In education,
                  TRUST is leveraging an existing learning
                  technology infrastructure to quickly enable TRUST
                  courseware and material to be assembled, deposited
                  in a repository, and adapted for wide web-based
                  content dissemination. In addition to developing
                  special courses for undergraduate and graduate
                  curricula, and regular seminars and webcasts,
                  TRUST has hosted a series of workshops on sensor
                  networks, privacy, identity theft, and electronic
                  medical records. A major thrust recently has been
                  focused on increasing content in the TRUST Academy
                  Online (TAO) and continuing the redesign of the
                  TAO portal. In diversity, TRUST has an ambitious
                  goal of reaching a diversity goal across the
                  Center of 30% women and 10% from underrepresented
                  minorities. The Center has been very proactive in
                  this regard and expanded several programs for
                  enhancing diversity and broadening the
                  participation of women and underrepresented
                  minorities. In knowledge transfer, TRUST has
                  continued a robust program of technology
                  transition with industry (from reporting security
                  vulnerabilities to software vendors to various
                  consulting activities) and active engagement with
                  governmental agencies such as the Department of
                  Homeland Security (DHS), the Air Force Office of
                  Scientific Research (AFOSR), the Department of
                  Defense (DoD), and the Department of Energy (DoE)
                  which are all concerned with issues of
                  cybersecurity and trustworthiness. Recently, this
                  has been expanded to include key constituents in
                  the financial sector, in particular through
                  dialogue and exchange of ideas with the Financial
                  Services Technology Consortium (FSTC). TRUST also
                  has an active set of industrial partners with whom
                  we are engaging in research and development
                  collaborations of mutual interest. Overall, we are
                  happy to report that the Center is making
                  excellent progress towards its goals, its
                  participants are actively engaged, and the outlook
                  is positive.},
        URL = {http://www.truststc.org/pubs/902.html}
    }
    

Posted by Larry Rohrbough on 23 Apr 2012.
Groups: trust
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.