This solicitation is no longer receiving proposals

CONTACT(S)

SCOPE

This program seeks to establish a sound scientific foundation and technological basis for managing privacy and security in a world linked through computing and communication technology. This research is necessary to build the secure and reliable systems required for a highly interconnected, information technology enabled society. The program supports innovative research in all aspects of secure, reliable information systems, including methods for assessing the trustworthiness of systems. Some specific areas in which research is needed include:

• Component technologies: specification, design, development, test, verification methods to provide quantifiable assurance that specified properties are met. Ideally, such technologies should be flexible, so that they can be applied in accordance with the degree of trustworthiness required and the resources available. Methods are needed to identify particular components that provide a good basis on which to construct trustworthy systems.
• Composition methods: Assembling components into subsystems and systems with known and quantifiable trustworthiness. Identifying and minimizing the security assumptions made in a given security design. Exploiting the existence of large numbers of untrustworthy computing platforms effectively to create secure or trustworthy multiparty computations.
• Methods for maintaining trustworthiness as systems adapt and evolve.
• Methods for improving human understanding of critical system behavior and control.
• Methods for assessing tradeoffs in trustworthy system design, for example between security and performance.
• Techniques for modeling, analyzing, and predicting trust properties of systems and components.

NSF Document: NSF 01-160

Additional Information

NSF plans a new solicitation called Cyber Trust (late) this fall. This announcement will encompass a broad range of activities in research and education and will subsume some existing programs, including Trusted Computing, Communications Network Security, and Data and Applications Security. The Cyber Trust announcement is currently under internal review within NSF. Deadlines for proposals will be at least 90 days after the announcement is officially released, probably placing them in mid-February to early March.

To receive information relating to this announcement, you may sign up for the the Cyber Trust Announce mailing list by sending a blank email message to:

join-cyber-trust-announce@lists.nsf.gov

No subject or message body is necessary.

Also for information from the Cyber Trust PI meeting held August, 2003, see http://www.jhuisi.jhu.edu/institute/cybertrust.html (scroll down to 'Meeting Follow-up Postings')

This program seeks to establish a sound scientific foundation and technological basis for managing privacy and security in a world linked through computing and communication technology. This research is necessary to build the secure and reliable systems required for a highly interconnected, information technology enabled society. The program supports innovative research in all aspects of secure, reliable information systems, including methods for assessing the trustworthiness of systems. Some specific areas in which research is needed include:

• Component technologies: specification, design, development, test, verification methods to provide quantifiable assurance that specified properties are met. Ideally, such technologies should be flexible, so that they can be applied in accordance with the degree of trustworthiness required and the resources available. Methods are needed to identify particular components that provide a good basis on which to construct trustworthy systems.
• Composition methods: Assembling components into subsystems and systems with known and quantifiable trustworthiness. Identifying and minimizing the security assumptions made in a given security design. Exploiting the existence of large numbers of untrustworthy computing platforms effectively to create secure or trustworthy multiparty computations.
• Methods for maintaining trustworthiness as systems adapt and evolve.
• Methods for improving human understanding of critical system behavior and control.
• Methods for assessing tradeoffs in trustworthy system design, for example between security and performance.
• Techniques for modeling, analyzing, and predicting trust properties of systems and components.

Trusted Computing Program Summary

The Trusted Computing program seeks to establish a sound scientific foundation and technological basis for managing privacy and security in a world linked through computing and communication technology. This research is necessary to build the secure and reliable systems required for a highly interconnected, information technology enabled society. The program supports innovative research in all aspects of secure, reliable information systems, including methods for assessing the trustworthiness of systems.

In 2002, the Trusted Computing program received about 130 proposals and made approximately 30 awards. In addition, proposals submitted to the CAREER and Information Technology Research (ITR) programs in areas relevant to Trusted Computing were evaluated and funded, yielding a total of just under 50 awards.

A list of all awards made under the Trusted Computing program and their abstracts can be obtained from the NSF Awards Database by visiting NSF's 'CISE Awards' page ; enter 'Trusted Computing' as the name to search for. (The list returned will include CAREER awards, but not ITR awards relevant to Trusted Computing). The Fielded Search page, can be used to return the abstract for any specific award, by selecting 'Exactly' for the Award number option and entering the desired award number in the following field.

Each of the projects funded under the Trusted Computing program was proposed as an independent effort, and there are many ways to characterize the areas they will explore. A single project may investigate several technical areas. The following is one way to organize the collection of funded proposals. For each proposal, the award number, title, Principal Investigator and the PI's institution are given. For brevity, Co-PIs, are omitted; this information is available from the award abstract. A few of the proposals that cross categories are listed twice.

Coping with today's weak cyber infrastructure

Few would dispute that today's cyberinfrastructure contains many flaws and vulnerabilities, yet it is unlikely that this infrastructure will change significantly in the short term, or that these weaknesses will go away. One area of research aims at working within the present infrastructure to enhance its security. Projects that might be classified in this way include those aimed at flaw detection, remediation, or tolerance, those addressing system management issues, and those aimed at producing systems with security functions (e.g. authentication) that are more effective and easier to use than current systems. Also in this category are projects aiming to improve detection of attacks and to recover from or respond to attacks (e.g., by reconfiguring a system into a more protective mode). Projects in the Trusted Computing program that might fit in this category include:

Flaw detection / remediation / tolerance / system management / usable security

• 0208740 : Transient Authentication for Mobile Devices; Brian Noble, U. Michigan
• 0208848 : Network Vulnerability and Resiliency Analysis; Paul Amman, George Mason U.
• 0205376 : ITR: Model Checking for Detecting Computer System Vulnerabilities; C. Ramakrishnan, SUNY-Stonybrook
• 0219587 : ITR: Intrusion Detection and Intrusion Prevention Through Dynamic Binary Translation; D. Stefanovic, U. New Mexico
• 0219085 : ITR: Covirt: Security Defenses for Insecure Operating Systems; P. Chen, U. Michigan
• 0205733 : ITR: Deployment-Oriented Security and Content Protection; Dan Boneh, Stanford

Hardware related forensics

• 0219893 : ITR: Printer Characterization and Signature-Embedding for Security and Forensic Applications; Jan Allebach, Purdue

Attack detection

• 0209046 : LATTICED: An Algebra for Intrusion Correlation; Herb Schorr, Brian Tung, USC-ISI
• 0207297 : Reduce False Alerts, Uncover High-Level Attack Strategies and Predict Attacks in Progress Using Prerequisites of Intrusions; Peng Ning, North Carolina State
• 0133629 : CAREER: Adaptive Intrusion Detection Systems; Wenke Lee, Georgia Tech

Attack response

• 0208877 : A New Approach for Securing Systems Using Automated Adaptive Intrusion Response; R. Sekar, SUNY-Stony Brook

Foundations for a stronger cyber infrastructure for tomorrow

The Trusted Computing Program supports fundamental research that can lead from today's vulnerable systems to a cyber infrastructure that provides a stronger, more trustworthy base on which to build applications and conduct commerce. Projects in this category aim to improve the foundations and theory of trustworthy computing, to improve the tools available for designing, building, and assuring cyber infrastructure, and to provide improved mechanisms (e.g. for operating systems, file systems, network protocols) that could lead to or be used in a next generation cyber infrastructure. Projects to develop hardware architectures that can tolerate software imperfections and projects to improve cryptographic technology are also included in this category.

Theoretical Foundations - logic, theories, specifications

• 0208996 : Collaborative Research: Formal privacy; Carl Gunter, U. Penn.
• 0208983 : Collaborative Research: Formal privacy; Stuart Stubblebine, Stubblebine Research Lab.
• 0208800 : Distributed Authentication and Authorization: Models, Calculi, Methods; Martin Abadi, UC-Santa Cruz
• 0208535 : Towards Improved Logics For Reasoning About Security; Joseph Halpern, Cornell
• 0208779 : Cyberlogic; Harald Ruess, SRI
• 0209092 : Models for Trusted Systems; Yvo Desmedt, Florida State
• 0220286 : ITR: Secure Electronic Transactions; Adriana Campagnoni, Stevens Institute

Methods for improved software infrastructure

Programming Languages and Tools

• 0208601 : Collaborative Research: High-Assurance Common Language Runtime; Andrew Appel, Princeton
• 0208618 : Collaborative Research: High-Assurance Common Language Runtime; Zhong Shao, Yale
• 0208642 : End-to-end Integrity and Confidentiality for Distributed Systems; Andrew Myers, Cornell
• 0208984 : Collaborative Research: Integrating pointer confinement and access control for encapsulation; David Naumann, Stevens Institute
• 0209205 : Collaborative Research: Integrating pointer confinement and access control for encapsulation; Anindya Banerjee, Kansas State
• 0209163 : Practical Language-Based Security, From The Ground Up; Michael Franz, UC-Irvine
• 0219902 : ITR: Guarding Quasi-Invariants: Generalizing Specialization for System Software Security & Reliability; Calton Pu, Georgia Tech
• 0208549 : Cryptyc: Crypto protocol type checking; Alan Jeffrey, DePaul

Distributed access control

• 0209083 : Distributed Access Control for Accountable Systems; Dominic Duggan, Stevens Institute
• 0208972 : GRIDLOCK: A New Scalable Approach to Unifying Computer and Communications Security; Joan Feigenbaum, Yale

Mobile agent systems

• 0208640 : Mobile Agent Security Through Multi-Agent Protocols; Stephen Tate, U. North Texas
• 0209065 : Collaborative Research: MASSA: Mobile Agent System Security Through Analysis; Giovanni Vigna, UC-Santa Barbara
• 0209322 : Collaborative Research: MASSA: Mobile Agent System Security Through Analysis; Mary Harrold, Georgia Tech
• 0208853 : Security and Privacy for Publish-Subscribe Systems; Michael Reiter, Carnegie-Mellon
• 0219559 : ITR: Bandwidth Efficient Techniques for Ensuring Mobile Code Integrity and Authntication; Lori Pollock, U. Delaware

Security in Mobile Ad Hoc Networks (MANETs)

• 0209049 : Integrating Security into Quality-of-Service Based Routing and Mobility Management in Ad Hoc Wireless Networks; Brian Mark, George Mason U.
• 0209204 : Security in Multihop Wireless Ad Hoc Network Routing; David Johnson, Rice
• 0208631 : Security Protocols for Pervasive Computing Applications; Srinivas Devadas, MIT

Distributed file systems, secure storage, database

• 0208683 : Trusted Peer-To-Peer Systems; Hector Garcia-Molina, Stanford
• 0209144 : Survivable Trust for Critical Infrastructure; David Nicoll, Dartmouth
• 0208975 : Collaborative Research: Efficient Data Distribution Schemes for Secure and Reliable Networked Storage Systems; Jehoshua Bruck, Cal Tech
• 0209042 : Collaborative Research: Efficient Data Distribution Schemes for Secure and Reliable Networked Storage Systems; Lihao Xu, Washington U.
• 0208655 : Agile Security for Storing Sensitive and Critical Information; Mustaque Ahamad, Georgia Tech
• 0208803 : QoI aware attack-resilient database; Peng Liu, Penn State
• 0218019 : ITR: Fast, Flexible, and Secure Wide-area File Systems; Peter Keleher, U. Maryland CP
• 0220069 : ITR: Privacy in Database-as-a-service (DAS) model; Sharad Mehrotra, UC-Irvine

Methods for improved hardware architectures that can cope with imperfect software

• 0208946 : Architectural Solutions for Preventing Distributed Denial of Service Attacks; Ruby Lee, Princeton
• 0209078 : Trust emanates from within: a micro-architectural and compiler support framework for trust; Akilesh Tyagi, Iowa State

Cryptographic technology

• 0208549 : Cryptyc: Crypto protocol type checking; Alan Jeffrey, DePaul
• 0208842 : Practice-Oriented Provable Security for Higher-Layer Protocols: Models, Analyses and Solutions; Phil Rogaway, UC-Davis
• 0205423 : ITR:Information Theoretic Secure Hyper-Encryption and Protocols; Michael Rabin, Harvard
• 0133985 : CAREER: Highly-Optimized Provably-Secure Cryptography; John Black, U. Colorado
• 0133698 : CAREER: Information Privacy Protection: System and Social Aspects; Giuseppe Ateniese, Johns Hopkins U.

Empirical cybersecurity

Cyber security in next generation technologies and environments