International Collaboration for Advancing Information Security Technology Der Tsai Lee Ph D PI iCAST Director Institute of Information Science by tae66661

VIEWS: 44 PAGES: 17

									International Collaboration
for Advancing Information
    Security Technology


             Der-Tsai Lee, Ph.D.
                   PI, iCAST
 Director, Institute of Information Science,
              Academia Sinica
               Director, TWISC

                 3/27/2006

                                               iCAST
                Outline
   Recent Severe Incidents
   R&D in Information Security (IS)
   Status of IS R&D in Taiwan
   Objectives
   Conceiving of iCAST
   iCAST Organization and Projects
   iCAST Program Office
   iCAST Activities & Expected Outcomes


                     2/17              iCAST
  Recent Severe Incidents
 June 17, 2005
  – CardSystems, located in Arizona, was breached by SQL
    Injection (SecurityFocus)
      • 200,000 transactions got stolen
      • 40 million accounts were leaked
 June 19, 2005
  – A USC database containing about 270,000 records of past
    applicants were leaked. (SecurityFocus)
 Aug 03, 2005
  – Cisco.com search tool was found vulnerable that could
    expose passwords of registered users (CNET news)
  – All of its customers were notified to change their passwords




                             3/17                          iCAST
        R&D in Info. Security

Cryptography        Digital Signature   AAA

Electronic Cash       PKI      Smart Card     OS Security

Digital Rights Protection    Data Privacy Protection

Virus    IDS/ IPS

Software Security      Anti- Spyware/ Malware
Mobile Commerce        Hardware Security      P2P Security



                            4/17                       iCAST
 Improving R&D Effort in IS
Domestic IS R&D needs improvements in
  five areas:
1.   High failure rate (false positive/negative) in
     Intrusion Detection
2.   Security of application program
       Security loopholes embedded in program coding
3.   Security for heterogeneous networks
       Problem originated from the data communication through
       heterogeneous networks
4.   Digital monitoring/authentication
       Privacy issues in RFID and monitor systems
5.   Application of IS technology
       IS risk assessment and expert system


                              5/17                       iCAST
5 Years Later-IS in Taiwan?
 Own several world-class technologies?
 A solid research infrastructure that supports
     Training of People
     Knowledge and Technology Transition
     People Networking (global)
     Resources Utilization/Sharing (global)
     International Competition
 Academia-Industry collaboration in info.
  security with real applications
     Derive new business model?
     Trigger new IS industry?
     Beyond OEM, ODM?
     Toward IIT (Invent in Taiwan)?



                             6/17              iCAST
Objective: Build Infrastructure
Build IS Research Infrastructure
 Transfer know-how of world-class research
  labs
 Teamwork
   Build a mechanism for information and knowledge sharing
    and management
 Training
   Info. Security research needs more hands-on experience
 Education
   Curriculum
   Exchange program
 International Workshops/Conferences
 Government Support


                           7/17                         iCAST
Objective: Attain Core Values
World-class IS technologies Creativity,
   Originality and Usability, Academia-
   Industry Cooperation
 Dynamics: a multi-dimensional operation
   Exchange of scholars/engineers
   Engage in security research forum, e.g. TRUST
    discussion forum
   Join int’l working groups, e.g. IETF, OASIS,
    OWASP
   Open source development
 Competitiveness and Practical
   Choose the right target to attack
    (i.e., plan strategically)
   Dedication, Teamwork & Execute!
                     8/17                   iCAST
     Conceiving of iCAST
IS Delegation Visited UCB and CMU

 On 6/11/2005
Led by Minister Lin, the information Security
  Delegation visited University of California,
  Berkeley and Carnegie Mellon University and
  signed MOU for International Collaboration

---> Initiation of International Collaboration for
   Advancing Security Technology (iCAST)




                         9/17                        iCAST
             iCAST
 international Collaboration for
 Advancing Security Technology

TWISC                       TRUST

  III
              iCAST        UCB, Cornell,
 ITRI                      Stanford,
                           Vanderbilt
  etc.
                            CMU
                 10/17              iCAST
    iCAST Organization (draft)
                          行政院科技顧問組
                             資安小組                主持人        中央研究院
                                                                     所長
                                                 李德財        資訊科學所

                          政策規劃       計畫執行        許清琦
                                                        資訊工業策進會
                                                                    副執行
                          與督導        成果呈現       (共同)                 長
                                                 林寶樹    工業技術研究院
                                                                     所長
                                                (共同)      資通所
                          資安科技跨國合作
            計畫                                   李漢銘    國立台灣科技大
                                                                     教授
                             總計畫                (共同)       學
        Review board
                              辦公室               蘇惠琴 (聯絡人)



分項計畫一     何寶中    資訊工業策進會網路多媒體研究所          副所長   網路安全診測技術研發(1)


分項計畫二     余孝先      工業技術研究院資通所             副所長   資安技術國際合作研究計畫(3)

                                                資通安全跨國合作人才培育與關鍵技術研
分項計畫三     吳宗成          國立台灣科技大學           教授
                                                發計畫(6)
                                                國防資訊安全防護中心(ND-SOC)跨領域人
分項計畫四     陸續       國防大學中正理工學院             院長
                                                才培訓(1)



                                  11/17                             iCAST
           iCAST Projects




資安科技跨國合作
   計畫




                 12/17      iCAST
        iCAST Program Office
   Single Contact Point
   Coordinate, monitor, and steer the projects
   Organize tutorials, seminars, workshops, and
    conferences
       Optimize the outcome of International Collaboration
   Coordinate the contract preparation, signing and
    related issues
   Disseminate Technology, support IS Industry
       Bridge between academia and industry
           Assist industry to acquire desired core technologies
           Help coordinate training program for professionals in public
            and private sectors
           Facilitate technology transfer



                                 13/17                              iCAST
                 Planned Activities
                              2006
Monthly                                            2007
  Progress       1 2 3 4   5 6 7 8 9 10 11 12
PI Monthly
                                        
Meeting
Tutorials/
workshops/                    
short courses
Strategic and
review                                     
meetings
Annual review
                                                    
and exhibition
                           14/17                   iCAST
         Expected Outcome
                                                     Prototype
                    People      Publications
Group   US    Proj.                          Patents /system/
                    trained     /reports
                                                     platform
ITRI    CMU    1       1              1                  1
        UCB    2       4              3         2        2
TWISC   CMU    3       33             8         3        2
        UCB    3       33             6                  3
III     UCB    1       10             2         2        1
NDU     CMU    1       11             3
Total          11      92             23        7        9

                92 professionals, 23 papers/reports
                 7 patents, 9 prototypes/systems


                              15/17                       iCAST
           Conclusions
 Bring core values to Taiwan Information
  Security Research via International
  Collaboration
 Build a solid Info. Security research
  infrastructure as a key outcome of
  International Collaboration
 Attain world-class info. security
  technologies through International
  Collaboration and upgrade our
  competitiveness
 Commitment, Dedication, and Teamwork
  will be key to success for International
  Collaboration

                    16/17               iCAST
Thank you for your attention




                          iCAST

								
To top