A Rhode Island Academic Collaboration. Cybersecurity Technology and Policy (CCTP)

Transcription

1 A Rhode Island Academic Collaboration on Cybersecurity Technology and Policy (CCTP) Abstract The University of Rhode Island, Brown University, and the U.S. Naval War College, with the engagement of Bryant University and others who wish to participate, announce their intention to collaborate as academic institutions on cybersecurity issues, particularly those at the intersection of technology, policy, law, and national strategy. For the 2012 academic year we ourselves commit to inform each other of courses and degree programs that we offer, research that is funded, publications that are produced, seminars, colloquia and conferences being planned, and training programs being offered, with the possibility of renewing the collaboration annually. We will look for opportunities to collaborate in these offerings as well as on research proposals to strengthen and expand our interests at the intersection of technology and policy in cyberspace. We are individually interested in educational outreach to other schools and universities, research exploring and formulating domestic and international cyberspace policy and strategy, and training to serving Rhode Island, domestic, and international audiences. Our institutions would also serve individually as potential partners with the private sector and/or government, consistent with law and regulation. RI CCTP will serve as a role model for other regional collaborations. Background Cyber threats are among the most serious national security and economic challenges facing the national and global community. That challenge and the threat to national interests are reflected in United States government strategies focused on national defense and international engagement in a networked world. Computers and networks, for which security was an afterthought, are now ubiquitous. The efficiencies provided by networks and computers have lured us into integrating these technologies throughout our national economies. Belatedly, we have come to realize that this tight integration provides opportunities for criminals and foreign powers to steal our identities, our monies, and our commercial and state secrets as well as attack our critical infrastructure and disrupt military operations. To protect our personal, commercial, and national assets we must now take steps, individually and collectively, on both the national and international levels to secure our computers and networks. We must engage in international initiatives to combat crime and commercial espionage and avoid disruption of critical services and infrastructure that could escalate into conflict. Addressing these problems requires a broad and deep understanding of both cybersecurity policy and technology. While most computer science departments have taught courses on cryptography for decades, they have only recently begun to introduce computer and network security into their curricula. September 13,

2 The policy aspects of cybersecurity have been the subject of studies organized by think tanks, the National Academies of Science, and international bodies. Professional military institutions studying national security and strategy have only recently begun to integrate cybersecurity issues into curricula despite more than a decade s worth of experience suggesting that networks and information technologies are both essential to operations and vulnerable to attack. Unfortunately, only a few universities in the United States and the United Kingdom offer instruction or degree programs that combine both technology and policy. Knowledge of both is essential in shaping policy and developing technology; therefore, a collaboration like this in Rhode Island could play a vital role for our nation. As noted in a recent study 1 by the Center for Strategic and International Studies, an educated cybersecurity workforce is urgently needed: We not only have a shortage of the highly technically skilled people required to operate and support systems already deployed, but also an even more desperate shortage of people who can design secure systems, write safe computer code, and create the ever more sophisticated tools needed to prevent, detect, mitigate and reconstitute from damage due to system failures and malicious acts. Because cybersecurity is both a domestic and global problem, we also need a population of welleducated analysts, scholars, officers, diplomats, and private sector individuals who are conversant with domestic and international cybersecurity policy. Sound policy development is informed by a solid knowledge of technology. Technology development, which often involves policy decisions 2, must respond to the needs of policy, especially in the international arena. Thus, collaborating on the two together in one regional setting is mutually advantageous. The Rhode Island Story Rhode Island can serve as a model for the nation in cybersecurity policy and technology formulation. The University of Rhode Island, Brown University, and the U.S. Naval War College are three exemplary institutions with complementary strengths. The University of Rhode Island (URI) is a national leader in teaching, service, and research in the field of digital forensics, a component of cybersecurity that focuses on analysis and attribution of cyber crime and cyber attacks. In addition, URI has a rich program in the broader area of cybersecurity technology education and research. Brown University, through its Department of Computer Science, the Watson Institute for International Studies, its new Institute for Computational and Experimental Research in Mathematics (ICERM), and 1 A Human Capital Crisis in Cybersecurity, K. Evans and F. Reeder, CSIS Commission on Cybersecurity for the 44 th Presidency, November Code: And Other Laws of Cyberspace, Version 2.0, Lawrence Lessig, Basic Books, September 13,

3 colleagues in the departments of political science and economics, is an international leader in computer and network security, policy formulation, mathematical cryptography, and the social sciences. The U.S. Naval War College is a professional military educational institution with four principal missions: to develop strategic and operational leaders, to help define the future Navy, to support combat readiness, and to strengthen maritime security cooperation. To fulfill these missions NWC faculty teach military officers and government officials as well conduct research into the full-range of issues regarding war and peace, strategy, and national security decision making. With the support of the academic and military leadership, NWC faculty have formed a cybersecurity working group that is helping integrate cyber security into the core curriculum, electives programs, research projects and war gaming. At the end of this report each institution has provided an overview of the specific activities they will undertake. We now present some of the general plans that will be part of each institution s activities. The Educational and Training Mission The educational mission would be carried out through courses and degree programs developed at each academic institution, enhanced by cross-institutional courses and faculty exchanges, where possible and subject to later negotiations. Implementation mechanisms might include memoranda of understanding, faculty appointments, cross-listings of courses, and video conferencing facilities. While the details of these educational programs are still in the planning stages, each institution would develop its own degree and training programs when practical and as permissible under law and regulation, using courses offered by all three institutions. Cross-institutional courses would enlarge the educational opportunities for all students while allowing each institution to develop its own strengths. The number and level of degree programs will be determined by student interest and staffing as well as the interests of each institution. Short-term programs or conferences on cybersecurity technology and policy would be offered to domestic and international audiences, perhaps with the collaboration of multiple institutions. Some of these would be training-based certificate programs whereas others could lead to professional Master s degrees designed for individuals studying part-time. Local or federal governments might sponsor workshops and training programs. The Service Mission Service to local and national businesses and governments and local schools would be delivered in several ways. First, the institutions would individually offer training to Rhode Island, domestic, and/or international audiences in cybersecurity technology and policy as well as digital forensics, with collaboration where possible and subject to negotiation. In this connection they would offer continuing education programs to the local community, consistent with each institution s mission. Second, they would also serve as a knowledge base for the state, the federal government including Congress, and the private sector. Knowledge would be disseminated through faculty and staff publications and student reports on institution websites. Finally, where possible, the institutions would also serve as a focal point September 13,

4 for outreach to schools and universities around the country. In this capacity, the collaboration would serve as a model for the creation of other technology and policy collaborative activities. The Research Mission The collaborators would engage in innovative and distinctive research based upon their substantive expertise. The core research agenda of the center will include: Research Institutional Expert Digital forensics Cybersecurity technologies Strategic implications of cyber conflict, including the URI URI, Brown NWC diffusion of power and complexity in cyberspace Impact of international and domestic law Governing cyber warfare Development of international institutional arrangements and norms Technology to protect information systems Behavioral understandings to bridge the policy-technology gap NWC NWC Brown Brown, URI Brown In addition, the group will engage U.S. and international scholars and practitioners in addressing cybersecurity challenges, and serve as a source of information, expertise and recommendations for the policymakers on specific cybersecurity issues. Faculty Faculty from the three major research institutions (U.S. Naval War College, University of Rhode Island, and Brown University) will be introduced to each other and encouraged to collaborate on research. NWC faculty specializing in national security and China, cyber doctrine and strategy, international law including the law of armed conflict, and war gaming are interested in collaborating, as are URI faculty members focusing on digital forensics and cybersecurity technology from the Departments of Computer Science and Electrical and Computer Engineering. Brown faculty members in Computer Science, Engineering, ICERM, Political Science, and the Watson Institute also will be involved in effort. There will September 13,

5 be many synergistic opportunities for teaching and research between the institutions, which will broaden and deepen the collaboration. Participation of Other Rhode Island Academic Institutions Participation is expected from other academic institutions in the state that are currently less well committed to cybersecurity; preliminary discussions have been held with Dr. José Griffiths, Vice President for Academic Affairs at Bryant University Bryant hosts regional cybersecurity conferences. Others are welcome to participate. The Partners Program URI and Brown will consider introducing CCTP Partners Program whose purpose would be to provide outreach and visibility to companies who want to participate in the activities of the center, give talks in periodic Partner Symposia, and recruit students. They also could arrange to have employees attend training sessions relevant to their interests. In return for their participation, partners will be expected to contribute to the discretionary income of the center. Funds derived in this manner will provide support for colloquia, symposia, and student events. The following organizations are candidates to become partners in the center. (Note that not all of these have been contacted but will be as the center plans develop.) Raytheon SAIC Deloitte McAfee Symantec Verisign Microsoft IBM Booz Allen Google Facebook MITRE DHS State Department Dept. Commerce Tiger s Lair Inc. ForensicSoft, Inc. Trap Data Group, Inc. Secure Works, Inc. Naval Undersea Warfare Center Adaptive Solutions RI National Guard RI EMA RI State Police Cyber Command Fleet Cyber Command 10 th Fleet NSA Certification The center institutions are applying or will consider applying for designation as National Security Agency Centers of Academic Excellence in IA Education and as NSA Centers of Academic Excellence Research. Budget To be determined as the center plans develop. Summary Rhode Island is home to three major complementary institutions uniquely positioned to become world leaders in cybersecurity issues. Thus, the time is opportune for these institutions to collaborate on bridging the gap between technology, policy, and national security. Such an activity can reinforce the September 13,

6 intellectual resources of the University of Rhode Island, Brown University, and the U.S. Naval War College, with the participation of neighboring academic institutions, to provide a very high quality of education for undergraduate, graduate, and professional students as well as excite interest among K-12 students in the new technologies. Where possible, they could serve as resource centers for small companies and a breeding ground for entrepreneurs, some of whom may choose to work and reside in Rhode Island. Finally, they could serve as resources for federal, state, and Congressional policymakers, based on innovative research on cybersecurity technology and policy questions and as a convener of international expertise to address evolving cybersecurity challenges. The three major institutions welcome the engagement of Bryant University and other academic institutions that wish to collaborate. September 13,

7 FOCUS AREAS OF EACH INSTITUTION The areas of focus of each of the three principal academic partners are described below. University of Rhode Island Focus Areas URI will expand its existing Digital Forensics Center ( to establish the University of Rhode Island Cyber Security Center (URICSC) to realize the mission of providing cyber security workforce enhancement, cyber security services, and cyber security technology research for the State of Rhode Island and the Nation. The URICSC will be URI s focal point for participating in the proposed RI CCTP. URI Digital Forensics and Cybersecurity Technology Education. URI is offering courses in digital forensics and the technical aspects of cybersecurity including: Computer Forensics Encryption and Security Live Forensics and Incident Response Information Assurance Network Forensics Ethical Hacking Network Security and Intrusion Detection Degree and certificate programs at URI that contain cyber security coursework include: Undergraduate Minors in o Digital Forensics o Information/Cybersecurity Graduate Certificate in Digital Forensics Professional Certificate in Digital Forensics Graduate Certificate in Information Assurance/Cybersecurity Master s and PhD Degrees in Computer Science with a focus on Digital Forensics and/or Cybersecurity Research Part of URI's cybersecurity education is an extensive internship program that places its students with federal, state, and local law enforcement organizations and local companies that provide digital forensics and cybersecurity services and product development. Nationally, URI is the U.S. National Science Foundation's Research Experience For Undergraduates (REU) Site For Digital Forensics and as such hosts NSF-sponsored interns each year from all over the country who learn digital forensics in the URI Digital Forensics Center. The proposed CCTP would allow URI to work with Brown and the NWC to joint-list these courses, develop new courses, and enrich URI s cybersecurity/digital forensics degree program offerings through courses offered by Brown and NWC. URI Digital Forensics and Cybersecurity Service and Training. The URI DFC has conducted training courses for federal, state, and local law enforcement including: network forensics, cell phone forensics, digital forensics for first responders, digital forensics analysis, network security for critical infrastructure providers (as part of the U.S. Dept of Homeland Security UASI initiative). It has built and maintains the RI State Police Computer Crimes lab - a centralized lab for all digital forensics in the state. The URI DFC September 13,

8 staff serves on the state s Internet Crimes Against Children Task Force and the state s Cyber Disruption Response Team. Nationally, the URI DFC is the primary partner with the U.S. Department of Justice's Electronic Crime Technology Center of Excellence and as such is leading their efforts in projects such as cell phone forensics gap analysis and a national assessment report on the digital evidence handling needs faced by state and local law enforcement. URI s participation in the RI CCTP will allow it to expand its services to the service mission of the proposed RI CCTP. URI Digital Forensics and Cybersecurity Technology Research. URI has an active research program in digital forensics and cybersecurity funded primarily by the U.S. Department of Justice and the U.S. National Science Foundation, including an NSF Career Award for the faculty member involved in Cyber Security Trust research. Recent research projects include: Cyber Security Trust Steganography Detection Automated Child Pornography Detection Power Grid Security Cloud Forensics Network Forensics Tools Wireless Security Cell Phone Forensics Tools Voting System Forensics Law Enforcement Search String Support Data Security For Data Center As part of the proposed RI CCTaP, URI will expand its research program further into cybersecurity technology areas while working closely with Brown, NWC, and the partner institutions on researching solutions in the cybersecurity technology/policy intersection. September 13,

9 Brown University Focus Areas We propose to create a center of excellence at Brown University that is an educational, research, and service center focusing on cybersecurity technology and policy issues that are both domestic and international in nature. The center would serve not only students at our institution but also the local and national business communities and governments. It would also offer training and certificate programs to both domestic and international students and professionals, thereby extending the outreach of the center in a manner designed to increase understanding and protection of computer and networking technology and confidence in the good intentions of the U.S. with regard to the use of this technology. Courses Below are representative computer science and policy courses that the center may offer. Hardware Security The Internet as a Social Medium Computer System Security Network Security Freedom of Expression, Privacy, and Security Online Cryptographic solutions and risk analysis The History of Internet Governance Secure Software Development The Politics of Cyber Policy Cybersecurity and International Relations The Legal Dimensions of Cyberspace Human Factors in Computer Security Cyber Economics International Law and Cyber Conflict Privacy and Security on the Web Research Building on Brown s recognized strength in computer science, engineering and mathematics, a significant research component will focus on technology to protect information systems, such as strong ubiquitous encryption, software and hardware supply chain security, application risk management, and secure cloud computing. Social science research into decision-making under endemic uncertainty, political challenges posed by the differing nature of cyber threats, and the lack of a common understanding/lexicon between the policy-technology communities will be addressed. With expertise in international institutions and norms, research will explore existing international legal frameworks and the possible need for new agreements, the development of global norms of behavior, and cybersecurity collaboration with like-minded states and the private sector to enhance collective security. In addition, with its established international relationships and reputation, Brown can serve a convening function as a forum for international engagement and capacity building training on cybersecurity issues. Other research topics may include enhancing private sector partnerships and information-sharing on cyber threats, cyber conflict risk mitigation efforts, protection of cyber-based critical national infrastructures, frameworks for data breach notification, economic incentives to improve cybersecurity, certification, and regulation of secure software development measures, and policies for the secure reliable management of cloud computing. 9

10 U.S. Naval War College Focus Areas NWC faculty have formed a cybersecurity working group with a mandate from the President and Provost of the Naval War College. The cybersecurity working group has recommended that the NWC create a Center for Cyber Warfare Studies (CCWS). This center will be dedicated to the interdisciplinary study of the challenges presented by cyber warfare, cyberspace operations, and cybered conflict in the twentyfirst century. 3 Mission: The mission of the CCWS is to: 1. Conceptualize, promote, and support research and teaching on cyber warfare, cyberspace operations, and cybered conflict 2. Facilitate interaction and collaboration between professional military educational institutions, civilian academics, and warfighters 3. Disseminate cutting-edge analysis via symposia and workshops to provide a forum for dialogue at the Naval War College between U.S. and international practitioners and scholars 4. Expand outreach and networking activities to establish and sustain a community of interest devoted to the study and teaching of cyber warfare, cyberspace operations, and cybered conflict 5. Work in conjunction with the EMC Informationist Chair to further the understanding of information-related capabilities in achieving U. S. operational and strategic objectives Objectives: The operational objectives for CCWS are to: 1. Normalize cyber warfare, cyberspace operations, and cybered conflict concepts in joint military operations and planning paradigms 3 Cyber warfare is defined as an armed conflict conducted in whole or part by cyber means. Military operations conducted to deny an opposing force the effective use of cyberspace systems and weapons in a conflict. It includes cyber attack, cyber defense, and cyber enabling actions. (Joint Terminology for Cyberspace Operations. GEN James E. Cartwright, USMC, VCJCS, July 2010) Cyberspace operations are defined as the employment of cyber capabilities where the primary purpose is to achieve military objectives in or through cyberspace. Such operations include computer network operations and activities to operate and defend the Global Information Grid. (Joint Terminology for Cyberspace Operations. GEN James E. Cartwright, USMC, VCJCS, July 2010) A cybered conflict is any conflict of national significance in which success or failure for major participants is critically dependent on computerized key activities along the path of events. (Dr. Chris Demchak, USNWC) 10

11 2. Foster collaboration and increased institutional ties between civilian and professional military education institutions and between U.S. and international academics and practitioners 3. Promote collaborative research among scholars and practitioners that results in panel presentations at major conferences, workshops and seminars, and published research Activities: The Center for Cyber Warfare Studies (CCWS) was created to ensure that education on cyber warfare, cyberspace operations, and cybered conflict remains current, relevant, and accessible to military officers who will build on this education when devising strategies to deal with the changing character of warfare in the twenty-first century. The Center supports education and curriculum development, including case studies that focus on developing strategies, counter-strategies, and operating concepts for cyber warfare, cyberspace operations, and cybered conflict in the global information environment. CCWS achieves this by sustained collaboration that draws on expertise from a wide range of disciplines that include practitioners, educators, historians, information warfare officers, cryptologists, and scientists. Representative activities conducted by members of the CCWS include hosting and participating in symposia and workshops in order to write and teach case studies and performing outreach and network building among U.S. and international researchers and practitioners who have expertise on cyber warfare, cyberspace operations, and cybered conflict. The CCWS workshops and conferences bring civilian scholars together with military faculty and practitioners to analyze the national and international security challenges posed by cyber warfare, cyberspace operations, and cybered conflict. The target audiences for CCWS symposia, research programs, and educational outreach activities are civilian and military faculty and practitioners who teach at civilian universities, military professional institutions, and military academies. Funding for CCWS represents a sustained commitment on the part of the U.S. Navy and the Naval War College to promote and support teaching and research on cyber warfare, cyberspace operations, and cybered conflict to future strategic leaders. Ultimately, CCWS fosters interaction, collaboration, and inter-agency coordination across professional military educational institutions throughout the country and with U.S. allies. Contacts Dr. Peter Dombrowski, Chair, Strategic Research Department, U.S. Naval War College, peter.dombrowski@nwc.navy.mil, Dr. Victor Fay-Wolfe, Director URI Digital Forensics Center, University of Rhode Island, wolfe@cs.uri.edu, Dr. John E. Savage, Department of Computer Science, Brown University, John_Savage@brown.edu,