SDN Security Challenges. Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015



Similar documents
Take My Cash, Please. aka NSF Funding Opportuni/es in Secure and Trustworthy Cyberspace (SaTC) (only be sure always to call it, please, research)

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC)

SECURE AND TRUSTWORTHY CYBERSPACE (SaTC) $124,250,000 +$1,500,000 / 1.2%

US Federal Cyber Security Research Program. NITRD Program

National Cybersecurity Challenges and NIST. Donna F. Dodson Chief Cybersecurity Advisor ITL Associate Director for Cybersecurity

Actions and Recommendations (A/R) Summary

TUSKEGEE CYBER SECURITY PATH FORWARD

[STAFF WORKING DRAFT]

National Initiative for Cyber Security Education

Cyber Security and Privacy - Program 183

3rd International Symposium on Big Data and Cloud Computing Challenges (ISBCC-2016) March 10-11, 2016 VIT University, Chennai, India

One Hundred Thirteenth Congress of the United States of America

Bellevue University Cybersecurity Programs & Courses

Lessons from Defending Cyberspace

Funding Innovative Network and Cybersecurity Research

F:\COMP\SCIENCE\CYBER SECURITY RESEARCH AND DEVELOPMENT ACT.XML

1 st Symposium on Colossal Data and Networking (CDAN-2016) March 18-19, 2016 Medicaps Group of Institutions, Indore, India

Cybersecurity Enhancement Account. FY 2017 President s Budget

Big Data R&D Initiative

CHAPTER 1 INTRODUCTION

Priority III: A National Cyberspace Security Awareness and Training Program

NITRD: National Big Data Strategic Plan. Summary of Request for Information Responses

PRISMACLOUD. Privacy and Security Maintaining Services in the Cloud Thomas Loruenser AIT Austrian Institute of Technology GmbH

National Institute of Standards and Technology Smart Grid Cybersecurity

NIST Cyber Security Activities

2015 Michigan NASCIO Award Nomination. Cyber Security Initiatives: Michigan Cyber Disruption Response Strategy

Securing the Electric Grid with Common Cyber Security Services Jeff Gooding

Capabilities for Cybersecurity Resilience

National Cyber Security Policy -2013

Some Thoughts on the Future of Cyber-security

NICE and Framework Overview

AT&T Cybersecurity Policy Overview

CYBERINFRASTRUCTURE FRAMEWORK FOR 21 ST CENTURY SCIENCE, ENGINEERING, AND EDUCATION (CIF21)

Security Issues in Cloud Computing

EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C October 30, 2015

Participants: Introduction:

U.S. Office of Personnel Management. Actions to Strengthen Cybersecurity and Protect Critical IT Systems

(U) Appendix D: Evaluation of the Comprehensive National Cybersecurity Initiative

Big Data, Big Risk, Big Rewards. Hussein Syed

DoD Strategy for Defending Networks, Systems, and Data

CESG Certification of Cyber Security Training Courses

Meeting Cyber Security Challenges

External Supplier Control Requirements

Next Generation Clouds, The Chameleon Cloud Testbed, and Software Defined Networking (SDN)

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Introduction to Cyber Security / Information Security

December 8, Security Authorization of Information Systems in Cloud Computing Environments

Microsoft s cybersecurity commitment

MS in Computer Science with specialization in Computer Security. Prof. Clifford Neuman

NSF Cybersecurity: Opportunities for Innovation. Anita Nikolich (CISE/ACI) Kevin Thompson (CISE/ACI) April, 2014

Cisco Advanced Services for Network Security

THE WHITE HOUSE. Office of the Press Secretary. For Immediate Release February 12, February 12, 2013

Strategic Plan Network Optimization & Transport Services

A COMPLETE APPROACH TO SECURITY

NIST Cybersecurity Initiatives. ARC World Industry Forum 2014

Privacy and Security in Healthcare

National Cyber Security Strategies: United States

EXECUTIVE ORDER CREATING A NATIONAL STRATEGIC COMPUTING INITIATIVE. By the authority vested in me as President by the

7 Homeland. ty Grant Program HOMELAND SECURITY GRANT PROGRAM. Fiscal Year 2008

The Comprehensive National Cybersecurity Initiative

Kangas Cybersecurity strategy

Cyber Security Research and Development a Homeland Security Perspective

2) trusted network, resilient against large scale Denial of Service attacks

Facilitated Self-Evaluation v1.0

RESEARCH CALL TO DOE/FEDERAL LABORATORIES. Cybersecurity for Energy Delivery Systems Research Call RC-CEDS

Perspectives on Cloud Computing and Standards. Peter Mell, Tim Grance NIST, Information Technology Laboratory

CYBERINFRASTRUCTURE FRAMEWORK FOR 21 ST CENTURY SCIENCE, ENGINEERING, AND EDUCATION (CIF21) $100,070,000 -$32,350,000 / %

Reliable, Repeatable, Measurable, Affordable

National Initiative for Cybersecurity Education Strategic Plan. Building a Digital Nation

Big Trends in Computing Research Over the Next Decade

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Cyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board

Cyber Security and Privacy

Transcription:

SDN Security Challenges Anita Nikolich National Science Foundation Program Director, Advanced Cyberinfrastructure July 2015

Cybersecurity Enhancement Act 2014 Public-Private Collaboration on Security (NIST not NSF) R&D. "Amends the Cyber Security Research and Development Act to permit NSF R&D grants for: (1) secure fundamental protocols that are integral to inter-network communications and data exchange; (2) secure software engineering and software assurance; (3) holistic system security to address trusted and untrusted components, reduce vulnerabilities proactively, address insider threats, and support privacy; (4) monitoring, detection, mitigation, and rapid recovery methods; and (5) secure wireless networks, mobile devices, and cloud infrastructure." Cybersecurity Testbeds. (By Dec 2015) NSF shall conduct a review of cybersecurity test beds, including an assessment of whether a sufficient amount are available. Permits the NSF, if it determines that additional test beds are necessary, to award grants to institutions of higher education or research and development nonprofit institutions to establish such additional test beds. Ø Cybersecurity Experimentatlon of the Future (CEF) = 2014 NSF review of security testbeds. ON.lab specified in report. 2

Networking and IT Research and Development (NITRD) FY16 Supplement to President s Budget Ø Large Scale Networking: identify approaches, best practices, and testbed implementations for Software Defined Infrastructure, SDN and SDXs develop, deploy and operate dynamic secure interdomain layers 1, 2 and 3 operational and virtualized networking capability DoD, DoE, NASA, NIST, NSA, NSF experimental network facilities Multiagency workshops: SDN Network planning Ø Cybersecurity: Accelerating Transition to Practice CyberPhysical Systems (CPS) Security Security for Cloud-based systems 3

FY17 Federal Priorities & Guidance July 9 th : OMB and OSTP issues guidance for Multi Agency FY2017 priorities in Science and Technology (S&T). Ø Information technology and high-performance computing: Agencies should cooperate with each other and private sector. Ø National and Homeland Security: invest in science and technology to meet the threats of the future and develop innovative new security capabilities. Ø R&D Infrastructure: Agencies should support the R&D infrastructure (e.g. facilities, platform technologies, IT, digital tools) needed to ensure that U.S. science and engineering remain at the leading edge, and leverage resources from other agencies 4

FY17 Federal Priorities & Guidance Agencies asked to utilize the Trustworthy Cyberspace: Strategic Plan for Cybersecurity R&D Programs (2011) as guidance for research in cybersecurity. Updated every 4 years. RFI for public comments VMWare: leverage software defined constructs and its flexibility to increase infrastructure agility and enhance security posture ; software defined platform centric approach to infrastructure such as networks.. 5

2015: SDX 2014: Basic Research: NeTS SDN Projects Ø Big Data and Optical Lightpath Driven SDN Ø Virtualized Network Resource Pool for SDN Network Management Ø SDNFV- Flexible, High Perf Network for Data Center Virtualization Ø US Korea workshop on SDN/NFV for Smart Cities 2013: Ø Participatory SDN 6

Secure and Trustworthy Cyberspace Cross Directorate Program (SaTC) Aims to support fundamental scientific advances and technologies to protect cyber-systems from malicious behavior, while preserving privacy and promoting usability. Develop the foundations for engineering systems inherently resistant to malicious cyber disruption Cybersecurity is a multi-dimensional problem, involving both the strength of security technologies and variability of human behavior. Encourage and incentivize socially responsible and safe behavior by individuals and organizations Focus on Privacy: Dear Colleague Letter for new collaborations between Computer and Social Scientists, including a focus on privacy. 7

SDN?? Access control Anti-malware Anticensorship Applied cryptography Authentication Cellphone network security Citizen science Cloud security Cognitive psychology Competitions Cryptographic theory Cyber physical systems Cybereconomics SaTC FY14 Funding Areas Cyberwar Digital currencies Education Forensics Formal methods Governance Hardware security Healthcare security Insider threat Intrusion detection Mobile security Network security Operating systems SDN?? Personalization Privacy Provenance Security usability Situational awareness Smart Grid Social networks Sociology of security Software security Vehicle security Verifiable computation Voting systems security Web security SDN?? 8

SaTC: Transition to Practice (TTP) Supports later stage activities in the research and development lifecycle such as prototyping and experimental deployment Emphasis on activities that lead to potential impact on science and education environments NSF cyberinfrastructure FY16 Budget Supplement gives TTP more visibility Review Criteria Impact on deployed environment Value in terms of needed capability and potential impact across the broad NSF community Feasibility, utility, and interoperability in operation Project plan including goals, milestones, demonstration and evaluation Tangible metrics to evaluate effectiveness of capabilities developed 9

NSF Industry Partnerships NSF/Intel Partnership on Cyber Physical Systems Security: foster novel, transformative approaches to ensure the security of CPS STARSS: Secure Trustworthy Assured and Resilient Semiconductors and Systems: partnership with Semiconductor Research Corp SDN?? 10

CyberPhysical Systems (CPS) Sample areas of interest with secure SDN potential: Ø IoT Security Ø Smart Manufacturing Ø Smart Cities Ø Smart and Connected Health 11

Cyberinfrastructure Investments: CC*IIE, *NIE, *DNI Too many to even list! Developing Applications with Networking Capabilities via End to End SDN (DANCES) Data Intensive E-Science and SDN at NCSU A Software Defined Campus Network for Big Data Sciences Security?? 12

Cyberinfrastructure Investments: IRNC Software Defined and Privacy Preserving Network Measurement Instrument for Data Driven Science Discovery UMass Lowell Atlantic Wave SDX Florida International U Starlight SDX Northwestern Security?? 13

Cyberinfrastructure Investments: CICI First time solicitation. Topic areas: Ø Center of Excellence Ø Secure Data Provenance Ø Secure Architecture Design. Calls out SDN as a topic area of interest. FY15 Awards still TBD FY 16?? Input? 14

Misc Investments SDN Security: Secure and Effective Policy Enforcement in Software Defined WANs (Porras) SHF: High Performance Data Plane Kernels for SDN - USC SHF: Programming and Reasoning for SDN Brown U 15

NSF Research & Applied CI Gaps Security Function Virtualization Firewall, IDS, DDoS, Security as a Service for NSF community SDN Controller Security Secure SDX End to End Secure Flows from end user, through a scientific collaboration through a campus Secure SDN Frameworks Secure IoT 16

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information