This workshop explores the technical and policy issues in cybersecurity in the context of award activities in NSF's International Research Network Connections (IRNC) program. Those issues include not only operational network security, but the application of network security research and development innovations, the proper role of IRNC activities as part of a comprehensive and secure NSF cyberinfrastructure, and the potential of IRNC activities to contribute to network security research and development. Experts from research and industry are engaged for this event.
Intellectual merit is found in the workshop's exploration of a combined set of technical, policy, legal, and behavioral issues in cyber security applied to a diverse set of network infrastructure activities. Broader impact is reflected in the role of IRNC activities in serving international research and education activities across science and engineering domains.
The United States research and education community collaborates with colleagues in the global community. As part of these collaborations, members of this community access remote instruments, data, and computational resources located throughout the world. Similarly, major NSF investments in large-scale science and engineering facilities, located both inside and outside the U.S., are utilized by multi-national research and education collaborations. NSF’s international research network connections (IRNC) program supports these international scientific collaborations by connecting U.S. scientists to every part of the globe with high-performance production networks (ProNets). Supported scientific endeavors range from astronomy (for optical and radio telescopes) to physics (LHC data exchange) to climate studies (supporting oceanic sensor networks). The IRNC ProNets are unusual in their operation of network connections that cross the U.S. border. This places their networks in a position to see a large amount of aggregated traffic crossing national boundaries, between customers under different cultural and legal frameworks. In February of 2012, Indiana hosted a two-day workshop in Indianapolis, IN that explored the relationship between the IRNC networks and cybersecurity. The workshop had two goals: (1) Exploring the responsibilities, opportunities, and challenges for IRNC ProNets to contribute to the cybersecurity of the research communities that they serve. (2) Exploring opportunities and challenges for the IRNC connections to foster cybersecurity and networking research. The scope of the workshop included technical, legal, policy, and social expectations regarding these two goals. The main observations that emerged from the workshop were: Responsibility for cybersecurity lies ultimately with organizations that are the IRNC ProNet’s customers, however there is potential for ProNets, due to their view of a large amount of aggregated traffic, to contribute to their cybersecurity through monitoring (of, for example, DNS traffic) and attribution of spoofed malicious traffic, and, at the request of organizations, activity mitigation of certain threats. Data for cybersecurity research is important; an analysis by one of the presenters (Michael Bailey, U. Michigan) showed that having data played a key role in over half the papers presented at five recent cybersecurity conferences. However, sharing data must address concerns from a legal (including privacy) standpoint, requiring a combination of technical and policy controls to do so appropriately. Those undertaking sharing are advised to leverage experiences and services offered by, for example, the DHS PREDICT and CAIDA programs. These observations are captured in a workshop report along with a set of findings and details notes on the conversations. The workshop report is freely available: Von Welch, Doug Pearson, Brian Tierney, and James Williams (eds). Security at the Cyberborder Workshop Report. March 28th, 2012. http://hdl.handle.net/2022/14070
