MISSION
CIAS Goals are:
To consolidate the Texas A&M University educational and research activities on Information Assurance and Security (IAS);
To accelerate the recognition of the University in this critical field; and
To meet the ever-increasing demands of society for secured information environments.
Key Objectives of the CIAS are:
To function as an organized structure for facilitating scholastic interactions of faculty and students who are actively engaged in IAS research and education.
To act as a well-structured interdisciplinary unit to compete for federal and state support using methods beyond the individual departments' capabilities.
To provide a means for the efficient transfer of technical advances to a large community and to industry.
To lead in the development of advanced educational structures and create new educational programs and options, and to enhance existing ones (including distance learning courses and programs).
To maintain an IAS lab for both education and research.
Program Strengths
Education
The Center enhances existing undergraduate and graduate Information Assurance and Security related courses offered in the various departments including Computer Science, Mathematics, and Information and Operations Management Departments. Most courses involve laboratory exercises that reinforce the key concepts discussed in the classroom. Work is currently underway to connect the virtual Network Engineering Laboratory in the Computer Science Department to a similar lab in the Information and Operations Management Department via secure connection to facilitate future interdepartmental security exercises.
A certificate program at the Master's and Ph.D. level is designed to offer students an opportunity for an interdisciplinary study (3-4 course specialization) of the critical issues in IAS.
Support to establish an interdisciplinary faculty.
Research
Security requirements research: characterizes the security requirements for selected industries within each of the eight critical infrastructure sectors identified in Presidential Decision Directive 63. This research recognizes that the U.S. has long depended on its critical infrastructures for the delivery of services and products vital to its defense, prosperity, safety and general welfare. In the past, owners and operators of these infrastructures have planned against and responded to service disruptions caused by technical failures and natural disasters. However, there are some emerging trends that introduce new threats. These include the use of higher levels of automation and remote control, increasing dependency on public networks (especially internet-based remote management systems), and the use of Commercial-Off-The-Shelf (COTS) Personal Computers (PCs) in automation systems combined with custom software. Each of these represents a new threat to the security of the industries employing these technologies. The increase in dependencies and connectivity between information systems has increased the likelihood that individuals or groups may attack and disrupt our infrastructures. Further, the growing dependence on information systems and networks to operate those infrastructures has expanded the number of ways non-deliberate system failures can occur. It is therefore desirable that sectors of the critical infrastructures work together to develop a common set of industry specific security requirements to establish a set of "best practices" for all industries. This research will develop a common framework by which the security requirements of all industries information systems can be characterized.
The center brings important science and technological expertise to the problems of information assurance and security. It is clear, however, that scientific and technological discoveries alone are not enough to bring us to the security we want and need as a nation. The policies used to employ technologies for cyber security will have to be implemented in the context of our society's basic norms and values, including those of privacy, preservation of individual rights, and respect for Constitutional divisions of authority. In order to develop sustainable information assurance and security policies, it is essential that the policy design account for and build upon these core values and norms. In short, the social and policy task may be more difficult than the technological one. Texas A&M scholars currently maintain long-term research programs that track and evaluate the linkages between public concerns and national security, as well as programs concerning resolution of disputes over technological issues. Scholars at the Bush School of Government and Public Affairs are building on these programs to develop the most comprehensive policy scholarship concerning cyber security in the U.S.
Information assurance, personal privacy, and resilient information service are critical to the U.S. leadership in the world economy. Internet gives U.S. the leading edge in the development and use of information technologies, but it also allows unprecedented convenience for hostile adversaries to threaten the social kernel of the U.S. Critical sectors such as energy, health, transportation, social and emergency services, manufacturing, processing, and logistics and distribution functions are almost entirely dependent on secure data interchange. The CIAS' interdisciplinary approach will innovate, build new knowledge, and educate our new generation of professionals, to defend the cyberspace, and to protect the new social and economical infrastructures being developed worldwide. We have the right combination of human resources, equipment, ideas, and instrumentation plans to bring our research work into realistic contests for the specific application domains, namely, e-government, banking and e-health. In these selected areas, we address technical issues related to resource access, intrusion detection, privacy, and social effects. It is clear from recent headline news that Internet technology advances so fast that the social infrastructure must catch up to meet the demands. The CIAS brings experts in different disciplines together, to fully incorporate the human group behavior, software development processes, and the networking systems in human-machine simulation models. Through quantified modeling and analysis, we believe that Texas A&M is making a profound impact on information assurance and networking security, in addition to their academic contributions.
CIAS research focuses on robust architectures for networking and computing devices. We have developed unicast and multicast protocols to resist eavesdropping and traffic profiling of group communications. After the initiation phase to establish group memberships and exchange shared key(s), communicating nodes fragment and shuffle messages into unicast or multicast packets to be transported. Using breadth-first and the depth-first approaches, group members are configured into certain topologies to conceal traffic patterns. These communicating protocols can be used to form an anonymous communication layer, or as a highly robust, peer-to-peer communication infrastructure for high value data exchange. We have developed highly robust traffic flow control algorithms and scalable architectures. The bandwidth control model is resilient to high intensity attacks and only requires minimal resource support for implementation. In our most recent work, we are development solutions for trusted computing devices. The core concept of this research is to build provable kernel/OS services that will be resilient to common attacks, and build higher-level applications to enforce the systems
Specific Research Areas are:
Cryptographic systems research: examines both the software and hardware in use of commercial cryptography. Studies in the high-performance, extremely-high-speed cryptographic systems in industry and commerce will be incorporated with the technical/legal/policy interface occupied by PKI and digital signatures to safeguard transactions in e-commerce.
Secret sharing with ramp schemes research: these schemes will be increasingly necessary as backups for data which require safeguards against both destruction and revelation by unauthorized parties. As much societal vulnerability as possible must be removed from the physical realm (where destruction of a prized artifact can be costly or irreversible) and into the informational arena (in which the capacity to securely provide instantaneous authentic replacements for destroyed secret objects enables people to have uninterrupted real-time reliance on vital systems without inconvenience.) Ideally, and, in many cases, successful application of this approach masks even the realization that an entity has been attacked.
General theory of codes research: emphasizes structure and functionality as well as error control, compression, secrecy or authentication. This research is well suited to the design of codes for novel uses. As computing power moves up the algebraic or linguistic scale, this more sophisticated approach to information security becomes increasingly practical.
Network camouflage: techniques developed for survivable, real-time communication services for mission-critical systems. We propose to incorporate real-time traffic modeling techniques into the security service to enhance both system security and real-time capabilities in an adverse environment. We invented traffic-modeling based traffic stuffing as highly effective countermeasures against traffic analysis attacks in both wired and wireless networks. This is the key element that makes our work innovative and unique. Since 1999, the project has been funded by DAPRA for more that $1.3M with support from state and industry an additional $500,000. In 2000, the first prototype for NetCamo was completed capable of camouflaging the network activities and effectively reducing damage due to cyber-terrorism. Our prototype has been successfully integrated into a U.S. Navy system. In 2002 we received DARPA's award on technology transfer. In a recent ACM international research contest, our graduate student won 2nd place for his work on this project.
Services/Outreach
Executive and professional training: Senior executive leadership is responsible for the assets, functions, operations, reputation and financial viability of their organizations. The performance of virtually every organization is highly dependent on the viability and integrity of its data and information flows. It is essential that senior executives understand the vulnerability of information assets, appreciate the risks to their organizations and have insight into the resources and strategies that offer protection. Texas A&M University offers non-degree executive education short course on issues related to the vulnerability and threats to enterprise information assets. Professional training would provide hands-on experience for the technical professionals serving in these organizations.
Information Security Knowledge Base (ISeKB): An Information Security Knowledge Base (IseKB) that contains security related data specific to various sectors of the economy has been designed, developed and implemented and focuses on two sectors - public service, including utilities infrastructures and public health, and energy, focusing on oil and gas, and electric utilities. Telecommunications, Financial services, information technology, and transportation also are beneficiaries of ISeKB initiatives. A certificate program and an executive education program are offered for participating organizations.
Risk Assessment/Risk Management for Communities: Internet and computer network security are major challenges at the local community level. Resources to address cyber terrorism threats are often minimal. As a result, local communities represent a vulnerable and visible target for infrastructure damage. The CIAS provides risk management services to identify and assess vulnerabilities, strengths, and assist in the design of response plans for the local level. Short courses offer guidance in the development of incident handling skills.
Lab Support
The Distributed Systems Laboratory in the Department of Computer Science features a wide array of heterogeneous computing platforms and network protocols operating in a heavily instrumented environment and is used extensively for evaluating and testing new and existing security methods for the CIAS initiative. An Advanced Network Security class is taught using the laboratory.
A variety of IAS related classes use the VNE Laboratory for experiments. Research initiatives currently receiving focus are:
Camouflaged network components - Frustrating the ability of a cyber terrorist to identify key network components based on traffic analysis.
Distributed security management - Reducing the threat of denial of service attack by distributing redundant processes within the network.
Real-time intrusion detection - Immediate detection of a denial of service attack with a corresponding employment of intelligent software agents to "swim upstream" and locate the source of an attack.
Mail server virus checking - Detecting the presence of infected files at the mail server before that are distributed to the addresses.
The CIAS continues efforts to develop a Web-based virtual-presence exercise which will allow the student to experiment with various attacks, defenses, detection mechanisms and operations plans within a "sandbox" environment, and without a requirement of a physical presence, while maintaining the structured environment of the laboratory. Thus, the student is afforded a learning environment that draws on the extensive experience of the researchers and reflects the latest theoretical and practical results of their investigations.
Intrasystem Collaboration
The Center for Information Assurance and Security is an interdisciplinary initiative that embraces a wide range of business, science and engineering disciplines. Collaborations exist between Texas A&M University researchers as well as leading scholars at other institutions and government agencies.