Opinion - Five pillars for secure scientific computing
Cybersecurity, as currently practiced, is a mixed bag of electronic patches and reactionary physical and administrative controls aimed at fixing the "crisis du jour." We rely heavily on black-box commercial solutions, despite the critical importance of cyber resources and infrastructure to the scientific missions of our time.
As the cyber threat continues to grow, scientific assets-like grid computing, supercomputers and perhaps even the fundamental means of scientific communication-will become threatened. It becomes increasingly clear that we must embark on a scientific process of inquiry, investigation and sound decision-making to combat the cyber-threat we face.
Rather than waiting to discover a cyber attack-perhaps days, weeks or months after it has happened-we need to implement a scientifically rooted approach to cybersecurity with a rigorous technical foundation.
Here, we propose five pillars of research that will pave the way for the interdisciplinary advances needed to thwart the growing cyber-threat and the risks it poses to our critical scientific infrastructure.
Pillar 1: Risk assessment and evaluation for complex distributed systems
Risk assessment methods are needed to understand our current state of affairs and to identify the inherent security of systems yet to be built. Currently, we do a very poor job at analyzing risks associated with information or information systems, usually relying on a post-mortem analysis-when it is too late.
Pillar 2: Knowledge discovery for detection and forensics
New knowledge discovery and data mining techniques are needed to help with forensics on current systems and to aid in online detection and forensics in future systems. Scientific system produce enormous amounts of data and grid computing system use numerous numbers of network transactions to achieve computational parallelism. Forensic analysis on such systems is a mammoth undertaking requiring new statistical techniques for enormous quantities of data.
Pillar 3: Active response to attack
Active response to attack is necessary for future systems because (i) we know we can never produce 100 percent secure general-purpose computing systems, and (ii) the speed of attack and the ensuing spread of system damage is more rapid than a human can manage or mitigate.
Pillar 4: Attack deterrence
An understanding of the motivations of attackers and methods for deterring attacks-either by education or fear of detection-will be necessary to enhance future systems security.
Pillar 5: Hardware as a security enabler in specialized systems
Poorly designed or closed hardware can be an enabler of poor security. BIOS viruses, while not yet detected in the wild, are a distinct possibility. Well-designed hardware, specifically for custom systems like those employed in grid computing or distributed scientific endeavors, can enable system security and reduce the number of potential attack vectors that are unknown to a system's users and maintainers.
- Christopher Griffin and Louis Wilder, Oak Ridge National Laboratory
The annual Cyber Security and Information Intelligence Research Workshop will be held at Oak Ridge National Laboratory in Oak Ridge, TN, U.S., from 12-14 May 2008.