Language Selection

English French German Italian Portuguese Spanish

US Advisory panel recommends more federal R&D spending

Filed under
Security

The Presidential IT Advisory Committee (PITAC) has recommended the federal government sharply increase its spending on cybersecurity R&D and shift the focus to fundamental, long-term solutions to security challenges.

"The IT infrastructure is highly vulnerable to premeditated attacks with potentially catastrophic effects," PITAC warned in a letter submitting the report, titled Cyber Security: A Crisis in Prioritization, to the president. "These vulnerabilities put the nation's entire critical infrastructure at risk."

Current practices of patching vulnerabilities as they are found address immediate needs, but the committee concluded that "fundamentally different architectures and technologies are needed so that the IT infrastructure as a whole can become secure."

The government has a vital role to play in supplying the intellectual capital to improve IT security, PITAC said, but in recent years its focus increasingly has been on short-term problems addressing the needs of the military and intelligence communities. The results too often are classified, and more effort is needed to transfer them into the mainstream market.

The advisory committee examined funding for basic research by the National Science Foundation, the Defense Advanced Research Projects Agency, the Homeland Security Department, the National Security Agency, and the National Institute of Standards and Technology.

NSF, with its $30 million Cyber Trust program, is the primary source of funds for civilian security research. PITAC recommended that the program be expanded by at least $90 million annually.

The $5.47 billion NSF appropriation for fiscal 2005, approved by Congress in November 2004, is more than $60 million less than fiscal 2004 funding, and $227 million less than requested by the president.

PITAC recommended that:

  • NSF R&D funding be increased by at least $90 million a year, while also substantially increasing funding for DARPA and DHS.
  • Government increase efforts to expand the number of cybersecurity experts in the academic community, doubling the number by the end of the decade. The committee estimates there are fewer than 250 cybersecurity specialists working now.
  • Security technology transfer programs be strengthened to speed the introduction of needed off-the-shelf tools and technologies into the marketplace. The government should sponsor an annual interagency conference to showcase the results of cybersecurity R&D.
  • The Interagency Working Group on Critical Information Infrastructure Protection should coordinate federal R&D efforts and be integrated under the Networking and Information Technology Research and Development Program.

The committee identified 10 critical areas for future research:

  • Computer authentication methodologies, so sources of packets can be traced in large-scale networks
  • Secure fundamental networking protocols
  • Secure software engineering
  • End-to-end system security, rather than merely secure components
  • Monitoring and detection to quickly identify problems
  • Mitigation and recovery methodologies to avoid catastrophic failure when problems occur
  • Cyberforensics tools for aid in criminal prosecutions
  • Modeling and test beds for new technologies
  • Metrics, benchmarks and best practices for evaluating the security of security products and implementing them
  • Nontechnical societal and government issues.

Article on gcn.com.

More in Tux Machines

Pekwm: A lightweight Linux desktop

Let's say you want a lightweight desktop environment, with just enough to get graphics on the screen, move some windows around, and not much else. You find traditional desktops get in your way, with their notifications and taskbars and system trays. You want to live your life primarily from a terminal, but you also want the luxury of launching graphical applications. If that sounds like you, then Pekwm may be what you've been looking for all along. Pekwm is, presumably, inspired by the likes of Window Maker and Fluxbox. It provides an application menu, window decoration, and not a whole lot more. It's ideal for minimalists—users who want to conserve resources and users who prefer to work from a terminal. Read more

What motivates people to contribute to open source?

Knowing what motivates people is a smart way to recruit contributors to an open source project—and to keep them contributing once they've joined. For his book How Open Source Ate Software, Red Hat's Gordon Haff did a lot of research on the topic of motivation, and he shared some of it in his Lightning Talk at All Things Open 2019, "Why do we contribute to open source?" Watch Gordon's Lightning Talk to learn about the three main types of motivation—extrinsic, intrinsic, and internalized extrinsic—what they are, and how they relate to open source communities. Read more

6 Best Free Linux Speed Reading Tools

The idea of speed reading was invented by an American schoolteacher named Evelyn Wood. There’s a few different approaches when it comes to speed reading. Spritz technology is based on the notion that much of the time spent in reading text is taken by the eye’s focus moving between words and across the page. According to Spritz, spritzing is defined as reading content one word at a time with the optimal recognition point (ORP) positioned inside of their custom “redicle”. After your eyes find the ORP, your brain starts to process the meaning of the word that you’re viewing. The concept of speed reading in this context is simple: slice a text into individual short segments, like a word. The software featured in this group test is based on spritzing. Read text without moving your eyes, and therefore rapidly increase your reading speed. Unlike other reading techniques, you don’t need to rewire your brain to work more efficiently. Read more

5 cool terminal pagers in Fedora

Large files like logs or source code can run into the thousands of lines. That makes navigating them difficult, particularly from the terminal. Additionally, most terminal emulators have a scrollback buffer of only a few hundred lines. That can make it impossible to browse large files in the terminal using utilities which print to standard output like cat, head and tail. In the early days of computing, programmers solved these problems by developing utilities for displaying text in the form of virtual “pages” — utilities imaginatively described as pagers. Pagers offer a number of features which make text file navigation much simpler, including scrolling, search functions, and the ability to feature as part of a pipeline of commands. In contrast to most text editors, some terminal pagers do not require loading the entire file for viewing, which makes them faster, especially for very large files. Read more