efforts. In every case, information from many sources will have to be acquired, integrated, and appropriately interpreted to support decision makers (ranging from emergency-response units to intelligence organizations). Given the range of formats, the permanence and growing volume of information from each source, and the difficulty of accurately analyzing information from single sources, let alone multiple sources, information fusion offers researchers a challenge.
In each of these areas, discussed in turn below, some knowledge is in hand and partial solutions have been developed. Additional research is needed, however, because these solutions are not sufficiently robust or effective, they degrade performance or functionality too severely, or they are too hard to use or too expensive to deploy.
It must also be noted that although technology is central to all these areas, it is not the sole element of concern. None of the related problems can be solved by technology alone; every solution is subject to the reality of being implemented and operated by humans. These are system issues, where individual, social, and organizational behaviors are part of the system and therefore must be part of the research and design. Technology cannot be studied in isolation from how it is deployed, and failure to attend to the human, political, social, and organizational aspects of solutions will doom technology to failure.
To assist decision makers, the committee has included rough assessments of the criticality of the various research areas identified, the difficulty of particular problems, and the likely time scale on which progress could be made (Table 5.1). The criticality of a research area reflects the vulnerabilities that might be reduced if significant advances in that area were accomplished and deployed; areas are ranked high, medium, or low. The difficulty of the research—that is, how hard it will be to make significant progress—are rated very difficult, difficult, or easy. Finally, the time frame for progress is identified as 1 to 4 years, 5 to 9 years, or 10 years or more. Of course, the deployment of research results also presents obstacles, which may reduce effectiveness or lengthen the time until a research result can become a reality. Finally, a caveat: These assessments are subjective and subject to some debate.
A broad overview of some of the major issues in information and network security is contained in the CSTB report Cybersecurity Today and Tomorrow: Pay Now or Pay Later.16
Despite diligent efforts to create an effective perimeter defense for computer and telecommunications systems, penetration by a determined adversary is highly