Toward a Safer and More Secure Cyberspace

Questions? Call 800-624-6242

About | Ordering | New

LoginRegister

| Items in cart [0]

PAPERBACK
price:$57.00
add to cart

Rights & Permissions

Free PDF Access

Free Resources

Related Titles

Toward a Safer and More Secure Cyberspace (2007)
Computer Science and Telecommunications Board (CSTB)

Citation Manager Export the bibliographic data for this book in your chosen format
Web Search Builder Use this book's key terms to search within this book, across our collection, or across the Web.
Skim This Chapter Skim this chapter and use this chapter's key terms to search within this book.
Reference Finder Paste in your own text to find books that relate to your topic.

Citation Manager

. "10 Looking to the Future." Toward a Safer and More Secure Cyberspace. Washington, DC: The National Academies Press, 2007.

Please select a format:

Page
240


E-mail Share on facebook Facebook Share on delicious Delicious Share on stumbleupon Stumble Share on twitter Twitter More Sharing ServicesMore

The following HTML text is provided to enhance online readability. Many aspects of typography translate only awkwardly to HTML. Please use the page image as the authoritative form to ensure accuracy.

Toward a Safer and More Secure Cyberspace

BOX 10.1

A Model Categorization for Understanding Budgets

The National Science Foundation (NSF) overview of the fiscal year 2004 awards for the Cyber Trust program and related awards included several substantive categorizations for the same awards, including the following:

Topic (security of next-generation operating systems and networking; forensic and law enforcement foundations; human-computer interface for security functions; cross-disciplinary approaches; theoretical foundations and mechanisms for privacy, security, trust; composable systems and policies; presenting security concepts to the average user; improved ability to certify system security properties; improved ability to analyze security designs and to build systems correctly; more effective system monitoring, anomaly detection, attack recognition and defense; and integrating hardware and software for security).
Security life-cycle phase (understanding what to build; building things right; preventing attacks; detecting/understanding attacks; surviving attacks; system recovery/reconstitution; and forensics/dealing with perpetrators).
Security disciplines (operating system, filesystem, storage security; net security; application/database/Web security; cryptography and applied cryptography; security/privacy/trust modeling and specification; secure system architecture; secure system development; security testing/evaluation; and forensics).

The NSF provided multiple categorizations, noting on the Web site (see the source in this box) that “most research projects have several dimensions, such as the expected time to yield results, where the project lies on scales ranging from empirical to theoretical work, from foundational to applied, and across domains and disciplines of study. Any attempt to group projects into categories will consequently succeed better for some than for others.” Accordingly, NSF presents multiple categorizations that constitute a framework for relating projects to each other and that provide an overall picture of the program.

SOURCE: See http://www.nsf.gov/cise/funding/cyber_awards.jsp#other.

big picture of federal activities in this area. One benefit is that program managers would be able to identify more easily excessive redundancy in research.¹⁷ A second benefit is that transparency would facilitate greater

¹⁷

The committee notes that some degree of redundancy in research is not necessarily inappropriate, as it can mean working on different approaches to similar problems. It is true that centralized priority-setting approaches generally seek to eliminate redundancy, but more often than not target all redundancy, whether useful or not. By contrast, conversations between program managers—who are closer to the research actually being performed and thus more knowledgable about the nuances of the research they support—are more likely to be able to identify excessive redundancies.