1 / 16

Disruptive Technologies and Cyber Security: A CRC Perspective

Disruptive Technologies and Cyber Security: A CRC Perspective. Jean Luc B érubé Vice-President, Network Technologies PST 2010, August 2010. Overview. An introduction to CRC Disruptive technologies as related to communications and security … …that have been, …that are,

Download Presentation

Disruptive Technologies and Cyber Security: A CRC Perspective

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Disruptive Technologies and Cyber Security:A CRC Perspective Jean Luc Bérubé Vice-President, Network Technologies PST 2010, August 2010

  2. Overview • An introduction to CRC • Disruptive technologies as related to communications and security… • …that have been, • …that are, • …and that could be. • Related CRC research and development

  3. Communications Research Centre Canada, Industry Canada • Established in 1969 • Canadian government's primary laboratory for research and development (R&D) in advanced telecommunications, and a center of excellence in information and communications technologies (ICT). • 250 engineers and scientists • Budget of over $50million CRC Core Competencies RADIO FUNDAMENTALS (propagation, antennas) CYBER SECURITY / PUBLIC SAFETY BROADCASTING & SATCOM BROADBAND NETWORKS WIRELESS TECHNOLOGIES 3

  4. CRC Research Cognitive Radio Software defined radio Spectrum monitoring Cyber security Advanced technologies for mobile and broadband communications DTV transition, Mobile TV, 3D TV White space use Green ICT …and many more CRC Core Competencies RADIO FUNDAMENTALS (propagation, antennas) CYBER SECURITY / PUBLIC SAFETY BROADCASTING & SATCOM BROADBAND NETWORKS WIRELESS TECHNOLOGIES 4

  5. Client-server architecture/Networking MANETs, WSNs, P2P networks, Social networks, Cloud computing, … Mainframe computer Cellular networks centralized distributed Password is hashed, hash value stored on server Embedded authentication devices, portable random generators Clear text password, stored locally Cloud authentication? Trust computing? Anonymity? Evolving Technologies, Expanding Security “The whole 20th century, because we’ve been speeding up to this point, is equivalent to 20 years of progress at today’s rate of progress...”Ray Kurzweil, "Understanding the Accelerating Rate of Change," May 2003

  6. Disruptive technologies that have been… New communications technologies introduced unexpected security considerations at the same time as new capabilities Security was originally proprietary and centralized Disruptive technologies included Telephone (land lines) Personal Computers Internet World Wide Web Mobile telephony

  7. Disruptive technologies that are… We are currently living in an era characterized by technology that facilitates collaboration and openness The new capabilities and methodologies bring security challenges Disruptive technologies include: Open source movement Crowd-sourcing Peer-to-Peer networking Distributed computing Social networking Mobile computing Just-in-Time processing Virtualization

  8. Observations • Communication, collaboration and convergence are key to many disruptive technologies • On one hand, thin clients appear to be making a comeback • On the other, increasingly powerful convergent devices (often in the form of semi-disposable consumer devices - iPhone anyone?) are growing in popularity • For both, the real value lies in communication • For both, huge problems in security and privacy

  9. Disruptive technologies that could be… • We expect continuing convergence, increasing capability, and a reduced footprint • Extant security threats remain, while new threats emerge more quickly than humans can respond • Disruptive technologies may include • MANETs • Autonomic computing • Cloud computing • Semantic Web • Mobile Code • Secured Identity • Trust Management • Green ICT

  10. Security Research at CRC Objective is to advance science and technology to better secure information and communications Traditional approach Technology development, analysis and prototyping Interdisciplinary approach Applying natural sciences, human sciences, and network science to the security domain Pursuing understanding of both technological and human aspects of security Application areas Public Safety National Defence Industry Standards Inter- and Intra-Governmental Communications

  11. Experimental Security R&D • Malware Analysis • Can we study malware in a contained environment? • Can we use malware behavioral properties to develop a taxonomy? • How is malware evolving through time? • How are different malware families interacting one with another? • Intrusion Detection • Can we test Intrusion Detection in a contained environment? • Can we derive Intrusion Detection Systems desirable properties from these test results? • How are existing Intrusion Detection Systems reacting in the presence of new threats? • How are these new threats affecting the development of Intrusion Detection Systems?

  12. Using Social Norms to Unlock Complex Problems • Societal Norms have evolved over millennia to accommodate different approaches to similar situations • Complex communication technologies, autonomous and human-oriented, can learn much from how people live, work, and play together where they cannot control others • Includes Rituals, Norms, and Reasoning • Technologies at CRC include: • Computational Trust • Device Comfort • Trust-Reasoning Network Security

  13. Mobile Network Security • More ad hoc + more mobile + more users = new generation of networks. • Security concerns: • Authenticate and trust a new user? • Secured collaboration between users?

  14. Mobile Network Security at CRC • Existing security technologies can be adapted to the new networking context. • New authentication schemes. • New encryption key management. • Collaboration as a tool, also a motive for security research. • Tool: evaluation and propagation of the users’ trust metric. • Motive: secured collaboration between users with loose control over their identities.

  15. Autonomic and Cloud Computing • Autonomics is about devices managing themselves • For network devices, this includes configuration, healing, optimisation and protection (i.e. security). • By providing devices with the ability to reason and react to their environment in real time they will be faster at detecting and countering security threats than operator in the loop, • BUT you have to trust the machine… • Cloud Computing is about a new utility • Companies provide computing storage and processing power (for a price) that can be accessed from anywhere, anytime. • There is then no need for clients to worry about security, • ASSUMING you trust the company…

  16. Summary • Disruptive communications technologies create security issues and concerns • CRC pursues solutions that revolve around improved collaboration and convergence • Security considerations continue to lag communication technologies • Technology advances exponentially (Moore’s Law) while our understanding of security (and privacy) concerns advance in a more linear fashion • CRC is pursuing promising new research, including applying natural sciences, social sciences, and network science to the security domain

More Related