SAT – Security Privacy and Trust

Cyber Security, Wireless Security, and Cyber-Physical Security
The main focus of the SAT is on the following four thrust areas:

1. Information Security: The Internet has witnessed an enormous growth over the last decade and has become ubiquitous. Most of the research focus in the past has been on improving the performance and scalability of the Internet. In the past decade or so, there have a seen a surge of Internet security research activities in the field of information security, which primarily focuses on protecting the information exchange between communicating users; and its primary goal is to satisfy properties such as confidentiality, integrity, authenticity, non-repudiation, and availability properties. Although great strides have been made in this area, the growing complexity and sophistication of emerging applications demand for better solutions that will require research in this area on an ongoing basis.

2. Cyber Infrastructure Security: In the past, the general assumption had been that the network devices responsible for implementing security functions and packet forwarding are trustworthy. Experts are now questioning these assumptions, as instances have taken place wherein the network infrastructure elements — routers, servers, protocols — compromised to the extent that it caused service noticeable disruptions in the Internet and to cyber-centric services. Moreover, the growing concerns for cyber terrorism highlight the importance of securing the Internet infrastructure.

Internet infrastructure security is about protecting infrastructure elements such as routers, DNS servers, communication links, and the protocols themselves. There have been active R and D efforts in developing comprehensive methodology to design and analysis of infrastructure security solutions, such as intrusion detection systems, denial of service prevention-mitigation-traceback, secure routing protocols, IP security, secure DNS, and secure transport and protocol security in general. Moreover, at the application level, web security, peer-to-peer system security, grid computing security, etc. have become issues of significance importance and challenging. A significant amount of research needs to be done in the various sub-areas of cyber infrastructure security.

3. Wireless and End-to-end Security: Another important development that is taking place is due to functionally-rich and sophisticated nature of the access networks connected to the Internet, in terms of wireless access, infrastructure-based mobile access, adhoc and sensor networks connectivity. In this context, providing end-to-end guarantees (from one access network to the other via the Internet) in terms of quality of service (QoS), reliability, and security have become the core of next generation Internet architecture to realize of many complex future generation applications. The goal of providing end-to-end security across a hybrid of networking technologies is not well understood, and it needs significant research effort.

4. Cyber Security for Critical Infrastructures: Most nations depend on the continuous and effective performance of a vast and interconnected critical infrastructure to sustain the modern way of life. These infrastructures include electric power system, transportation system, air traffic control system, and industrial automation systems. Although these systems have widely different functional goals and operate under different conditions, they have one thing in common, that is the control system which is used to monitor, control, and safeguard vital processes of these systems. These control systems are often called SCADA (supervisory control and data acquisition), PCS (process control system), or DCS (distributed control system). The central to the control system is the communication infrastructure that transports sensed data and controls in real-time to the various entities in the system. Often, these communication infrastructures consist of a combination of wired and wireless technologies that have connectivity to the Internet. A security attack on such communication infrastructure would have severe consequences on the functioning of the physical infrastructure that the control system controls. In this context, cyber security for critical infrastructures has become growing area of research, which requires inter-disciplinary research between computer/cyber security researchers and critical infrastructure researchers.

Manimaran Govindarasu - Committee Chair

Dept. of Electrical and Computer Engineering
Iowa State University

Dr. Manimaran Govindarasu is currently an Associate Professor and Director of Student Professional Development in the Dept. of Electrical and Computer Engineering at Iowa State University (ISU). He received his Ph.D in Computer Science and Engineering from IIT Madras, India in 1998. He received Young Engineering Research Faculty Award at ISU in 2003. His research expertise is in the areas of resource management in real-time systems, QoS/overlay networks, network security, and their applications to critical infrastructures such as electric grid. He has published over 100 research publications in international journals and conferences. Two of his conference/workshop papers received best paper awards. He is co-author of the text "Resource Management in Real-Time Systems and Networks", MIT Press, 2001. He has given tutorials in reputed conferences, including IEEE Infocom 2004 and IEEE ComSoc TutorialsNow (2004). He serves in the editorial board of the Intl. Journal of Embedded Systems, served as guest co-editor for several journal special issues (IEEE Network, Journal Systems and Software, Journal of High Speed Networks), and served as workshops/symposium chair and session chair for several IEEE conferences.