June 2016

IDA Research Staff participate vigorously in various professional activities – both within their disciplines and ancillary to them – including publishing in the open literature. Highlights of IDA research activity from June 2016 follow.

IDA Researchers Discuss Cybersecurity and Shifting Borders in New York City

ITSD’s Laura Odell, SFRD’s Deena Disraelly, and OED’s Laura Itle, all IDA Research Staff MembersITSD’s Laura Odell, SFRD’s Deena Disraelly, and OED’s Laura Itle participated in the ASIS International 26th New York City Security Conference and Expo. Ms. Odell presented “Anti-Terrorism: Are there Borders in Cyber Space?” to a packed house comprising international, domestic, and government security officers. The presentation was part of a five-session education track hosted by Dr. Disraelly, Chair, along with other members of the ASIS Global Terrorism, Political Instability, and International Crime Council, focused on anti-terrorism in environments with shifting borders. 

In the picture, Dr. Itle, Dr. Disraelly, and Ms. Odell are shown at the event with LtCol (ret) Robert J. Darling, USMC, keynote speaker and author of 24 Hours Inside the President’s Bunker: 9-11-01.

IDA Researcher Publishes New Book on Cybersecurity

Randy Simpson, IDA/ITSD Research Staff MemberITSD’s Randy Simpson’s latest book Enterprise Level Security: Securing Information Systems in an Uncertain World has been published. Dr. Simpson is an award-winning cybersecurity architect for high assurance information technology systems. 

From the copyrighted book jacket:

Enterprise Level Security: Securing Information Systems in an Uncertain World provides a modern alternative to the fortress approach to security. The new approach is more distributed and has no need for passwords or accounts. Global attacks become much more difficult, and losses are localized, should they occur. The security approach is derived from a set of tenants that form the basic security model requirements. Many of the changes in authorization within the enterprise model happen automatically. Identities and claims for access occur during each step of the computing process.

Many of the techniques in this book have been piloted. These techniques have been proven to be resilient, secure, extensible, and scalable. The operational model of a distributed computer environment defense is currently being implemented on a broad scale for a particular enterprise.

The first section of the book comprises seven chapters that cover basics and philosophy, including discussions on identity, attributes, access and privilege, cryptography, the cloud, and the network. These chapters contain an evolved set of principles and philosophies that were not apparent at the beginning of the project.

The second section, consisting of chapters 8 through 22, contains technical information and details obtained by making painful mistakes and reworking processes until a workable formulation was derived. Topics covered in this section include claims-based authentication, credentials for access claims, claims creation, invoking an application, cascading authorization, federation, and content access control. This section also covers delegation, the enterprise attribute ecosystem, database access, building enterprise software, vulnerability analyses, the enterprise support desk, and network defense.