The Role of Security Technology What Research is

The Role of Security Technology: What Research is Indicating Tony Sager Chief Systems and Network Attack Center (SNAC/C 4) Information Assurance Directorate The National Security Agency (410)854 -6294 t. sager@radium. ncsc. mil

Systems & Network Attack Center Information Assurance Directorate, NSA November 16, 2001 Page 2

SNAC - Output and Outcomes • 35 -50 on-site network evaluations per year – at every Joint Command; numerous non-DOD; – Partnership with peer organizations. • • Analysis for major Cyber incidents. Configuration Guides: e. g. , Win 2 K, NT, Cisco. Mobile Code Policy: e. g. , DOD, IC. Security guidance for DOD programs: e. g. , DMS, NMCI. November 16, 2001 Page 3

Vulnerability Research - Observations • New technology comes fast and is fragile. • Most current problems can be stopped with knowledge that we already have. • Most of us are analyzing the same problems. • The noise level is very high for everyone. • This is a shared problem, requiring shared solutions. November 16, 2001 Page 4

What to do? • • • Move earlier into the life-cycle. Converge on consensus “standards”. Make security a factor in “readiness”. Share more on Red, spend more on Blue. Mobilize the “community”. November 16, 2001 Page 5

Some Interesting Partners • • • DISA FSO, SPAWAR, AFIWC Naval Postgrad School, AF Academy, West Point FFRDCs (Mitre, Aerospace) Sandia National Labs; MIT/Lincoln Labs SANS (System Administration, Networking, & Security) Center for Internet Security November 16, 2001 Page 6

Some Interesting Research • • Security-Enhanced Linux (SE Linux) Biometrics Virtual machines “secure portable office” November 16, 2001 Page 7