THIS IS AN ARCHIVED VERSION OF CRA'S WEBSITE. THIS ARCHIVE IS AVAILABLE TO PROVIDE HISTORICAL CONTENT.

PLEASE VISIT HTTP://WWW.CRA.ORG FOR THE LATEST INFORMATION

CRA Logo

About CRA
Membership
CRA for Students
CRA for Faculty
CRA-Women
Computing Community Consortium (CCC)
Awards
Projects
Events
Jobs
Government Affairs
Computing Research Policy Blog
Publications
Data & Resources
CRA Bulletin
What's New
Contact
Home

CRA Conference on
"Grand Research Challenges in Information Security & Assurance"

Airlie House, Warrenton, Virginia
November 16-19, 2003

<< back to Grand Research Challenges home page

In 2002, CRA sponsored its first "Grand Research Challenges in Computer Science and Engineering." This was the first in a series of highly non-traditional conferences where the goal is to define important questions rather than expose current research. Grand Challenges meetings seek "out-of-the-box" thinking to expose some of the exciting, deep challenges yet to be met in computing research. Because of the clear importance and pressing needs in information security and assurance, CRA's second "Grand Research Challenges Conference" was devoted to defining technical and social challenges in information security and assurance.

Attendance was limited to 50 people and was by invitation only. We sought scientists, educators, business people, futurists, and others who have some vision and understanding of the big challenges (and accompanying advances) that should shape the research agenda in this field over the next few decades. These meetings are not structured as traditional conferences with scheduled presentations, but rather as highly participatory meetings exposing important themes and ideas. As such, this was not a conference for security specialists alone: We sought to convene a diverse group from a variety of fields and at all career stagesówe sought insight and vision wherever it may reside. 


Final report: Four Grand Challenges in Trustworthy Computing (215 KB PDF).


  • At the conclusion of the conference, the participants identified four challenges worthy of sustained commitments of resources and effort:
    1. Eliminate epidemic-style attacks (viruses, worms, email spam) within 10 years;
    2. Develop tools and principles that allow construction of large-scale systems for important societal applications -- such as medical records systems -- that are highly trustworthy despite being attractive targets;
    3. Develop quantitative information-systems risk management to be at least as good as quantitative financial risk management within the next decade;
    4. Give end-users security controls they can understand and privacy they can control for the dynamic, pervasive computing environments of the future.

Organizing Committee: 

  • Eugene H. Spafford, Purdue University and Computing Research Association (Organizing Committee Chair) 
  • Richard A. DeMillo, Georgia Institute of Technology (Organizing Committee Co-Chair) 
  • Andrew Bernat, Computing Research Association 
  • Steve Crocker, Shinkuro, Inc.
  • David Farber, Carnegie Mellon University 
  • Virgil Gligor, University of Maryland 
  • Sy Goodman, Georgia Institute of Technology 
  • Anita Jones, University of Virginia 
  • Susan Landau, Sun Laboratories 
  • Peter Neumann, SRI 
  • David Patterson, University of California, Berkeley 
  • Fred Schneider, Cornell University 
  • Douglas Tygar, University of California, Berkeley 
  • William Wulf, National Academy of Engineering and University of Virginia

Made possible with support from

 

 


Google
Search WWW Search cra.org

Copyright © 2007 Computing Research Association. All Rights Reserved. Questions? E-mail: webmaster@cra.org.