July 31, 2014



Home

Current Projects

Completed Projects

Publications by Year

Publications by Topic

News & Events

Cybersecurity

CSTB's Mission

CSTB's Impact

Board Membership

Staff

Careers

DEPS Home


Contact Us
CSTB
500 Fifth Street NW
Washington, DC
Phone: (202) 334-2605
Fax: (202) 334-2318
E-mail: cstb@nas.edu

Follow CSTB on
Facebook and Twitter

 

CSTB is a part of the
Division on Engineering and Physical Sciences.

Sign up for the DEPS newsletter.

 

 



CSTB Cybersecurity and Trustworthiness Projects and Reports

 

Publications

2014_CySecprimerAt the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues presents fundamental concepts and principles that serve as points of departure for understanding specific cybersecurity incidents or proposals to improve security.Project Page
2013 Professionalization releaseProfessionalizing the Nation’s Cybersecurity Workforce? Criteria for Decision-Making considers the role that professionalization could play in enhancing workforce capacity and capability and sets forth criteria for when, where, and how to professionalize the cybersecurity workforce.Project Page
2010_criticalcode_prim
Critical Code: Software Producibility for Defense (2010) assesses the growing importance of software for national security and examines how the U.S. Department of Defense can most effectively meet its future software needs. 
Project Page
2010_deterringcyberattacks

Proceedings of a Workshop on Deterring Cyberattacks: Informing Strategies and Developing Options (2010) examines governmental, economical, technical, legal, and psychological challenges involved in deterring cyber attacks. It addresses key issues and questions identified in Letter Report from the Committee on Deterring Cyberattacks: Informing Strategies and Developing Options for U.S. Policy.

Individual papers and summaries.

Project Page
2010_biometricsBiometric Recognition: Challenges and Opportunities (2010) presents a broad and comprehensive assessment of biometric recognition systems -- articulating design and operational considerations as well as outlining a research agenda to bolster the scientific and engineering underpinnings of these systems.
Project Page
 2010_UsabilityToward Better Usability, Security, and Privacy of Information Technology (2010) identifies research opportunities and ways to embed usability considerations in design and development related to security and privacy, and vice versa. Project Page
 2009 OIW finalTechnology, Policy, Law, and Ethics Regarding U.S. Acquisition and Use of Cyberattack Capabilities (2009) concludes that although cyberattack capabilities are an important asset for the United States, the current policy and legal framework for their use is ill-formed, undeveloped, and highly uncertain and that U.S. policy should be informed by an open and public national debate on technological, policy, legal, and ethical issues they pose. Project Page
2007_toward_safer_cyberspace Toward a Safer and More Secure Cyberspace (2007) explores the nature of online threats, considers some of the reasons why past research for improving cybersecurity has had less impact than anticipated, and offers a strategy for future research aimed at countering cyber attacks. Project Page
 2007_software_dependable_sysSoftware for Dependable Systems: Sufficient Evidence? (2007) discusses how the growing use and complexity of software necessitates a different approach to dependability and recommends an evidence-based approach to achieving greater dependability and confidence.Project Page
 2003_critical_info_infrastructureCritical Information Infrastructure Protection and the Law: An Overview of Key Issues (2003) discusses antitrust, FOIA, and liability as factors in protecting critical information infrastructure, given technical and economic conditions. Project Page
 2003_who_goes_thereWho Goes There? Authentication Through the Lens of Privacy (2003) describes and examines issues, concepts, and techniques for authentication from the perspective of how they implicate privacy—and how adverse impacts on privacy might be contained. Project Page
 2002_cybersecurity_todayCybersecurity Today and Tomorrow: Pay Now or Pay Later (2002) Recaps highlights from past CSTB security reports with a focus on issue identification and practical guidance. 
 2002_IDs_not_that_easyIDs -- Not That Easy: Questions About Nationwide Identity Systems (2002) outlines challenging policy, process, and technological issues presented by nationwide identity systems. Project Page
 1999_trust_in_cyberspaceTrust in Cyberspace (1999) provides an assessment of the state of the art procedures for building trustworthy networked information systems; proposes directions for research in computer and network security, software technology, and system architecture; and assesses current technical and market trends in order to better inform public policy as to where progress is likely and where incentives could help. 
 1996_cryptographys_roleCryptography's Role in Securing the Information Society (1996) describes the growing importance of encryption, relating a government interests to interests in the spread and control of encryption, and recommends policy changes. 
 1991_computers_at_riskComputers at Risk: Safe Computing in the Information Age (1991), an enduring primer for information security, explains key concepts and terms, outlines the technology and procedures that give rise to and can alleviate security problems, relates security to complementary concerns such as privacy and safety, and describes the private and public sector institutional contexts. 

 

 


Copyright © 2014.| National Academy of Sciences.| All rights reserved.| 500 Fifth St. N.W., Washington, D.C. 20001.| Terms of Use and Privacy Statement