Experts will convene at Purdue to discuss information security

November 03, 1999

WEST LAFAYETTE, Ind. ‹ As the Y2K problems fade into the new year, computer analysts will face even more complex issues surrounding information security, Purdue University computer security expert Gene Spafford says.

He and security experts from government and industry will present an overview of these concerns and discuss steps being taken to address them Nov. 15-16 during a colloquium at Purdue.

The colloquium is sponsored by Purdue's Center for Education and Research in Information Assurance and Security, a multidisciplinary center that is the first in the world to take a comprehensive approach to network and computer security. More than 150 leaders from industry, government and academia are expected to attend the two-day event.

The center ‹ aptly called CERIAS, which is pronounced "serious" ‹ looks beyond computer security to address a much wider range of issues related to information security issues such as network and communications security, and protection against defective software.

"The public perception of information security is shaped by sensationalism such as computer virus scares and stories of teen-agers breaking into sensitive military systems," Spafford said. "But information security is much more complex than that. It can include aspects of economic and international espionage, sabotage, terrorist activities, vandalism and other forms of crime in addition to computer security."

The center includes researchers from sociology, psychology, criminology, political science, philosophy, management and economics to address such issues.

Spafford, a professor of computer sciences who is director of the center, said current efforts to secure information often rely upon computer security measures that focus only on protecting information within a single computer system.

"However, the major value to organizations is in the data processed on the computer and not the computer itself," he said. "Disclosure, loss or alteration of the data, as a result of accident or malicious activity, is the problem."

The Purdue center is developing ways to protect information that flows through computers in all its various forms ‹ whether on network cable, disks, faxes, phone lines or the Internet.

"Our increasing reliance on new and often fragile technologies for use in critical applications presents attractive targets to criminals, vandals and foreign adversaries," Spafford said.

Marvin Langston, deputy assistant secretary at the U.S. Department of Defense, agrees. "The fact that we store and process and move things electronically means that the information is now in a form that is easier to manipulate," he said.

Langston noted that as the world becomes more interlinked, businesses and organizations are more vulnerable to crimes.

"Though the Department of Defense has for years relied on computers to store information, the lack of public access to computers and computer networks provided a measure of security," he said. "Now everybody uses commercial computers and commercial computer networks, making it easier to exploit the vulnerabilities or cracks in the system and much more difficult to secure information."

During the colloquium at Purdue, Langston, along with Stephen Katz, chief information security officer for Citigroup, will address information security concerns in government and industry, and discuss new developments under way to address these issues.

In addition, a panel of experts from industry, government and academia will discuss how people in those three areas can work together to address security issues.

CERIAS was established last year at Purdue to address the need for increased training and research in information security topics. With 36 faculty members from 11 departments on campus, Purdue is the only university to offer formal training to address these issues in a multidisciplinary manner, Spafford said.

"Today's students will design the information technologies of the future, yet the majority of them receive no training in information security," he said. "There are few institutions ready to train people to deal with the multiple issues, and none that takes a broad view of the problems involved."

CERIAS is funded by Purdue and Lilly Endowment Inc., plus these corporate sponsors: Andersen Consulting, Trident Data Systems, TRW Inc., AT&T Labs, Cisco Systems Inc., General Electric Co. Corporate Research and Development, Hewlett-Packard Co., Intel Corp., Microsoft Corp., MITRE Corp., Schlumberger Ltd., Sun Microsystems Inc., Tripwire Security Systems Inc., Lockheed Martin Corp., Citigroup, AXENT Technologies Inc., and Enterprise Networking Systems Inc.
-end-
Related Web sites:

CERIAS Web site: http://www.cerias.purdue.edu/

CERIAS colloquium agenda: http://www.cerias.purdue.edu/colloquium/agenda.html

Purdue University

Related Computer Security Articles from Brightsurf:

UCLA computer scientists set benchmarks to optimize quantum computer performance
Two UCLA computer scientists have shown that existing compilers, which tell quantum computers how to use their circuits to execute quantum programs, inhibit the computers' ability to achieve optimal performance.

Computer-based weather forecast: New algorithm outperforms mainframe computer systems
The exponential growth in computer processing power seen over the past 60 years may soon come to a halt.

Focus on food security and sustainability
The number of malnourished people is increasing worldwide. More than two billion people suffer from a lack of micronutrients.

Eliminating infamous security threats
Speculative memory side-channel attacks like Meltdown and Spectre are security vulnerabilities in computers.

UBC study: Publicizing a firm's security levels may strengthen security over time
New research from the UBC Sauder School of Business has quantified the security levels of more than 1,200 Pan-Asian companies in order to determine whether increased awareness of one's security levels leads to improved defense levels against cybercrime.

Discovery casts dark shadow on computer security
Two international teams of security researchers have uncovered Foreshadow, a new variant of the hardware vulnerability Meltdown announced earlier in the year, that can be exploited to bypass Intel Processors' secure regions to access memory and data.

Shh! Proven security for your secrets
Researchers show the security of their cipher based on chaos theory.

A library for food security
Researchers are uncovering the genome of cowpeas, also known as black-eyed peas, in response to challenging growing conditions and the need for food security.

Bring your own (security) disaster
Bring your own device (BYOD) to work is common practice these days.

'Security fatigue' can cause computer users to feel hopeless and act recklessly
A new study from National Institute of Standards and Technology researchers found that a majority of the typical computer users they interviewed experienced security fatigue -- weariness or reluctance to deal with computer security -- that often leads users to risky computing behavior at work and in their personal lives.

Read More: Computer Security News and Computer Security Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.