Wednesday, December 01, 2004
Center of Excellence Proposal
à
White Paper on Incident Information Orb
Architecture (IIOA) à
Types of Ontology for Crisis
Management à
Adi Structural Ontology Part I
à
Cubicon language description
à
Communication form Dr Paul Werbos
Neuroengineering Program Manager, NSF
Hi, folks!
For many reasons, I can't put in a huge amount of time on cybersecurity, where I am **NOT** a major player.
Naturally, I am sympathetic to folks who would want to use neural nets and such in a part of the field.
But... in my view the biggest gaping hole, the grossest inefficiency in our efforts.. is failure to capitalize enough on the opportunities afforded us by absolutely unbreakable operating systems, with good theorem-based guarantees.
So far as I know... as a nonexpert, but at least a technically grounded one... it looks to me that the operating system described on the web by Schell, unix-based but also Multics-based and intended for NSA use, is the one and only example around today. It's my impression that it's near-criminal to talk about sharing all kinds of confidential information across agencies, without also making sure that the platforms they put it on live up to that best practice in unbreakability.
Now.. unbreakable operating systems are necessary but not sufficient. (That's no excuse for delaying their deployment!)
For example, some have pointed out that unbreakable operating systems run on chips made in China may not always fulfill the conditions of the underlying theorems. So some kind of joint hardware/software theorem based work is needed. None exists, so far as I know.
Also... I am a bit haunted by the scenario towards the end of Terminator III, where an intelligent system cracks all those 128-bit encryption schemes (or lower encryption) used in Onstar systems, and crashes all the cars... as part of something
more serious.