1 research areas
1.1 2011-2014 research projects
1.2 2010-2011 research projects
1.3 2008-2009 research projects
1.4 2007-2009 research projects
research areas
2011-2014 research projects
advanced technological education
the i3p has partnered community college system of new hampshire (ccsnh) on educational project, “cybersecurity in healthcare industry: curriculum adaptation , implementation.” funded national science foundation’s (nsf) advanced technological education (ate) program, goal of project produce well-qualified technicians serve healthcare information technology needs of rural northern new england.
improving csirts
the i3p launched project called improving csirt skills, dynamics, , effectiveness. effort, funded department of homeland security s science , technology directorate, aims explore makes , sustains csirt. results should organizations ensure csirts fulfill maximum potential , become invaluable tool in securing cyber infrastructure. interdisciplinary team working on new project include cyber security , business researchers dartmouth college, organizational psychologists george mason university, , researchers , practitioners hewlett-packard.
usable security
in april 2011, i3p convened nist-sponsored workshop examining challenge of integrating security , usability design , development of software. 1 of several workshop recommendations development of case studies show software developers how usable security has been integrated organization s software development process. consequently, i3p has begun usable security project. using uniform study methodology, project document usable security in 3 different organizations. results used understand how key usable security problems addressed, teach developers solutions, , enable other researchers perform comparable studies.
information sharing
the nation s critical infrastructure under threat of cyber attack today never before. main response cyber threat facing country increased information sharing. traditionally, agencies store data in data bases, , information not readily available others might benefit it. obama administration made clear strategy not work – data must readily available sharing. preferred way using cloud, numerous government agencies store information, , information available have appropriate credentials. model has tremendous added benefits – associated risks? researchers rand , university of virginia took on challenge of answering question in our information sharing project.
2010-2011 research projects
privacy in digital era
researchers 5 i3p academic institutions engaged in sweeping effort understand privacy in digital era. on course of 18 months, research project take multidisciplinary @ privacy, examining roles of human behavior, data exposure, , policy expression on way people understand , protect privacy.
leveraging human behavior reduce cyber security risk
this project brings behavioral-sciences lens security, examining interface between human beings , computers through set of rigorous empirical studies. multi-disciplinary project draws social scientists , information security professionals illuminate intricacies of human perceptions, cognitions, , biases, , how these impact computer security. project’s goal leverage these new insights in way produces more secure systems , processes.
2008-2009 research projects
better security through risk pricing
i3p researchers on project have examined ways quantify cyber risk exploring potential multi-factor scoring system, analogous risk scoring in insurance sector. overall, work takes account 2 key determinants of cyber risk: technologies reduce likelihood of attack , internal capabilities respond successful or potential attacks.
2007-2009 research projects
survivability , recovery of process control systems research
this project builds on earlier i3p project in control-systems security develop strategies enhancing control-system resilience , allowing rapid recovery in event of successful cyber attack.
business rationale cyber security
this project, offshoot of earlier study on economics of security, addresses challenge of corporate decision-making when comes investing in cyber security. attempted answer questions such as, “how needed?” “how enough?” “and how 1 measure return on investment?” study includes investigation of investment strategies, including risks , vulnerabilities, supply-chain interdependencies , technological fixes.
safeguarding digital identity
multidisciplinary in scope, project addresses security of digital identities, emphasizing development of technical approaches managing digital identities meet political, social , legal needs. work has focused on 2 sectors privacy , identity protection paramount: financial services , healthcare.
insider threat
this project addresses need detect, monitor , prevent insider attacks, can inflict serious harm on organization. researchers have undertaken systematic analysis of insider threat, 1 addresses technical challenges takes account ethical, legal , economic dimensions.
Comments
Post a Comment