Sunday, May 31, 2015

Net Insecurity, Cybersecurity, and New Future Internet Architectures

I was mesmerized by the terrific article in The Washington Post written by Craig Timberg entitled: Net Insecurity: A Flaw in the Design.

Not only did it feature David Clark of MIT, who spoke at the Cybersecurity Rosk Analysis for Enterprise Risk Security Workshop that my Isenberg School of Management and College of Engineering colleagues and I organized, with funding provided by the Advanced Cyber Security Center (ACSC)  and which took place at the Sloan School of MIT last September, but also Richard Stallman, who was a keynote speaker at the INFORMS Computing Society Conference this past January (and I had the pleasure of not only speaking with him but also sharing a taxi with him to the airport).

Below are photos of Clark and Stallman (with my great INFORMS colleagues Bob Fourer and Matt Saltzman)  that I took at these respective events.
In Timberg's Post article, Clark is quoted as saying in regards to the development of the Internet that: "It’s not that we didn’t think about security,” Clark recalled. “We knew that there were untrustworthy people out there, and we thought we could exclude them.”

The Post article ends with the following prescient sentences: In 2008, Clark crafted a new list of priorities for a National Science Foundation project on building a better Internet. The first item was, simply, “Security.” I  could not agree more.

Coincidentally, on June 1 and 2,  the Future Internet Architecture (FIA) Spring 2015 meeting is taking place at MIT at the Stata building. Although I am in Sweden and will be taking part in a Finance conference in Gothenburg, two of my doctoral students will be presenting there on our NSF ChoiceNet project work, since we are one of five teams selected (and sponsored) by the NSF as part of its very ambitious and visionary Future Internet Architecture programOur ChoiceNet project aims to construct an economy plane for the Internet, which will allow more choices and cybersecurity is, of course, a possible primary feature.

Specifically, on June 2, my doctoral student, Shivani Shukla, will be presenting the poster below, which is based on a paper of ours: "Game Theoretic Model for Cybersecurity with Nonlinear Budget Constraints."

My doctoral student, Sara Saberi, will be presenting a poster on our paper, "A Network Economic Game Theory Model of a Service-Oriented Internet with Price and Quality Competition in Both Content and Network Provision," that was published in the INFORMS journal Service Science. The paper was co-authored with the lead PI on our NSF project, Tilman Wolf of UMass Amherst.

My first paper on cybercrime, "A Multiproduct Network Economic Model of Cybercrime in Financial Services,"  was also published in Service Science.

Our paper, "A Game Theory Model of Cybersecurity Investments with Information Asymmetry," Anna Nagurney and Ladimer S. Nagurney,  is now in press in Netnomics.

Also, our paper,  "A Supply Chain Game Theory Framework for Cybersecurity Investments Under Network Vulnerability,"  Anna Nagurney, Ladimer S. Nagurney, and Shivani Shukla, is in press in the book: Computation, Cryptography, and Network Security (2015), N.J. Daras and M.T. Rassias, Editors, Springer, New York. Since The Washington Post article expands on the challenges faced by encryption, especially in the early years of the Internet, this book should be very timely!

Given the importance of cybersecurity, I am delighted that the UMass Amherst  Provost Katherine S. Newman is helping to spearhead a new Cybersecurity Institute at UMass Amherst and, with the interest in the topic at the Isenberg School of Management, the School of Computer Science, the College of Engineering, and also other schools at UMass Amherst, this is a very exciting initiative!