has been held as an important part of WORLDCOMP:
There is an on-going discussion about establishing a scientific basis for cyber security. Efforts to date have often been ad hoc and conducted without any apparent insight into deeper formalisms. The result has been repeated system failures, and a steady progression of new attacks and compromises.
A solution, then, would seem to be to identify underlying scientific principles of cyber security, articulate them, and then employ them in the design and construction of future systems. This is at the core of several recent government programs and initiatives.
But the question that has not been asked is if “cyber security” is really the correct abstraction for analysis. There are some hints that perhaps it is not, and that some other approach is really more appropriate for systematic study — perhaps one we have yet to define.
In this talk I will provide some overview of the challenges in cyber security, the arguments being made for exploration and definition of a science of cyber security, and also some of the counterarguments. The goal of the presentation is not to convince the audience that either viewpoint is necessarily correct, but to suggest that perhaps there is sufficient doubt that we should carefully examine some of our assumptions about the field.
Eugene Howard Spafford is a Professor in the Purdue University. He is historically significant Internet figure, he is renowned for first analyzing the Morris Worm, one of the earliest computer worms, and his prominent role in the Usenet backbone cabal. Spafford was a member of the President's Information Technology Advisory Committee 2003-2005, has been an advisor to the National Science Foundation (NSF), and serves as an advisor to over a dozen other government agencies and major corporations.
Spafford attended State University of New York at Brockport for three years and completed his B.A. with a double major in mathematics and computer science in that time. He then attended the School of Information and Computer Sciences (now the College of Computing) at the Georgia Institute of Technology. He received his M.S. in 1981, and Ph.D. in 1986 for his design and implementation of the original Clouds distributed operating system kernel.
During the early formative years of the Internet, Spafford made significant contributions to establishing semi-formal processes to organize and manage Usenet, then the primary channel of communication between users, as well as being influential in defining the standards of behavior governing its use.