1
Center for Infrastructure Center for Infrastructure Assurance and Security Assurance and Security
(CIAS)(CIAS)
Joe SanchezJoe SanchezAIA Liaison to CIASAIA Liaison to CIAS
REPORT DOCUMENTATION PAGEForm Approved
OMB No. 074-0188Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the dataneeded, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden toWashington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA 22202-4302, and to the Office of Management and Budget, PaperworkReduction Project (0704-0188), Washington, DC 20503
1. AGENCY USE ONLY (Leaveblank)
2. REPORT DATE4/24/2002
3. REPORT TYPE AND DATES COVEREDBriefing 4/24/2002
4. TITLE AND SUBTITLECenter for Infrastructure Assurance and Security (CIAS)
5. FUNDING NUMBERS
6. AUTHOR(S)Sanchez, Joe
7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION REPORT NUMBER
Air Intelligence Agency
9. SPONSORING / MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSORING / MONITORING AGENCY REPORT NUMBER
IATAC3190 Fairview Park DriveFalls Church, VA 22042
11. SUPPLEMENTARY NOTES
12a. DISTRIBUTION / AVAILABILITY STATEMENTApproved for public release; Distribution unlimited
12b. DISTRIBUTION CODE
A
13. ABSTRACT (Maximum 200 Words)
Breifing on CIAS history, vision and focus.
14. SUBJECT TERMSIATAC Collection, infrastructure assurance, information security,intrusion detection,
15. NUMBER OF PAGES
18
16. PRICE CODE
17. SECURITY CLASSIFICATION OF REPORT
UNCLASSIFIED
18. SECURITY CLASSIFICATION OF THIS PAGE
UNCLASSIFIED
19. SECURITY CLASSIFICATION OF ABSTRACT
UNCLASSIFIED
20. LIMITATION OF ABSTRACT
UNLIMITED
NSN 7540-01-280-5500 Standard Form 298 (Rev. 2-89)Prescribed by ANSI Std. Z39-18298-102
2
uu VisionVision
uu HistoryHistory
uu ConceptConcept
uu InitiativesInitiatives
uu UpdateUpdate
uu Next StepsNext Steps
OverviewOverview
3
VisionVision
Develop the world's foremost university Develop the world's foremost university center for multidisciplinary research center for multidisciplinary research
and education in areas of infrastructure and education in areas of infrastructure assurance and securityassurance and security
4
VisionVisionWhy?...and Why San Antonio?
Why: Our nation is under siege... information/infrastructure systems are vulnerable from both foreign and domestic threats…
New research & education is paramount to assure continued growth in information security
Why San Antonio: Significant concentration of the world’s leaders in I/O security
5
Information Security HistoryInformation Security History
u In 1985 the Air Force consolidated their computersecurity missions at Kelly AFB, combining Computers,Communications, and Emanations disciplines
u Creation of the Air Force Computer EmergencyResponse Team (AFCERT) and the Air ForceInformation Warfare Center
u Charted the course for the military services andprivate sector and has made San Antonio a hubof security activity.
u National and local companies reside in S.A.supporting information/infrastructure security missions
ESC to AIAESC to AIA
6
Intrusion Detection:Traffic LoadIntrusion Detection:Traffic Load
953,750 Real-Time Alerts
17,006 Suspicious Event Reports
Validate
User-level Intrusions
60
Poor SecurityPractice
2
Denial of Service
2
Root-level Intrusions
13
False False
Positive3
1.1 Billion Suspicious Connections
Air Force Network Traffic: 6.6 Billion Events
2001
Malicious Logic
6
87 Incidentsin 2001
7
CIAS ConceptCIAS Concept
Commercial
Education
Higher Ed K-12
Government
Federal
CIAS
State & Local
8
Government EmphasisGovernment Emphasis
Government
Federal State & Local
uu Air Force &Air Force & DoDDoD
uu Telecommunications Telecommunications ProtectionProtection
uu SCADA SystemsSCADA Systems
uu Biometrics & Wireless Biometrics & Wireless VulnerabilitiesVulnerabilities
uu Intrusion DetectionIntrusion Detection
uu State and LocalState and Local
uu Infrastructure ProtectionInfrastructure Protection
uu Computer Crime w/ FBIComputer Crime w/ FBI
9
Educational InitiativesEducational Initiatives
Education
Higher Ed K-12
uu Education “Pipeline”Education “Pipeline”
uu Bachelors to Ph.D. DegreesBachelors to Ph.D. Degrees
uu Community CollegesCommunity Colleges
uu KK--12 12 (Information Technology (Information Technology & Security Academy)& Security Academy)
uu Mentor KMentor K--1212
uu R & DR & D
uu Job PlacementJob Placement
uu InternshipsInternships
10
Commercial PartnershipCommercial Partnership
Commercial uu Board of AdvisorsBoard of Advisors
uu Levels of funding supportLevels of funding support
uu Dedicated ResearchDedicated Research
uu Technology TransferTechnology Transfer
uu EntrepreneurshipEntrepreneurship
uu Small Business Small Business DevelopmentDevelopment
uu InIn--kind Expert Assistancekind Expert Assistance
11
Alliance PartnersAlliance Partners
Higher and K-12 Education
Federal Government
State and Local Government
12
Commercial Alliance PartnersCommercial Alliance Partners
Commercial (Representative)
13
CIAS StatusCIAS Status
u DoDDoD Defense Bill appropriated $2.5M in AF Defense Bill appropriated $2.5M in AF Research and Development funds Research and Development funds
uu Contract is very close to being signedContract is very close to being signed
uu CIAS involved in state and federal Homeland CIAS involved in state and federal Homeland Security initiatives (Dark Screen)Security initiatives (Dark Screen)
uu Minor offered in Infrastructure Assurance while Minor offered in Infrastructure Assurance while pursuing Bachelor’s/Master’s/Ph.D. pursuing Bachelor’s/Master’s/Ph.D.
uu Strong support for the Information Technology Strong support for the Information Technology and Security Academy (ITSA)and Security Academy (ITSA)
uuPlans to host seminars later this year Plans to host seminars later this year
14
Dark ScreenDark Screen
u CM Rodriguez (TX) letter in March proposing CM Rodriguez (TX) letter in March proposing
“…“…the San Antonio region sponsor an exercise to test the the San Antonio region sponsor an exercise to test the San AntonioSan Antonio--area capabilities to prevent, detect, and area capabilities to prevent, detect, and respond to a cyber terrorist attack and itrespond to a cyber terrorist attack and it’’s ability to s ability to coordinate with local, state, and federal authorities.coordinate with local, state, and federal authorities.””
uu Core exercise planning team lead by the CIAS includes Core exercise planning team lead by the CIAS includes AIA, the City of San Antonio, AIA, the City of San Antonio, Bexar Bexar County, State of County, State of Texas, Law Enforcement, Industry, and InfrastructureTexas, Law Enforcement, Industry, and Infrastructure
uu Early stages Early stages –– plan a tabletop in the fall, plan a tabletop in the fall, ““minimini--exerciseexercise””next spring/summer, full exercise next fall next spring/summer, full exercise next fall
uu CM Rodriguez has submitted a request for $500K from CM Rodriguez has submitted a request for $500K from the FY02 Supplemental Appropriations Billthe FY02 Supplemental Appropriations Bill
uu CIAS is working the exercise into their budgetCIAS is working the exercise into their budget
15
Next StepsNext Steps
uu “Sell the Center”“Sell the Center”
uu Springboard off Designation as a Center ofSpringboard off Designation as a Center ofExcellence with the National Security AgencyExcellence with the National Security Agency
uu Finalize business partnership agreement &Finalize business partnership agreement &establish/maintain local funding supportestablish/maintain local funding support
uu Continued congressional dialogue andContinued congressional dialogue andsupportsupport
uu Establish partnerships with local universitiesEstablish partnerships with local universities
uu Assist in the establishment of the ITSAAssist in the establishment of the ITSA
uu Build a world class Center by luring the Build a world class Center by luring the best in the field best in the field
16
CIAS Points of ContactCIAS Points of Contact
Dr. Glenn DietrichDr. Glenn Dietrich Dr. Greg WhiteDr. Greg White
Executive DirectorExecutive Director Technical DirectorTechnical Director
(210) 458(210) 458--5354 5354 (210) 458(210) 458--63076307
gdietrichgdietrich@@utsautsa..eduedu gwhitegwhite@@utsautsa..eduedu
Joe SanchezJoe SanchezAIA Liaison to CIASAIA Liaison to CIAS(210) 977(210) 977--37063706joejoe..sanchezsanchez@@lacklandlackland..afaf.mil.mil
(210) 458(210) 458--43244324jsanchezjsanchez@@utsautsa..eduedu
17
DevelopVision
BuildPlan
ObtainFunding
EstablishCenter
InitialOperations
DedicatedResearch
FocusedOut Reach
ContinuedOperations
Time Line Time Line
Phase I Phase II Phase III
May ‘01May ‘01 November ‘01November ‘01 October ‘02October ‘02 October ‘03October ‘03
Activity IIIActivity IIINSA NSA
DesignationDesignation
Activity VActivity VAppropriationAppropriation
Activity IVActivity IVCongressionalCongressionalSponsorship Sponsorship
Activity IIActivity IIDetailedDetailed
Plan Plan
Activity IActivity IHigh LevelHigh Level
VisionVision
FullOperations
18
IO ServicesIO Services
Strategy &Strategy &ArchitectureArchitecture ElectronicElectronic
CommerceCommerce
CERTCERTSupportSupport
TechnologyTechnologyManagementManagement
IntrusionIntrusionDetectionDetection
WebWebSecuritySecurity
AlgorithmAlgorithmResearchResearch
EncryptionEncryptionDevelopmentDevelopment
InformationInformationSecuritySecurity
TechnologyTechnologyTestingTesting
InformationInformationAssuranceAssurance
CIASCIAS