US flag   Official website of the Department of Homeland Security

Tailored Trustworthy Spaces

In the physical world, we operate in many spaces with many characteristics. For example, we go to school, our workplace, shop at stores, visit a doctor’s office, etc. We behave differently and under different controls appropriate to each space. However, cyberspace tends to be treated as one homogeneous, undifferentiated space.

In the Tailored Trustworthy Spaces (TTS) paradigm, users will be able to select and create different environments for different activities satisfying a variety of operating requirements or capabilities. Examples of these required capabilities may include, but are not limited to: confidentiality, anonymity, data and system integrity, data provenance availability and performance. Each space will have their own rules or conditions for these capabilities and thus will be “tailored” to meet those requirements.

“[TTS] Enables us to create, analyze, evaluate, and deploy mechanisms and strategies that are diverse and that continually shift and change over time to increase complexity and cost for attackers, limit the exposure of vulnerabilities and opportunities for attack, and increase system resiliency.” –Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program published by the Executive Office of the President, National Science and Technology Council, December 2011

TTS Program Activities

The research needs for these TTAs were based on the results of the 2009 National Cyber Leap Year (NCLY) Summit.

For Digital Provenance the research needs are as follows:

(1) Data Provenance Security; entails managing and securing data provenance (DP) information, including but not limited to authorizing and controlling access of principals to DP via data minimization, privacy, least privilege, confidentiality, integrity, and authenticity. Data Provenance refers to the ownership and usage of digital data over time. Ownership provides information about the originator of the data and data usage provides details about how the data has been used, accessed, or modified.

(2) Data Provenance Definition and Management; entails attaching context to data to track chain of custody, transformation (modification), and provenance of messages and attachments (for software, data at rest, or packets). Establish standard labeling system for quality (analogous to food labels).

For Nature-Inspired Cyber Health, the NCLY identified five areas of consideration:

 (1) Thwart malicious attacks through signaling, implementation of diversity and immunogenic detection as hardware-software solutions. Rapidly regenerate (self-healing) survivable capabilities in mission critical systems after a sophisticated attack.

(2) Evolve immunity to attacks through evolutionary computing to create new deceptions (gaming strategies) as new threats emerge. Self-learning while monitoring insider activity and developing profiles for appropriate and legitimate behavior (modeling).

(3) Signaling and Message-passing: Integrating the many disparate security tools using both feed forward and feedback signaling mechanisms in a cyber-defense system to help ensure tolerance and identify attacks while minimizing false alarms (i.e. improve judgments between dangerous attacks and benign anomalies).

(4) Decentralized Control: The immune system uses distributed control mechanisms for learning, memory and associative retrieval to solve recognition and classification tasks. There is no single organ that controls the immune response; rather it handles the antigenic challenges through collaborative interaction. A similar strategy (distributed control mechanisms for monitor and response) needs to be pursued as a game changing strategy in cyber defense in order to avoid a single point of failure and to enable robust decision making.

(5) Missing Self Paradigm: The missing self-hypothesis from immunology literature may shed new light to secure host systems, in particular, to validate, authenticate and permit codes, data and scripts to execute in a machine. Different techniques are used to preserve integrity at the process, system and communication levels. For example, commercial solutions ensure system level integrity and security; whereas, digital signature, code signing, watermarking, integrity checker, magic cookies, etc. address file integrity of data and executables in transit.

CSD, in conjunction with the DHS Office of Procurement Operations, has awarded contracts for R&D in the TTS topic area.

Interagency Coordination

TTS is one of the 4 main themes in the Federal Cybersecurity R&D Plan and as such, has involvement across the interagency. CSD coordinates its research agenda for TTS with the National Security Agency, National Science Foundation and the Department of Defense through the National Information Technology Research and Development (NITRD) Program, specifically the Cyber Security and Information Assurance Subcommittee (CSIA). For more information on NITRD and the CSIA, please see: http://nitrd.gov/Subcommittee/csia.aspx

TTA 10 – Digital Provenance

Prime: Exelis, Inc. | Sub: None

Month YearDocument TitleDownload
October 2012Evidentiary Integrity for Incident Response (EIIR)PDF (1MB)

Prime: The University of Alabama at Birmingham | Sub: None

Month YearDocument TitleDownload
October 2012Secure Location Provenance for Mobile Devices

PDF (1 MB)

Prime: The University of North Carolina at Chapel Hill | Sub: None

Month YearDocument TitleDownload
October 2012Efficient Tracking, Logging, and Blocking of Accesses to Digital Objects

PDF (3.2 MB)

TTA 13 – Nature-Inspired Cyber Health

Prime: Pacific NW National Laboratory | Sub: Research and Education Networking - ISAC

Month YearDocument TitleDownload
October 2012LINEBACKER: LINE-speed Bio-inspired Analysis and Characterization for Event RecognitionPDF (1MB)

Prime: Rutgers University – New Brunswick Campus | Sub: Hewlett-Packard Laboratories

Month YearDocument TitleDownload
October 2012Bio-Inspired Anomaly Detection

PDF (1 MB)

Back to Top

Back to Top