MELBOURNE, FLA.—The Harris Institute for Assured Information at Florida Institute of Technology and the Space Coast Chapter of the Information Systems Security Association (ISSA) present a monthly lecture series on security trends and topics. This month’s meeting, which is free and open to the public, is scheduled for Aug. 15 at 6:30 p.m. in the third-floor conference room of the Harris Center for Science and Engineering building on the Florida Tech campus.
The Institute hosts Eric Little, chief scientist and vice president of Modus Operandi, Inc., who will speak on “Semantic Technologies for Improving Cyber Security in Cloud-based Applications.”
Computer systems now control most important information systems in numerous areas such as national defense, healthcare and the energy industries. Increasingly, data in large enterprises is being integrated and shared across powerful information networks that employ approaches such as service oriented architectures (SOA), semantic integration or cloud computing. These information networks provide improved means for data modeling, information retrieval/sharing, automated reasoning and user access. However, this type of network requires a new approach to cyber-security, based on “Security Risk Assessment,” to combat the increase in cyber-attacks reported across numerous industries.
Security Risk Assessment looks at a host of quantitative and qualitative factors to provide a proactive role in identifying and responding to adversarial threats—potential or imminent—and subsequently identifying potential system vulnerabilities to such threats.
Current information technology security systems primarily focus on simple threats, such as defending against traffic on specific ports, virus detection, etc. However, adversaries are targeting organizations with complex attacks that appear completely legitimate but have devastating effects. Current security controls might detect such attacks days later. To provide appropriate risk assessment, next-generation information security systems can be built to leverage the power of their underlying semantic and cloud-based technologies including:
Infrastructure-Enhanced Security—where cloud computing will likely reduce encryption and decryption times, promoting further adoption of these security controls, while likely demanding and promoting enhanced key strategies. Cloud computing can sustain cutting-edge, near-real-time analytics that mine vast amounts of security data to identify complex threats, and detect intentional and unintentional information access and abuse for both internal and external users.
Enhanced Threat Modeling—where cloud computing analytics developed for social network analysis will provide capabilities to analyze large amounts of data about users, network traffic and other interests to detect seemingly safe activities that match larger threats.
Semantic Security—where advances in semantic technology, in conjunction with cloud computing, will promote security controls that simulate human cognition and can block and/or report suspect communications in near real-time over Internet scale data. The semantic security evolution will address the adoption of semantic technologies and include software agents that act on behalf of end users.
Little received a Ph.D. in philosophy and cognitive science in 2002 from the University at Buffalo, State University of New York. His post-doc experience, 2002-2004, was in the University at Buffalo’s Department of Industrial Engineering where he developed ontologies for multisource information fusion applications. For several years he was an assistant professor of doctoral studies and director of the Center for Ontology and Interdisciplinary Studies at D'Youville College in Buffalo, N.Y. He left academia in 2009 to pursue a career in industry.
His areas of specialization are ontology, knowledge management, cognitive science, philosophy of mind/neuroscience, phenomenology and organizational theory. His research has been funded by The U.S. Air Force Office of Scientific Research (AFOSR), Development and Research for the Defense of Canada (DRDC)-Valcartier, Lockheed-Martin Corp., MIT-Lincoln Laboratories, The National Institute of Standards (NIST), the National Center for Ontology Research (NCOR), The U.S. Army Research Labs, Boeing Corp., and British Petroleum. He is currently a co-chair of the Central Florida Semantic Web Meet-Up Group, as well as a member of the National Center for Ontology Research (NCOR), among several organizations.
For more information, contact Richard Ford at (321) 674-7473.
About Harris Corporation
Harris is an international communications and information technology company serving government and commercial markets in more than 150 countries. Headquartered in Melbourne, Fla., the company has annual revenue of over $4 billion and 16,000 employees—including nearly 7,000 engineers and scientists. More information is available at www.harris.com.
The Information Systems Security Association (ISSA), with 109 chapters in 24 countries and more than 13,000 members, is the largest international, not-for-profit association specifically for information security professionals and practitioners. ISSA provides education, publications, information-sharing and peer forums to foster the knowledge, skill and professional growth of its members, and serves as the global voice of information security. www.issa.org.