|
All MITRE Projects (with summaries and presentations where available)
Listing of project titles in alphabetical order
Pages: 1234567891011121314151617
Optically Sensed Tags
Primary Investigator:Olson, Sherry L.
Exhibit Date(s):May 5
Overall Emerging Technology
Primary Investigator:Athale, Ravi
Exhibit Date(s):May 6, May 7
Overview/Roadmap of Homeland Security MIP
Primary Investigator:Warren, Kim
Exhibit Date(s):May 6
Personally Identifiable Information Risk Management
Primary Investigator:McEwen, Julie S.
Problems:
Part of the difficulty with protecting personally identifiable information (PII) is being able to identify it in the first place and protect it commensurate with its sensitivity. Adequate guidance is not available to assist government organizations with identifying personally identifiable information (PII), categorizing it according to the level of sensitivity, and ensuring that appropriate privacy controls are employed based on sensitivity. The purpose of this project is to develop guidance to address these areas.
Objectives:
The results of the research project will be a PII Framework. That framework will include the development of:
–– A set of privacy unique controls
–– A categorization methodology that can be used to identify which privacy controls are most appropriate to use in different environments
–– Guidelines for assessing privacy unique controls (this is the privacy equivalent of NIST SP 800-53A, and it would only be done upon completion of the other activities and if it was determined such a document was needed).
Ultimate objective: Transition the PII framework into one or a series of federal (most likely NIST) standards and guidelines.
Activities:
Activities completed through February 2009 include:
–– Developed draft set of privacy unique controls
–– Shared privacy controls with NIST POC for information security standards and guidance
–– Worked with NIST to refine draft privacy controls based on internal NIST comments
–– Obtained input on draft privacy controls from Privacy Officers or their representatives in several government agencies/organizations, including:
* Social Security Administration (SSA)
*Department of Homeland Security (DHS)
* Internal Revenue Service (IRS)
–– Developed first draft of categorization methodology that can be used to select appropriate privacy controls to use in different environments.
Future planned activities include:
––Meet with DoD and intelligence community privacy POCs to obtain input on draft privacy controls
–– Meet with government Privacy Officers or their representatives to further discuss the draft privacy controls and the categorization methodology
–– Revise categorization methodology based on comments received
–– Work with NIST to implement categorization methodology into a NIST standard/guidance.
Impact:
Development of the draft privacy controls and sharing them with NIST has resulted in active discussion and consideration of the controls within the federal government privacy community.
–– Impact: MITRE has helped NIST to be proactive in the area of developing privacy guidance for the federal government.
Government organizations are required to comply with NIST guidance.
–– Impact: By being used in NIST guidance, MITRE’s work to make privacy controls meaningful and useful has the potential to touch organizations throughout the government and have a strong positive impact upon organizations’ ability to appropriately protect PII.
Public Release No:09-1144
[Presentation]
Exhibit Date(s):May 5
Quantified Trust and Knowledge-Based Identity Proofing
Primary Investigator:Scott, Jamil
Problems:
This project attempts to answer the question "Can trust be quantified?" If so, the investigators will evaluate possible mechanisms for defining a 'Trust Score.'
Objectives:
Define the current understanding of trust.
Describe possible mechanisms for evaluating trustworthiness.
Locate data sources to prove/disprove trust scoring hypotheses.
Establish a network of academic partners in the areas of organizational behavior, modeling, economics, risk management, etc.
Activities:
Assemble a bibliography of research materials on trust
Review research materials
Describe current understanding of trust as it relates to quantification of trust
Describe and prioritize gaps in current understanding
Develop a research plan to address gaps in understanding
Gain funding to pursue remaining research.
Impact:
The ability quantify the trustworthiness of individuals and the trust requirements of a protected resource will significantly improve the quality and efficiency of trust decisions and provide a framework for ongoing trust evaluation. Further, it may provide a mechanism for reliably sharing trust decisions between organizations.
Public Release No:09-1085
[Presentation]
Quantum Information Sciences
Primary Investigator:Gilbert, Gerald N.
Problems:
Quantum information science is a new, interdisciplinary field that holds the promise of providing the means for solving practical problems that would otherwise be impossible. Quantum computers solve certain types of previously intractable computational problems, such as breaking public key encryption systems, as well as a variety of challenging, computationally intensive mathematical problems. Quantum sensors offer the prospect of furnishing powerful tools to MITRE’s sponsors by enabling the formation and analysis of imagery at higher resolutions than are possible with classical devices, i.e., improving image resolution beyond the classical optics Rayleigh limit.
Objectives:
Long term: To develop at MITRE the world's first efficient, scalable, and fault-tolerant quantum computer design and protoype. For FY09: develop scalable device prototype of photonic quantum memory.
To analyze and develop, if the physics allows, a viable quantum sensor for practical applications.
Activities:
We perform theoretical analyses (at MITRE and Princeton University) across all the areas that comprise research in quantum computing and carry out experimental work on photonic approaches to quantum computing (at MITRE).
Impact:
Quantum computers will enable us to solve problems in a variety of areas of great interest to our sponsors in the DoD and the IC, including code breaking, real-time analysis of frequency-hopped spread-spectrum communications, steganographic analysis, and other computationally intensive problems. Likewise, high resolution quantum sensing has many applications which are important to the same sponsor base, including 2D and 3D imaging, high-precision geodesy, and high-resolution lithography. Our ongoing work capitalizes on the crucial advances we have made in fundamental fault tolerance theory and photonic laboratory implementation. This will enable us to make further significant progress in the development of a practical quantum computer, thus maintaining and enhancing MITRE’s leading position in this area of science and technology.
Public Release No:09-0816
[Presentation]
Exhibit Date(s):May 5
Rapid System Repair/Recovery Strategies and Concepts
Primary Investigator:Martin, Robert A.
Problems:
How, after a cyber attack occurs, can we get a system back to an operational state quickly, such that it is somewhat less vulnerable to the same kind of attack? From an operational perspective, how can the system be returned to full operational capability in minutes to hours rather than days to weeks? These two questions are the focusof this exploratory MSR.
Our overall approach is to formulate the state-of-the-art with respect to rapid recovery within the DoD and other industries while determining if any technologies exist that could support rapid recovery. This information would be combined to form a recommended process utilizing appropriate technologies.
Objectives:
The goal of this MSR is to identify a process or processes and their significant inputs that would allow a critical command and control system to be patched or returned to an operational state in minutes to hours. By significant inputs we mean, what other factors must be in place to make this desired timeline feasible? For example, it may be a necessity to have a clear understanding of the attack as well as an isolated instance of the attacking module to meet the time line. If this is found to be a requirement, what must be in place to assure that this information can be provided to support rapid analysis and decision making?
Activities:
·Poll systems of record to determine the best approaches to emergency patching.
·For critical cyber-enabled systems, consider near term approaches that could be pursued to improve the system’s opportunities for rapid analysis, recovery, and the resumption of the mission.
·Perform a literature search to determine what commercial solutions would be applicable to problem space.
·Consult with other industries that have similar concerns to see what processes/tools they have in place that address this problem.
Impact:
Any solutions discovered in the space will result in more robust command and control systems and ideas/strategies for evolving current systems toward higher flexibility and robustness in the face of cyber attacks. The ability to rapidly return a system to an operational state will improve our response to cyber attack as well as non-cyber related problems.
Public Release No:09-0897
[Presentation]
Rapid Trusted Video Stream Dissemination
Primary Investigator:Workman, Mark
[Presentation]
Exhibit Date(s):May 5
Resilient Networking with IP Encryption
Primary Investigator:Nakamoto, Shu
Resources for Early and Agile Capability Testing (REACT) Online
Primary Investigator:Dinsmore, Michael D.
Problems:
Net-centric operations require free flow of information from its origin to any point in the enterprise where it is needed. This includes the mechanisms for exchanging information, the formats for exchanged information, and the valuation of the exchanged information with respect to capability. To reduce risk, our sponsors need cost-effective M&S tools that simulate the large scale complex net-centric environment. This involves observing the interactions in a large scale complex model and enabling the discovery of high value information and its paths. REACT Online will apply scalable Internet technology to create a modeling and simulation environment using low-cost gaming components. This research will emulate net-centric data availability and allow our sponsors to easily compose complex scenarios of diverse interacting entities.
Objectives:
REACT Online will recreate the large scale and complex environments of our sponsors with improved fidelity at lower cost, and provide them with an experimentation environment within which to test new concepts and explore enterprise level integration of C2 systems.
With the ability to create “good enough” simulations of new concepts in hours rather than months, customers can quickly separate the good from the bad, and then confidently direct additional efforts at major identified issues.
Rigid simulation models do not map to emerging systems. Sponsors can use simple game-based models to get started and then swap in a higher fidelity component as needed.
Activities:
Apply Internet concept to games
·Expose gaming capability as information-based resources (including interaction/management of entities)
·Apply Internet techniques and technologies to achieve the scalability goals
·Demonstrate scalability of this approach to hundreds of entities
Introduce new simulation components
·Ground vehicles, C2 entities, recorded data files
·Explore Internet model for image and mapping resources (Game geo-registration services)
·Expose game environments facilitating exchange (Tiling and building overlay resources)
·Demonstrate web-based creation and execution of diverse and complex scenarios combining air/ground entities and recorded files from exercises
Introduce scoring and user rating metrics
·Expose gaming toolkits that enable objective-based scoring
·Combine gaming capability with Internet-based user rating capabilities (1-5 stars), so that the larger community can discover those simulation components that are meeting other’s needs
·Demonstrate interactive scoring of complex scenarios and capability to share and rate various REACT components/modules on-line
Impact:
REACT Online will mimic the complex environments of our sponsors, providing them the opportunity to work within new contexts to explore the integration of capabilities, systems, and personnel. Insights gained from easily composed experiments will help sponsors guide their programs differently in order to adapt quickly to new and evolving mission requirements that cross traditional domain boundaries. REACT Online will not only enable programs with an easy simulation capability, but will allow our sponsors to look at the complex interactions between programs. With the ability to create “good enough” simulations of new concepts in hours rather than months, customers can then confidently direct additional efforts at major identified issues.
This research will also introduce the simulation community to a widely adopted standard – HTTP. This will enable cross-corporation simulation events, opening up greater opportunities for collaborative operations. Because it is exploring the wide availability of system information, REACT Online begins to test the net-centric thesis, and we can tangibly show our users the benefits of sharing and combining data in new ways.
Public Release No:09-0806
[Presentation]
|
