By Michael Coburn,
The Dartmouth Staff
March 27, 2007
More than 60 researchers from 12 different countries gathered at
Dartmouth for a three-day academic conference on cyber security last
week. The brand-new event gave attendees the opportunity to review
papers and listen to speakers discuss the need to protect critical
computer systems from cyber-terrorism.
One of the chief sponsors of the conference was the Institute for
Information Infrastructure Protection or I3P, a consortium of academic
centers, non-profit organizations and government laboratories based at
Dartmouth that coordinate research and development for cyber-security on
behalf of the government of the United States.
According to computer science professor and one of the conference's
keynote speakers David Kotz '86, much of the world's critical
infrastructure -- from electric power grids to transportation and
banking systems -- is controlled by computers. At one time, these
computer systems existed independently of each other, but they have
become increasingly connected to each other and to the Internet, making
them more susceptible to terrorist attack.
Should a terrorist hack into one of these systems, they could shut down
this infrastructure and seriously disrupt the economy and security of
the world, Kotz said.
One of the issues that most concerned the conference's attendees is the
protection of oil and gas infrastructure, said Eric Goetz, assistant
director of research for I3P and co-chair of the conference.
"The way it works is the oil and gas are controlled through process
control systems," Goetz said. "They would reduce temperature and flow of
the pipeline and could open and close valves. What's happened in the
last 5-10 years is that these systems are run off of Windows system and
are connected to the Internet. The connectivity creates real
According to keynote speaker and I3P research director Charles Palmer,
identifying critical infrastructure security gaps are only half the
problem. It is also necessary to develop solutions to these problems
that are not only effective, but applicable in the real world.
"We can provide technology but the failure of the industry and research
is that what we offer people is so complicated to get secure it's
impossible to use," Palmer said. "People are the critical infrastructure
we need to protect. We need to build systems that are secure and usable
for what my sister calls 'normal people' or we're just doomed."
The conference was hosted by the International Federation of Information
Processing, an international organization designed to bring together
leading Information Technology societies from across the country for
conferences such as these.
"The real purpose of the conference was to bring people together people
from across the globe." Dartmouth Communications Director Lauri Burnham
said. "Infrastructure has no borders or boundaries. The internet is a
global entity. Now experts can come together and talk about these
Visit the InfoSec News Security Bookstore