Obama Turns to Academics for Cyber Security Review

June 1, 2009

When President Obama tapped Melissa Hathaway of the National Security Council to review the nation's cyberspace policy in 60 days, she knew she needed to gather insights and perspectives from an array of different stakeholder groups.

This visualization shows Internet connections in the United States.

In addition to consulting with private industry and all levels of government, Hathaway turned to the nation's top academic experts in the cyberspace arena by reaching out to the National Science Foundation (NSF). NSF's innovative collaboration with Hathaway could be a template for creating links between the academic community and policy makers who are tackling the great policy challenges facing our country.

Shortly after the review began, Hathaway's staff contacted Jeannette Wing, NSF assistant director for computer & information science & engineering (CISE), and asked her to reach out to the academic computing research community to assist Hathaway with the review. Wing has worked for years on trustworthy computing--the study of computing and communication systems that should be secure, preserve privacy, be usable, and reliably deliver the quality of service they are designed to achieve without disruption. To be viable, solutions here must be holistic and incorporate perspectives from law, economics, and the social sciences in addition to computer science. Technology alone cannot solve the problem, because social, political, and economic realities dictate whether new solutions will be embraced and whether systems will evolve in ways that make them more trustworthy.

NSF arranged for a teleconference between Hathaway and a small group of academics. Wing asked Fred Schneider, a computer science professor at Cornell University and chief scientist of the NSF-funded TRUST Science and Technology Center, and Ed Lazowska, a professor of computer science at the University of Washington, to gather ideas from experts in trustworthy computing from a variety of academic institutions and turn them into a viable set of policy recommendations.

An initial draft of the document formed the basis for the academics' presentations to Hathaway at the teleconference, and the final version was ultimately signed by 67 academics. The document addresses two sides of an academia-government relationship: how the academic community can help the administration by addressing deep and difficult technical challenges through fundamental, open, long-term research and education; and how the administration can help the academic community be more effective participants in the nation's efforts to design, build, and deploy trustworthy systems.

During the teleconference, Hathaway posed eight questions to the assembled experts and asked them to send her their responses. This led to the community writing a second document. Mike Reiter of the University of North Carolina, Chapel Hill, organized this effort and populated subcommittees with 20 other academic experts to prepare written responses. The questions covered a broad range of topics, from ensuring privacy to the status of research on self-repairing networks.

"The entire process was a watershed moment for a research community that has long wanted to help solve what is clearly a pressing national problem - the need to create and deploy trustworthy systems to run our nation's critical infrastructures," according to Schneider.

NSF enabled the academic community involved in trustworthy computing to move beyond research activities and publishing papers for their peers to helping policymakers at the highest level of our government.

"When the chance to provide input to an important activity such as Ms. Hathaway's review presented itself, many of us jumped at the opportunity," Reiter said recently. "I believe there is significant interest in the computer security research community to help with new initiatives in this area."

For their part, officials at NSF hope this process can serve as a template for future collaborations and consultations between policymakers and academic experts.