Carnegie Mellon University will become the recipient of a $35.5M 5-year grant from the U.S. Department of Defense, according to the Associated Press. CMU has one of the best computer science programs in the country, and will spend $8M this year on computer security research for the government.
Some of the work under the grant will focus on placing security in places where it does not traditionally exist. Hard drives and other components lacking the "top-level" view possessed by the operating system are targets of the research at CMU's Center for Computer and Communications Security (C3S). While this may sound outlandish to some, Pradeep K. Khosla, who heads the C3S, is a strong proponent of research in such decentralized systems.
The research will also include biometric security, in which access is controlled by measuring physical characteristics of the user. Biometrics have become particularly controversial amongst hackers and privacy advocates, in part because permanent records are made of unalterable personal characteristics and those measurements may later be used to identify a person without their knowledge. There are also concerns that biometric sensors are too easily fooled, as fingerprint readers have recently been proven highly susceptible to "gummy fingers."
2600 has learned that members of CMU's C3S will soon participate in a closed security workshop run by the Defense Advanced Research Projects Agency (DARPA), where directions for the grant money will no doubt be discussed. The meeting, designated DARPA Joint Workshop on Information Assurance Measurement and Self-Regenerative Systems, will be held 28-31 October 2002 at the Oglebay, a posh 1650 acre resort in rural West Virginia.
In a clear reference to 9/11, Dr. Khosla offered that biometric systems could someday detect the ousting of a plane's pilot by a hijacker, and force the plane to fly in auto-pilot. One can only imagine how $35.5 million might be spent to keep people from becoming hijackers in the first place.