The Computer Security Foundations Workshop: Ten Years On And Ten Years Ahead

Abstract

The Computer Security Foundations Workshop has reached its tenth year. In the midst of the celebrations, this panel takes some time to consider the major achievements of the CSFW so far. We also discuss our hopes and fears for the next ten years and look into our crystal balls to predict the directions which research in computer security is likely to take in the near future. In June 1988 the first CSFW was held at The Franconia Inn, New Hampshire (indeed, the workshop is still sometimes referred to as “Franconia” even by those of us who have never been there). The proceedings [MIT@] of that first workshop are a little elusive to obtain these days, but contain an impressive collection of papers from a variety of authors. The preface, written by the workshop Chair, Jonathan Millen, refers to another workshop on the “Foundations of Secure Computation” which had taken place in 1977, a little over ten years before CSFWl. His comment that “in the decade since then, there has been a great deal of activity and growth in the computer security community” is just as true today, although the research directions have perhaps been somewhat different. In a decade of CSFWs, many papers have been presented and many discussions both formal and informal have taken place. In this panel we consider what areas have provided the most fruitful topics of study and what we can claim to have achieved during this time. The preface from the first proceedings states: “It appears that a consensus on a formal definition of “security” is not imminent, but the objectives of bringing rigorous approaches within the reach of practical applications is much closer”. Is this a comment which could accurately be made today? If so, in what ways have the two become closer? Exactly how closely are theory and practice currently linked? Are there other factors which should also be considered when taking a long hard look at our research? Is ten years (or even twenty) long enough to give a perspective on this? Could we have predicted ten years ago the challenges that have arisen in the past decade? How far are we along the road towards making a foundation for computer security? Are we still producing a collection of disparate bricks, or can the theories be seen as coming together in any way? Given a realistic assessment of the current position, we can go on to consider what the important topics for research will be for the next ten years. What are the current open questions and outstanding problems in the foundations of computer security? What is the likelihood of finding workable solutions for these by the time of the 20th CSFW? Everyone at the CSFW has, by definition, an interest of some sort in computer security research. What will you be pressing to achieve funding for in the next decade? This is a question not just for the panel members, but one to which we can all (and hopefully will) provide equally valid answers. Given that resources are limited, how will you justify your research in the great balloon debate? What work should receive funding (other than mine!)? What work is likely to receive funding? How should computer research be organised? Have we got things about right., or are there ways in which we could be better orgamsed to achieve greater effect? Consideration of funding and organisation is necessary from a practical point of view, but in our tenth anniversary deliberations we can perhaps allow ourselves temporarily to forget such constraints and to ask what we would like to see happening in an ideal world? What would we put on our own personal wishlist of “hopes for the future” in computer security? Can the workshop reach any sort of consensus in combining individual wishlists to make a collective statement about desired directions and goals for the next ten years? These questions of research achievements and directions are fundamental to the CSFW, and it is hoped that all members of the workshop will be able to contribute to the discussion. The panel will then be adjourned until 2007 when a further assessment can be made with the benefit of hindsight.