The Future of Computer Security
A look at the Grand Challenges ahead for computer security
By Simson Garfinkel
February 01, 2004 — CSO — Forty-two years ago, John F. Kennedy's commitment to landing a man on the moon and returning him safely to the Earth was the epitome of a "Grand Challenge"—the attempt to tackle a problem in science or engineering that is easy to describe but monumentally difficult to solve. More recently, the field of supercomputing has used the Grand Challenge concept as a tool for guiding research and funding priorities for such activities as modeling the global climate or accurately predicting weather many days in advance.
The notion of a Grand Challenge had left some
Well, it does. In November, I had the honor of being included among 50 of the leading computer security researchers in the world in doing just that
After days of round-the-clock meetings and late-night wordsmithing, this predictably cantankerous crowd managed to come up with four challenges deemed worthy of "sustained commitments." We identified the hard problems that we don't know how to solve today but that might be solvable within a decade (assuming enough research dollars are spent). Perhaps most important, they are problems that need to be solved if we want to continue to enjoy the fruits of the computer revolution.
First on the list of Grand Challenges is the elimination of "epidemic-style attacks" within 10 years. Certainly it would be nice to return to an Internet that is largely free of viruses, worms and spam. But it is interesting to note that the conference attendees don't think the solution to viruses and worms is for people to install antivirus software and keep their systems up-to-date