• printer friendly
• mail this article
• iPod format
• digg

Photo

Experts at UC Berkeley, with other institutions and businesses, are expected to begin work soon to research and develop technology that will make communication systems more secure.

On Monday, the National Science Foundation announced its decision to establish a new center, called the Team for Research in Ubiquitous Secure Technology, that will focus on the cybersecurity project.

The announcement comes at a time when University of California institutions are also taking measures to help prevent security breaches like those that have occurred at various campuses.

Recently, the personal data of some students, faculty and staff may have been compromised as unauthorized individuals breached university security measures at different UC campuses.

This month, UC San Francisco officials notified 7,000 students, faculty and staff whose personal information may have been compromised in February when a computer containing their Social Security numbers was hacked.

Last month, an individual breached security measures and placed information on the main computer at the plant biology department at UC Davis. The Social Security numbers of 890 staff, faculty and students were on the computer.

Mitchel Benson, a UC Davis spokesman, said there was no criminal intent to obtain personal information by the individual. Though there is no indication that the individual accessed the personal data, those whose information was on the computer were notified of the security breach.

The university is in the process of implementing a new security protocol, Benson said.

Researchers who put together the TRUST cybersecurity project proposal and presented it to the NSF focused on addressing the vulnerability of computer systems, said Fred Schneider, a computer science professor at Cornell University and the chief scientist at TRUST.

“On the one hand, we are becoming dependent on computer systems ... for daily life. On the other hand, you cannot trust them, and when they are not secure we all pay the price,” Schneider said.

Institutions that will participate in TRUST, he said, are doing so to prevent the problems that security breaches can cause.

Universities such as Carnegie Mellon, Mills College, Vanderbilt University and Stanford University will work with UC Berkeley and Cornell University at TRUST. Businesses, including Hewlett Packard, IBM, Microsoft and Sun Microsystems, will also help with the project.

“We have really gotten together a dream team,” Schneider said.

Schneider emphasized that security breaches are not unique to UC institutions and are occurring nationwide.

In March, hackers accessed the LexisNexis system, a data storehouse, and obtained the Social Security and driver’s license numbers and other personal information of approximately 300,000 people. In the same month, medical records held by the San Jose Medical Group were stolen. The records contained information for 185,000 current and former patients.

The UC is taking measures systemwide to reduce the risk of future security breaches, said Ravi Poorsina, a spokeswoman for the UC Office of the President.

Security measures required of all UC institutions are being updated and expanded to cover all university networks, Poorsina said.

The newly updated security policies, she said, will aim to improve the security of university networks by controlling access and making means of identifying users more secure.

In addition, chief information officers from each campus attend meetings held at various times each year, said Ken Orgill, the chief information officer at UCSF.

Orgill added that security breaches and means of preventing such incidents have been important topics in recent meetings.

In addition to the oversight from UCOP, each individual campus is re-evaluating security measures at its respective institutions.

Less than a year ago, a new department focusing on system security was established at UCSF. The department was established in response to international and national threats to systems in the last two years, including the Slammer and Blaster viruses that infected the university network, Orgill said.

While the department is in place, more needs to be done to introduce policies that will make the university network more secure, he said, such as the encryption of sensitive data.

The department has plans to institute what Orgill referred to as a “first layer of defense,” which involves creating a firewall that encompasses the entire campus, though these plans still require university approval.

The new policy, expected to be approved in the next two weeks, addresses 14 security practices developed by the Information and Educational Technology at UC Davis. The IET is particularly emphasizing some of these practices, including continuously running anti-virus software, devising firewalls, and removing unnecessary personal data from computers.