Data and Applications Security Workshop Report Dates : February 19 and 20 , 2009 Prepared by The University of Texas at Dallas Sponsor : The National Science Foundation Under Grant : IIS - 0748433

The Office of the Deputy Assistant Secretary of Defense (Information and Identity Assurance) has stated that “the Department of Defense's (DoD) policy, planning, and war fighting capabilities are heavily dependent on the information technology foundation provided by the Global Information Grid (GIG). However, the GIG was built for business efficiency instead of mission assurance against sophisticated adversaries who have demonstrated intent and proven their ability to use cyberspace as a tool for espionage and criminal theft of data. GIG mission assurance works to ensure the DoD is able to accomplish its critical missions when networks, services, or information are unavailable, degraded, or distrusted.” To meet the needs of mission assurance challenges, President’s cyber plan (CNCI) has listed the area of developing multipronged approaches to supply chain risk management as one of the priorities. CNCI states that the reality of global supply chains presents significant challenges in thwarting counterfeit, or maliciously designed hardware and software products. To overcome such challenges and support successful mission assurance, we need to design flexible and secure systems whose components may be untrusted or faulty. Our objective is to achieve the secure operation of mission critical systems constructed from untrusted, semi-trusted and fully trusted components for successful mission assurance.