US Department of Homeland Security

• Synaptic Labs has completed serveral years of research and design on a new global IdM/CKM architecture that successfully predicted and addresses many of the priorities identified by the 2009 DHS Roadmap for Cybersecurity Research.
• Synaptic Labs' global identity management and cryptographic key management proposal is directly relevant to 8 of the 11 hard problems listed on page iii, including 6 of the 8 hardest and most critical challenges listed on page vi.

"This cybersecurity research roadmap is an attempt to begin to define a national R&D agenda that is required to enable us to get ahead of our adversaries and produce the technologies that will protect our information systems and networks into the future. The research, development, test, evaluation, and other life cycle considerations required are far reaching—from technologies that secure individuals and their information to technologies that will ensure that our critical infrastructures are much more resilient. The R&D investments recommended in this roadmap must tackle the vulnerabilities of today and envision those of the future.
The intent of this document is to provide detailed research and development agendas for the future relating to 11 hard problem areas in cybersecurity, for use by agencies of the U.S. Government and other potential R&D funding sources."

(Page iii) “The 11 hard problems are:

1. Scalable trustworthy systems (including system architectures and requisite development methodology)
2. Enterprise-level metrics (including measures of overall system trustworthiness)
3. System evaluation life cycle (including approaches for sufficient assurance)
4. Combatting insider threats
5. Combatting malware and botnets
6. Global-scale identity management
7. Survivability of time-critical systems
8. Situational understanding and attack attribution
9. Provenance (relating to information, systems, and hardware)
10. Privacy-aware security
11. Usable security"

(Page iv) "The (following) eight problems were selected as the hardest and most critical challenges that must be addressed by INFOSEC research community if trustworthy systems envisioned by the U.S. Government are to be built.

1. Global-Scale identity management
2. Insider Threat
3. Availability of Time-Critical Systems
4. Building Scalable Secure Systems
5. Situational Understanding and Attack Attribution
6. Information Provenance
7. Security with Privacy
8. Enterprise-level security metrics"

Synaptic's global IdM/CKM proposal specifically address trusted insider attacks by using a model that distributes trust across multiple autonomous service providers.

(page: 29)“Unlike unauthorized outsiders and insiders who must overcome security controls to access system resources, authorized insiders have legitimate and (depending on their positions) minimally constrained access to computing resources. In addition, highly trusted insiders who design, maintain or manage critical information systems are of particular concern because they prossess the skills and access necessary to engage in serious abuse or harm. Typical trusted insiders are system adminsitrators, system programmers, and security administrators.”

(Page: 50)“Global-scale identity management concerns identifying and authenticating entities such as people, hardware devices, distributed sensors and actuators, and software applications when accessing critical information technology (IT) systems from anywhere. The term global-scale is intended to emphasize the pervasive nature of identities and implies the existence of identities in federated systems that may be beyond the control of any single organization.” ... "In this context, global-scale identity management encompasses the establishment of identities, management of credentials, oversight and accountability, scalable revocation, establishment and enforcement of relevant policies, and resolution of potential conflicts. To whatever extent it can be automated, it must be administratively manageable and psychologically acceptable to users."

US President's 60 day cyberspace policy review
IEEE Key Management Summit 2010
IBE enabling ubiquitous uptake of encryption
Behavioural Trust and Identity