Skip Navigation Links.

The Information Networking Institute (INI) was established by Carnegie Mellon University in 1989 as the nation’s first research and education center devoted to Information Networking. As a cooperative endeavor of:

The College of Engineering
The School of Computer Science
The Tepper School of Business
The Heinz School of Public Policy and Management
Skip Navigation LinksHome > Research > CERT

CERT® Coordination Center (CERT/CC)

| http://www.cert.org/ |

Established in 1988, the CERT® Coordination Center (CERT/CC) is a center of Internet security expertise located at the Software Engineering Institute , a federally funded research and development center operated by Carnegie Mellon University .

Background

Following the Morris worm incident, which brought 10 percent of Internet systems to a halt in November 1988, the Defense Advanced Research Projects Agency (DARPA) charged the SEI with setting up a center to coordinate communication among experts during security emergencies and to help prevent future incidents. This center was named the CERT Coordination Center (CERT/CC).

While we continue to respond to major security incidents and analyze product vulnerabilities, our role has expanded over the years . Along with the rapid increase in the size of the internet and its use for critical functions, there have been progressive changes in intruder techniques, increased amounts of damage, increased difficulty of detecting an attack, and increased difficulty of catching the attackers.

To better manage these changes, the CERT/CC is now part of the larger CERT Program, whose primary goals are to ensure that appropriate technology and systems management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of successful attacks, accidents, or failures ("survivability").

Areas of Work

Vulnerability and Incident Analysis
One of our primary objectives is to analyze the state of Internet security and convey that information to the system administrators, network managers, and others in the Internet community. Contributing to our broad view of the state of security is the information reported to us. Organizations trust us with sensitive information about security compromises and network vulnerabilities because we have proven our ability to keep their identities and other sensitive information confidential. We are also able to be neutral, enabling us to work with commercial competitors and government agencies without bias.

Survivable Enterprise Management
The goal of our survivable enterprise management effort is to help organizations protect and defend themselves. To this end, we have developed risk assessments that help enterprises identify and characterize critical information assets and then identify risks to those assets. Enterprises can use the results of the assessment to develop or refine their overall strategy for securing their networked systems.

Education and Training
With networks being globally interconnected, the challenge is to educate individuals within organizations to improve the security and survivability of each system. We offer public training courses for technical staff and managers of computer security incident response teams as well as for system administrators and other technical personnel interested in learning more about network security. Some of these classes are also part of our CERT® incident handling certification program .

We are also working to train future security experts. Several of our staff members teach courses in the Information Security Management specialization of the Master of Information Systems Management program in the H. J. Heinz III School of Public Policy and Management at Carnegie Mellon University, as well as in the university's CIO Institute . In addition, staff members are working with other academic institutions to develop curricula in information security.

Survivable Systems Engineering
We are conducting research in the field of survivable systems engineering. This work includes analyzing how susceptible systems are to sophisticated attacks and finding ways to improve the design of systems. We are also developing techniques that will enable us to assess and predict current and potential threats to the internet.

Network Situtation Awareness
The results of our research are contributing to our work with network situational awareness. As part of this "operational" component, we are developing tools and techniques that will improve the ability for network administrators to identify what is happening on their networks. These tools and techniques include engineering solutions and research approaches for analyzing broad network activity. The goal is to quantitatively characterize threats and targeted intruder activity.

 
 
   
INI Home | Contact Us | Privacy Policy | INI is a dept. of the College of Engineering & the educational partner of Carnegie Mellon CyLab

 

 

INI Homepage CMU Homepage