A Forum for Classified Research on Cybersecurity
By definition, scientists who perform classified research cannot take full advantage of the standard practice of peer review and publication to assure the quality of their work and to disseminate their findings. Instead, military and intelligence agencies tend to provide limited disclosure of classified research to a select, security-cleared audience.
In 2013, the US intelligence community created a new classified journal on cybersecurity called the Journal of Sensitive Cyber Research and Engineering (JSCoRE).
The National Security Agency has just released a redacted version of the tables of contents of the first three volumes of JSCoRE in response to a request under the Freedom of Information Act.
JSCoRE “provides a forum to balance exchange of scientific information while protecting sensitive information detail,” according to the ODNI budget justification book for FY2014 (at p. 233). “Until now, authors conducting non-public cybersecurity research had no widely-recognized high-quality secure venue in which to publish their results. JSCoRE is the first of its kind peer-reviewed journal advancing such engineering results and case studies.”
The titles listed in the newly disclosed JSCoRE tables of contents are not very informative — e.g. “Flexible Adaptive Policy Enforcement for Cross Domain Solutions” — and many of them have been redacted.
However, one title that NSA withheld from release under FOIA was publicly cited in a Government Accountability Office report last year: “The Darkness of Things: Anticipating Obstacles to Intelligence Community Realization of the Internet of Things Opportunity,” JSCoRE, vol. 3, no. 1 (2015)(TS//SI//NF).
“JSCoRE may reside where few can lay eyes on it, but it has plenty of company,” wrote David Malakoff in Science Magazine in 2013. “Worldwide, intelligence services and military forces have long published secret journals” — such as DARPA’s old Journal of Defense Research — “that often touch on technical topics. The demand for restricted outlets is bound to grow as governments classify more information.”
In recent months, we’ve seen much of these decades’ worth of progress erased. Contracts for evaluations of government programs were canceled, FFRDCs have been forced to lay off staff, and federal advisory committees have been disbanded.
This report outlines a framework relying on “Cooperative Technical Means” for effective arms control verification based on remote sensing, avoiding on-site inspections but maintaining a level of transparency that allows for immediate detection of changes in nuclear posture or a significant build-up above agreed limits.
At a recent workshop, we explored the nature of trust in specific government functions, the risk and implications of breaking trust in those systems, and how we’d known we were getting close to specific trust breaking points.
tudents in the 21st century need strong critical thinking skills like reasoning, questioning, and problem-solving, before they can meaningfully engage with more advanced domains like digital, data, or AI literacy.