Fri 23 Oct 2009NSF Awards Wetzel & Lechler $144,000 for 2-yearInformation Security Management StudyTwo-year project combines computer science and technologymanagement expertiseBy Patrick A. BerzinskiDirector, University CommunicationsThe Division of Information & Intelligent Systems of the National Science Foundation (NSF)has awarded a two-year grant totaling $144,038 to two Stevens Institute of Technologyresearchers from different disciplines to study advanced problems of managing informationsecurity in an age of massive concentrations of sensitive private information and sophisticatedmining and cross-referencing of personal data.Titled “EAGER: Quantifying Information Security Risks in Complex Systems at the Interface ofUsers, Policies, and Technologies,” the proposal’s Principal Investigator is Dr. Susanne Wetzel,an Associate Professor of Computer Science in the Schaefer School of Engineering & Science atStevens, who specializes in Cybersecurity and who is also the Director of Stevens’ Center for theAdvancement of Secure Systems and Information Assurance. Her Co-Principal Investigator isDr. Thomas Lechler, an Associate Professor in the Howe School of Technology Management atStevens, who specializes in Entrepreneurship, Project Management and Innovation Management,and who is also Director for Academic Entrepreneurship Programs as Stevens.
The PIs’ proposal represents an “opportunity to seed a highly innovative interdisciplinaryresearch project that has the potential for significant practical and theoretical impact for themanagement of information security – an area which is receiving more and more publicattention. During the past decade, research in information security has expanded from a purelytechnical focus to a more general technology-economic focus. Despite its expansion, amultidisciplinary approach to understand and theoretically explain the interaction of security andeconomy within complex systems of partners is still missing,” said Wetzel and Lechler.The principal objective of this proposed research is to develop an innovative interdisciplinaryinformation security framework to optimize and substantially advance both its systeminformation security and system productivity. “For example,” the PIs continued, “consider ahospital that exchanges data records of patients with governmental data bases that – on the otherhand – are accessed by insurance companies. Furthermore, hospitals directly exchangeinformation with these insurance companies. This may allow an insurance company to combineand deduce information from different data sources that could pose a security threat which is notaddressed by traditional security considerations. From a security economics perspective, theimpact of information exchange between partners on their productivity has to be considered tounderstand the conditions under which partners will obey or violate information securitypolicies.”The proposed project provides the potential for high impact in substantially advancing researchin information security as well as in management science. Although the project will addresssystems information security within the health care industry, its outcomes are expected to beapplicable in other industries, e.g., defense. The cross-disciplinary nature of the proposed projectis also expected to identify opportunities for interdisciplinary education.To learn more about the project, please contact Professor Wetzel at email@example.com orProfessor Lechler at firstname.lastname@example.orgPosted by Patrick under Research News - No Comments