The National Science Foundation awarded three grants totaling $20 million for cybersecurity research on Thursday. The grants, called Frontier Awards, support collaborative projects and are funded through the NSF’s interdisciplinary Secure and Trustworthy Cyberspace (SaTC) program.
The three projects will each focus on a different area of internet security and will be carried out at a number of institutions, including Dartmouth College, UNC and Carnegie Mellon University.
“Cybersecurity is one of the most significant economic and national security challenges facing our nation today,” Farnam Jahanian, NSF’s assistant director for computer and information science and engineering (CISE) said. “NSF’s investments in foundational research will transform our capacity to secure personal privacy, financial assets, and national interests.”
One Frontier project leverages a previous initiative related to healthcare, and will focus on providing trustworthy information systems for sensitive work involving mobile devices and cloud-based services.
Another project focuses on cloud computing environments. Unified authentication, authorization and auditing, monitoring and diagnosis, and encryption efforts will be studied and developed to increase cloud security. Cloud security was identified in a recent Microsoft study as the main barrier preventing cloud adoption by SMBs.
The other project awarded funding Thursday focuses on privacy policies. Sighting “ample evidence that users generally do not read these policies” the NSF hopes to extract the key points of policies and render them understandable and useful to users making decisions about their privacy.
NSF has funded projects relating to cybersecurity for over a decade, however the SaTC program is in just its third year. The program has recently expanded to include different Directorates within the NSF, which overall is funding over 110 research projects with awards from $100,000 to $10 million.
The long term benefits if these programs are successful will likely include not only reduced risk of cyber attacks for individuals, institutions and companies, but also a corresponding increase in adoption of network technology, and increased reliance on cloud computing for sensitive interactions.