Email Print Share

WATCH - Barriers to the Science of Security

WATCH Series

March 15, 2012 12:00 PM  to 
March 15, 2012 1:00 PM
Room 110 - NSF

Save the Date

In the past few years, there has been significant interest in promoting the idea of applying scientific principles to information security. The main point made by information security professionals who brief at workshops and conferences seems to be that our field of information security is finally mature enough to begin making significant strides towards applying the scientific approach. Reports such as the Jason's report on the Science of Security point to examples and approaches we should take to achieve success in applying science to security. Audiences everywhere enthusiastically agree and thrash themselves for bypassing science all along, bemoaning the fact that we could be "so much further along" if we only did science. Of course, after the presentation is over, everyone goes back to the methods that have been used throughout our generation to create prototypes and tools with no regard for the scientific principles involved. Why? In this presentation, I explore the barriers to adopting a scientific approach to experimental information security projects, including:

  • time to publish as a primary driver
  • standard of peer reviews in conferences and journals
  • expectation of a breakthrough in every publication
Based on overcoming these issues, I will explore a more practical way by focusing on changes in attitudes and processes necessary for science of security to become more the rule than the exception.


Dr. Tom Longstaff is currently on a two-year assignment as the Technical Director of the Systems Behavior group within the DoD National Security Agency. Prior to coming to NSA in 2012, Tom was the Chief Scientist for the Cyber Missions Branch of the Applied Physics Laboratory (APL). Tom is also the chair of the Computer Science, Information Assurance, and Information Systems Engineering Programs within the Whiting School at The Johns Hopkins University.

To Join the Webinar:

The Webinar will be held from 12:00-1:00pm EST on March 15, 2012 in Room 110.

To attend virtually, please register by March 14, 23:59 PDT at:

After your registration is accepted, you will get an email with a URL to join the meeting. Please be sure to join a few minutes before the start of the webinar. This system does not establish a voice connection on your computer; instead, your acceptance message will have a toll-free phone number that you will be prompted to call after joining.  Please note that this registration is a manual process; therefore, do not expect an immediate acceptance.  In the event the number of requests exceeds the capacity, some requests may have to be denied.

This event is part of Webinars/Webcasts.

Meeting Type

Keith Marzullo, (703) 292-8950, email:

NSF Related Organizations
Directorate for Computer and Information Science and Engineering

Public Attachments
Flyer for Tom Longstaff
Audio File from the presentation
Transcript of the presentation- unedited