INFOSEC Research Council Hard Problem List

Citation: INFOSEC Research Council (IRC) Hard Problem List (1999), (2005).

Overview
In 1999, the INFOSEC Research Council (IRC), a group of Federal research managers representing agencies involved in information security (INFOSEC) R&D related to their missions, issued a draft list of the most difficult INFOSEC research challenges, or “hard problems,” they then faced.

In November 2005, the IRC released an updated Hard Problem List. The 2005 IRC list includes the following eight hard problems:


 * Global-scale identity management
 * Insider threat
 * Availability of time-critical systems
 * Building scalable secure systems
 * Situational understanding and attack attribution
 * Information provenance
 * Security with privacy
 * Enterprise-level security metrics.